Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5EEDB5FC79E411EC99DA1B51C4F9AE02.roa
File: 5EEDB5FC79E411EC99DA1B51C4F9AE02.roa (raw, json)
Hash identifier: 6knpPFEk97vaPEyDxT/fz+5tLcHaaSGHnPvusUVrbfY=
Subject key identifier: D0:6C:F3:A0:05:45:A6:47:68:D6:35:D6:33:9B:99:E8:91:23:B8:50
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4686
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5EEDB5FC79E411EC99DA1B51C4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:36:41 +0000
ROA not before: Thu 05 Sep 2024 03:36:41 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 63754
IP address blocks: 103.68.240.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18054 (0x4686)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:36:41 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d92748-8503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:83:03:ce:da:59:93:b7:9d:9d:2b:39:38:ab:
b6:53:8b:60:b7:77:07:2d:8c:d6:23:ef:b7:5d:95:
9f:35:ec:1a:8c:6b:c8:0c:e5:ab:19:46:c5:c6:bf:
bc:d6:1b:6f:17:99:32:d8:ea:75:9c:4f:60:06:bc:
fb:05:b8:ff:9b:d7:3b:64:bc:d9:38:d7:b0:36:41:
b1:70:43:16:e1:86:d2:51:4a:b9:39:0a:a6:72:70:
ad:22:c8:b8:19:25:19:f0:29:7e:7d:26:c2:c5:4b:
e7:fb:ed:3b:df:80:14:77:c4:37:45:a0:fb:1a:55:
e2:67:36:56:dc:5a:26:2c:e5:7f:e1:fb:bd:28:fc:
52:a7:0e:ad:20:04:d3:5f:59:ec:09:5a:69:d3:f1:
d5:75:0b:7e:37:38:ec:63:5c:b3:01:8d:f6:30:84:
95:c3:63:c0:2b:a7:02:68:a7:8b:13:32:41:af:b1:
7a:c7:b1:fd:a4:6b:3c:c1:74:cb:21:1f:59:2e:f6:
2a:15:8b:56:e9:21:e0:d3:cd:4f:7e:02:40:0a:80:
9b:d5:3e:d5:99:99:eb:80:dd:74:c7:88:7c:f3:b1:
ee:a0:9d:f2:44:db:83:98:ed:b3:63:2e:c4:4f:13:
b8:9c:f6:42:94:e8:c9:72:a6:4b:33:15:ab:2d:e2:
a1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:6C:F3:A0:05:45:A6:47:68:D6:35:D6:33:9B:99:E8:91:23:B8:50
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5EEDB5FC79E411EC99DA1B51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.68.240.0/22
Signature Algorithm: sha256WithRSAEncryption
16:e4:5c:7f:28:5f:b6:30:40:d0:b9:2d:60:b6:fe:98:7f:79:
0e:b5:21:1a:88:31:d5:51:89:4c:9d:22:25:70:3a:57:b3:5c:
bb:14:09:f4:af:a2:78:06:13:0f:b3:6c:fb:21:81:95:02:94:
be:1b:90:e8:a6:e3:4c:70:08:cb:f6:66:d2:e9:29:64:93:64:
e4:b3:25:90:fc:df:89:a0:7e:1a:55:2d:1c:d7:eb:20:ae:4b:
61:b9:c1:d3:c5:dd:27:34:a1:8f:a5:5e:2a:51:73:17:35:50:
90:9f:2b:8d:38:29:91:4d:28:30:95:8a:9d:4c:1c:8a:28:61:
75:e3:99:76:37:2d:74:d0:41:4f:e5:e3:00:69:1b:ec:ef:a2:
fa:a4:4c:11:48:68:a1:d6:82:84:2d:5e:fd:ba:d5:8b:48:96:
d1:55:b4:b3:b2:67:04:fa:5d:fa:af:bb:61:e6:9d:95:3a:08:
33:08:e4:ba:24:3b:75:8e:f0:7e:37:bf:ef:df:d5:d7:81:a5:
68:cb:e7:e7:df:33:ab:6a:b5:29:51:db:d7:b4:e8:70:83:2e:
10:ee:11:e5:c2:e2:04:eb:9d:94:8d:48:90:4c:ab:e6:52:1d:
59:4f:03:e7:bc:05:0b:f6:43:f3:0c:97:9d:96:ab:23:75:10:
e2:c1:c1:ad
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICRoYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzNjQxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5Mjc0OC04NTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy4MDztpZk7ednSs5OKu2U4tgt3cHLYzWI++3XZWfNewajGvIDOWrGUbFxr+8
1htvF5ky2Op1nE9gBrz7Bbj/m9c7ZLzZONewNkGxcEMW4YbSUUq5OQqmcnCtIsi4
GSUZ8Cl+fSbCxUvn++0734AUd8Q3RaD7GlXiZzZW3FomLOV/4fu9KPxSpw6tIATT
X1nsCVpp0/HVdQt+NzjsY1yzAY32MISVw2PAK6cCaKeLEzJBr7F6x7H9pGs8wXTL
IR9ZLvYqFYtW6SHg081PfgJACoCb1T7VmZnrgN10x4h887HuoJ3yRNuDmO2zYy7E
TxO4nPZClOjJcqZLMxWrLeKhAwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNBs86AF
RaZHaNY11jObmeiRI7hQMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNUVFREI1RkM3
OUU0MTFFQzk5REExQjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnRPAwDQYJKoZIhvcNAQELBQADggEBABbkXH8oX7YwQNC5
LWC2/ph/eQ61IRqIMdVRiUydIiVwOlezXLsUCfSvongGEw+zbPshgZUClL4bkOim
40xwCMv2ZtLpKWSTZOSzJZD834mgfhpVLRzX6yCuS2G5wdPF3Sc0oY+lXipRcxc1
UJCfK404KZFNKDCVip1MHIooYXXjmXY3LXTQQU/l4wBpG+zvovqkTBFIaKHWgoQt
Xv261YtIltFVtLOyZwT6Xfqvu2HmnZU6CDMI5LokO3WO8H43v+/f1deBpWjL5+ff
M6tqtSlR29e06HCDLhDuEeXC4gTrnZSNSJBMq+ZSHVlPA+e8BQv2Q/MMl52WqyN1
EOLBwa0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:25:03 2025 by rpki-client