Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/C889D8ACD57B11EE8A138764C4F9AE02.roa
File: C889D8ACD57B11EE8A138764C4F9AE02.roa (raw, json)
Hash identifier: 4Gs0gr5yMX2N5fRtZV6OIm1LSHa3cDViXYa6Y4VI+ZA=
Subject key identifier: 9A:25:92:C9:D4:8A:E9:5C:B5:14:3C:89:17:E1:0B:C2:49:FD:55:2B
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4553
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/C889D8ACD57B11EE8A138764C4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:32:15 +0000
ROA not before: Thu 05 Sep 2024 03:32:15 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 131422
IP address blocks: 103.61.120.0/23 maxlen: 24
2001:df1:e5c0::/47 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17747 (0x4553)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:32:15 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d9263f-4c40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1b:3d:fd:a0:ef:86:62:40:47:31:8f:52:a4:
85:9f:c6:7f:7a:75:de:ed:72:dd:60:4e:36:b4:90:
67:6f:05:10:9f:3c:36:34:47:a6:24:2c:78:86:7a:
4f:18:da:f8:e3:14:b2:10:eb:63:5a:3f:e9:be:60:
e7:e2:b9:33:4b:51:d2:66:19:7b:64:42:7c:b9:0f:
98:dc:76:5e:d0:ce:a2:98:ab:51:59:57:6e:39:68:
dd:bc:e0:0b:24:c1:ff:60:c3:e6:2e:c3:60:9c:d5:
68:77:ab:bd:14:10:80:51:ac:23:6a:ce:08:6f:41:
26:b1:4d:05:e0:e7:b1:44:54:fb:c4:be:08:a0:f2:
98:d1:2c:eb:b3:cf:74:27:d8:45:76:5b:89:19:32:
e7:46:cb:74:69:91:77:0e:c0:cb:5e:2f:a6:f6:64:
1e:e8:74:81:92:20:b9:b8:d1:d9:be:24:16:06:7e:
2e:3e:f4:45:b9:5d:53:dd:7b:d0:76:62:e2:85:dc:
13:bc:f1:d3:4e:8a:d4:fe:a8:63:66:9a:59:2c:9c:
60:23:c4:0a:80:73:c9:0b:9a:4e:3d:c6:28:21:41:
5e:84:a3:56:20:c6:91:3f:35:01:c7:0d:1f:1d:c1:
ae:d8:e6:56:f6:3f:ea:2c:e8:6a:4d:d9:30:3e:b6:
23:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:25:92:C9:D4:8A:E9:5C:B5:14:3C:89:17:E1:0B:C2:49:FD:55:2B
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/C889D8ACD57B11EE8A138764C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.61.120.0/23
IPv6:
2001:df1:e5c0::/47
Signature Algorithm: sha256WithRSAEncryption
3f:e0:ac:b8:90:a7:5e:86:f1:8e:81:96:69:9c:16:a4:a4:9a:
77:1f:e3:a5:50:7f:5b:22:ac:52:03:90:97:e5:4d:90:e2:6e:
78:06:b9:2e:39:54:15:eb:d5:38:14:e1:10:c6:36:07:eb:8c:
f9:4a:c7:e0:ad:32:d5:4a:9c:fb:0d:3e:65:99:43:b2:3b:7a:
46:02:fe:94:5f:e2:6c:3d:6c:d3:33:55:6b:19:7f:68:33:96:
17:b8:24:30:9b:f6:a4:38:54:62:aa:e9:ae:54:ff:b2:b7:3c:
be:96:4b:e9:c3:db:19:c5:3c:0f:56:3f:5d:3e:ad:ca:7a:5c:
1f:a2:43:fb:23:ab:37:2a:c2:0f:3f:29:6d:fd:90:1d:c2:b2:
a3:0c:3e:f6:58:ef:cf:34:99:47:6b:f3:12:49:8c:31:3b:8d:
58:18:ea:b8:5b:40:d9:f9:b4:45:3c:4a:79:3b:ab:77:ef:08:
d4:2e:ff:d0:99:3e:4b:f7:dc:3d:01:4a:87:ec:52:73:07:a0:
eb:35:78:d9:45:c0:2a:4c:ec:1c:5a:9d:b0:2a:c4:42:e3:30:
4c:1d:4e:4b:75:71:dc:3f:d8:75:ad:eb:9a:36:9c:a9:cb:f9:
65:04:0d:de:d0:df:6b:88:3c:a5:9e:eb:fe:fb:7f:9a:fb:6d:
f2:a4:e1:34
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICRVMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzMjE1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjYzZi00YzQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Bs9/aDvhmJARzGPUqSFn8Z/enXe7XLdYE42tJBnbwUQnzw2NEemJCx4hnpP
GNr44xSyEOtjWj/pvmDn4rkzS1HSZhl7ZEJ8uQ+Y3HZe0M6imKtRWVduOWjdvOAL
JMH/YMPmLsNgnNVod6u9FBCAUawjas4Ib0EmsU0F4OexRFT7xL4IoPKY0Szrs890
J9hFdluJGTLnRst0aZF3DsDLXi+m9mQe6HSBkiC5uNHZviQWBn4uPvRFuV1T3XvQ
dmLihdwTvPHTTorU/qhjZppZLJxgI8QKgHPJC5pOPcYoIUFehKNWIMaRPzUBxw0f
HcGu2OZW9j/qLOhqTdkwPrYjuwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJolksnU
iulctRQ8iRfhC8JJ/VUrMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQzg4OUQ4QUNE
NTdCMTFFRThBMTM4NzY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnPXgwDwQCAAIwCQMHASABDfHlwDANBgkqhkiG9w0BAQsF
AAOCAQEAP+CsuJCnXobxjoGWaZwWpKSadx/jpVB/WyKsUgOQl+VNkOJueAa5LjlU
FevVOBThEMY2B+uM+UrH4K0y1Uqc+w0+ZZlDsjt6RgL+lF/ibD1s0zNVaxl/aDOW
F7gkMJv2pDhUYqrprlT/src8vpZL6cPbGcU8D1Y/XT6tynpcH6JD+yOrNyrCDz8p
bf2QHcKyoww+9ljvzzSZR2vzEkmMMTuNWBjquFtA2fm0RTxKeTurd+8I1C7/0Jk+
S/fcPQFKh+xScweg6zV42UXAKkzsHFqdsCrEQuMwTB1OS3Vx3D/Yda3rmjacqcv5
ZQQN3tDfa4g8pZ7r/vt/mvtt8qThNA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:38:13 2025 by rpki-client