Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/0BFA0C9C927E11EEA47AD74FC4F9AE02.roa
File: 0BFA0C9C927E11EEA47AD74FC4F9AE02.roa (raw, json)
Hash identifier: JbuO9QygXZWdecTCM5Sf89ukRTRQrSasLXKuG+IV9QE=
Subject key identifier: D1:04:3F:8D:B4:56:9B:F0:46:57:4B:AD:AC:FD:A0:5D:B1:E7:B5:7E
Certificate issuer: /CN=A91EF35B/serialNumber=E40720BA293BAF25BC0A1778C65CF0D2E0F35160
Certificate serial: 0408
Authority key identifier: E4:07:20:BA:29:3B:AF:25:BC:0A:17:78:C6:5C:F0:D2:E0:F3:51:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Acguik7ryW8Chd4xlzw0uDzUWA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/0BFA0C9C927E11EEA47AD74FC4F9AE02.roa
Signing time: Tue 29 Oct 2024 00:55:59 +0000
ROA not before: Tue 29 Oct 2024 00:55:59 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 146990
IP address blocks: 103.172.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1032 (0x408)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF35B
Validity
Not Before: Oct 29 00:55:59 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6720329f-4d24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3e:52:16:95:ed:bf:54:ba:72:7a:64:b0:8d:
83:86:23:f6:eb:2b:cb:7d:5a:e6:67:49:15:df:6e:
af:11:4b:0d:d6:04:2f:75:61:f4:24:8a:16:eb:34:
14:82:f6:63:7e:1d:6f:e8:dc:54:10:46:75:c2:9c:
2a:57:8f:7e:00:4f:f2:72:5f:34:51:f5:61:e4:4c:
26:9d:d4:39:37:33:6d:72:aa:25:87:b1:6d:8c:31:
39:96:b2:61:0e:63:17:3e:e0:22:8d:49:1e:b7:25:
d5:11:ed:6b:92:fa:e9:be:f8:1d:10:d8:5b:15:67:
19:ca:2e:bb:00:e8:b2:56:d4:26:49:85:d5:26:2a:
c8:aa:75:b8:2a:4b:b1:d8:67:1c:b3:b8:90:45:4b:
ca:a0:ad:25:ba:6c:c9:c1:79:2a:ba:5a:e9:2a:3b:
12:af:63:b8:3f:b1:1f:ae:e3:32:c0:a6:3f:55:0b:
c6:ea:3c:3d:cb:a1:83:fe:87:07:75:fd:61:64:aa:
39:6f:04:97:51:e8:91:ef:25:8f:b3:df:a2:a8:10:
7f:ec:0e:1c:aa:4b:45:2f:df:6e:d0:ca:0d:31:e2:
26:9e:dc:73:27:0b:c8:70:9b:56:42:60:18:bd:ed:
ad:48:f7:b6:80:fa:12:cb:dd:45:c6:0e:62:8a:5f:
8d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:04:3F:8D:B4:56:9B:F0:46:57:4B:AD:AC:FD:A0:5D:B1:E7:B5:7E
X509v3 Authority Key Identifier:
keyid:E4:07:20:BA:29:3B:AF:25:BC:0A:17:78:C6:5C:F0:D2:E0:F3:51:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/5Acguik7ryW8Chd4xlzw0uDzUWA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Acguik7ryW8Chd4xlzw0uDzUWA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/0BFA0C9C927E11EEA47AD74FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.138.0/24
Signature Algorithm: sha256WithRSAEncryption
