Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/E24736EC9D9011EC89314083C4F9AE02.roa
File: E24736EC9D9011EC89314083C4F9AE02.roa (raw, json)
Hash identifier: MQLW+ckG9k/91Edmhff4+dci4t4G4rJfBHrG+oHBPHU=
Subject key identifier: A4:B3:50:30:AA:46:6C:B2:10:34:53:35:FC:3B:65:36:DB:98:97:6C
Certificate issuer: /CN=A91E4EF7/serialNumber=AAB524E595A530E12C13AA211C2EF26B69DD9C9B
Certificate serial: 1AB3
Authority key identifier: AA:B5:24:E5:95:A5:30:E1:2C:13:AA:21:1C:2E:F2:6B:69:DD:9C:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrUk5ZWlMOEsE6ohHC7ya2ndnJs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/E24736EC9D9011EC89314083C4F9AE02.roa
Signing time: Thu 24 Oct 2024 16:55:16 +0000
ROA not before: Thu 24 Oct 2024 16:55:16 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 133326
IP address blocks: 103.38.120.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6835 (0x1ab3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4EF7
Validity
Not Before: Oct 24 16:55:16 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=671a7bf3-b866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ea:37:73:38:e4:ee:e8:44:2e:07:31:f7:56:
02:bb:58:2a:1a:49:e2:7a:84:54:ae:1d:61:be:64:
80:48:d5:4d:32:15:e0:86:93:77:77:71:b5:d2:96:
77:ee:db:26:3e:35:b8:0e:ae:99:30:a4:c7:f3:df:
53:3f:b9:12:32:49:80:fc:62:24:b4:63:4e:8f:f9:
1f:85:64:a0:3b:e3:b4:eb:59:d3:94:4a:de:8a:f0:
d7:c6:03:dd:05:a1:c2:d1:e6:6f:78:be:78:be:e0:
08:13:84:03:09:c8:c7:3d:ca:ac:e0:28:15:43:bc:
3c:63:df:66:79:2f:ef:a0:d8:49:a4:ed:e3:c2:1d:
e1:0e:c2:ed:75:c5:ce:c9:86:78:bc:38:57:d3:af:
9a:9f:f6:9d:70:de:60:30:a3:8d:53:15:ba:08:bd:
36:81:4b:59:a1:b8:15:7f:6b:2f:5a:5f:3a:a8:15:
b0:df:ef:00:3f:6a:ab:bf:99:89:6c:ae:4b:5d:46:
2e:d4:35:7a:a3:8e:b2:f4:ef:4c:ed:76:22:8d:fc:
65:51:ca:2c:4e:6a:9b:cf:bb:81:55:fa:d0:48:04:
2c:d2:4b:c0:7e:34:4a:17:97:15:c0:26:44:51:7c:
18:4e:72:6c:83:1f:69:c0:e9:87:8a:34:66:5b:af:
e4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B3:50:30:AA:46:6C:B2:10:34:53:35:FC:3B:65:36:DB:98:97:6C
X509v3 Authority Key Identifier:
keyid:AA:B5:24:E5:95:A5:30:E1:2C:13:AA:21:1C:2E:F2:6B:69:DD:9C:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/qrUk5ZWlMOEsE6ohHC7ya2ndnJs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrUk5ZWlMOEsE6ohHC7ya2ndnJs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/E24736EC9D9011EC89314083C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.38.120.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:46:54:82:3b:76:86:a2:e4:a6:d0:bc:63:25:d8:61:84:b5:
d2:c9:97:8f:28:ec:31:ac:d4:1b:37:4c:12:e7:2f:63:34:0f:
0a:f2:1c:3e:27:77:cd:f5:bf:15:a0:a7:81:fc:6f:01:72:0a:
e4:33:0d:51:99:5d:54:28:f3:78:7c:13:53:e1:b4:36:7a:78:
b8:35:77:76:0b:29:d5:de:81:40:81:82:47:45:ba:19:1d:9c:
4f:05:b1:88:f2:45:f4:e3:ed:60:24:cc:a4:73:fb:c8:50:95:
d6:5a:c7:47:ab:00:49:66:d0:92:b6:a3:d2:3f:4b:1a:2d:cb:
ca:c9:be:6e:74:ab:97:cc:39:b0:b2:05:07:e8:a5:af:ed:0a:
71:ef:3e:1a:06:09:cb:f7:d2:ff:f1:f3:d0:4d:03:9b:92:61:
ff:33:8c:c1:77:e1:b4:f5:17:f8:f8:19:0c:01:a5:41:9f:11:
e7:dd:87:da:96:f5:dc:3b:7d:a3:7e:97:89:c5:5a:da:7f:be:
a4:6d:b1:95:3e:94:37:72:87:ef:3a:8a:49:d3:3f:6d:5d:13:
d1:3a:60:8a:2f:3c:ef:3f:d5:6c:17:42:21:8c:f4:91:e0:0b:
20:fc:a1:99:b8:47:94:81:d3:18:a5:5c:75:57:a4:12:be:73:
fa:f3:92:bd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGrMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRFRjcxMTAvBgNVBAUTKEFBQjUyNEU1OTVBNTMwRTEyQzEzQUEyMTFDMkVGMjZC
NjlERDlDOUIwHhcNMjQxMDI0MTY1NTE2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzFhN2JmMy1iODY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwOo3czjk7uhELgcx91YCu1gqGknieoRUrh1hvmSASNVNMhXghpN3d3G10pZ3
7tsmPjW4Dq6ZMKTH899TP7kSMkmA/GIktGNOj/kfhWSgO+O061nTlEreivDXxgPd
BaHC0eZveL54vuAIE4QDCcjHPcqs4CgVQ7w8Y99meS/voNhJpO3jwh3hDsLtdcXO
yYZ4vDhX06+an/adcN5gMKONUxW6CL02gUtZobgVf2svWl86qBWw3+8AP2qrv5mJ
bK5LXUYu1DV6o46y9O9M7XYijfxlUcosTmqbz7uBVfrQSAQs0kvAfjRKF5cVwCZE
UXwYTnJsgx9pwOmHijRmW6/kNwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKSzUDCq
RmyyEDRTNfw7ZTbbmJdsMB8GA1UdIwQYMBaAFKq1JOWVpTDhLBOqIRwu8mtp3Zyb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEVGNy9DNDZGRDc3NDFC
OEYxMUU3QUM0QzcyMjlDNEY5QUUwMi9xclVrNVpXbE1PRXNFNm9oSEM3eWEybmRu
SnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FyVWs1WldsTU9Fc0U2b2hIQzd5YTJuZG5Kcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRFRjcvQzQ2RkQ3NzQxQjhGMTFFN0FDNEM3MjI5QzRGOUFFMDIvRTI0NzM2RUM5
RDkwMTFFQzg5MzE0MDgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnJngwDQYJKoZIhvcNAQELBQADggEBALNGVII7doai5KbQ
vGMl2GGEtdLJl48o7DGs1Bs3TBLnL2M0DwryHD4nd831vxWgp4H8bwFyCuQzDVGZ
XVQo83h8E1PhtDZ6eLg1d3YLKdXegUCBgkdFuhkdnE8FsYjyRfTj7WAkzKRz+8hQ
ldZax0erAElm0JK2o9I/Sxoty8rJvm50q5fMObCyBQfopa/tCnHvPhoGCcv30v/x
89BNA5uSYf8zjMF34bT1F/j4GQwBpUGfEefdh9qW9dw7faN+l4nFWtp/vqRtsZU+
lDdyh+86iknTP21dE9E6YIovPO8/1WwXQiGM9JHgCyD8oZm4R5SB0xilXHVXpBK+
c/rzkr0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:52:12 2025 by rpki-client