Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32322e302f32342d3234203d3e203438323636.roa
File: 34332e3235322e32322e302f32342d3234203d3e203438323636.roa (raw, json)
Hash identifier: lh0a38K8JAllhrAcZvOqWh+3NCJyyj25skARvaE+EWo=
Subject key identifier: 04:26:D8:FE:C9:98:55:59:B3:9E:D6:B6:2F:49:E7:47:69:BE:87:2B
Certificate issuer: /CN=A91DD5100000/serialNumber=5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B
Certificate serial: 42F17BA628762284D54EA430CD989137B3FBAD7D
Authority key identifier: 5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32322e302f32342d3234203d3e203438323636.roa
Signing time: Fri 17 Jan 2025 12:49:45 +0000
ROA not before: Fri 17 Jan 2025 12:44:45 +0000
ROA not after: Fri 16 Jan 2026 12:49:45 +0000
asID: 48266
IP address blocks: 43.252.22.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:f1:7b:a6:28:76:22:84:d5:4e:a4:30:cd:98:91:37:b3:fb:ad:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD5100000
Validity
Not Before: Jan 17 12:44:45 2025 GMT
Not After : Jan 16 12:49:45 2026 GMT
Subject: CN=0426D8FEC9985559B39ED6B62F49E74769BE872B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:18:88:d7:1d:c2:ed:5c:fc:07:bb:c4:7b:6c:
76:a3:83:6c:b7:7f:1b:bc:5e:b4:86:bd:b4:d9:e4:
e8:98:6f:1f:78:a3:df:24:e4:37:72:00:5a:63:a0:
ca:d9:27:f8:49:f0:99:f1:61:e8:f2:87:55:fd:28:
f2:59:e5:5d:7d:38:4b:6a:73:34:83:17:92:b6:b6:
34:2b:4b:f7:a4:b4:bc:12:ed:0e:a8:f9:c4:bb:fd:
9e:b2:3d:da:83:f9:f7:3c:72:30:38:52:83:18:e2:
eb:64:cf:84:f7:2b:5d:09:62:53:e3:88:c0:09:ec:
68:cc:c4:9b:32:97:1e:b8:21:d5:d6:8b:0a:96:a3:
b4:f7:7d:17:90:42:2c:8e:73:1a:16:ed:00:56:34:
a4:05:4d:d4:b2:38:b7:29:d5:77:39:f5:53:e9:83:
3b:0c:8d:9a:da:00:d0:2c:af:eb:1f:33:07:03:42:
54:e5:8a:73:21:ab:2c:cb:55:a4:56:b4:b8:23:6d:
ad:05:6b:ff:6b:6e:aa:13:df:6a:3a:21:7f:41:6e:
32:22:69:2c:21:6e:54:90:a9:ee:24:c3:01:8e:52:
1f:54:70:e7:12:27:22:be:03:ae:c0:9e:a6:b4:10:
46:58:3b:ce:9c:7d:66:c4:ab:37:0d:d0:77:30:e2:
82:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:26:D8:FE:C9:98:55:59:B3:9E:D6:B6:2F:49:E7:47:69:BE:87:2B
X509v3 Authority Key Identifier:
keyid:5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32322e302f32342d3234203d3e203438323636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.252.22.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:95:61:dd:33:13:7b:48:b2:ed:2c:14:5f:38:a2:a2:99:92:
88:b7:8a:c3:d2:7e:d6:24:30:a7:99:12:af:92:a0:84:69:7b:
