Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/98D4C15C51A811EC9B4EC93CC4F9AE02.roa
File: 98D4C15C51A811EC9B4EC93CC4F9AE02.roa (raw, json)
Hash identifier: NHQbOgvcvf+xebLksvaWoIPWOQhkS/7iqqSs+AjDhew=
Subject key identifier: 31:15:80:43:D6:4D:EF:7F:62:9B:D9:9A:47:E6:51:2E:5D:45:73:30
Certificate issuer: /CN=A91E5D0C/serialNumber=3E73B2BE13037BE744391D3A899CDD202B82F76D
Certificate serial: 045E
Authority key identifier: 3E:73:B2:BE:13:03:7B:E7:44:39:1D:3A:89:9C:DD:20:2B:82:F7:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PnOyvhMDe-dEOR06iZzdICuC920.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/98D4C15C51A811EC9B4EC93CC4F9AE02.roa
Signing time: Sun 01 Dec 2024 00:03:46 +0000
ROA not before: Sun 01 Dec 2024 00:03:46 +0000
ROA not after: Sun 30 Mar 2025 00:00:00 +0000
asID: 147179
IP address blocks: 103.174.44.0/24 maxlen: 24
103.174.45.0/24 maxlen: 24
2407:fa40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1118 (0x45e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D0C
Validity
Not Before: Dec 1 00:03:46 2024 GMT
Not After : Mar 30 00:00:00 2025 GMT
Subject: CN=674ba7e1-2e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:24:37:5c:25:d0:2f:5e:56:e4:03:f9:21:71:
4d:2b:b1:58:ea:6e:a6:9c:1f:04:56:fb:68:93:29:
e1:45:4b:36:ee:63:79:67:b8:be:5e:e7:39:b4:a4:
50:0f:7b:a0:40:81:17:88:d8:8c:14:2e:ae:61:fa:
9a:be:1b:52:ec:be:66:47:d8:d9:f7:de:ae:e3:64:
b3:36:d6:88:8c:25:a8:75:65:ca:e3:fa:9b:78:11:
8f:fe:13:00:fa:96:ca:d2:fb:0f:19:ce:75:25:35:
c9:a9:fd:89:97:ca:f1:47:42:f9:f2:24:49:49:3f:
ba:c2:74:99:6e:79:cc:86:b3:5a:ba:2f:a5:33:59:
24:31:83:c6:c2:7a:0e:81:91:ec:2e:32:dc:9d:de:
4f:f7:73:61:c6:94:a6:6c:13:4b:99:6e:62:e6:0e:
2b:27:da:fa:2b:11:4e:f7:72:a5:57:3d:c8:c0:aa:
fa:18:cf:26:5c:8d:c8:f4:36:b5:f9:04:75:89:5b:
cd:ad:f9:71:b5:89:48:59:61:87:2d:03:bb:6d:20:
a8:ad:87:a6:2a:b7:54:44:5b:24:97:05:c7:4d:d3:
9f:3e:30:02:39:43:80:62:b6:2c:83:a0:ab:12:0f:
6b:2b:6b:7d:56:ba:a4:0d:d9:30:31:86:6b:59:0c:
5a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:15:80:43:D6:4D:EF:7F:62:9B:D9:9A:47:E6:51:2E:5D:45:73:30
X509v3 Authority Key Identifier:
keyid:3E:73:B2:BE:13:03:7B:E7:44:39:1D:3A:89:9C:DD:20:2B:82:F7:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/PnOyvhMDe-dEOR06iZzdICuC920.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PnOyvhMDe-dEOR06iZzdICuC920.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/98D4C15C51A811EC9B4EC93CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.44.0/23
IPv6:
2407:fa40::/32
Signature Algorithm: sha256WithRSAEncryption
