Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/41C7DA1E037411EEB6D5D751C4F9AE02.roa
File: 41C7DA1E037411EEB6D5D751C4F9AE02.roa (raw, json)
Hash identifier: oB/sM7KuJ08EuPpI0s9B4cHi6tUjihsIwHEQ/aPsYV0=
Subject key identifier: 19:47:5D:44:10:DE:EE:3E:40:C4:F8:D0:4A:5C:1A:A2:22:68:B8:EC
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 45BD
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/41C7DA1E037411EEB6D5D751C4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:33:47 +0000
ROA not before: Thu 05 Sep 2024 03:33:47 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 149089
IP address blocks: 103.82.36.0/22 maxlen: 24
103.82.132.0/22 maxlen: 24
103.82.192.0/22 maxlen: 24
2407:5b40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17853 (0x45bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:33:47 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d9269a-e9c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:43:63:51:f8:da:3b:2c:7e:da:95:69:ab:ea:
9d:4a:54:be:68:a7:7d:68:28:cc:bd:04:a6:0c:78:
4f:cb:a9:0f:9a:e5:c4:de:da:1c:de:fe:14:50:24:
62:36:c8:2e:53:e2:43:0a:c9:0b:6c:5f:4e:63:7f:
4b:69:83:f8:13:67:48:74:a7:4f:28:64:c6:28:e9:
ed:f9:ba:f1:5b:97:cc:56:6f:27:e0:99:c8:7b:75:
5d:f7:02:c6:c0:f5:0c:ee:74:72:e4:c2:45:40:30:
b5:c3:90:bd:79:62:ab:b2:df:d9:65:25:b1:a2:99:
b9:04:82:33:6f:92:6b:77:7a:eb:f9:9d:29:65:f4:
35:53:65:c9:86:58:7c:27:ff:95:c6:86:f6:ad:3d:
14:a7:90:b5:16:0c:27:f7:44:47:27:48:d3:08:7a:
ee:96:a8:63:cd:ae:08:4d:d3:38:be:62:f2:a8:56:
59:72:28:14:0f:d6:c3:47:f2:5b:8c:05:3b:22:1d:
38:c9:6d:6b:38:6b:a2:20:cc:7d:75:12:99:d3:5d:
17:c3:ee:88:a7:e0:c5:d9:85:db:00:ed:c2:da:4e:
5d:a5:61:78:cb:22:92:54:19:eb:de:e5:b8:82:66:
c7:65:32:8a:2f:2e:14:0a:8c:7c:70:06:e1:d5:c2:
53:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:47:5D:44:10:DE:EE:3E:40:C4:F8:D0:4A:5C:1A:A2:22:68:B8:EC
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/41C7DA1E037411EEB6D5D751C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.36.0/22
103.82.132.0/22
103.82.192.0/22
IPv6:
2407:5b40::/48
Signature Algorithm: sha256WithRSAEncryption
83:2a:83:a2:0b:0e:35:18:76:69:da:cb:5b:ba:d4:07:a5:f9:
21:ff:a6:f0:1e:c1:9d:08:27:c5:b2:4d:bd:b7:ce:a1:b5:00:
8c:8b:c4:41:d7:dd:40:b7:11:43:d1:a0:37:9f:6f:d2:72:6d:
e2:65:4c:07:c1:0f:38:c5:3c:c1:f1:00:7b:96:94:30:b2:d8:
40:45:22:c3:2e:20:b4:00:c4:39:25:7a:ed:dd:b0:86:54:b5:
1d:0b:84:2c:32:50:73:3a:63:d4:6e:af:00:1a:c4:b3:27:fe:
3d:2b:e5:a3:58:43:05:56:f8:c8:63:63:d3:2d:48:9d:df:2b:
d7:24:6e:99:a3:1c:71:9c:02:32:6e:e4:c0:48:86:c3:ba:4d:
4e:32:4e:8f:f1:bc:fa:78:85:a0:96:bc:78:88:07:f6:5d:05:
38:31:1e:ce:65:0a:dd:0c:89:0b:9f:3f:c8:b8:e0:22:24:59:
27:05:83:78:c5:ec:7d:7d:6b:4b:7c:7d:b8:33:cd:bd:1b:1b:
ef:4b:53:db:85:c6:bb:d7:99:e4:08:45:f9:79:36:cc:18:17:
3c:13:01:91:03:5d:f3:5b:69:67:d4:bf:b9:05:20:d1:e1:d5:
5a:2b:ee:37:b1:46:87:55:d3:37:e5:dc:e6:4c:5e:eb:c5:42:
c1:df:38:7e
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICRb0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzMzQ3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjY5YS1lOWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwENjUfjaOyx+2pVpq+qdSlS+aKd9aCjMvQSmDHhPy6kPmuXE3toc3v4UUCRi
NsguU+JDCskLbF9OY39LaYP4E2dIdKdPKGTGKOnt+brxW5fMVm8n4JnIe3Vd9wLG
wPUM7nRy5MJFQDC1w5C9eWKrst/ZZSWxopm5BIIzb5Jrd3rr+Z0pZfQ1U2XJhlh8
J/+Vxob2rT0Up5C1Fgwn90RHJ0jTCHrulqhjza4ITdM4vmLyqFZZcigUD9bDR/Jb
jAU7Ih04yW1rOGuiIMx9dRKZ010Xw+6Ip+DF2YXbAO3C2k5dpWF4yyKSVBnr3uW4
gmbHZTKKLy4UCox8cAbh1cJTUQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFBlHXUQQ
3u4+QMT40EpcGqIiaLjsMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNDFDN0RBMUUw
Mzc0MTFFRUI2RDVENzUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBgEAgABMBIDBAJnUiQDBAJnUoQDBAJnUsAwDwQCAAIwCQMHACQHW0AAADAN
BgkqhkiG9w0BAQsFAAOCAQEAgyqDogsONRh2adrLW7rUB6X5If+m8B7BnQgnxbJN
vbfOobUAjIvEQdfdQLcRQ9GgN59v0nJt4mVMB8EPOMU8wfEAe5aUMLLYQEUiwy4g
tADEOSV67d2whlS1HQuELDJQczpj1G6vABrEsyf+PSvlo1hDBVb4yGNj0y1Ind8r
1yRumaMccZwCMm7kwEiGw7pNTjJOj/G8+niFoJa8eIgH9l0FODEezmUK3QyJC58/
yLjgIiRZJwWDeMXsfX1rS3x9uDPNvRsb70tT24XGu9eZ5AhF+Xk2zBgXPBMBkQNd
81tpZ9S/uQUg0eHVWivuN7FGh1XTN+Xc5kxe68VCwd84fg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:33:20 2025 by rpki-client