Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/3C50B390F40D11EA8F33167EC4F9AE02.roa
File: 3C50B390F40D11EA8F33167EC4F9AE02.roa (raw, json)
Hash identifier: gtp/ttmek6GgGghweUqlC/8My2J9ghZTwKeH7K21aSY=
Subject key identifier: AB:1E:5E:5C:0C:7D:CB:52:72:07:4B:C9:A7:6D:99:74:13:3D:D0:CF
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4533
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/3C50B390F40D11EA8F33167EC4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:31:46 +0000
ROA not before: Thu 05 Sep 2024 03:31:46 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 131365
IP address blocks: 103.9.84.0/22 maxlen: 24
2001:df0:3780::/48 maxlen: 48
2001:df0:3781::/48 maxlen: 48
2001:df0:3782::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17715 (0x4533)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:31:46 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d92622-295d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e7:ed:69:9d:e1:21:38:05:f1:61:4b:e1:f7:
60:e9:24:b2:a8:d9:6e:b3:a3:dd:96:b6:c0:6e:f5:
47:42:08:ca:05:31:89:45:91:2c:12:bf:6c:5b:ba:
e8:9d:41:77:24:39:fa:8e:8f:59:1a:63:18:6d:fa:
c7:4a:0f:3c:69:ec:f8:af:20:de:5a:f4:dd:a5:26:
e8:d4:9c:0d:2f:6d:e6:02:10:f6:87:00:29:5a:8d:
6c:d0:e9:fa:18:6c:0b:ec:ac:0a:2f:47:3d:83:4f:
69:e6:b0:11:89:43:e7:02:38:4e:fb:88:28:b9:0b:
97:26:c6:de:9b:86:26:5a:ad:38:74:33:2c:81:11:
e2:c4:34:41:53:ef:7c:0a:e1:54:bb:bc:19:76:e8:
f1:f5:95:00:59:e7:d7:b2:2d:7c:17:c2:68:91:ac:
f2:31:96:e9:cf:ae:1f:b9:1a:e3:6b:04:eb:01:b4:
a6:92:a6:4a:87:fa:13:86:59:cc:04:fd:3b:8f:b8:
92:f9:ef:ef:07:3a:4e:34:e0:41:a4:ba:bb:0d:9a:
70:7f:e8:62:e5:cd:f3:c8:4c:bd:03:e6:15:a0:d1:
11:f4:be:19:01:aa:cc:cd:9f:f9:49:51:08:dc:47:
1c:b6:a3:b6:bb:2f:fb:c9:c8:09:ff:f7:a5:0c:c3:
41:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:1E:5E:5C:0C:7D:CB:52:72:07:4B:C9:A7:6D:99:74:13:3D:D0:CF
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/3C50B390F40D11EA8F33167EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.9.84.0/22
IPv6:
2001:df0:3780::-2001:df0:3782:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0a:a2:5c:7b:2a:a7:e9:b1:1e:55:d8:68:b6:73:75:ab:72:a6:
5f:bd:05:9a:ff:02:a0:e3:d7:42:4a:8a:20:cf:b0:af:f9:05:
ea:fd:09:57:14:14:b8:9a:e7:da:9d:a1:f7:6e:52:99:94:66:
ba:cd:61:07:5c:3a:d0:f1:b6:b1:21:47:d2:5f:b8:4b:92:b5:
6e:0d:ec:65:bd:54:04:1d:d3:25:3e:21:76:0e:9c:69:5b:aa:
80:85:a9:ff:9b:9c:53:af:62:8e:9e:0d:63:2e:27:1d:9a:cc:
71:2f:65:1a:28:1a:f0:85:3a:e8:03:47:a3:34:6a:56:51:ae:
75:24:f3:04:97:06:8e:68:16:f2:20:d2:31:eb:d4:de:38:67:
a7:05:c2:81:31:40:d2:87:73:de:c9:63:68:b2:6c:9e:84:87:
18:c6:c3:e2:24:fd:fa:cb:b0:9d:c8:c9:a9:36:33:a2:be:6e:
bb:69:f0:61:22:e8:ba:44:70:9f:ae:fd:7b:ac:e2:d1:85:c1:
f3:96:61:11:b4:92:de:7e:5a:45:04:dd:b2:db:08:9a:7d:b2:
02:b2:bf:1c:50:dc:1a:24:6b:4d:0c:6d:39:d0:94:8e:49:bc:
63:09:31:88:8a:76:70:2f:0d:dd:19:cc:24:c2:f5:9e:98:4a:
58:fc:e8:06
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICRTMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzMTQ2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjYyMi0yOTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAruftaZ3hITgF8WFL4fdg6SSyqNlus6PdlrbAbvVHQgjKBTGJRZEsEr9sW7ro
nUF3JDn6jo9ZGmMYbfrHSg88aez4ryDeWvTdpSbo1JwNL23mAhD2hwApWo1s0On6
GGwL7KwKL0c9g09p5rARiUPnAjhO+4gouQuXJsbem4YmWq04dDMsgRHixDRBU+98
CuFUu7wZdujx9ZUAWefXsi18F8JokazyMZbpz64fuRrjawTrAbSmkqZKh/oThlnM
BP07j7iS+e/vBzpONOBBpLq7DZpwf+hi5c3zyEy9A+YVoNER9L4ZAarMzZ/5SVEI
3EcctqO2uy/7ycgJ//elDMNBsQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFKseXlwM
fctScgdLyadtmXQTPdDPMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvM0M1MEIzOTBG
NDBEMTFFQThGMzMxNjdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMAwEAgABMAYDBAJnCVQwGgQCAAIwFDASAwcHIAEN8DeAAwcAIAEN8DeCMA0G
CSqGSIb3DQEBCwUAA4IBAQAKolx7KqfpsR5V2Gi2c3WrcqZfvQWa/wKg49dCSoog
z7Cv+QXq/QlXFBS4mufanaH3blKZlGa6zWEHXDrQ8baxIUfSX7hLkrVuDexlvVQE
HdMlPiF2DpxpW6qAhan/m5xTr2KOng1jLicdmsxxL2UaKBrwhTroA0ejNGpWUa51
JPMElwaOaBbyINIx69TeOGenBcKBMUDSh3PeyWNosmyehIcYxsPiJP36y7CdyMmp
NjOivm67afBhIui6RHCfrv17rOLRhcHzlmERtJLeflpFBN2y2wiafbICsr8cUNwa
JGtNDG050JSOSbxjCTGIinZwLw3dGcwkwvWemEpY/OgG
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:30:38 2025 by rpki-client