Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E1B48/66F57644927411EFBF864A3DC4F9AE02/FB03B42C927411EF870E655AC4F9AE02.roa
File: FB03B42C927411EF870E655AC4F9AE02.roa (raw, json)
Hash identifier: u4w+Qp27Y9kvTk+tCZ+0s7VTT7TtAcdJXuu92GYJlRA=
Subject key identifier: 1D:7F:1F:30:3D:1B:1D:D0:53:E2:20:FB:88:14:D0:38:EE:EE:76:8A
Certificate issuer: /CN=A91E1B48/serialNumber=A4E68679E67BA61A27F4F89BD092AEE5C1F72139
Certificate serial: 02
Authority key identifier: A4:E6:86:79:E6:7B:A6:1A:27:F4:F8:9B:D0:92:AE:E5:C1:F7:21:39
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pOaGeeZ7phon9Pib0JKu5cH3ITk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E1B48/66F57644927411EFBF864A3DC4F9AE02/FB03B42C927411EF870E655AC4F9AE02.roa
Signing time: Fri 25 Oct 2024 02:01:00 +0000
ROA not before: Fri 25 Oct 2024 02:01:00 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 38605
IP address blocks: 203.171.4.0/24 maxlen: 24
2001:df0:2ea::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E1B48
Validity
Not Before: Oct 25 02:01:00 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=671afbdb-035c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:72:4f:74:cd:1e:b9:17:86:4d:20:ef:61:7c:
75:15:17:0a:25:34:dd:df:a7:a0:30:8d:4c:7b:2f:
e1:7e:8d:10:30:23:65:d9:ac:39:9d:7c:2d:5d:e0:
84:bb:d9:3e:0c:e2:f7:d0:01:30:c3:49:b9:c9:8f:
1a:c5:6c:4d:26:3d:5d:49:48:72:92:7c:ca:ed:07:
6f:ed:fa:f2:76:a6:7f:89:3a:99:2a:b8:06:fb:fa:
4e:29:06:f7:b2:ff:10:78:e6:5a:cb:23:e3:0c:58:
3f:d5:41:f0:5f:70:5b:da:bc:90:d0:b7:8b:61:47:
6d:48:52:22:ea:cd:7d:c0:b9:dc:ab:2f:36:bc:bf:
9b:1a:b3:79:be:8a:0a:a8:5b:89:0f:c8:dd:54:23:
60:95:a1:bd:a6:a8:2b:6a:67:b1:cd:54:c7:88:5c:
82:d5:b0:28:d5:e6:0d:f0:29:db:cf:b8:e5:c9:95:
c8:b3:4b:5c:0a:75:15:29:08:89:7f:b2:15:56:5d:
83:ec:3c:f5:32:9a:f9:d1:78:e7:c6:32:65:d1:29:
ef:6a:eb:83:88:14:e8:9c:ec:5c:dc:89:0e:87:0c:
f2:70:57:8d:de:8d:c3:d3:7f:03:09:13:94:59:82:
2e:23:74:2c:1b:14:49:bf:11:53:8b:a9:71:7b:55:
e2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:7F:1F:30:3D:1B:1D:D0:53:E2:20:FB:88:14:D0:38:EE:EE:76:8A
X509v3 Authority Key Identifier:
keyid:A4:E6:86:79:E6:7B:A6:1A:27:F4:F8:9B:D0:92:AE:E5:C1:F7:21:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E1B48/66F57644927411EFBF864A3DC4F9AE02/pOaGeeZ7phon9Pib0JKu5cH3ITk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pOaGeeZ7phon9Pib0JKu5cH3ITk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E1B48/66F57644927411EFBF864A3DC4F9AE02/FB03B42C927411EF870E655AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.171.4.0/24
