Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7DFB/C8E5084CEE6F11ED8D18BD52C4F9AE02/D572844EE17211EE9693963BC4F9AE02.roa
File: D572844EE17211EE9693963BC4F9AE02.roa (raw, json)
Hash identifier: FGd51/BezvedANn9LUWtZatupi8OJ5czwJuYjW+ktEI=
Subject key identifier: B1:21:85:0D:6C:F4:09:0D:6D:7E:14:A4:4D:15:32:44:BC:7A:1C:8D
Certificate issuer: /CN=A91C7DFB/serialNumber=DA137F01D70BB1D3E7512E1DE941730225D39570
Certificate serial: AD
Authority key identifier: DA:13:7F:01:D7:0B:B1:D3:E7:51:2E:1D:E9:41:73:02:25:D3:95:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2hN_AdcLsdPnUS4d6UFzAiXTlXA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7DFB/C8E5084CEE6F11ED8D18BD52C4F9AE02/D572844EE17211EE9693963BC4F9AE02.roa
Signing time: Wed 13 Mar 2024 19:49:42 +0000
ROA not before: Wed 13 Mar 2024 19:49:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147303
IP address blocks: 103.134.32.0/24 maxlen: 24
103.134.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173 (0xad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7DFB
Validity
Not Before: Mar 13 19:49:42 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65f20356-4f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4c:82:d5:ad:e0:c0:99:62:4d:91:ec:33:47:
f2:83:fd:19:ab:92:1a:a2:48:e4:25:eb:9e:1a:55:
98:88:1c:e2:dd:bd:d7:d6:f8:d0:20:0d:70:bd:ab:
5c:c6:f8:56:3d:5a:09:5f:ec:1f:4a:7e:e4:bb:47:
13:7a:1f:eb:00:70:67:98:2d:f0:f4:f1:b6:30:dd:
91:52:ae:56:c0:f2:c9:fe:77:a0:7f:d6:36:1a:66:
07:bd:1a:f9:27:8e:5b:09:45:6d:a8:2f:37:25:e8:
5d:e7:f3:0b:55:19:f8:b9:92:bf:8a:51:33:e2:af:
85:2d:f0:31:db:af:e5:a6:88:da:ea:38:4f:58:d3:
20:34:65:45:13:4f:3b:cc:c6:33:ff:25:23:81:6b:
06:7e:17:ec:88:05:57:64:4c:c1:21:a2:57:2c:ba:
f8:ec:21:30:b1:39:b4:cb:e7:21:82:dc:64:99:67:
ce:10:02:f1:6f:35:bb:ad:59:a0:ae:c8:93:54:a8:
88:3f:04:17:4a:09:ca:dd:ea:10:8b:76:b9:43:bb:
55:8e:60:ae:83:0f:83:98:01:73:30:d8:35:10:3d:
56:1f:91:9d:b2:29:36:6c:e4:dc:30:ce:89:44:f1:
84:a3:a3:39:5f:58:b5:3f:51:bc:36:a8:7c:e6:db:
f0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:21:85:0D:6C:F4:09:0D:6D:7E:14:A4:4D:15:32:44:BC:7A:1C:8D
X509v3 Authority Key Identifier:
keyid:DA:13:7F:01:D7:0B:B1:D3:E7:51:2E:1D:E9:41:73:02:25:D3:95:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7DFB/C8E5084CEE6F11ED8D18BD52C4F9AE02/2hN_AdcLsdPnUS4d6UFzAiXTlXA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2hN_AdcLsdPnUS4d6UFzAiXTlXA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7DFB/C8E5084CEE6F11ED8D18BD52C4F9AE02/D572844EE17211EE9693963BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.32.0/23
