Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91896D4/5E9E64347B9611ED8BDFE311C4F9AE02/CD23AE8C403011EEA773CE47C4F9AE02.roa
File: CD23AE8C403011EEA773CE47C4F9AE02.roa (raw, json)
Hash identifier: AeibaNJLpaTPWil7j4GEFIcO329YJiVNQhWzIDubw3g=
Subject key identifier: 7F:5E:73:D5:30:FE:10:50:93:3F:4C:49:8E:D4:7D:68:7A:FA:9E:5F
Certificate issuer: /CN=A91896D4/serialNumber=4AB7079A9699D2AB9D68DE4AE4327C40BB2C50DB
Certificate serial: 0157
Authority key identifier: 4A:B7:07:9A:96:99:D2:AB:9D:68:DE:4A:E4:32:7C:40:BB:2C:50:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SrcHmpaZ0qudaN5K5DJ8QLssUNs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91896D4/5E9E64347B9611ED8BDFE311C4F9AE02/CD23AE8C403011EEA773CE47C4F9AE02.roa
Signing time: Fri 23 Aug 2024 04:17:07 +0000
ROA not before: Fri 23 Aug 2024 04:17:07 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 134424
IP address blocks: 103.167.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 343 (0x157)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91896D4
Validity
Not Before: Aug 23 04:17:07 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66c80d43-06f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:10:5b:6b:3e:ca:3a:c8:13:02:0a:b7:ad:3f:
20:18:a3:bc:17:21:63:ea:5e:33:69:b4:d7:4a:94:
32:2d:81:04:b8:d6:79:74:7e:d7:1e:18:73:aa:c1:
35:24:06:9e:67:66:77:b7:8e:50:52:c6:0e:b2:92:
15:7d:9c:47:53:8b:3b:20:cc:d5:2e:49:84:4d:ad:
df:ae:0d:70:c8:5f:6f:49:d5:75:8d:bb:7b:25:f5:
f3:2b:12:73:c4:9d:2f:e3:50:6c:87:0a:c9:35:f9:
40:7c:65:a6:f5:82:db:54:25:52:18:2c:b3:57:17:
a7:50:5d:93:d2:4c:a7:ed:fa:43:58:c8:16:b4:4f:
ff:06:d1:af:49:1f:69:c7:af:82:50:35:3a:be:68:
25:ea:44:4c:0e:a2:7b:46:7a:e7:04:9d:5e:ba:74:
36:a0:fd:f6:16:7c:17:bb:69:ef:51:a2:27:5b:85:
79:92:78:23:64:25:5d:ba:ad:f1:27:6c:9c:93:9f:
d2:c2:83:0e:cd:cd:41:de:56:7d:5d:ca:fc:62:e8:
cb:60:e5:2e:50:1f:81:2a:dc:01:f0:47:2a:01:42:
5c:9d:16:37:36:e7:e2:3f:14:ff:c4:e4:ec:fe:68:
75:bf:ba:fc:11:2b:3d:04:35:ff:9d:5c:63:c8:9f:
5c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:5E:73:D5:30:FE:10:50:93:3F:4C:49:8E:D4:7D:68:7A:FA:9E:5F
X509v3 Authority Key Identifier:
keyid:4A:B7:07:9A:96:99:D2:AB:9D:68:DE:4A:E4:32:7C:40:BB:2C:50:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91896D4/5E9E64347B9611ED8BDFE311C4F9AE02/SrcHmpaZ0qudaN5K5DJ8QLssUNs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SrcHmpaZ0qudaN5K5DJ8QLssUNs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91896D4/5E9E64347B9611ED8BDFE311C4F9AE02/CD23AE8C403011EEA773CE47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.209.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:27:a0:93:dd:14:70:8e:d1:8a:3d:17:0b:d6:3a:a2:4f:08:
