Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BE146/E41AB42ABD3111EBBFC3F921C4F9AE02/DD46BB92EDAB11EDBE91BB82C4F9AE02.roa
File: DD46BB92EDAB11EDBE91BB82C4F9AE02.roa (raw, json)
Hash identifier: MOIHpu8yaAlVgpY/b48solf6qjsmEw595zgX9OcUp78=
Subject key identifier: A2:61:60:32:FE:BA:54:6F:CC:FC:10:87:3B:0A:FF:C0:8F:46:76:F5
Certificate issuer: /CN=A91BE146/serialNumber=43EA3A2DC08C5E1F2CD68411644A05C076E88C08
Certificate serial: 0597
Authority key identifier: 43:EA:3A:2D:C0:8C:5E:1F:2C:D6:84:11:64:4A:05:C0:76:E8:8C:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-o6LcCMXh8s1oQRZEoFwHbojAg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BE146/E41AB42ABD3111EBBFC3F921C4F9AE02/DD46BB92EDAB11EDBE91BB82C4F9AE02.roa
Signing time: Tue 17 Dec 2024 10:55:12 +0000
ROA not before: Tue 17 Dec 2024 10:55:12 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 11158
IP address blocks: 117.103.120.0/24 maxlen: 24
117.103.121.0/24 maxlen: 24
117.103.122.0/24 maxlen: 24
117.103.123.0/24 maxlen: 24
117.103.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1431 (0x597)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BE146
Validity
Not Before: Dec 17 10:55:12 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67615890-5b2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:09:49:57:0d:8e:b2:48:5a:29:1f:fd:c6:b3:
c8:5e:52:37:e6:14:f0:b5:e2:7b:34:19:63:42:60:
3d:71:5a:2f:0b:ff:b0:62:2a:05:f0:63:26:9e:42:
e8:98:4c:27:dc:f5:98:08:59:44:e0:74:26:ca:6b:
48:79:8d:b0:bc:83:0b:83:7d:9f:d8:50:bd:e1:94:
63:41:10:03:9c:57:eb:73:e6:9f:7b:dd:77:bf:d0:
c9:79:a0:68:ff:88:ab:c5:07:a9:44:d2:f6:22:c9:
28:0a:ed:ac:49:f2:dc:c9:a6:e9:79:b6:7b:39:7c:
9c:1d:66:bd:1c:32:04:4a:47:be:b5:ff:a7:eb:b2:
20:55:26:eb:38:9a:e1:20:ac:78:e2:c5:14:78:d9:
f3:aa:2e:c2:cd:08:72:b7:3b:3e:b0:ed:93:23:ed:
e0:d6:13:a9:89:f3:a0:f4:01:b7:5a:2e:6c:cb:ab:
d3:6a:02:ca:3d:41:dd:64:37:10:d6:97:99:f1:55:
43:26:e6:db:6c:16:2b:de:1e:91:4a:bc:d9:bc:20:
dc:24:52:09:1f:a0:ac:b7:73:16:83:1e:fa:57:8d:
5d:82:ec:85:00:1a:b9:16:72:c2:3f:92:eb:43:a0:
43:38:19:9f:f6:d5:ab:d0:5a:82:42:05:1e:92:05:
25:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:61:60:32:FE:BA:54:6F:CC:FC:10:87:3B:0A:FF:C0:8F:46:76:F5
X509v3 Authority Key Identifier:
keyid:43:EA:3A:2D:C0:8C:5E:1F:2C:D6:84:11:64:4A:05:C0:76:E8:8C:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BE146/E41AB42ABD3111EBBFC3F921C4F9AE02/Q-o6LcCMXh8s1oQRZEoFwHbojAg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-o6LcCMXh8s1oQRZEoFwHbojAg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BE146/E41AB42ABD3111EBBFC3F921C4F9AE02/DD46BB92EDAB11EDBE91BB82C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.103.120.0/22
