Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4F53/5B2BC7DA81C111ECAB7C9A42C4F9AE02/1ACED69481C311ECA399B842C4F9AE02.roa
File: 1ACED69481C311ECA399B842C4F9AE02.roa (raw, json)
Hash identifier: IKY7Nb0x1ujuZNuPt+3gHji4GgFtnx3tom+2NfDXEw4=
Subject key identifier: 38:8F:D8:ED:8A:C0:F6:9B:88:F2:F5:07:B8:00:29:84:68:6F:E8:EC
Certificate issuer: /CN=A91A4F53/serialNumber=D413CDEBD5229263D18F403F4421785255546CC4
Certificate serial: 0385
Authority key identifier: D4:13:CD:EB:D5:22:92:63:D1:8F:40:3F:44:21:78:52:55:54:6C:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1BPN69UikmPRj0A_RCF4UlVUbMQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4F53/5B2BC7DA81C111ECAB7C9A42C4F9AE02/1ACED69481C311ECA399B842C4F9AE02.roa
Signing time: Wed 27 Nov 2024 00:43:51 +0000
ROA not before: Wed 27 Nov 2024 00:43:51 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 133099
IP address blocks: 103.173.36.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 901 (0x385)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4F53
Validity
Not Before: Nov 27 00:43:51 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67466b47-9623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c6:ef:2d:e7:73:b4:1b:cc:57:ed:83:6a:05:
00:be:c7:7e:a7:ea:2c:c8:5e:48:be:d8:39:66:39:
76:d4:de:6b:83:c8:c6:da:ab:15:5d:1a:05:0d:a8:
c4:79:98:25:44:39:0b:4d:90:37:91:60:47:fd:50:
12:d1:f5:25:47:8d:99:9c:ee:13:49:f5:4a:e3:ab:
20:b8:ff:e4:03:f0:88:be:09:3c:d5:2a:8f:56:00:
e2:dc:ae:5e:90:cb:08:96:40:19:3c:0f:9f:ce:08:
c2:33:34:0e:51:7b:7f:04:b6:5f:e2:c2:11:b1:e9:
1f:30:11:ec:70:2f:9f:bb:60:f6:fe:96:f2:35:be:
12:fe:ab:e5:6e:db:38:fc:db:ac:ae:ff:b0:4a:0d:
90:43:75:eb:73:64:11:ff:e6:31:a5:0f:81:7b:51:
43:41:5e:5d:de:89:50:eb:f0:29:9e:cc:96:fe:c7:
2a:fd:b4:94:d4:22:67:ac:62:f3:79:f8:b0:3b:ba:
b3:79:51:cc:39:9e:18:b8:ab:9d:77:18:11:b7:c4:
26:20:26:f3:f9:20:b5:e4:af:1e:7d:d6:26:36:0e:
83:c1:94:2c:38:27:7a:f4:f5:1f:f3:c8:82:af:ae:
6f:f1:ef:45:50:41:43:a3:f3:6f:d0:b6:81:50:f5:
e2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:8F:D8:ED:8A:C0:F6:9B:88:F2:F5:07:B8:00:29:84:68:6F:E8:EC
X509v3 Authority Key Identifier:
keyid:D4:13:CD:EB:D5:22:92:63:D1:8F:40:3F:44:21:78:52:55:54:6C:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4F53/5B2BC7DA81C111ECAB7C9A42C4F9AE02/1BPN69UikmPRj0A_RCF4UlVUbMQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1BPN69UikmPRj0A_RCF4UlVUbMQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4F53/5B2BC7DA81C111ECAB7C9A42C4F9AE02/1ACED69481C311ECA399B842C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.173.36.0/23