14:43:fd:5d:20:67:ad:07:ab:03:a7:16:b0:f5:c8:e9:18:ef:
7a:7d:a6:f3:c0:17:64:a6:b2:a9:78:ea:71:ec:ff:f1:21:11:
32:e8:49:d0:81:6a:34:59:72:82:a7:d5:de:44:81:ba:15:db:
02:e0:c8:46:79:15:86:dd:73:2d:e2:bc:1b:ff:75:b1:19:c7:
8e:b8:5a:62:07:79:b5:69:62:b2:a8:cd:0a:13:f1:17:4e:a5:
f8:ab:81:85:60:90:60:cb:ca:e8:66:ba:00:80:02:a3:92:08:
f3:1d:5a:57:7c:f9:f6:2c:2b:48:1b:47:9d:16:0d:a9:3c:30:
3a:15:8f:0f:d7:e9:0b:a1:62:3c:54:f1:48:f2:ed:74:31:d4:
2d:fb:92:5f:8e:fe:08:64:07:27:fc:d0:38:ec:3b:bf:19:f0:
88:63:ac:e9:b0:82:c3:8a:f0:63:ea:37:2a:3b:a6:6e:2d:48:
44:79:97:96:74:df:5e:35:ca:f6:bd:69:cd:e9:49:93:00:c5:
98:67:17:c3:d4:20:79:33:5c:4b:a4:d2:f0:f7:ac:60:1d:c1:
85:a0:87:ef
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUQvF7pih2IoTVTqQwzZiRN7P7rX0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxREQ1MTAwMDAwMTEwLwYDVQQFEyg1RDcwN0IwRDM1
Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCMB4XDTI1MDExNzEyNDQ0NVoX
DTI2MDExNjEyNDk0NVowMzExMC8GA1UEAxMoMDQyNkQ4RkVDOTk4NTU1OUIzOUVE
NkI2MkY0OUU3NDc2OUJFODcyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQYiNcdwu1c/Ae7xHtsdqODbLd/G7xetIa9tNnk6JhvH3ij3yTkN3IAWmOg
ytkn+EnwmfFh6PKHVf0o8lnlXX04S2pzNIMXkra2NCtL96S0vBLtDqj5xLv9nrI9
2oP59zxyMDhSgxji62TPhPcrXQliU+OIwAnsaMzEmzKXHrgh1daLCpajtPd9F5BC
LI5zGhbtAFY0pAVN1LI4tynVdzn1U+mDOwyNmtoA0Cyv6x8zBwNCVOWKcyGrLMtV
pFa0uCNtrQVr/2tuqhPfajohf0FuMiJpLCFuVJCp7iTDAY5SH1Rw5xInIr4DrsCe
prQQRlg7zpx9ZsSrNw3QdzDigjECAwEAAaOCAg8wggILMB0GA1UdDgQWBBQEJtj+
yZhVWbOe1rYvSedHab6HKzAfBgNVHSMEGDAWgBRdcHsNNWliJDK0vcv9Mg+ai23c
ezAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTFERDUxMDAwMDAvMC81RDcwN0Iw
RDM1Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9YWEI3RFRWcFlp
UXl0TDNMX1RJUG1vdHQzSHMuY2VyMIGJBggrBgEFBQcBCwR9MHsweQYIKwYBBQUH
MAuGbXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxREQ1
MTAwMDAwLzAvMzQzMzJlMzIzNTMyMmUzMjMyMmUzMDJmMzIzNDJkMzIzNDIwM2Qz
ZTIwMzQzODMyMzYzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACv8FjANBgkqhkiG9w0BAQsFAAOCAQEA
wZVh3TMTe0iy7SwUXziiopmSiLeKw9J+1iQwp5kSr5KghGl7FEP9XSBnrQerA6cW
sPXI6Rjven2m88AXZKayqXjqcez/8SERMuhJ0IFqNFlygqfV3kSBuhXbAuDIRnkV
ht1zLeK8G/91sRnHjrhaYgd5tWlisqjNChPxF06l+KuBhWCQYMvK6Ga6AIACo5II
8x1aV3z59iwrSBtHnRYNqTwwOhWPD9fpC6FiPFTxSPLtdDHULfuSX47+CGQHJ/zQ
OOw7vxnwiGOs6bCCw4rwY+o3Kjumbi1IRHmXlnTfXjXK9r1pzelJkwDFmGcXw9Qg
eTNcS6TS8PesYB3BhaCH7w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:07:01 2025 by rpki-client