Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAEE4/9C26E6C82FDE11ECAD747F68C4F9AE02/601148222FE311EC9A82B173C4F9AE02.roa
File: 601148222FE311EC9A82B173C4F9AE02.roa (raw, json)
Hash identifier: 7l7cIvv2PKgzcAVE2+wLoCJeRNQ2nD5JLbsIhjuYwUw=
Subject key identifier: AD:5E:69:89:CF:FF:33:51:A7:36:E4:A2:0E:F2:5D:1F:B8:84:F0:19
Certificate issuer: /CN=A91FAEE4/serialNumber=73C0E01890FF3067601062A12E54BD54379091B6
Certificate serial: 042F
Authority key identifier: 73:C0:E0:18:90:FF:30:67:60:10:62:A1:2E:54:BD:54:37:90:91:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c8DgGJD_MGdgEGKhLlS9VDeQkbY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FAEE4/9C26E6C82FDE11ECAD747F68C4F9AE02/601148222FE311EC9A82B173C4F9AE02.roa
Signing time: Thu 05 Sep 2024 01:33:39 +0000
ROA not before: Thu 05 Sep 2024 01:33:39 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 135513
IP address blocks: 43.252.124.0/22 maxlen: 24
103.9.52.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1071 (0x42f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FAEE4
Validity
Not Before: Sep 5 01:33:39 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d90a73-b591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cd:86:e2:a7:73:ef:5a:42:53:90:c3:2e:2c:
b0:62:93:23:69:8d:47:cb:02:cf:f6:db:ce:70:68:
15:0d:20:ed:f8:4e:56:44:78:96:21:e9:ae:86:2d:
99:c1:0e:1c:38:d1:5e:a1:9f:28:92:97:db:ba:99:
1d:cd:9d:77:d5:aa:ad:40:b1:4a:ce:af:0f:e7:47:
2a:ad:d8:04:9a:32:f5:b4:da:e5:36:96:4f:4e:7f:
6b:fd:6f:19:b7:a4:9b:78:d5:d5:2c:68:36:21:87:
7a:6f:02:93:e0:68:46:12:09:65:1c:ba:37:5f:72:
90:03:69:9a:fd:42:a4:4e:97:6c:73:89:21:33:6c:
7c:29:d2:89:b2:55:0d:08:61:2a:ec:09:a9:56:2e:
e8:49:e8:13:36:96:2e:f7:f1:cf:0f:92:68:68:ba:
fa:73:68:9a:e6:d8:ca:e9:a4:13:28:29:a4:62:eb:
8d:dc:aa:91:0c:05:3e:91:56:6a:f1:de:03:93:eb:
b5:3e:30:ec:8b:7c:73:4f:8b:6b:50:be:de:fd:08:
e6:cb:91:45:5f:cc:4a:db:de:b3:0c:b0:d6:e5:49:
04:08:4b:7d:d7:04:a2:eb:a9:29:49:80:55:84:a6:
bd:2c:4a:a3:8a:c1:82:6a:f1:6c:4b:39:fc:5b:1f:
a2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:5E:69:89:CF:FF:33:51:A7:36:E4:A2:0E:F2:5D:1F:B8:84:F0:19
X509v3 Authority Key Identifier:
keyid:73:C0:E0:18:90:FF:30:67:60:10:62:A1:2E:54:BD:54:37:90:91:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FAEE4/9C26E6C82FDE11ECAD747F68C4F9AE02/c8DgGJD_MGdgEGKhLlS9VDeQkbY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c8DgGJD_MGdgEGKhLlS9VDeQkbY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAEE4/9C26E6C82FDE11ECAD747F68C4F9AE02/601148222FE311EC9A82B173C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.124.0/22