Signature Algorithm: sha256WithRSAEncryption
01:4f:93:ac:b7:4e:37:a6:ab:30:7e:38:79:b7:fc:42:b0:2c:
40:fc:36:ed:87:17:0c:a8:0a:8b:5c:ef:f2:72:7b:da:e2:2d:
cd:84:35:20:9d:92:dd:c5:bd:de:2b:2c:9a:3e:14:96:0b:0e:
d2:2e:a7:a1:ad:84:89:99:a2:7b:e7:a3:14:38:5e:ed:83:7e:
f8:47:cf:8c:2c:08:2c:9e:6f:15:28:f7:80:ab:c5:16:a6:42:
55:74:ba:c6:c5:63:ee:0e:58:49:e6:e2:d8:21:94:55:02:e6:
20:ac:ae:98:3f:08:cd:52:95:cc:98:d3:ad:af:c8:06:f7:94:
7f:6a:e5:f7:1b:40:4c:43:ab:b4:56:75:a1:b1:20:f4:8d:1c:
5f:55:31:80:08:82:28:d3:3b:3d:fd:5c:0a:96:5d:b6:50:1d:
4e:31:ea:70:61:06:f1:25:cf:cd:43:84:e7:6d:30:68:23:de:
2e:b2:9a:9c:b2:d1:bc:fb:fe:8f:1d:de:69:72:e3:28:ad:57:
67:5c:23:26:60:bc:07:8b:13:d0:44:fe:4d:3e:df:0e:6a:60:
c8:da:9c:f3:0a:42:8f:a6:fb:88:c1:1f:1c:b5:fd:57:5e:35:
71:47:73:1a:9b:41:77:07:32:df:b1:00:6e:2f:d5:6d:13:75:
01:51:78:d9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA4UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTRGNTMxMTAvBgNVBAUTKEQ0MTNDREVCRDUyMjkyNjNEMThGNDAzRjQ0MjE3ODUy
NTU1NDZDQzQwHhcNMjQxMTI3MDA0MzUxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ2NmI0Ny05NjIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1sbvLedztBvMV+2DagUAvsd+p+osyF5Ivtg5Zjl21N5rg8jG2qsVXRoFDajE
eZglRDkLTZA3kWBH/VAS0fUlR42ZnO4TSfVK46sguP/kA/CIvgk81SqPVgDi3K5e
kMsIlkAZPA+fzgjCMzQOUXt/BLZf4sIRsekfMBHscC+fu2D2/pbyNb4S/qvlbts4
/Nusrv+wSg2QQ3Xrc2QR/+YxpQ+Be1FDQV5d3olQ6/ApnsyW/scq/bSU1CJnrGLz
efiwO7qzeVHMOZ4YuKuddxgRt8QmICbz+SC15K8efdYmNg6DwZQsOCd69PUf88iC
r65v8e9FUEFDo/Nv0LaBUPXiwQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDiP2O2K
wPabiPL1B7gAKYRob+jsMB8GA1UdIwQYMBaAFNQTzevVIpJj0Y9AP0QheFJVVGzE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEY1My81QjJCQzdEQTgx
QzExMUVDQUI3QzlBNDJDNEY5QUUwMi8xQlBONjlVaWttUFJqMEFfUkNGNFVsVlVi
TVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFCUE42OVVpa21QUmowQV9SQ0Y0VWxWVWJNUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRGNTMvNUIyQkM3REE4MUMxMTFFQ0FCN0M5QTQyQzRGOUFFMDIvMUFDRUQ2OTQ4
MUMzMTFFQ0EzOTlCODQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnrSQwDQYJKoZIhvcNAQELBQADggEBAAFPk6y3TjemqzB+
OHm3/EKwLED8Nu2HFwyoCotc7/Jye9riLc2ENSCdkt3Fvd4rLJo+FJYLDtIup6Gt
hImZonvnoxQ4Xu2DfvhHz4wsCCyebxUo94CrxRamQlV0usbFY+4OWEnm4tghlFUC
5iCsrpg/CM1SlcyY062vyAb3lH9q5fcbQExDq7RWdaGxIPSNHF9VMYAIgijTOz39
XAqWXbZQHU4x6nBhBvElz81DhOdtMGgj3i6ympyy0bz7/o8d3mly4yitV2dcIyZg
vAeLE9BE/k0+3w5qYMjanPMKQo+m+4jBHxy1/VdeNXFHcxqbQXcHMt+xAG4v1W0T
dQFReNk=
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:33:29 2025 by rpki-client