IPv6:
2001:df0:2ea::/48
Signature Algorithm: sha256WithRSAEncryption
00:da:a2:3a:4c:3a:d6:83:3c:78:f5:00:73:a9:66:6c:6d:a7:
80:52:ce:a0:18:f8:da:7e:57:56:b4:70:47:08:dd:a9:df:72:
96:62:36:ff:64:83:dd:69:eb:5b:16:56:0e:1f:6d:07:8d:84:
41:8b:41:95:12:42:3b:46:9a:6e:bd:09:1d:50:a7:ac:61:79:
a0:aa:d6:9e:43:a9:ce:24:6b:3d:dd:f0:d6:a3:af:4a:8a:78:
d7:90:e4:b9:8e:ca:7d:87:3e:64:51:ab:b7:81:80:79:bd:d2:
6a:96:7a:19:c4:63:e1:37:c9:35:d8:23:06:ce:67:03:1c:9d:
04:61:3a:d3:2a:b5:fa:bf:39:59:e1:93:8e:1f:cf:c0:25:8e:
d0:99:eb:e3:17:a8:8d:02:dc:89:db:eb:49:f3:f8:37:13:2b:
a5:3c:6e:91:70:57:0e:92:d8:cf:c1:9c:f8:40:b4:09:1d:3d:
c8:d6:96:ad:c4:dd:52:76:3c:0e:d4:10:f0:5d:17:9d:bc:4e:
b9:50:45:2c:6f:71:a0:a6:86:78:f0:d2:28:a4:97:d2:7c:16:
a1:9e:10:d7:3e:85:d5:1a:b6:2a:70:a6:3f:cb:b6:c8:2b:a3:
e8:46:06:97:26:1d:7b:18:0e:5b:8e:d3:f1:23:24:95:0d:ff:
fd:20:81:2d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MUI0ODExMC8GA1UEBRMoQTRFNjg2NzlFNjdCQTYxQTI3RjRGODlCRDA5MkFFRTVD
MUY3MjEzOTAeFw0yNDEwMjUwMjAxMDBaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MWFmYmRiLTAzNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7ck90zR65F4ZNIO9hfHUVFwolNN3fp6AwjUx7L+F+jRAwI2XZrDmdfC1d4IS7
2T4M4vfQATDDSbnJjxrFbE0mPV1JSHKSfMrtB2/t+vJ2pn+JOpkquAb7+k4pBvey
/xB45lrLI+MMWD/VQfBfcFvavJDQt4thR21IUiLqzX3AudyrLza8v5sas3m+igqo
W4kPyN1UI2CVob2mqCtqZ7HNVMeIXILVsCjV5g3wKdvPuOXJlcizS1wKdRUpCIl/
shVWXYPsPPUymvnReOfGMmXRKe9q64OIFOic7FzciQ6HDPJwV43ejcPTfwMJE5RZ
gi4jdCwbFEm/EVOLqXF7VeKhAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUHX8fMD0b
HdBT4iD7iBTQOO7udoowHwYDVR0jBBgwFoAUpOaGeeZ7phon9Pib0JKu5cH3ITkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUxQjQ4LzY2RjU3NjQ0OTI3
NDExRUZCRjg2NEEzREM0RjlBRTAyL3BPYUdlZVo3cGhvbjlQaWIwSkt1NWNIM0lU
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcE9hR2VlWjdwaG9uOVBpYjBKS3U1Y0gzSVRrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MUI0OC82NkY1NzY0NDkyNzQxMUVGQkY4NjRBM0RDNEY5QUUwMi9GQjAzQjQyQzky
NzQxMUVGODcwRTY1NUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAMurBDAPBAIAAjAJAwcAIAEN8ALqMA0GCSqGSIb3DQEBCwUA
A4IBAQAA2qI6TDrWgzx49QBzqWZsbaeAUs6gGPjafldWtHBHCN2p33KWYjb/ZIPd
aetbFlYOH20HjYRBi0GVEkI7RppuvQkdUKesYXmgqtaeQ6nOJGs93fDWo69KinjX
kOS5jsp9hz5kUau3gYB5vdJqlnoZxGPhN8k12CMGzmcDHJ0EYTrTKrX6vzlZ4ZOO
H8/AJY7QmevjF6iNAtyJ2+tJ8/g3EyulPG6RcFcOktjPwZz4QLQJHT3I1patxN1S
djwO1BDwXRedvE65UEUsb3GgpoZ48NIopJfSfBahnhDXPoXVGrYqcKY/y7bIK6Po
RgaXJh17GA5bjtPxIySVDf/9IIEt
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:06:29 2025 by rpki-client