Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/0D1317404AC611EE9D8A2271C4F9AE02.roa
File: 0D1317404AC611EE9D8A2271C4F9AE02.roa (raw, json)
Hash identifier: sIsrUeF6FDzfKJ8ZDUjNFPkIKj3Qu1b9Sx499+OZjvQ=
Subject key identifier: 87:B4:63:8C:B4:76:4A:60:3B:8E:8A:CC:33:08:02:A9:08:CA:9E:7E
Certificate issuer: /CN=A91BB07D/serialNumber=D4310690DCEB7EE4A18DA3579ACAD174818646A3
Certificate serial: 04
Authority key identifier: D4:31:06:90:DC:EB:7E:E4:A1:8D:A3:57:9A:CA:D1:74:81:86:46:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DEGkNzrfuShjaNXmsrRdIGGRqM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/0D1317404AC611EE9D8A2271C4F9AE02.roa
Signing time: Mon 04 Sep 2023 01:54:58 +0000
ROA not before: Mon 04 Sep 2023 01:54:58 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 10062
IP address blocks: 103.117.136.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BB07D
Validity
Not Before: Sep 4 01:54:58 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64f538f2-9a64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:3e:7b:e4:63:0e:a9:18:35:82:ee:1e:9e:c0:
e7:e7:71:ef:67:21:d4:fa:aa:4e:61:f4:39:56:10:
81:52:07:69:8a:5f:2a:41:58:c1:b1:f4:59:a3:12:
cc:3e:b8:ab:3f:5b:79:de:60:09:5c:6e:93:e5:19:
92:4c:49:53:fc:f5:09:75:6d:a4:e1:36:c6:d3:ae:
53:09:05:24:bc:14:31:6e:ec:08:46:21:db:c9:60:
9f:43:84:c8:86:4f:e1:4a:62:95:76:ee:e8:34:c7:
38:34:6d:8c:16:ee:1b:21:68:f0:b4:21:ff:0a:76:
0c:4b:30:f5:b3:70:12:6b:3c:e9:55:ee:b8:7e:27:
98:57:8e:54:56:02:29:a9:5a:e8:b4:e9:e5:57:b3:
0b:4a:98:c6:c6:08:ed:b2:f9:fa:8c:29:c5:89:fd:
03:33:9c:0b:74:03:b2:bf:c2:28:b6:f2:8c:1f:11:
c4:91:4c:90:06:c3:76:fd:c8:d4:92:38:60:c9:f5:
f3:2b:23:50:db:b1:fe:72:5c:96:0c:f1:95:21:00:
8e:37:3c:59:42:cb:05:8d:52:15:b0:16:eb:04:5c:
20:48:1c:8a:c7:55:ab:ad:a2:e1:0b:ba:3f:63:1c:
35:3c:2f:8c:0f:12:30:97:ce:37:7d:4f:42:ce:5a:
d5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B4:63:8C:B4:76:4A:60:3B:8E:8A:CC:33:08:02:A9:08:CA:9E:7E
X509v3 Authority Key Identifier:
keyid:D4:31:06:90:DC:EB:7E:E4:A1:8D:A3:57:9A:CA:D1:74:81:86:46:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/1DEGkNzrfuShjaNXmsrRdIGGRqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DEGkNzrfuShjaNXmsrRdIGGRqM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/0D1317404AC611EE9D8A2271C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.136.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:2d:44:f0:34:49:81:cf:90:55:9e:e7:d6:72:00:ea:ad:ab:
fc:db:3d:c4:37:98:7a:91:32:9e:b8:a3:a0:eb:15:af:62:6d:
61:73:d8:91:53:78:1f:b5:90:89:d4:25:7b:e9:e4:14:f0:3b:
1f:5d:ba:53:5a:1e:47:96:b4:18:9a:2d:48:10:e2:bf:74:a4:
19:83:28:c1:83:81:76:ae:bd:bb:bd:d6:5a:e9:12:ab:52:8e:
5d:48:e7:4f:d7:7d:72:d4:1f:64:25:80:a9:5e:6d:f2:c3:3d:
91:68:5c:40:ba:fd:d3:1a:53:b4:d1:8f:35:88:94:e3:dd:f9:
30:e8:d3:7f:7f:b4:40:de:bc:b0:c7:72:68:e2:c9:f9:8f:cb:
fd:33:97:a8:e3:5e:26:10:95:34:29:2f:88:c4:1e:43:db:d0:
79:61:5b:bf:be:5a:9b:9a:5d:c1:30:7b:bd:03:a4:39:e7:a1:
cf:ee:ad:8e:9c:58:e8:be:a1:49:e8:ee:df:89:a4:8d:19:a5:
d5:b4:be:36:3c:a3:5c:1c:c3:8a:fd:da:0f:a9:d8:13:e8:8a:
15:58:84:be:57:5b:29:5d:e9:42:17:3a:23:29:54:3a:d7:89:
6e:54:b0:30:ac:99:a8:07:cc:4e:7c:43:58:84:69:ed:5d:95:
37:6a:7a:0c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
QjA3RDExMC8GA1UEBRMoRDQzMTA2OTBEQ0VCN0VFNEExOERBMzU3OUFDQUQxNzQ4
MTg2NDZBMzAeFw0yMzA5MDQwMTU0NThaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZjUzOGYyLTlhNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD3PnvkYw6pGDWC7h6ewOfnce9nIdT6qk5h9DlWEIFSB2mKXypBWMGx9FmjEsw+
uKs/W3neYAlcbpPlGZJMSVP89Ql1baThNsbTrlMJBSS8FDFu7AhGIdvJYJ9DhMiG
T+FKYpV27ug0xzg0bYwW7hshaPC0If8KdgxLMPWzcBJrPOlV7rh+J5hXjlRWAimp
Wui06eVXswtKmMbGCO2y+fqMKcWJ/QMznAt0A7K/wii28owfEcSRTJAGw3b9yNSS
OGDJ9fMrI1Dbsf5yXJYM8ZUhAI43PFlCywWNUhWwFusEXCBIHIrHVautouELuj9j
HDU8L4wPEjCXzjd9T0LOWtUVAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUh7RjjLR2
SmA7jorMMwgCqQjKnn4wHwYDVR0jBBgwFoAU1DEGkNzrfuShjaNXmsrRdIGGRqMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJCMDdEL0U5QjQ4NTNDNEFD
NDExRUU5ODM5Mzg2RkM0RjlBRTAyLzFERUdrTnpyZnVTaGphTlhtc3JSZElHR1Jx
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMURFR2tOenJmdVNoamFOWG1zclJkSUdHUnFNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
QjA3RC9FOUI0ODUzQzRBQzQxMUVFOTgzOTM4NkZDNEY5QUUwMi8wRDEzMTc0MDRB
QzYxMUVFOUQ4QTIyNzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWd1iDANBgkqhkiG9w0BAQsFAAOCAQEADC1E8DRJgc+QVZ7n
1nIA6q2r/Ns9xDeYepEynrijoOsVr2JtYXPYkVN4H7WQidQle+nkFPA7H126U1oe
R5a0GJotSBDiv3SkGYMowYOBdq69u73WWukSq1KOXUjnT9d9ctQfZCWAqV5t8sM9
kWhcQLr90xpTtNGPNYiU4935MOjTf3+0QN68sMdyaOLJ+Y/L/TOXqONeJhCVNCkv
iMQeQ9vQeWFbv75am5pdwTB7vQOkOeehz+6tjpxY6L6hSeju34mkjRml1bS+Njyj
XBzDiv3aD6nYE+iKFViEvldbKV3pQhc6IylUOteJblSwMKyZqAfMTnxDWIRp7V2V
N2p6DA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 20:17:51 2025 by rpki-client