Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/3A7A9084B1B811ED8DC4D42EC4F9AE02.roa
File: 3A7A9084B1B811ED8DC4D42EC4F9AE02.roa (raw, json)
Hash identifier: prC4lLXdOKiUxKhz5GAvKDYCQGEjoWb2jnD0KJCi6rM=
Subject key identifier: 07:30:CF:CF:CF:F0:BD:8E:A3:5B:24:D4:A8:CE:21:B1:D3:92:7B:EC
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 45E5
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/3A7A9084B1B811ED8DC4D42EC4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:34:22 +0000
ROA not before: Thu 05 Sep 2024 03:34:22 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 150821
IP address blocks: 103.77.174.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17893 (0x45e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:34:22 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d926be-cb56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7d:51:e7:a8:be:5b:f7:5a:77:12:2e:3e:40:
f8:62:31:4b:b0:26:d0:8b:7a:99:ed:2b:49:c8:ba:
3e:c5:4e:64:1a:52:15:0f:47:59:c6:f7:4f:3a:b4:
45:d6:1f:48:a6:1a:33:8b:d5:c4:18:47:e0:d5:9a:
ff:f5:b7:12:58:a4:a1:24:d5:31:6a:ec:3b:5c:e1:
18:49:30:72:69:14:7f:4b:c0:57:b5:57:57:38:1d:
18:d8:72:06:77:b9:aa:2c:01:4c:0b:cd:a2:0c:43:
49:dc:20:23:78:80:c4:50:ca:f8:54:49:04:fd:36:
d0:1d:4e:5f:b9:46:25:a9:50:c1:5f:2f:85:66:7d:
ef:1f:1b:fe:e8:c4:d3:14:9e:c6:e7:3d:11:16:39:
eb:65:df:34:44:5f:54:9f:b0:7e:d4:ad:33:35:1f:
2e:88:de:8a:4c:8d:5a:01:2a:d4:4a:d1:ec:54:d5:
10:71:89:d6:73:f0:bf:e6:c7:e7:0f:6f:0f:73:db:
fe:1e:26:d2:b1:84:7d:44:f8:04:53:ec:d5:d8:72:
d6:b1:02:18:bb:3b:65:a3:6e:23:1a:03:dc:45:4f:
59:66:54:be:ab:f9:17:ca:7c:1d:98:ff:01:33:66:
ab:86:55:5e:6d:bf:b9:83:31:24:b5:cc:44:66:3d:
1c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:30:CF:CF:CF:F0:BD:8E:A3:5B:24:D4:A8:CE:21:B1:D3:92:7B:EC
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/3A7A9084B1B811ED8DC4D42EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.77.174.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:b6:b3:c8:0a:50:54:d6:b6:18:a4:7a:5c:03:54:a6:b8:b0:
72:4c:75:ac:c2:ab:0c:b5:be:bb:9b:76:c0:d7:e2:c6:c5:3c:
c2:f4:c1:62:c1:cd:8d:5b:0b:8c:58:57:96:8c:38:76:c0:7d:
00:e7:da:24:41:92:bc:5b:6e:52:6b:b3:e3:4a:00:41:61:9b:
69:4a:bd:2f:fe:54:88:a8:48:74:54:ac:75:46:7d:58:ed:9f:
79:7d:ba:21:63:a8:c9:49:37:4f:bf:36:20:4f:59:f3:84:a8:
b0:82:f8:ee:9b:2d:9a:76:41:37:ed:95:f5:22:c1:78:77:73:
be:2d:74:d2:62:9e:ef:7b:b7:64:3b:f4:72:3e:d1:c5:d8:4a:
48:fb:05:c6:99:99:5f:b8:a5:31:da:cb:ef:91:b0:c3:e2:2a:
b7:e1:d5:ca:7a:77:3b:d8:91:ef:96:5e:7c:12:fa:e4:0c:b8:
4d:a2:2b:ec:ba:a1:2b:e8:bd:f3:9a:b8:41:db:ec:3c:f1:2a:
57:dc:17:be:65:9a:c2:52:66:4f:d9:9b:e7:fe:54:c9:d5:3c:
04:7f:01:68:8e:16:04:d0:98:4f:86:73:e4:a3:86:20:54:df:
80:7d:fb:d6:08:81:5c:24:7e:53:91:e1:97:4f:c6:00:f3:0c:
80:fd:70:b2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICReUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzNDIyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjZiZS1jYjU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApX1R56i+W/dadxIuPkD4YjFLsCbQi3qZ7StJyLo+xU5kGlIVD0dZxvdPOrRF
1h9Iphozi9XEGEfg1Zr/9bcSWKShJNUxauw7XOEYSTByaRR/S8BXtVdXOB0Y2HIG
d7mqLAFMC82iDENJ3CAjeIDEUMr4VEkE/TbQHU5fuUYlqVDBXy+FZn3vHxv+6MTT
FJ7G5z0RFjnrZd80RF9Un7B+1K0zNR8uiN6KTI1aASrUStHsVNUQcYnWc/C/5sfn
D28Pc9v+HibSsYR9RPgEU+zV2HLWsQIYuztlo24jGgPcRU9ZZlS+q/kXynwdmP8B
M2arhlVebb+5gzEktcxEZj0caQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAcwz8/P
8L2Oo1sk1KjOIbHTknvsMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvM0E3QTkwODRC
MUI4MTFFRDhEQzRENDJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnTa4wDQYJKoZIhvcNAQELBQADggEBAEy2s8gKUFTWthik
elwDVKa4sHJMdazCqwy1vrubdsDX4sbFPML0wWLBzY1bC4xYV5aMOHbAfQDn2iRB
krxbblJrs+NKAEFhm2lKvS/+VIioSHRUrHVGfVjtn3l9uiFjqMlJN0+/NiBPWfOE
qLCC+O6bLZp2QTftlfUiwXh3c74tdNJinu97t2Q79HI+0cXYSkj7BcaZmV+4pTHa
y++RsMPiKrfh1cp6dzvYke+WXnwS+uQMuE2iK+y6oSvovfOauEHb7DzxKlfcF75l
msJSZk/Zm+f+VMnVPAR/AWiOFgTQmE+Gc+SjhiBU34B9+9YIgVwkflOR4ZdPxgDz
DID9cLI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:35:51 2025 by rpki-client