117.103.127.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:7e:bf:c9:62:da:02:4d:24:b2:86:65:6e:46:a0:c8:d6:b8:
8d:89:b8:33:2f:f7:c6:c5:d2:f0:f9:2e:42:2b:2a:4d:24:30:
59:06:f9:fb:4a:d5:08:27:0c:e0:b7:9d:0f:a7:42:cd:7c:a3:
b6:5b:62:a3:c9:6e:61:95:40:bb:81:0a:7e:45:4c:31:94:81:
ff:1b:ce:a0:a5:f5:00:6b:32:d6:8a:74:7e:d2:29:8b:cb:10:
83:9c:3e:fb:f9:5a:b8:bc:0e:da:2f:f6:6a:81:1b:5d:97:d3:
23:66:1b:f5:8b:ee:31:d7:7a:e7:49:37:ea:e3:48:5a:c4:63:
17:2d:33:35:70:6b:0f:17:53:9c:a4:3e:2f:18:d4:d5:ba:0c:
34:82:a6:84:35:e3:8a:9b:ca:cd:5d:33:53:61:60:52:e4:fd:
b7:69:f4:5c:f1:13:56:f2:d0:74:7c:74:05:82:12:81:e0:ff:
5f:ac:41:48:7b:88:df:4f:fd:53:b3:04:a2:67:60:f6:13:6e:
d7:90:0b:e5:b4:0f:6c:fa:9f:f0:79:ee:1d:e6:46:8e:01:4d:
7e:92:8f:f5:2b:bf:35:37:4c:dc:85:7c:d8:ca:4d:9e:7d:10:
87:ec:db:0d:51:ad:a7:b3:a2:4b:c9:46:80:70:32:b3:dc:66:
84:c1:b9:46
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkUxNDYxMTAvBgNVBAUTKDQzRUEzQTJEQzA4QzVFMUYyQ0Q2ODQxMTY0NEEwNUMw
NzZFODhDMDgwHhcNMjQxMjE3MTA1NTEyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYxNTg5MC01YjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtglJVw2OskhaKR/9xrPIXlI35hTwteJ7NBljQmA9cVovC/+wYioF8GMmnkLo
mEwn3PWYCFlE4HQmymtIeY2wvIMLg32f2FC94ZRjQRADnFfrc+afe913v9DJeaBo
/4irxQepRNL2IskoCu2sSfLcyabpebZ7OXycHWa9HDIESke+tf+n67IgVSbrOJrh
IKx44sUUeNnzqi7CzQhytzs+sO2TI+3g1hOpifOg9AG3Wi5sy6vTagLKPUHdZDcQ
1peZ8VVDJubbbBYr3h6RSrzZvCDcJFIJH6Cst3MWgx76V41dguyFABq5FnLCP5Lr
Q6BDOBmf9tWr0FqCQgUekgUlnQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKJhYDL+
ulRvzPwQhzsK/8CPRnb1MB8GA1UdIwQYMBaAFEPqOi3AjF4fLNaEEWRKBcB26IwI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRTE0Ni9FNDFBQjQyQUJE
MzExMUVCQkZDM0Y5MjFDNEY5QUUwMi9RLW82TGNDTVhoOHMxb1FSWkVvRndIYm9q
QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1EtbzZMY0NNWGg4czFvUVJaRW9Gd0hib2pBZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkUxNDYvRTQxQUI0MkFCRDMxMTFFQkJGQzNGOTIxQzRGOUFFMDIvREQ0NkJCOTJF
REFCMTFFREJFOTFCQjgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJ1Z3gDBAB1Z38wDQYJKoZIhvcNAQELBQADggEBAMh+v8li
2gJNJLKGZW5GoMjWuI2JuDMv98bF0vD5LkIrKk0kMFkG+ftK1QgnDOC3nQ+nQs18
o7ZbYqPJbmGVQLuBCn5FTDGUgf8bzqCl9QBrMtaKdH7SKYvLEIOcPvv5Wri8Dtov
9mqBG12X0yNmG/WL7jHXeudJN+rjSFrEYxctMzVwaw8XU5ykPi8Y1NW6DDSCpoQ1
44qbys1dM1NhYFLk/bdp9FzxE1by0HR8dAWCEoHg/1+sQUh7iN9P/VOzBKJnYPYT
bteQC+W0D2z6n/B57h3mRo4BTX6Sj/UrvzU3TNyFfNjKTZ59EIfs2w1RraezokvJ
RoBwMrPcZoTBuUY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:02:44 2025 by rpki-client