Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/F126F04A11A911EBB5A4DD83C4F9AE02.roa
File: F126F04A11A911EBB5A4DD83C4F9AE02.roa (raw, json)
Hash identifier: 0rr8K1LQ/thtLtkFZc4kC3SiEr3iL8XaKJgB3Bca1+4=
Subject key identifier: CD:FC:CF:BE:A5:32:69:9B:E7:F4:C6:5F:07:BD:B0:57:7E:72:64:33
Certificate issuer: /CN=A917DA4A/serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0
Certificate serial: 06F5
Authority key identifier: 08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/F126F04A11A911EBB5A4DD83C4F9AE02.roa
Signing time: Sun 04 Aug 2024 22:19:53 +0000
ROA not before: Sun 04 Aug 2024 22:19:53 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 131188
IP address blocks: 103.1.12.0/24 maxlen: 24
103.1.13.0/24 maxlen: 24
103.1.14.0/24 maxlen: 24
103.1.15.0/24 maxlen: 24
111.91.236.0/24 maxlen: 24
111.91.237.0/24 maxlen: 24
111.91.238.0/24 maxlen: 24
111.91.239.0/24 maxlen: 24
2403:4900:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1781 (0x6f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917DA4A
Validity
Not Before: Aug 4 22:19:53 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66affe89-4939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8d:8d:91:8f:8a:eb:1a:a3:59:c6:3f:b7:96:
4c:f0:6c:d8:eb:6d:12:62:3e:cb:99:71:03:47:75:
82:b8:b0:75:28:c9:38:d5:ea:34:d6:28:0f:58:96:
d9:63:94:2e:fa:b5:65:5f:b8:dd:ac:8f:c1:fa:27:
fc:65:51:df:f8:34:48:d6:cc:fa:ca:6c:d4:23:be:
d2:43:2b:80:d7:e6:6f:0a:5f:12:79:95:71:f1:ed:
db:fa:b0:f3:2e:3e:4d:1f:1c:00:16:ba:a6:cf:4a:
b8:3d:9f:2c:8e:8c:f4:97:34:c5:48:70:de:88:63:
b2:4d:3c:23:f2:bc:6f:62:a8:55:27:45:72:e8:68:
22:41:69:13:a4:cb:39:e1:0e:d4:c2:7a:4e:33:b8:
1b:2c:15:2b:d2:0f:00:56:4a:6f:60:22:db:c3:09:
5f:6a:dc:69:32:29:2b:2f:21:db:9c:1c:84:15:5d:
de:73:37:9e:91:47:3a:b2:eb:69:cf:8a:cb:ff:f4:
81:ff:08:42:7d:48:8e:1e:e8:04:98:af:5e:7c:68:
0f:e4:c1:95:12:ef:61:e6:60:91:3d:1b:04:93:36:
78:59:ef:13:69:3f:f0:c5:d2:0c:47:ee:01:cb:de:
3b:0c:e4:6a:cc:12:ce:9a:60:90:d5:21:52:29:21:
60:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:FC:CF:BE:A5:32:69:9B:E7:F4:C6:5F:07:BD:B0:57:7E:72:64:33
X509v3 Authority Key Identifier:
keyid:08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/F126F04A11A911EBB5A4DD83C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.1.12.0/22
111.91.236.0/22
IPv6:
2403:4900:1::/48
Signature Algorithm: sha256WithRSAEncryption
26:26:17:56:01:52:a4:e4:d3:1c:72:37:16:f2:b8:78:7d:64:
15:ff:fb:0b:61:d1:b9:c1:54:4b:f3:b9:e0:89:90:dd:a6:f1:
d6:8d:31:1a:34:02:56:d5:2a:8b:4c:f4:45:87:68:b0:c7:89:
d2:d2:0c:f7:e7:a1:4e:a6:7e:a9:90:c5:80:aa:c4:3a:82:b6:
40:61:ca:29:d8:04:82:7b:c8:2f:50:06:2d:96:98:c7:f0:b0:
d0:c8:2e:ec:24:0c:02:f0:e5:f7:65:10:59:d5:1d:5e:5a:01:
48:97:02:fc:b5:14:6a:6a:b5:01:57:3a:67:01:1e:ef:68:ef:
af:a1:7d:2f:98:d4:ff:ad:8b:0f:ee:11:2c:56:db:0d:c8:e0:
71:c1:c4:cf:ef:b6:72:dd:64:cc:92:7d:6d:ba:3f:a5:86:b8:
5a:e2:4a:7c:2a:3f:49:3a:97:43:95:c6:9a:c8:46:d7:b5:da:
5f:09:52:5b:63:cc:8f:a7:16:a1:2e:be:a3:b3:60:19:f6:1d:
a3:d5:83:08:ad:71:44:9c:57:5d:51:36:8e:89:07:00:ea:e0:
70:2c:a6:51:ae:45:0f:62:66:aa:30:2c:62:93:ff:28:c2:74:
ee:41:69:35:bd:94:c5:8e:69:52:9f:db:d0:27:1d:3c:b0:e5:
bf:4b:1a:fc
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICBvUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RBNEExMTAvBgNVBAUTKDA4ODY5MUYxRjc4QkQ5Q0VGRUQ4MEQzNkQ2NTBENjc3
NjdBNkJEQjAwHhcNMjQwODA0MjIxOTUzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFmZmU4OS00OTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz42NkY+K6xqjWcY/t5ZM8GzY620SYj7LmXEDR3WCuLB1KMk41eo01igPWJbZ
Y5Qu+rVlX7jdrI/B+if8ZVHf+DRI1sz6ymzUI77SQyuA1+ZvCl8SeZVx8e3b+rDz
Lj5NHxwAFrqmz0q4PZ8sjoz0lzTFSHDeiGOyTTwj8rxvYqhVJ0Vy6GgiQWkTpMs5
4Q7UwnpOM7gbLBUr0g8AVkpvYCLbwwlfatxpMikrLyHbnByEFV3eczeekUc6sutp
z4rL//SB/whCfUiOHugEmK9efGgP5MGVEu9h5mCRPRsEkzZ4We8TaT/wxdIMR+4B
y947DORqzBLOmmCQ1SFSKSFgywIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFM38z76l
Mmmb5/TGXwe9sFd+cmQzMB8GA1UdIwQYMBaAFAiGkfH3i9nO/tgNNtZQ1ndnpr2w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REE0QS8wNTFEQUY1QTBE
QzUxMUVCOUM2QkJEMUNDNEY5QUUwMi9DSWFSOGZlTDJjNy0yQTAyMWxEV2QyZW12
YkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NJYVI4ZmVMMmM3LTJBMDIxbERXZDJlbXZiQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RBNEEvMDUxREFGNUEwREM1MTFFQjlDNkJCRDFDQzRGOUFFMDIvRjEyNkYwNEEx
MUE5MTFFQkI1QTRERDgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAJnAQwDBAJvW+wwDwQCAAIwCQMHACQDSQAAATANBgkqhkiG
9w0BAQsFAAOCAQEAJiYXVgFSpOTTHHI3FvK4eH1kFf/7C2HRucFUS/O54ImQ3abx
1o0xGjQCVtUqi0z0RYdosMeJ0tIM9+ehTqZ+qZDFgKrEOoK2QGHKKdgEgnvIL1AG
LZaYx/Cw0Mgu7CQMAvDl92UQWdUdXloBSJcC/LUUamq1AVc6ZwEe72jvr6F9L5jU
/62LD+4RLFbbDcjgccHEz++2ct1kzJJ9bbo/pYa4WuJKfCo/STqXQ5XGmshG17Xa
XwlSW2PMj6cWoS6+o7NgGfYdo9WDCK1xRJxXXVE2jokHAOrgcCymUa5FD2JmqjAs
YpP/KMJ07kFpNb2UxY5pUp/b0CcdPLDlv0sa/A==
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:23:19 2025 by rpki-client