Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9173CF2/1AE9034681EE11EBBE35495FC4F9AE02/D9E7CFF681EF11EBAEE9D17AC4F9AE02.roa
File: D9E7CFF681EF11EBAEE9D17AC4F9AE02.roa (raw, json)
Hash identifier: ZbglDjurwe6qJhjv9yc/alHsSUDwI/+N2E8sYgdY/Mk=
Subject key identifier: 8A:F8:AF:A2:B8:9F:FA:B0:E4:43:F5:1B:56:7B:8C:A7:C2:AA:EB:45
Certificate issuer: /CN=A9173CF2/serialNumber=1447D44B49F7906DC63731A5D98D852EC10B7745
Certificate serial: 05C5
Authority key identifier: 14:47:D4:4B:49:F7:90:6D:C6:37:31:A5:D9:8D:85:2E:C1:0B:77:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FEfUS0n3kG3GNzGl2Y2FLsELd0U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9173CF2/1AE9034681EE11EBBE35495FC4F9AE02/D9E7CFF681EF11EBAEE9D17AC4F9AE02.roa
Signing time: Sat 20 Jul 2024 23:31:19 +0000
ROA not before: Sat 20 Jul 2024 23:31:19 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 58580
IP address blocks: 103.152.2.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1477 (0x5c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9173CF2
Validity
Not Before: Jul 20 23:31:19 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=669c48c7-9177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9d:dc:d4:df:3a:4a:e1:de:9d:cb:08:31:ec:
40:cc:28:52:d9:6b:13:7d:e8:5e:38:8a:9b:7a:e4:
2f:b9:08:47:32:f3:8c:cb:28:bb:6b:5f:c2:20:02:
22:17:70:cf:5b:82:72:5c:4b:3a:66:f3:74:24:74:
f0:bc:a9:df:1e:b7:1b:a2:f6:be:44:11:2a:e1:74:
6a:63:6f:e3:1e:dc:bd:26:e4:e5:d4:06:66:9a:f0:
31:19:64:f4:0c:14:4e:5c:a3:a9:e0:e7:2b:bb:2b:
41:ea:83:0c:59:b2:2c:51:18:85:fb:8b:7f:c9:88:
ad:35:4a:8e:38:7f:0c:5e:9b:91:05:20:f1:1c:bb:
36:49:7d:1b:ba:9b:c8:b4:6f:87:13:a2:b4:dc:c7:
8d:f9:b9:77:c1:9f:19:bc:f2:0b:31:04:3b:58:2b:
5e:66:5a:09:82:6e:ac:1a:1a:3a:12:8d:a7:0f:59:
a6:42:e6:03:57:30:64:1a:99:51:05:45:15:17:93:
02:d0:a3:06:3d:b4:03:8f:81:7a:04:43:54:dc:02:
66:8e:41:dc:03:7b:24:30:dd:90:62:1f:c4:0e:b2:
14:c4:d5:40:b5:b0:dc:bf:dd:55:d8:80:4f:3a:31:
6d:60:b3:87:35:91:c6:84:63:24:77:ff:09:d5:27:
b2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F8:AF:A2:B8:9F:FA:B0:E4:43:F5:1B:56:7B:8C:A7:C2:AA:EB:45
X509v3 Authority Key Identifier:
keyid:14:47:D4:4B:49:F7:90:6D:C6:37:31:A5:D9:8D:85:2E:C1:0B:77:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9173CF2/1AE9034681EE11EBBE35495FC4F9AE02/FEfUS0n3kG3GNzGl2Y2FLsELd0U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FEfUS0n3kG3GNzGl2Y2FLsELd0U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173CF2/1AE9034681EE11EBBE35495FC4F9AE02/D9E7CFF681EF11EBAEE9D17AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.2.0/23