c7:b2:47:5b:db:39:c1:45:ec:4f:db:94:64:3c:d0:47:2d:04:
c4:d6:f9:14:21:d3:c7:5c:d8:fc:c8:ed:53:8e:62:05:a5:12:
1a:5c:d4:17:bc:a4:b4:43:9b:d0:38:e0:01:2d:b0:b3:7e:d5:
fe:d4:bb:ac:69:08:68:58:68:94:15:61:7c:35:27:0e:a1:d5:
bf:48:11:51:f9:c6:df:e3:e4:1e:0d:ac:55:81:72:94:e7:be:
ad:15:c5:4e:d2:98:68:dd:7d:89:9e:e5:eb:6f:6f:d1:9e:7c:
47:1f:42:0d:16:e9:a0:d5:fe:16:2e:6c:dc:0c:1d:75:50:a7:
17:03:f9:3b:d6:60:84:85:18:a2:60:2c:a2:c6:15:e3:11:90:
5c:31:c1:16:6c:84:de:d3:cb:0d:10:43:53:d5:60:b1:76:33:
2d:8f:68:b3:d8:c9:98:3e:4c:d3:ea:49:dc:c6:b7:b8:8f:75:
15:48:4d:eb:0c:79:7d:a6:e0:a9:64:77:ce:a7:ca:20:8e:72:
c6:22:b2:55:ea:68:be:d3:b1:63:3a:02:3b:78:4a:9e:39:1c:
e4:0c:7e:f1:dc:49:e9:f7:47:13:22:b3:1a:a9:82:14:6a:da:
44:19:35:0b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAVcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODk2RDQxMTAvBgNVBAUTKDRBQjcwNzlBOTY5OUQyQUI5RDY4REU0QUU0MzI3QzQw
QkIyQzUwREIwHhcNMjQwODIzMDQxNzA3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM4MGQ0My0wNmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmRBbaz7KOsgTAgq3rT8gGKO8FyFj6l4zabTXSpQyLYEEuNZ5dH7XHhhzqsE1
JAaeZ2Z3t45QUsYOspIVfZxHU4s7IMzVLkmETa3frg1wyF9vSdV1jbt7JfXzKxJz
xJ0v41BshwrJNflAfGWm9YLbVCVSGCyzVxenUF2T0kyn7fpDWMgWtE//BtGvSR9p
x6+CUDU6vmgl6kRMDqJ7RnrnBJ1eunQ2oP32FnwXu2nvUaInW4V5kngjZCVduq3x
J2yck5/SwoMOzc1B3lZ9Xcr8YujLYOUuUB+BKtwB8EcqAUJcnRY3NufiPxT/xOTs
/mh1v7r8ESs9BDX/nVxjyJ9cGQIDAQABo4IClTCCApEwHQYDVR0OBBYEFH9ec9Uw
/hBQkz9MSY7UfWh6+p5fMB8GA1UdIwQYMBaAFEq3B5qWmdKrnWjeSuQyfEC7LFDb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OTZENC81RTlFNjQzNDdC
OTYxMUVEOEJERkUzMTFDNEY5QUUwMi9TcmNIbXBhWjBxdWRhTjVLNURKOFFMc3NV
TnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NyY0htcGFaMHF1ZGFONUs1REo4UUxzc1VOcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODk2RDQvNUU5RTY0MzQ3Qjk2MTFFRDhCREZFMzExQzRGOUFFMDIvQ0QyM0FFOEM0
MDMwMTFFRUE3NzNDRTQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnp9EwDQYJKoZIhvcNAQELBQADggEBACsnoJPdFHCO0Yo9
FwvWOqJPCMeyR1vbOcFF7E/blGQ80EctBMTW+RQh08dc2PzI7VOOYgWlEhpc1Be8
pLRDm9A44AEtsLN+1f7Uu6xpCGhYaJQVYXw1Jw6h1b9IEVH5xt/j5B4NrFWBcpTn
vq0VxU7SmGjdfYme5etvb9GefEcfQg0W6aDV/hYubNwMHXVQpxcD+TvWYISFGKJg
LKLGFeMRkFwxwRZshN7Tyw0QQ1PVYLF2My2PaLPYyZg+TNPqSdzGt7iPdRVITesM
eX2m4Klkd86nyiCOcsYislXqaL7TsWM6Ajt4Sp45HOQMfvHcSen3RxMisxqpghRq
2kQZNQs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:18:00 2025 by rpki-client