Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917414E/4C5E2FB8E3FF11ECAC210572C4F9AE02/41C460BE1BE911ED81DB667EC4F9AE02.roa
File: 41C460BE1BE911ED81DB667EC4F9AE02.roa (raw, json)
Hash identifier: F2rD9DTyJO/8KZY6J1+Hne/amu0UrQKM61Lrb0l7cz8=
Subject key identifier: CE:0F:EB:B6:A5:20:CD:B7:0E:A9:55:37:7E:31:75:D2:39:7C:A2:43
Certificate issuer: /CN=A917414E/serialNumber=AF67132D837D576FFF777227A3725D601ED9105D
Certificate serial: 0258
Authority key identifier: AF:67:13:2D:83:7D:57:6F:FF:77:72:27:A3:72:5D:60:1E:D9:10:5D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r2cTLYN9V2__d3Ino3JdYB7ZEF0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917414E/4C5E2FB8E3FF11ECAC210572C4F9AE02/41C460BE1BE911ED81DB667EC4F9AE02.roa
Signing time: Fri 09 Aug 2024 02:33:56 +0000
ROA not before: Fri 09 Aug 2024 02:33:56 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 137967
IP address blocks: 103.189.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 600 (0x258)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917414E
Validity
Not Before: Aug 9 02:33:56 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66b58014-35c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8a:ae:c6:4f:03:9e:93:d1:8b:2c:07:6f:1b:
59:0f:ae:34:39:9c:dc:9a:45:b0:50:fd:74:06:9a:
5b:3b:39:9e:c7:02:c7:47:cb:27:cb:4a:5b:78:46:
b6:a4:26:bf:2a:cb:fe:09:17:f9:cd:f3:20:f5:d0:
99:0d:ed:c3:aa:f7:b6:1a:71:91:e4:73:40:cb:be:
c4:a5:ec:2f:7c:b1:a5:58:1e:cf:b7:bc:bd:ec:96:
65:d1:28:08:cb:5c:7b:f8:58:47:dc:d1:ee:4f:de:
93:ff:3c:f0:3c:1a:b5:90:87:c7:9e:48:ff:79:50:
9b:4c:25:fa:95:d4:62:68:1f:b3:20:ce:b2:40:6c:
ee:08:bf:dc:2f:5b:37:28:01:f2:13:73:6e:90:ca:
d6:14:1a:4d:c3:1d:b7:56:1d:ce:56:1d:eb:41:d8:
89:74:84:13:e3:6a:f3:2d:4f:f4:74:ab:2f:3b:95:
81:82:95:c2:ce:95:43:75:ee:b4:0e:04:c3:b4:5d:
0a:db:07:9a:d4:b7:03:ed:06:90:9a:9e:85:26:ac:
25:ed:bb:05:4f:08:e2:fd:10:5a:16:5c:7e:66:13:
c4:60:d6:ee:22:5b:0e:d8:e6:3a:97:53:6a:f5:67:
50:93:c5:3f:31:1c:14:bf:ea:e1:f7:31:0b:af:f7:
d3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:0F:EB:B6:A5:20:CD:B7:0E:A9:55:37:7E:31:75:D2:39:7C:A2:43
X509v3 Authority Key Identifier:
keyid:AF:67:13:2D:83:7D:57:6F:FF:77:72:27:A3:72:5D:60:1E:D9:10:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917414E/4C5E2FB8E3FF11ECAC210572C4F9AE02/r2cTLYN9V2__d3Ino3JdYB7ZEF0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r2cTLYN9V2__d3Ino3JdYB7ZEF0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917414E/4C5E2FB8E3FF11ECAC210572C4F9AE02/41C460BE1BE911ED81DB667EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.11.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:20:27:b3:80:fe:d0:58:fb:2c:62:14:d8:56:af:24:4c:03:
19:90:a7:c3:d8:19:7d:04:be:98:4c:37:13:50:95:1b:d1:30:
69:63:27:12:56:c0:94:94:cb:42:9f:d9:54:8d:a4:d6:e6:fa:
dc:9d:7f:a9:f0:2e:b1:6d:ab:9d:97:ae:06:63:6c:32:21:a3:
cc:53:2c:94:55:61:73:44:f1:0a:60:b8:37:96:02:06:fb:61:
02:ae:e4:69:1a:0c:0e:27:eb:89:1a:f1:f6:b3:df:11:16:c7:
fb:84:75:35:1c:9a:b6:02:52:0e:4d:c8:da:20:8f:3e:5f:6e:
53:af:b5:fb:31:86:44:67:55:a0:69:d2:82:ad:68:c4:a1:53:
4a:6c:8a:46:03:bb:fc:26:4e:56:89:08:b5:9b:73:06:8f:5c:
32:9d:9f:5a:47:45:18:8c:a9:df:d0:0b:ea:6d:44:22:4b:ad:
ec:be:c9:22:78:cc:78:59:c2:63:74:dc:5e:a4:ed:ba:5b:46:
8a:dd:7b:b2:a6:fe:92:37:b9:23:75:6a:c9:94:8c:dd:41:04:
cb:1d:6d:cf:84:97:48:7d:ef:12:b9:a1:1f:3e:76:f1:08:d6:
f7:98:aa:9f:c5:64:90:b1:32:5a:85:72:1c:d6:eb:a4:d2:cd:
d8:15:e1:c0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAlgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQxNEUxMTAvBgNVBAUTKEFGNjcxMzJEODM3RDU3NkZGRjc3NzIyN0EzNzI1RDYw
MUVEOTEwNUQwHhcNMjQwODA5MDIzMzU2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI1ODAxNC0zNWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmYquxk8DnpPRiywHbxtZD640OZzcmkWwUP10BppbOzmexwLHR8sny0pbeEa2
pCa/Ksv+CRf5zfMg9dCZDe3Dqve2GnGR5HNAy77EpewvfLGlWB7Pt7y97JZl0SgI
y1x7+FhH3NHuT96T/zzwPBq1kIfHnkj/eVCbTCX6ldRiaB+zIM6yQGzuCL/cL1s3
KAHyE3NukMrWFBpNwx23Vh3OVh3rQdiJdIQT42rzLU/0dKsvO5WBgpXCzpVDde60
DgTDtF0K2wea1LcD7QaQmp6FJqwl7bsFTwji/RBaFlx+ZhPEYNbuIlsO2OY6l1Nq
9WdQk8U/MRwUv+rh9zELr/fTqQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM4P67al
IM23DqlVN34xddI5fKJDMB8GA1UdIwQYMBaAFK9nEy2DfVdv/3dyJ6NyXWAe2RBd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDE0RS80QzVFMkZCOEUz
RkYxMUVDQUMyMTA1NzJDNEY5QUUwMi9yMmNUTFlOOVYyX19kM0lubzNKZFlCN1pF
RjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3IyY1RMWU45VjJfX2QzSW5vM0pkWUI3WkVGMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQxNEUvNEM1RTJGQjhFM0ZGMTFFQ0FDMjEwNTcyQzRGOUFFMDIvNDFDNDYwQkUx
QkU5MTFFRDgxREI2NjdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnvQswDQYJKoZIhvcNAQELBQADggEBAKwgJ7OA/tBY+yxi
FNhWryRMAxmQp8PYGX0EvphMNxNQlRvRMGljJxJWwJSUy0Kf2VSNpNbm+tydf6nw
LrFtq52XrgZjbDIho8xTLJRVYXNE8QpguDeWAgb7YQKu5GkaDA4n64ka8faz3xEW
x/uEdTUcmrYCUg5NyNogjz5fblOvtfsxhkRnVaBp0oKtaMShU0psikYDu/wmTlaJ
CLWbcwaPXDKdn1pHRRiMqd/QC+ptRCJLrey+ySJ4zHhZwmN03F6k7bpbRorde7Km
/pI3uSN1asmUjN1BBMsdbc+El0h97xK5oR8+dvEI1veYqp/FZJCxMlqFchzW66TS
zdgV4cA=
-----END CERTIFICATE-----
Generated at Fri Apr 11 06:01:13 2025 by rpki-client