Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/05C5F1D847D311EE96B1C77EC4F9AE02.roa
File: 05C5F1D847D311EE96B1C77EC4F9AE02.roa (raw, json)
Hash identifier: /FlvmkW8ZcYxMRO4oHCneUvHJ2+DlpCXInPmo1unRck=
Subject key identifier: 43:B0:C7:51:69:BA:24:F6:E9:E0:EA:FA:D2:A0:7C:C8:CA:6C:6A:4B
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4604
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/05C5F1D847D311EE96B1C77EC4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:34:48 +0000
ROA not before: Thu 05 Sep 2024 03:34:48 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 150880
IP address blocks: 103.20.96.0/23 maxlen: 23
2401:2b20::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17924 (0x4604)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:34:48 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d926d8-cd13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2a:94:e1:94:31:74:69:3c:55:af:51:0d:66:
57:44:0f:e7:6a:bc:ed:3c:c3:46:77:97:bd:ba:81:
3b:b6:4c:49:fb:d3:41:d8:2c:8f:bc:86:f3:5b:07:
45:bf:20:2f:85:57:48:2b:57:6e:50:0a:c5:bf:f8:
f1:29:c1:37:fd:2e:0a:c2:77:82:70:1f:fc:61:bf:
6c:3a:c6:e4:e0:41:1b:f7:26:76:3f:ad:02:9d:42:
d4:4b:50:b1:b6:9e:2a:bf:3b:d1:3d:33:37:e7:1b:
fc:d2:78:ce:ab:fa:ed:44:90:ad:50:35:28:5a:b4:
36:5b:4c:46:d1:45:c3:af:22:e1:dd:18:14:f6:63:
f5:e2:ed:62:98:f6:74:4e:4a:81:45:62:5a:c7:f4:
c6:e8:1d:4a:2f:7e:81:90:b0:e4:37:ba:2c:e9:4a:
05:84:2f:45:1e:40:0c:00:c2:5c:e4:46:38:06:0d:
2e:15:55:83:c7:f5:c0:57:d6:27:70:6a:16:a5:b9:
ee:3e:02:a0:ab:7f:93:31:33:d5:8a:f0:ed:08:f7:
e6:df:df:eb:0b:f6:e7:b0:b1:74:0e:59:e8:43:32:
af:76:56:76:cc:28:7f:6f:4f:df:ee:ea:80:63:98:
df:29:b0:65:05:b0:ae:83:99:88:d2:a3:1c:4d:a6:
2d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B0:C7:51:69:BA:24:F6:E9:E0:EA:FA:D2:A0:7C:C8:CA:6C:6A:4B
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/05C5F1D847D311EE96B1C77EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.96.0/23
IPv6:
2401:2b20::/48
Signature Algorithm: sha256WithRSAEncryption
42:48:9c:5b:c3:e3:10:29:6e:fb:38:45:fd:69:6d:9d:f2:51:
7e:07:6e:e3:64:af:67:39:10:8d:d2:82:a4:42:4b:18:97:f0:
1f:d6:32:36:8e:dc:66:08:a3:2c:bc:c0:5d:48:8c:fe:e9:e2:
3b:e2:f1:3a:5a:58:f1:e9:5f:8b:c5:79:18:1d:ae:c8:22:c2:
0f:a3:fe:f7:bf:6d:43:a9:dc:66:d5:f9:ab:a2:bd:68:1a:68:
ec:61:4c:36:c1:bd:6e:f0:e1:b7:39:54:b0:73:cd:44:b5:1f:
e8:e3:09:b9:be:3a:a5:1c:3d:5e:dc:5a:b5:be:0b:12:d6:2b:
2a:45:f0:ac:1d:f6:f4:09:5c:57:76:83:a8:72:63:82:66:91:
e5:d4:c8:d6:87:b1:06:dc:27:41:d1:91:89:22:fc:95:df:8d:
a2:17:75:9c:01:b1:05:46:12:02:9f:27:7d:25:1e:16:03:58:
6d:73:c6:8d:30:ed:8e:1f:eb:7a:c0:a9:f9:80:85:f8:ae:f8:
ae:bf:dc:8f:0d:69:0f:10:2d:56:5b:87:fa:a3:1c:51:c7:79:
44:46:c3:ba:fd:aa:27:50:aa:b0:47:22:98:b5:d7:94:f8:49:
38:57:41:76:90:f0:b1:14:43:bc:4a:0f:a3:35:a3:9e:9f:20:
15:09:f3:4e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICRgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzNDQ4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjZkOC1jZDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1CqU4ZQxdGk8Va9RDWZXRA/narztPMNGd5e9uoE7tkxJ+9NB2CyPvIbzWwdF
vyAvhVdIK1duUArFv/jxKcE3/S4KwneCcB/8Yb9sOsbk4EEb9yZ2P60CnULUS1Cx
tp4qvzvRPTM35xv80njOq/rtRJCtUDUoWrQ2W0xG0UXDryLh3RgU9mP14u1imPZ0
TkqBRWJax/TG6B1KL36BkLDkN7os6UoFhC9FHkAMAMJc5EY4Bg0uFVWDx/XAV9Yn
cGoWpbnuPgKgq3+TMTPVivDtCPfm39/rC/bnsLF0DlnoQzKvdlZ2zCh/b0/f7uqA
Y5jfKbBlBbCug5mI0qMcTaYtmQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFEOwx1Fp
uiT26eDq+tKgfMjKbGpLMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMDVDNUYxRDg0
N0QzMTFFRTk2QjFDNzdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnFGAwDwQCAAIwCQMHACQBKyAAADANBgkqhkiG9w0BAQsF
AAOCAQEAQkicW8PjEClu+zhF/WltnfJRfgdu42SvZzkQjdKCpEJLGJfwH9YyNo7c
ZgijLLzAXUiM/uniO+LxOlpY8elfi8V5GB2uyCLCD6P+979tQ6ncZtX5q6K9aBpo
7GFMNsG9bvDhtzlUsHPNRLUf6OMJub46pRw9Xtxatb4LEtYrKkXwrB329AlcV3aD
qHJjgmaR5dTI1oexBtwnQdGRiSL8ld+Nohd1nAGxBUYSAp8nfSUeFgNYbXPGjTDt
jh/resCp+YCF+K74rr/cjw1pDxAtVluH+qMcUcd5REbDuv2qJ1CqsEcimLXXlPhJ
OFdBdpDwsRRDvEoPozWjnp8gFQnzTg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:51:21 2025 by rpki-client