Signature Algorithm: sha256WithRSAEncryption
90:2e:4f:63:83:df:17:51:85:82:b5:12:74:2c:d5:1b:f1:62:
40:d1:87:49:13:20:94:3b:62:c2:ba:ab:e1:ac:6f:5b:22:8c:
93:28:3a:a4:1b:ad:3f:a8:b1:31:ed:40:47:f8:8f:92:bc:a9:
1b:d4:b0:dd:c6:12:82:be:c1:bb:1c:ac:a5:69:e2:d5:21:f9:
51:02:ea:36:b6:26:28:b6:7a:94:a3:33:34:25:f0:e4:11:ac:
6c:83:e0:2a:59:a6:3d:02:bf:28:7d:e5:4a:81:e8:2f:35:55:
93:2a:97:1c:b3:03:c1:69:1e:f6:53:d6:46:ca:87:3b:b8:8f:
f7:4a:1f:72:42:4d:7f:3b:4f:de:a8:19:49:34:d3:59:e6:07:
9a:4d:9d:33:cd:b4:ec:9f:8c:9d:4a:32:1a:b5:05:30:3a:fd:
0c:76:6b:e4:a4:38:f2:b0:ba:3c:f5:68:36:9c:36:65:30:6b:
1e:4b:15:48:1c:20:b7:bf:cd:56:c4:9f:02:42:73:92:61:96:
65:c6:dd:2f:ce:79:f8:04:16:1e:7b:0e:17:94:c1:a0:07:10:
54:a9:4d:7e:0c:7b:df:82:35:6c:05:fe:78:cb:b3:79:3b:5e:
20:7b:cb:57:01:e9:71:db:e7:ba:c6:58:1d:30:4f:7a:67:22:
c7:90:71:43
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBcUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzNDRjIxMTAvBgNVBAUTKDE0NDdENDRCNDlGNzkwNkRDNjM3MzFBNUQ5OEQ4NTJF
QzEwQjc3NDUwHhcNMjQwNzIwMjMzMTE5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjljNDhjNy05MTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnZ3c1N86SuHencsIMexAzChS2WsTfeheOIqbeuQvuQhHMvOMyyi7a1/CIAIi
F3DPW4JyXEs6ZvN0JHTwvKnfHrcbova+RBEq4XRqY2/jHty9JuTl1AZmmvAxGWT0
DBROXKOp4OcruytB6oMMWbIsURiF+4t/yYitNUqOOH8MXpuRBSDxHLs2SX0bupvI
tG+HE6K03MeN+bl3wZ8ZvPILMQQ7WCteZloJgm6sGho6Eo2nD1mmQuYDVzBkGplR
BUUVF5MC0KMGPbQDj4F6BENU3AJmjkHcA3skMN2QYh/EDrIUxNVAtbDcv91V2IBP
OjFtYLOHNZHGhGMkd/8J1Sey6QIDAQABo4IClTCCApEwHQYDVR0OBBYEFIr4r6K4
n/qw5EP1G1Z7jKfCqutFMB8GA1UdIwQYMBaAFBRH1EtJ95BtxjcxpdmNhS7BC3dF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0NGMi8xQUU5MDM0Njgx
RUUxMUVCQkUzNTQ5NUZDNEY5QUUwMi9GRWZVUzBuM2tHM0dOekdsMlkyRkxzRUxk
MFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZFZlVTMG4za0czR056R2wyWTJGTHNFTGQwVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzNDRjIvMUFFOTAzNDY4MUVFMTFFQkJFMzU0OTVGQzRGOUFFMDIvRDlFN0NGRjY4
MUVGMTFFQkFFRTlEMTdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmAIwDQYJKoZIhvcNAQELBQADggEBAJAuT2OD3xdRhYK1
EnQs1RvxYkDRh0kTIJQ7YsK6q+Gsb1sijJMoOqQbrT+osTHtQEf4j5K8qRvUsN3G
EoK+wbscrKVp4tUh+VEC6ja2Jii2epSjMzQl8OQRrGyD4CpZpj0Cvyh95UqB6C81
VZMqlxyzA8FpHvZT1kbKhzu4j/dKH3JCTX87T96oGUk001nmB5pNnTPNtOyfjJ1K
Mhq1BTA6/Qx2a+SkOPKwujz1aDacNmUwax5LFUgcILe/zVbEnwJCc5JhlmXG3S/O
efgEFh57DheUwaAHEFSpTX4Me9+CNWwF/njLs3k7XiB7y1cB6XHb57rGWB0wT3pn
IseQcUM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:39:40 2025 by rpki-client