Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/CA888654D0E011EC9E5ACC1CC4F9AE02.roa
File: CA888654D0E011EC9E5ACC1CC4F9AE02.roa (raw, json)
Hash identifier: 4by10ick3aOPoEwL9MxmYZych/O61DB95JCCfpjs2l0=
Subject key identifier: 43:BA:EF:2B:D5:0A:A9:0A:C6:96:C0:78:99:D6:93:E5:DE:0C:B7:E7
Certificate issuer: /CN=A91B4357/serialNumber=CB1656811D08457993E8D81B9F9798DAD616971A
Certificate serial: 0420
Authority key identifier: CB:16:56:81:1D:08:45:79:93:E8:D8:1B:9F:97:98:DA:D6:16:97:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/CA888654D0E011EC9E5ACC1CC4F9AE02.roa
Signing time: Fri 25 Oct 2024 00:43:58 +0000
ROA not before: Fri 25 Oct 2024 00:43:58 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 58511
IP address blocks: 103.73.84.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1056 (0x420)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B4357
Validity
Not Before: Oct 25 00:43:58 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=671ae9ce-4718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:05:dc:96:ac:e1:21:e4:ee:6a:9e:1b:6f:f6:
02:e1:b8:46:77:e7:d1:04:b0:7f:a2:d4:b1:e3:d8:
79:d2:a5:b1:69:88:09:86:f0:8d:b4:f9:1c:25:3c:
85:7f:d2:ef:2d:e0:ff:a1:79:67:a5:0b:77:5b:e1:
ce:21:fd:b2:5d:f2:3a:ac:b3:00:03:be:3e:2f:78:
12:e8:9c:bf:cb:96:3c:9f:48:07:1d:80:7b:50:e8:
ff:5d:9a:67:65:90:e7:9d:be:14:54:43:20:b1:1b:
6b:66:72:12:16:19:3c:cc:08:41:62:8d:a7:c9:18:
f4:14:0f:c4:eb:8c:57:cb:05:0c:3a:9f:fd:07:7c:
52:ef:d8:d9:bf:d3:50:9f:72:5f:2a:f0:93:6f:44:
23:dd:26:3b:fe:e6:cd:b3:b7:b8:01:bb:88:9d:c2:
da:81:0a:40:57:07:c9:67:3e:4f:48:9f:c7:e5:34:
e9:96:78:23:c2:3d:9f:88:4f:7a:fb:3a:a2:53:49:
e0:88:ad:d1:7a:51:b5:d7:c5:d5:68:85:65:f5:96:
ad:20:36:3b:c4:d5:76:b4:90:77:9a:0f:3e:24:7f:
64:5a:62:c4:b4:26:7e:4d:6a:2c:e6:23:75:a9:8f:
7b:2f:c2:05:a8:f5:4a:b7:81:2f:f8:40:ce:6b:a3:
15:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BA:EF:2B:D5:0A:A9:0A:C6:96:C0:78:99:D6:93:E5:DE:0C:B7:E7
X509v3 Authority Key Identifier:
keyid:CB:16:56:81:1D:08:45:79:93:E8:D8:1B:9F:97:98:DA:D6:16:97:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/CA888654D0E011EC9E5ACC1CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.73.84.0/23
Signature Algorithm: sha256WithRSAEncryption
10:ec:67:72:c0:ce:fc:f2:a6:67:e4:a8:ce:54:dd:ff:ed:d3:
94:79:5d:39:b7:72:97:b7:c7:9d:d7:8f:c1:c0:01:07:d3:c8:
8b:bb:24:ee:6d:34:d0:4d:4e:fe:cc:ec:78:e8:83:65:1d:5d:
7e:f0:f1:0e:8d:18:c9:9e:ed:48:bf:9a:67:a0:8e:56:37:44:
f5:9e:d7:b6:a3:ad:0e:52:6f:21:c7:4d:00:cd:a9:17:ed:82:
19:1f:0a:98:cc:6c:4a:ab:1c:0e:58:2c:9d:2c:6e:f1:35:25:
28:65:c8:cd:89:c5:19:81:54:6d:57:14:dd:3e:d6:25:af:88:
0e:5a:20:77:68:a7:9c:45:58:aa:da:69:3d:41:e6:2e:55:0c:
57:8a:2c:47:45:8a:49:a7:72:13:38:1c:e4:20:e4:be:7c:38:
16:c3:af:10:b1:c4:1c:59:70:95:41:c8:d2:4c:9b:97:37:07:
4d:ce:43:ce:f1:b5:5f:d7:b1:3e:58:32:f1:ec:66:74:ab:c6:
46:89:fa:61:53:59:90:3f:fd:de:aa:c8:86:e0:9a:91:61:13:
5e:14:c2:b8:c7:a7:05:dc:2b:ef:16:c5:e4:e2:57:12:d6:b5:
d9:99:2d:05:34:7c:c2:d3:db:88:b9:28:d1:4e:f0:33:56:2c:
a5:d9:32:89
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBCAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjQzNTcxMTAvBgNVBAUTKENCMTY1NjgxMUQwODQ1Nzk5M0U4RDgxQjlGOTc5OERB
RDYxNjk3MUEwHhcNMjQxMDI1MDA0MzU4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzFhZTljZS00NzE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxAXclqzhIeTuap4bb/YC4bhGd+fRBLB/otSx49h50qWxaYgJhvCNtPkcJTyF
f9LvLeD/oXlnpQt3W+HOIf2yXfI6rLMAA74+L3gS6Jy/y5Y8n0gHHYB7UOj/XZpn
ZZDnnb4UVEMgsRtrZnISFhk8zAhBYo2nyRj0FA/E64xXywUMOp/9B3xS79jZv9NQ
n3JfKvCTb0Qj3SY7/ubNs7e4AbuIncLagQpAVwfJZz5PSJ/H5TTplngjwj2fiE96
+zqiU0ngiK3RelG118XVaIVl9ZatIDY7xNV2tJB3mg8+JH9kWmLEtCZ+TWos5iN1
qY97L8IFqPVKt4Ev+EDOa6MVWwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEO67yvV
CqkKxpbAeJnWk+XeDLfnMB8GA1UdIwQYMBaAFMsWVoEdCEV5k+jYG5+XmNrWFpca
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDM1Ny9CODRCMTBFQzQ1
QTgxMUVDOEIxNDA1NThDNEY5QUUwMi95eFpXZ1IwSVJYbVQ2TmdibjVlWTJ0WVds
eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3l4WldnUjBJUlhtVDZOZ2JuNWVZMnRZV2x4by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjQzNTcvQjg0QjEwRUM0NUE4MTFFQzhCMTQwNTU4QzRGOUFFMDIvQ0E4ODg2NTRE
MEUwMTFFQzlFNUFDQzFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnSVQwDQYJKoZIhvcNAQELBQADggEBABDsZ3LAzvzypmfk
qM5U3f/t05R5XTm3cpe3x53Xj8HAAQfTyIu7JO5tNNBNTv7M7Hjog2UdXX7w8Q6N
GMme7Ui/mmegjlY3RPWe17ajrQ5SbyHHTQDNqRftghkfCpjMbEqrHA5YLJ0sbvE1
JShlyM2JxRmBVG1XFN0+1iWviA5aIHdop5xFWKraaT1B5i5VDFeKLEdFikmnchM4
HOQg5L58OBbDrxCxxBxZcJVByNJMm5c3B03OQ87xtV/XsT5YMvHsZnSrxkaJ+mFT
WZA//d6qyIbgmpFhE14UwrjHpwXcK+8WxeTiVxLWtdmZLQU0fMLT24i5KNFO8DNW
LKXZMok=
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:28:57 2025 by rpki-client