Signature Algorithm: sha256WithRSAEncryption
be:b9:65:83:7e:56:be:21:0c:3f:34:5a:ea:88:71:15:be:71:
3a:b7:56:c4:65:01:68:f8:9e:1e:17:1d:39:b8:cd:c3:16:d0:
ec:62:1d:8e:ce:3d:07:b4:1e:13:cc:ea:87:c9:69:38:6c:56:
0f:d8:ca:4a:57:83:5a:eb:80:1f:79:c2:42:61:1b:f0:91:e6:
86:33:4e:83:82:ec:69:fa:7e:0a:23:dd:52:a3:f1:b8:36:08:
26:24:a7:27:9f:5a:99:ab:60:e7:50:b5:23:59:18:12:bb:6e:
fb:bf:9e:b1:65:b4:32:a9:0d:9e:c1:50:86:8c:e2:b3:b7:89:
b8:19:77:fc:7f:c2:96:fd:97:59:14:36:9f:db:55:a1:d8:45:
db:cd:ca:66:bf:07:05:00:aa:5b:28:23:99:90:8e:82:d9:ca:
21:32:b4:95:6f:77:20:53:e8:fc:17:5b:e5:a3:d4:68:4c:b4:
c8:4a:df:99:76:f9:6a:76:63:be:87:bc:ba:94:a6:5c:13:89:
26:e5:35:1f:f0:4d:e7:46:f8:dd:cb:31:83:4e:5c:6c:3c:87:
31:cd:73:e2:41:83:8b:05:aa:4a:a3:00:c5:ab:e2:25:b0:5b:
1c:b5:58:30:7b:f0:9e:20:ef:7f:d7:39:e5:59:b3:83:33:ab:
92:aa:5b:33
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzdERkIxMTAvBgNVBAUTKERBMTM3RjAxRDcwQkIxRDNFNzUxMkUxREU5NDE3MzAy
MjVEMzk1NzAwHhcNMjQwMzEzMTk0OTQyWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYyMDM1Ni00ZjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzEyC1a3gwJliTZHsM0fyg/0Zq5IaokjkJeueGlWYiBzi3b3X1vjQIA1wvatc
xvhWPVoJX+wfSn7ku0cTeh/rAHBnmC3w9PG2MN2RUq5WwPLJ/negf9Y2GmYHvRr5
J45bCUVtqC83Jehd5/MLVRn4uZK/ilEz4q+FLfAx26/lpoja6jhPWNMgNGVFE087
zMYz/yUjgWsGfhfsiAVXZEzBIaJXLLr47CEwsTm0y+chgtxkmWfOEALxbzW7rVmg
rsiTVKiIPwQXSgnK3eoQi3a5Q7tVjmCugw+DmAFzMNg1ED1WH5Gdsik2bOTcMM6J
RPGEo6M5X1i1P1G8Nqh85tvwGQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLEhhQ1s
9AkNbX4UpE0VMkS8ehyNMB8GA1UdIwQYMBaAFNoTfwHXC7HT51EuHelBcwIl05Vw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0RGQi9DOEU1MDg0Q0VF
NkYxMUVEOEQxOEJENTJDNEY5QUUwMi8yaE5fQWRjTHNkUG5VUzRkNlVGekFpWFRs
WEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJoTl9BZGNMc2RQblVTNGQ2VUZ6QWlYVGxYQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdERkIvQzhFNTA4NENFRTZGMTFFRDhEMThCRDUyQzRGOUFFMDIvRDU3Mjg0NEVF
MTcyMTFFRTk2OTM5NjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnhiAwDQYJKoZIhvcNAQELBQADggEBAL65ZYN+Vr4hDD80
WuqIcRW+cTq3VsRlAWj4nh4XHTm4zcMW0OxiHY7OPQe0HhPM6ofJaThsVg/YykpX
g1rrgB95wkJhG/CR5oYzToOC7Gn6fgoj3VKj8bg2CCYkpyefWpmrYOdQtSNZGBK7
bvu/nrFltDKpDZ7BUIaM4rO3ibgZd/x/wpb9l1kUNp/bVaHYRdvNyma/BwUAqlso
I5mQjoLZyiEytJVvdyBT6PwXW+Wj1GhMtMhK35l2+Wp2Y76HvLqUplwTiSblNR/w
TedG+N3LMYNOXGw8hzHNc+JBg4sFqkqjAMWr4iWwWxy1WDB78J4g73/XOeVZs4Mz
q5KqWzM=
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:48:24 2025 by rpki-client