103.9.52.0/22
Signature Algorithm: sha256WithRSAEncryption
53:2e:e8:33:37:ca:b4:cc:23:8d:07:b1:2a:3c:bf:b2:53:e3:
15:19:39:16:75:64:62:bc:c5:81:15:bf:e5:73:67:3c:66:0b:
28:e3:98:e1:ef:34:db:39:3c:3d:01:b7:16:a5:75:42:c7:cb:
52:05:c5:41:6d:60:c3:d7:cd:49:52:b8:b0:62:1d:68:39:36:
5a:39:84:af:67:78:6c:ae:85:a9:f3:04:7c:b1:14:ce:52:de:
54:8c:5e:c5:6f:d5:24:b6:a9:39:c3:be:08:33:a0:e1:79:7c:
e0:37:8e:c5:db:c9:9e:ee:05:ea:a1:24:f3:d7:7c:de:9a:94:
78:4b:bd:25:ee:41:1b:d2:eb:6b:dd:eb:2c:df:c6:48:27:13:
5e:ab:d2:75:26:0c:b3:a1:2a:aa:71:0c:dc:69:3a:18:6c:ac:
38:2f:a7:c4:31:6b:21:ee:92:c5:b9:59:cc:0b:7d:82:ee:9d:
0e:15:c8:82:1d:fe:86:5d:4d:8e:e3:2e:6c:e3:69:26:30:7e:
e0:6b:db:26:1b:ec:ca:03:42:fc:2e:15:47:81:1a:fb:5b:e6:
e5:d5:a6:b9:8a:04:b7:6b:fc:a5:af:b0:71:50:4c:5c:a5:81:
55:46:87:ac:57:11:61:a6:e6:c7:41:b5:28:42:37:59:bf:d8:
e8:42:2a:11
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBC8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkFFRTQxMTAvBgNVBAUTKDczQzBFMDE4OTBGRjMwNjc2MDEwNjJBMTJFNTRCRDU0
Mzc5MDkxQjYwHhcNMjQwOTA1MDEzMzM5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MGE3My1iNTkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnc2G4qdz71pCU5DDLiywYpMjaY1HywLP9tvOcGgVDSDt+E5WRHiWIemuhi2Z
wQ4cONFeoZ8okpfbupkdzZ131aqtQLFKzq8P50cqrdgEmjL1tNrlNpZPTn9r/W8Z
t6SbeNXVLGg2IYd6bwKT4GhGEgllHLo3X3KQA2ma/UKkTpdsc4khM2x8KdKJslUN
CGEq7AmpVi7oSegTNpYu9/HPD5JoaLr6c2ia5tjK6aQTKCmkYuuN3KqRDAU+kVZq
8d4Dk+u1PjDsi3xzT4trUL7e/Qjmy5FFX8xK296zDLDW5UkECEt91wSi66kpSYBV
hKa9LEqjisGCavFsSzn8Wx+iFQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFK1eaYnP
/zNRpzbkog7yXR+4hPAZMB8GA1UdIwQYMBaAFHPA4BiQ/zBnYBBioS5UvVQ3kJG2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUVFNC85QzI2RTZDODJG
REUxMUVDQUQ3NDdGNjhDNEY5QUUwMi9jOERnR0pEX01HZGdFR0toTGxTOVZEZVFr
YlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2M4RGdHSkRfTUdkZ0VHS2hMbFM5VkRlUWtiWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkFFRTQvOUMyNkU2QzgyRkRFMTFFQ0FENzQ3RjY4QzRGOUFFMDIvNjAxMTQ4MjIy
RkUzMTFFQzlBODJCMTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr/HwDBAJnCTQwDQYJKoZIhvcNAQELBQADggEBAFMu6DM3
yrTMI40HsSo8v7JT4xUZORZ1ZGK8xYEVv+VzZzxmCyjjmOHvNNs5PD0BtxaldULH
y1IFxUFtYMPXzUlSuLBiHWg5Nlo5hK9neGyuhanzBHyxFM5S3lSMXsVv1SS2qTnD
vggzoOF5fOA3jsXbyZ7uBeqhJPPXfN6alHhLvSXuQRvS62vd6yzfxkgnE16r0nUm
DLOhKqpxDNxpOhhsrDgvp8QxayHuksW5WcwLfYLunQ4VyIId/oZdTY7jLmzjaSYw
fuBr2yYb7MoDQvwuFUeBGvtb5uXVprmKBLdr/KWvsHFQTFylgVVGh6xXEWGm5sdB
tShCN1m/2OhCKhE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:14:58 2025 by rpki-client