Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDD3F/C1A47FD895AF11E6B7854371C4F9AE02/AE58A24695B011E696EFE472C4F9AE02.roa
File: AE58A24695B011E696EFE472C4F9AE02.roa (raw, json)
Hash identifier: iaqQr5dNZ60TDLIhN3MftiKcnJuy69N4C5+umHfRLFA=
Subject key identifier: D5:60:ED:DB:40:0A:D4:68:DC:51:24:22:EF:A5:16:C5:22:C0:31:EE
Certificate issuer: /CN=A91DDD3F/serialNumber=A7E4134D9B11DEAB75B11791D55E39D1744E0BF1
Certificate serial: 1D6C
Authority key identifier: A7:E4:13:4D:9B:11:DE:AB:75:B1:17:91:D5:5E:39:D1:74:4E:0B:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-QTTZsR3qt1sReR1V450XROC_E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DDD3F/C1A47FD895AF11E6B7854371C4F9AE02/AE58A24695B011E696EFE472C4F9AE02.roa
Signing time: Thu 28 Nov 2024 16:33:43 +0000
ROA not before: Thu 28 Nov 2024 16:33:43 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 133156
IP address blocks: 103.75.23.0/24 maxlen: 24
2001:df5:2200::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7532 (0x1d6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DDD3F
Validity
Not Before: Nov 28 16:33:43 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67489b67-3641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:53:69:56:5f:f5:60:0f:67:f5:f4:6c:e4:e6:
2c:e2:51:b8:0c:f5:1f:c4:42:aa:42:8d:6c:74:f1:
2c:e5:62:2f:b6:c4:05:ba:49:77:9c:dd:0a:6c:65:
87:df:d1:ed:63:7f:a2:ed:76:1f:01:5c:23:cc:5f:
71:2b:05:33:f9:d6:5b:f9:fe:a9:da:f4:d3:22:7c:
48:93:a4:af:94:5b:33:2e:ac:97:ec:6c:04:16:39:
0a:b1:bf:f1:a4:75:ec:69:50:f5:1d:bf:38:8a:3f:
17:79:c2:f2:8b:df:47:56:e6:96:37:a6:d1:a2:7c:
25:c5:15:4e:f2:77:7f:07:c0:d8:fe:68:78:67:1a:
d6:83:0d:63:53:29:47:1d:7a:a9:2d:34:45:94:5b:
53:74:f1:00:23:6c:ea:a7:05:2e:b5:b2:2c:3a:38:
e3:0a:04:62:ea:75:bb:f1:b9:c3:96:76:e9:17:42:
15:89:1d:3c:21:75:cc:22:08:22:85:d5:2d:bc:44:
64:da:94:14:23:b3:b1:cd:10:af:c2:da:20:e9:73:
31:34:db:7a:da:16:5b:d8:2e:6e:eb:b3:64:ab:82:
bf:d7:99:d5:13:5e:54:cd:f3:41:55:d2:72:b8:54:
ea:19:26:0e:f2:c4:24:53:5e:13:2e:1e:0a:ee:b7:
75:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:60:ED:DB:40:0A:D4:68:DC:51:24:22:EF:A5:16:C5:22:C0:31:EE
X509v3 Authority Key Identifier:
keyid:A7:E4:13:4D:9B:11:DE:AB:75:B1:17:91:D5:5E:39:D1:74:4E:0B:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DDD3F/C1A47FD895AF11E6B7854371C4F9AE02/p-QTTZsR3qt1sReR1V450XROC_E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-QTTZsR3qt1sReR1V450XROC_E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDD3F/C1A47FD895AF11E6B7854371C4F9AE02/AE58A24695B011E696EFE472C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.75.23.0/24
