Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91A61310000/0/34332e3235352e38322e302f32342d3234203d3e20393834.roa
File: 34332e3235352e38322e302f32342d3234203d3e20393834.roa (raw, json)
Hash identifier: YRgjmmE+nVi/PAXhqb3JUaahbh35VPMhIEe6x6m98Ho=
Subject key identifier: 3C:A4:79:3E:82:B2:19:B5:49:33:E2:B8:AD:DC:19:82:E8:2D:08:51
Certificate issuer: /CN=A91A61310000/serialNumber=72EC0D8B386D96FBC741C05F3661CB7ADA8EB800
Certificate serial: 539A99ADD42FC7B2DA88A11B6AE29074C302C902
Authority key identifier: 72:EC:0D:8B:38:6D:96:FB:C7:41:C0:5F:36:61:CB:7A:DA:8E:B8:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cuwNizhtlvvHQcBfNmHLetqOuAA.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91A61310000/0/34332e3235352e38322e302f32342d3234203d3e20393834.roa
Signing time: Thu 12 Dec 2024 07:28:36 +0000
ROA not before: Thu 12 Dec 2024 07:23:36 +0000
ROA not after: Thu 11 Dec 2025 07:28:36 +0000
asID: 984
IP address blocks: 43.255.82.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:9a:99:ad:d4:2f:c7:b2:da:88:a1:1b:6a:e2:90:74:c3:02:c9:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A61310000
Validity
Not Before: Dec 12 07:23:36 2024 GMT
Not After : Dec 11 07:28:36 2025 GMT
Subject: CN=3CA4793E82B219B54933E2B8ADDC1982E82D0851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:24:22:15:24:a1:c6:ae:f4:1e:ac:7c:17:71:
3f:9d:9d:45:5f:d8:d3:21:87:77:c4:85:06:49:82:
38:e3:4a:83:26:a6:cf:91:9e:b9:1d:93:fa:a4:4b:
a7:e7:34:13:9d:88:ab:eb:8f:31:0b:05:d1:a5:a7:
0c:12:43:08:fa:29:bd:87:63:69:a4:d7:39:c3:21:
2b:c5:3d:9d:a1:89:e8:5c:96:07:f6:10:90:f6:bd:
12:2e:44:7e:8f:27:1a:ac:27:e5:f8:11:84:0f:8d:
05:9a:11:7b:d9:2b:b6:ee:bc:9f:6d:e7:aa:33:21:
eb:01:e1:3b:7d:14:00:66:fd:63:8d:ea:f4:ab:8c:
9d:0a:2b:cb:9d:33:1f:fc:9a:75:ce:fb:f3:5f:aa:
10:06:07:11:f9:20:9f:40:f8:b6:26:9a:1d:d1:01:
2e:1c:45:3b:3d:5a:5f:8d:5d:8e:d5:4e:28:c6:73:
15:9b:14:e0:2a:bc:4e:47:f6:a4:0f:57:5c:5c:fe:
e4:b3:ec:4b:2c:d3:d7:fc:ec:4c:7b:83:91:36:84:
d8:f8:82:3b:cd:9d:90:bb:c8:43:bb:eb:97:e1:f1:
5f:30:77:b3:01:dc:bd:c3:87:ac:42:18:82:d3:95:
54:6c:ac:c6:e8:69:8e:3f:51:d1:0a:59:5b:bd:12:
ad:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A4:79:3E:82:B2:19:B5:49:33:E2:B8:AD:DC:19:82:E8:2D:08:51
X509v3 Authority Key Identifier:
keyid:72:EC:0D:8B:38:6D:96:FB:C7:41:C0:5F:36:61:CB:7A:DA:8E:B8:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91A61310000/0/72EC0D8B386D96FBC741C05F3661CB7ADA8EB800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cuwNizhtlvvHQcBfNmHLetqOuAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91A61310000/0/34332e3235352e38322e302f32342d3234203d3e20393834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.255.82.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:3f:50:53:f6:66:4b:fc:f6:2a:63:f0:02:55:5e:35:c9:1b:
