Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32332e302f32342d3234203d3e20383334.roa
File: 34332e3235322e32332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: Ckvsi/Jrrdn+9lUGrni8Urgb3SPkwZ9AdY4b74p3JNc=
Subject key identifier: 32:39:14:F1:81:2B:79:EC:53:B0:B1:AD:78:0F:1C:41:54:F3:59:42
Certificate issuer: /CN=A91DD5100000/serialNumber=5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B
Certificate serial: 3DEE1F889F41EC54DC8248315F442DC0146DC08A
Authority key identifier: 5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32332e302f32342d3234203d3e20383334.roa
Signing time: Wed 18 Dec 2024 06:10:46 +0000
ROA not before: Wed 18 Dec 2024 06:05:46 +0000
ROA not after: Wed 17 Dec 2025 06:10:46 +0000
asID: 834
IP address blocks: 43.252.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:ee:1f:88:9f:41:ec:54:dc:82:48:31:5f:44:2d:c0:14:6d:c0:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD5100000
Validity
Not Before: Dec 18 06:05:46 2024 GMT
Not After : Dec 17 06:10:46 2025 GMT
Subject: CN=323914F1812B79EC53B0B1AD780F1C4154F35942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c4:f7:f2:d4:74:20:c9:c5:cd:57:7f:08:07:
c9:78:95:6c:fb:19:b5:a9:2d:e8:f7:72:78:4a:17:
19:3c:4f:43:9b:ff:2f:52:c8:62:f1:c3:07:bc:5c:
26:0a:86:c6:2f:4b:cf:e0:03:f3:ef:90:ac:f0:98:
19:f1:6d:db:a6:86:d0:07:88:99:fb:70:ff:6e:89:
52:dd:89:80:57:8c:ca:58:45:54:8f:5e:6e:77:ba:
bd:e3:e8:b8:f5:3c:d4:b0:d9:40:77:fe:b1:d5:cf:
0d:52:6b:df:72:cc:34:c9:3f:10:91:f4:fa:28:c6:
a9:96:9a:7b:18:94:c6:34:f7:e7:d1:dc:fc:06:ef:
c6:bc:a5:7c:64:9b:2a:54:5a:0c:fc:03:46:80:da:
00:53:a8:5f:d6:71:af:c2:ce:23:29:65:06:4c:94:
70:54:15:4a:5a:15:95:fb:02:de:f1:95:e3:86:d4:
9b:64:eb:8e:ce:ec:40:a5:93:b9:91:32:f5:0a:0e:
77:97:61:a7:42:5b:26:09:41:2e:ab:e4:c3:38:78:
13:b7:e8:3d:be:b0:f0:59:2b:1a:56:20:ab:d2:d2:
9a:31:6b:f2:79:8a:e3:26:ae:4c:66:aa:64:f6:57:
35:cd:1d:a1:06:d6:81:45:4b:7f:62:62:42:d3:f7:
8f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:39:14:F1:81:2B:79:EC:53:B0:B1:AD:78:0F:1C:41:54:F3:59:42
X509v3 Authority Key Identifier:
keyid:5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.252.23.0/24
Signature Algorithm: sha256WithRSAEncryption
06:6d:4f:2f:9c:14:dc:d5:bf:b5:e7:ef:bf:2a:1d:b1:0c:b4:
8b:b7:c3:e2:65:1a:d5:99:6f:00:1a:05:d3:e3:67:21:a1:99:
83:98:d4:b0:a2:d0:c6:21:f0:6e:cb:1f:39:34:6f:34:a8:ff:
93:d6:68:6a:02:b8:97:d6:80:86:cf:36:fb:44:d3:28:8d:8a:
1b:b9:a8:77:31:dc:8e:68:51:3a:5a:0c:a4:4c:a9:af:cc:30:
7b:e6:39:5a:e9:80:79:5f:d8:3e:7e:59:e4:45:17:10:48:81:
9b:8d:41:1e:a7:83:5c:95:82:08:76:f9:30:5a:60:ad:08:21:
e3:fd:f0:f4:f8:10:06:58:3c:4e:46:56:79:77:aa:ef:bf:0c:
5d:04:aa:5a:e9:83:d4:98:b0:6d:3f:4e:2e:d7:83:40:3a:7d:
10:3b:f3:fd:c4:fd:73:f3:b7:b9:9f:e8:23:81:73:b4:46:90:
34:2f:36:42:ce:29:00:1e:02:36:fa:d2:27:81:06:a9:26:c3:
fa:d7:0a:d0:ff:02:70:eb:7c:b1:90:62:02:f7:72:db:21:90:
53:f6:12:7b:8a:39:0d:84:75:72:50:f5:80:26:c5:47:a4:3b:
65:38:de:c8:35:7e:e3:58:da:e1:9e:a5:44:ed:53:f1:0b:bc:
b0:c5:78:50
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUPe4fiJ9B7FTcgkgxX0QtwBRtwIowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxREQ1MTAwMDAwMTEwLwYDVQQFEyg1RDcwN0IwRDM1
Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCMB4XDTI0MTIxODA2MDU0NloX
DTI1MTIxNzA2MTA0NlowMzExMC8GA1UEAxMoMzIzOTE0RjE4MTJCNzlFQzUzQjBC
MUFENzgwRjFDNDE1NEYzNTk0MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/E9/LUdCDJxc1XfwgHyXiVbPsZtakt6PdyeEoXGTxPQ5v/L1LIYvHDB7xc
JgqGxi9Lz+AD8++QrPCYGfFt26aG0AeImftw/26JUt2JgFeMylhFVI9ebne6vePo
uPU81LDZQHf+sdXPDVJr33LMNMk/EJH0+ijGqZaaexiUxjT359Hc/AbvxrylfGSb
KlRaDPwDRoDaAFOoX9Zxr8LOIyllBkyUcFQVSloVlfsC3vGV44bUm2Trjs7sQKWT
uZEy9QoOd5dhp0JbJglBLqvkwzh4E7foPb6w8FkrGlYgq9LSmjFr8nmK4yauTGaq
ZPZXNc0doQbWgUVLf2JiQtP3jw8CAwEAAaOCAgswggIHMB0GA1UdDgQWBBQyORTx
gSt57FOwsa14DxxBVPNZQjAfBgNVHSMEGDAWgBRdcHsNNWliJDK0vcv9Mg+ai23c
ezAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTFERDUxMDAwMDAvMC81RDcwN0Iw
RDM1Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9YWEI3RFRWcFlp
UXl0TDNMX1RJUG1vdHQzSHMuY2VyMIGFBggrBgEFBQcBCwR5MHcwdQYIKwYBBQUH
MAuGaXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxREQ1
MTAwMDAwLzAvMzQzMzJlMzIzNTMyMmUzMjMzMmUzMDJmMzIzNDJkMzIzNDIwM2Qz
ZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAK/wXMA0GCSqGSIb3DQEBCwUAA4IBAQAGbU8v
nBTc1b+15++/Kh2xDLSLt8PiZRrVmW8AGgXT42choZmDmNSwotDGIfBuyx85NG80
qP+T1mhqAriX1oCGzzb7RNMojYobuah3MdyOaFE6WgykTKmvzDB75jla6YB5X9g+
flnkRRcQSIGbjUEep4NclYIIdvkwWmCtCCHj/fD0+BAGWDxORlZ5d6rvvwxdBKpa
6YPUmLBtP04u14NAOn0QO/P9xP1z87e5n+gjgXO0RpA0LzZCzikAHgI2+tIngQap
JsP61wrQ/wJw63yxkGIC93LbIZBT9hJ7ijkNhHVyUPWAJsVHpDtlON7INX7jWNrh
nqVE7VPxC7ywxXhQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:37:02 2025 by rpki-client