b3:0e:a3:36:2e:45:e0:aa:41:77:d4:53:1b:0c:34:e4:b8:0a:
3e:60:d2:a3:49:80:44:8f:6e:18:ba:c9:24:81:1f:4e:79:59:
42:1d:32:f9:db:1d:e0:31:ea:20:15:97:c0:d4:32:5c:48:ae:
d9:48:84:c6:2e:41:39:9b:72:52:d0:0e:6d:e1:47:96:9b:9a:
67:ec:11:85:4f:1b:37:a0:94:f1:b8:94:1c:c0:89:84:ba:46:
5e:89:c5:0e:9a:56:45:90:e6:0b:f4:67:85:3d:c9:13:f6:4f:
5a:df:2b:fc:c9:bc:56:73:4c:45:21:8e:99:49:14:d5:98:c1:
ed:3b:65:c3:a1:e8:76:01:28:c4:32:fb:c0:06:22:d1:6d:53:
08:46:6f:c5:59:d6:31:ee:cc:e0:a4:9b:d1:0c:69:d4:0a:09:
3a:1b:b4:b4:72:39:8b:4c:13:1e:e3:63:be:62:01:d2:5d:dd:
f0:53:30:f2:5e:10:29:3d:1c:fa:08:4a:d2:fc:3e:9e:aa:d8:
06:37:ea:9e:7b:fe:ae:c4:08:24:40:f6:b4:a2:34:b7:6e:1c:
0f:f7:d1:a3:ca:af:d2:a7:dc:e5:b7:b3:2f:7b:09:c1:70:f6:
cb:39:0e:27:a3:e7:21:2f:19:8a:39:02:8e:5c:91:fc:e1:f9:
65:5c:7f:4c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBF4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTVEMEMxMTAvBgNVBAUTKDNFNzNCMkJFMTMwMzdCRTc0NDM5MUQzQTg5OUNERDIw
MkI4MkY3NkQwHhcNMjQxMjAxMDAwMzQ2WhcNMjUwMzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRiYTdlMS0yZTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApiQ3XCXQL15W5AP5IXFNK7FY6m6mnB8EVvtokynhRUs27mN5Z7i+Xuc5tKRQ
D3ugQIEXiNiMFC6uYfqavhtS7L5mR9jZ996u42SzNtaIjCWodWXK4/qbeBGP/hMA
+pbK0vsPGc51JTXJqf2Jl8rxR0L58iRJST+6wnSZbnnMhrNaui+lM1kkMYPGwnoO
gZHsLjLcnd5P93NhxpSmbBNLmW5i5g4rJ9r6KxFO93KlVz3IwKr6GM8mXI3I9Da1
+QR1iVvNrflxtYlIWWGHLQO7bSCorYemKrdURFsklwXHTdOfPjACOUOAYrYsg6Cr
Eg9rK2t9VrqkDdkwMYZrWQxadQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDEVgEPW
Te9/YpvZmkfmUS5dRXMwMB8GA1UdIwQYMBaAFD5zsr4TA3vnRDkdOomc3SArgvdt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUQwQy84OTFCNEVDQTMy
MzYxMUVDODk4Mzg3NTZDNEY5QUUwMi9Qbk95dmhNRGUtZEVPUjA2aVp6ZElDdUM5
MjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BuT3l2aE1EZS1kRU9SMDZpWnpkSUN1QzkyMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTVEMEMvODkxQjRFQ0EzMjM2MTFFQzg5ODM4NzU2QzRGOUFFMDIvOThENEMxNUM1
MUE4MTFFQzlCNEVDOTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnriwwDQQCAAIwBwMFACQH+kAwDQYJKoZIhvcNAQELBQAD
ggEBALMOozYuReCqQXfUUxsMNOS4Cj5g0qNJgESPbhi6ySSBH055WUIdMvnbHeAx
6iAVl8DUMlxIrtlIhMYuQTmbclLQDm3hR5abmmfsEYVPGzeglPG4lBzAiYS6Rl6J
xQ6aVkWQ5gv0Z4U9yRP2T1rfK/zJvFZzTEUhjplJFNWYwe07ZcOh6HYBKMQy+8AG
ItFtUwhGb8VZ1jHuzOCkm9EMadQKCTobtLRyOYtMEx7jY75iAdJd3fBTMPJeECk9
HPoIStL8Pp6q2AY36p57/q7ECCRA9rSiNLduHA/30aPKr9Kn3OW3sy97CcFw9ss5
Diej5yEvGYo5Ao5ckfzh+WVcf0w=
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:35:49 2025 by rpki-client