ae:74:29:05:54:3c:3e:3a:aa:93:e1:0d:20:0a:b8:51:f9:77:
e4:7c:36:9d:35:99:d6:89:91:c0:94:8f:ba:de:8e:e8:57:39:
67:77:63:0c:3c:cb:b3:b1:60:a8:fe:82:10:d8:f9:d0:b8:f0:
71:a5:96:b8:81:08:85:48:2d:f5:87:1d:a4:8d:eb:dc:ee:da:
4c:f3:a8:0e:a1:65:ca:b2:15:77:13:f5:20:1c:e5:1d:86:f7:
b0:d7:00:5f:a2:b3:64:a3:3e:29:5c:67:4b:72:1f:9f:d7:0a:
52:e2:8f:25:bd:03:c4:89:1a:bc:28:4c:4f:a1:ec:98:cf:66:
21:a6:86:a7:15:00:4b:9b:49:1b:5f:47:58:a0:a9:78:56:8e:
a7:e9:49:21:e0:03:24:02:c9:b1:75:07:7b:0f:be:c8:b4:0a:
f3:4c:ac:16:be:ef:2e:4b:df:c7:d7:6c:70:08:57:d8:0c:a7:
f3:fd:90:57:f1:e0:be:59:7b:f5:0b:31:02:eb:82:ac:63:dc:
38:a6:94:81:f3:cc:61:90:1d:6c:3e:99:04:c4:ec:ca:b2:e7:
0d:da:22:e4:d4:75:3f:ab:1a:ba:b1:12:77:9c:8f:77:b2:50:
6f:2e:11:da
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUU5qZrdQvx7LaiKEbauKQdMMCyQIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQTYxMzEwMDAwMTEwLwYDVQQFEyg3MkVDMEQ4QjM4
NkQ5NkZCQzc0MUMwNUYzNjYxQ0I3QURBOEVCODAwMB4XDTI0MTIxMjA3MjMzNloX
DTI1MTIxMTA3MjgzNlowMzExMC8GA1UEAxMoM0NBNDc5M0U4MkIyMTlCNTQ5MzNF
MkI4QUREQzE5ODJFODJEMDg1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKokIhUkocau9B6sfBdxP52dRV/Y0yGHd8SFBkmCOONKgyamz5GeuR2T+qRL
p+c0E52Iq+uPMQsF0aWnDBJDCPopvYdjaaTXOcMhK8U9naGJ6FyWB/YQkPa9Ei5E
fo8nGqwn5fgRhA+NBZoRe9krtu68n23nqjMh6wHhO30UAGb9Y43q9KuMnQory50z
H/yadc7781+qEAYHEfkgn0D4tiaaHdEBLhxFOz1aX41djtVOKMZzFZsU4Cq8Tkf2
pA9XXFz+5LPsSyzT1/zsTHuDkTaE2PiCO82dkLvIQ7vrl+HxXzB3swHcvcOHrEIY
gtOVVGysxuhpjj9R0QpZW70SrUECAwEAAaOCAgswggIHMB0GA1UdDgQWBBQ8pHk+
grIZtUkz4rit3BmC6C0IUTAfBgNVHSMEGDAWgBRy7A2LOG2W+8dBwF82Yct62o64
ADAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTFBNjEzMTAwMDAvMC83MkVDMEQ4
QjM4NkQ5NkZCQzc0MUMwNUYzNjYxQ0I3QURBOEVCODAwLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9jdXdOaXpodGx2
dkhRY0JmTm1ITGV0cU91QUEuY2VyMIGFBggrBgEFBQcBCwR5MHcwdQYIKwYBBQUH
MAuGaXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxQTYx
MzEwMDAwLzAvMzQzMzJlMzIzNTM1MmUzODMyMmUzMDJmMzIzNDJkMzIzNDIwM2Qz
ZTIwMzkzODM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAK/9SMA0GCSqGSIb3DQEBCwUAA4IBAQCeP1BT
9mZL/PYqY/ACVV41yRuudCkFVDw+OqqT4Q0gCrhR+XfkfDadNZnWiZHAlI+63o7o
Vzlnd2MMPMuzsWCo/oIQ2PnQuPBxpZa4gQiFSC31hx2kjevc7tpM86gOoWXKshV3
E/UgHOUdhvew1wBforNkoz4pXGdLch+f1wpS4o8lvQPEiRq8KExPoeyYz2Yhpoan
FQBLm0kbX0dYoKl4Vo6n6Ukh4AMkAsmxdQd7D77ItArzTKwWvu8uS9/H12xwCFfY
DKfz/ZBX8eC+WXv1CzEC64KsY9w4ppSB88xhkB1sPpkExOzKsucN2iLk1HU/qxq6
sRJ3nI93slBvLhHa
-----END CERTIFICATE-----
Generated at Fri Apr 11 14:52:13 2025 by rpki-client