IPv6:
2001:df5:2200::/48
Signature Algorithm: sha256WithRSAEncryption
54:c2:c6:ad:29:1d:88:07:19:31:89:a5:53:6e:cd:f7:ef:5a:
48:1f:61:39:43:5e:47:7f:6c:13:3d:c7:8a:82:21:14:34:06:
14:49:e9:fe:b7:22:6b:36:6e:ec:c6:c0:e7:c6:17:16:9f:52:
d2:be:f4:db:16:7e:23:44:81:bd:d3:33:d6:92:d7:2c:96:3b:
87:a1:cb:47:8b:d4:06:bd:d1:bb:a4:86:bf:5d:95:14:4f:d1:
aa:d4:44:37:ec:0c:c8:b0:e8:fe:db:3f:5d:7e:cb:b7:0b:44:
78:a9:e2:38:20:e6:29:2d:ef:8d:90:31:e7:2c:4a:e9:d5:b5:
b5:22:5c:5a:bc:07:6e:eb:e5:50:80:26:f0:52:1e:7e:a1:33:
40:40:5f:ac:23:8d:6c:ee:7c:d4:0c:ea:13:b4:c1:13:16:1e:
42:7c:e3:84:a5:57:8a:a7:63:38:71:14:50:d7:6f:23:14:14:
93:29:09:75:86:95:e5:7e:bc:14:d9:dc:4d:57:83:c4:0c:a1:
e2:fa:19:41:15:c1:34:04:16:67:17:b4:95:9f:9e:26:03:3b:
bb:3a:44:61:d3:0f:5d:c7:73:af:7b:4d:3c:30:39:72:75:95:
2f:fe:a3:8a:f5:13:99:c3:fc:7c:ea:b0:66:4e:5b:25:2f:d8:
f9:82:85:29
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICHWwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REREM0YxMTAvBgNVBAUTKEE3RTQxMzREOUIxMURFQUI3NUIxMTc5MUQ1NUUzOUQx
NzQ0RTBCRjEwHhcNMjQxMTI4MTYzMzQzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ4OWI2Ny0zNjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr1NpVl/1YA9n9fRs5OYs4lG4DPUfxEKqQo1sdPEs5WIvtsQFukl3nN0KbGWH
39HtY3+i7XYfAVwjzF9xKwUz+dZb+f6p2vTTInxIk6SvlFszLqyX7GwEFjkKsb/x
pHXsaVD1Hb84ij8XecLyi99HVuaWN6bRonwlxRVO8nd/B8DY/mh4ZxrWgw1jUylH
HXqpLTRFlFtTdPEAI2zqpwUutbIsOjjjCgRi6nW78bnDlnbpF0IViR08IXXMIggi
hdUtvERk2pQUI7OxzRCvwtog6XMxNNt62hZb2C5u67Nkq4K/15nVE15UzfNBVdJy
uFTqGSYO8sQkU14TLh4K7rd1fQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNVg7dtA
CtRo3FEkIu+lFsUiwDHuMB8GA1UdIwQYMBaAFKfkE02bEd6rdbEXkdVeOdF0Tgvx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEREQzRi9DMUE0N0ZEODk1
QUYxMUU2Qjc4NTQzNzFDNEY5QUUwMi9wLVFUVFpzUjNxdDFzUmVSMVY0NTBYUk9D
X0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3AtUVRUWnNSM3F0MXNSZVIxVjQ1MFhST0NfRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REREM0YvQzFBNDdGRDg5NUFGMTFFNkI3ODU0MzcxQzRGOUFFMDIvQUU1OEEyNDY5
NUIwMTFFNjk2RUZFNDcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnSxcwDwQCAAIwCQMHACABDfUiADANBgkqhkiG9w0BAQsF
AAOCAQEAVMLGrSkdiAcZMYmlU27N9+9aSB9hOUNeR39sEz3HioIhFDQGFEnp/rci
azZu7MbA58YXFp9S0r702xZ+I0SBvdMz1pLXLJY7h6HLR4vUBr3Ru6SGv12VFE/R
qtREN+wMyLDo/ts/XX7LtwtEeKniOCDmKS3vjZAx5yxK6dW1tSJcWrwHbuvlUIAm
8FIefqEzQEBfrCONbO581AzqE7TBExYeQnzjhKVXiqdjOHEUUNdvIxQUkykJdYaV
5X68FNncTVeDxAyh4voZQRXBNAQWZxe0lZ+eJgM7uzpEYdMPXcdzr3tNPDA5cnWV
L/6jivUTmcP8fOqwZk5bJS/Y+YKFKQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:39:52 2025 by rpki-client