11:31:8f:66:e8:a4:c1:d9:b0:72:c8:54:b5:a0:71:0f:19:73:
00:f2:d1:ca:78:96:91:aa:30:b9:22:03:1f:3b:aa:4d:11:35:
a6:93:e1:d0:51:ba:d3:d5:c0:39:ea:d9:53:e6:32:d8:b1:12:
7a:a7:d8:12:97:ad:6c:44:43:1a:0c:2d:30:aa:c9:2d:00:ea:
67:74:66:08:de:9a:97:aa:f0:cc:6f:a1:e3:94:28:de:d2:61:
05:a3:60:b4:93:ed:21:a4:12:cc:62:76:67:69:70:23:0f:1d:
78:30:ce:1c:79:7d:cf:c7:9e:3d:58:93:19:f6:fd:dc:38:4b:
bd:82:00:48:b4:50:88:99:a8:46:e6:48:19:e3:dc:86:2f:9e:
f6:8c:7a:29:c4:05:66:b9:4f:e6:71:dc:67:68:eb:29:42:c0:
02:0d:21:e9:18:26:b0:d8:22:f1:6c:b1:7b:61:b1:c6:2b:e3:
8a:d0:8f:1e:3b:dc:55:dd:eb:6d:1c:d4:8f:d1:d5:35:25:90:
79:c6:19:67:85:c2:e5:cb:ce:3c:7b:32:74:3d:56:9a:9c:cc:
9b:24:98:2a:b4:bb:4e:e6:63:24:76:a1:b2:29:cb:38:83:38:
63:e0:df:9c:f6:bc:45:65:ef:eb:19:62:e2:34:76:e5:be:a4:
d6:bb:5a:fb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBAgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUYzNUIxMTAvBgNVBAUTKEU0MDcyMEJBMjkzQkFGMjVCQzBBMTc3OEM2NUNGMEQy
RTBGMzUxNjAwHhcNMjQxMDI5MDA1NTU5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIwMzI5Zi00ZDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxD5SFpXtv1S6cnpksI2DhiP26yvLfVrmZ0kV326vEUsN1gQvdWH0JIoW6zQU
gvZjfh1v6NxUEEZ1wpwqV49+AE/ycl80UfVh5EwmndQ5NzNtcqolh7FtjDE5lrJh
DmMXPuAijUketyXVEe1rkvrpvvgdENhbFWcZyi67AOiyVtQmSYXVJirIqnW4Kkux
2Gccs7iQRUvKoK0lumzJwXkqulrpKjsSr2O4P7EfruMywKY/VQvG6jw9y6GD/ocH
df1hZKo5bwSXUeiR7yWPs9+iqBB/7A4cqktFL99u0MoNMeImntxzJwvIcJtWQmAY
ve2tSPe2gPoSy91Fxg5iil+N6wIDAQABo4IClTCCApEwHQYDVR0OBBYEFNEEP420
VpvwRldLraz9oF2x57V+MB8GA1UdIwQYMBaAFOQHILopO68lvAoXeMZc8NLg81Fg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjM1Qi9FMDEwMTU4QTU2
NEUxMUVDODU4ODU5MTRDNEY5QUUwMi81QWNndWlrN3J5VzhDaGQ0eGx6dzB1RHpV
V0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVBY2d1aWs3cnlXOENoZDR4bHp3MHVEelVXQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUYzNUIvRTAxMDE1OEE1NjRFMTFFQzg1ODg1OTE0QzRGOUFFMDIvMEJGQTBDOUM5
MjdFMTFFRUE0N0FENzRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnrIowDQYJKoZIhvcNAQELBQADggEBABExj2bopMHZsHLI
VLWgcQ8ZcwDy0cp4lpGqMLkiAx87qk0RNaaT4dBRutPVwDnq2VPmMtixEnqn2BKX
rWxEQxoMLTCqyS0A6md0Zgjempeq8MxvoeOUKN7SYQWjYLST7SGkEsxidmdpcCMP
HXgwzhx5fc/Hnj1Ykxn2/dw4S72CAEi0UIiZqEbmSBnj3IYvnvaMeinEBWa5T+Zx
3Gdo6ylCwAINIekYJrDYIvFssXthscYr44rQjx473FXd620c1I/R1TUlkHnGGWeF
wuXLzjx7MnQ9VpqczJskmCq0u07mYyR2obIpyziDOGPg35z2vEVl7+sZYuI0duW+
pNa7Wvs=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:52:13 2025 by rpki-client