Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/1158F4B451F611E9A5EDBE25C4F9AE02.roa
File: 1158F4B451F611E9A5EDBE25C4F9AE02.roa (raw, json)
Hash identifier: 1jXpiD6gmBSnu1fi9XCpYPe6/Jj4DMV+/92Sfn0w4q0=
Subject key identifier: 9B:41:B4:A9:48:3F:B9:95:02:83:54:60:7A:C3:D0:92:0F:57:A3:1B
Certificate issuer: /CN=A9184D71/serialNumber=DDF9FDA94BBA359A37E0DBB007571AFF3E5117A2
Certificate serial: 1732
Authority key identifier: DD:F9:FD:A9:4B:BA:35:9A:37:E0:DB:B0:07:57:1A:FF:3E:51:17:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fn9qUu6NZo34NuwB1ca_z5RF6I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/1158F4B451F611E9A5EDBE25C4F9AE02.roa
Signing time: Fri 14 Jul 2023 16:53:40 +0000
ROA not before: Fri 14 Jul 2023 16:53:40 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 134451
IP address blocks: 103.60.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5938 (0x1732)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9184D71/serialNumber=DDF9FDA94BBA359A37E0DBB007571AFF3E5117A2
Validity
Not Before: Jul 14 16:53:40 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64b17d94-34cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:24:e3:68:2d:f8:90:26:c1:c3:20:c5:5b:71:
d5:7d:69:bd:d5:e4:3a:cc:b2:66:a8:56:6f:c7:90:
d0:15:62:e3:e3:29:e7:ba:b1:39:2f:70:51:19:e9:
92:e3:67:a7:5c:14:1a:18:7e:c9:b2:47:83:b1:be:
86:2b:2a:41:d7:7f:59:e8:0b:7a:30:54:e3:bf:0d:
3c:36:d6:23:7a:fe:07:fe:07:54:2c:16:71:d8:f4:
c8:ba:cd:21:67:c7:41:37:e5:29:80:f5:c2:4a:56:
87:14:f5:cc:2b:08:1b:89:47:13:1e:93:96:14:6f:
c3:31:8b:db:ee:79:43:cb:3f:13:b0:af:c3:0a:30:
f6:9a:a0:c9:91:67:d2:af:0b:61:f1:f1:73:30:47:
78:5a:b7:b7:08:63:4c:62:f2:2d:b1:d1:54:67:30:
01:1e:66:29:20:87:ba:46:f8:f9:ce:49:41:f2:c4:
db:e5:9d:6f:ea:6f:b5:cf:99:10:16:ce:01:91:44:
8d:69:6b:e7:ab:1f:9f:36:d7:6e:87:ee:93:35:91:
70:c0:c0:14:13:a6:7e:91:e1:75:e9:1a:c4:4c:ec:
b0:93:1a:70:f5:4d:99:56:cf:5b:d1:9a:d3:0d:d3:
35:ba:28:81:10:d5:f1:44:7c:78:3a:fb:d5:64:0c:
f4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:41:B4:A9:48:3F:B9:95:02:83:54:60:7A:C3:D0:92:0F:57:A3:1B
X509v3 Authority Key Identifier:
keyid:DD:F9:FD:A9:4B:BA:35:9A:37:E0:DB:B0:07:57:1A:FF:3E:51:17:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/3fn9qUu6NZo34NuwB1ca_z5RF6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fn9qUu6NZo34NuwB1ca_z5RF6I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/1158F4B451F611E9A5EDBE25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.60.9.0/24
Signature Algorithm: sha256WithRSAEncryption
99:59:7f:bb:e2:52:c5:e6:a3:5f:43:fb:1b:a4:92:eb:ed:d0:
75:af:97:3c:e8:b1:df:fe:75:5e:dd:a0:81:e2:fb:ed:29:20:
c2:d6:23:19:b1:62:86:d3:a8:08:3d:59:69:3d:0d:18:9e:74:
56:00:c6:2d:c6:f2:fd:9c:a2:32:2f:b1:6d:d4:e5:1e:f5:96:
2a:49:75:42:d0:b7:b0:ed:5b:df:2a:93:94:d5:e2:96:39:f1:
46:14:a4:23:85:cc:c3:e8:b7:55:59:28:7e:b2:b9:f7:1f:c1:
db:a7:b6:13:f4:c1:7c:ea:7c:08:70:0f:85:c6:ad:99:05:95:
56:d5:ac:be:c7:e3:a6:53:a5:72:9c:fe:b1:52:db:36:70:af:
79:ef:98:66:6d:71:8d:d0:3c:3e:bb:7d:b6:4d:61:e6:f9:88:
05:e6:1e:66:b6:5c:f2:3e:ac:88:89:8c:79:81:c3:7d:37:31:
6e:ce:cb:43:0b:8c:49:28:13:26:d0:47:fc:5e:4e:08:c7:20:
cf:de:17:62:5a:ac:15:6d:62:ac:e0:33:33:a5:dd:4e:28:c5:
ca:86:70:2e:d4:26:8c:0e:b8:2f:17:56:07:ec:b0:49:1c:82:
d5:b1:91:c0:10:a7:8c:5f:e0:22:00:c4:f8:ca:30:67:49:10:
8a:62:df:fc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFzIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODRENzExMTAvBgNVBAUTKERERjlGREE5NEJCQTM1OUEzN0UwREJCMDA3NTcxQUZG
M0U1MTE3QTIwHhcNMjMwNzE0MTY1MzQwWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGIxN2Q5NC0zNGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1CTjaC34kCbBwyDFW3HVfWm91eQ6zLJmqFZvx5DQFWLj4ynnurE5L3BRGemS
42enXBQaGH7JskeDsb6GKypB139Z6At6MFTjvw08NtYjev4H/gdULBZx2PTIus0h
Z8dBN+UpgPXCSlaHFPXMKwgbiUcTHpOWFG/DMYvb7nlDyz8TsK/DCjD2mqDJkWfS
rwth8fFzMEd4Wre3CGNMYvItsdFUZzABHmYpIIe6Rvj5zklB8sTb5Z1v6m+1z5kQ
Fs4BkUSNaWvnqx+fNtduh+6TNZFwwMAUE6Z+keF16RrETOywkxpw9U2ZVs9b0ZrT
DdM1uiiBENXxRHx4OvvVZAz0wQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJtBtKlI
P7mVAoNUYHrD0JIPV6MbMB8GA1UdIwQYMBaAFN35/alLujWaN+DbsAdXGv8+URei
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NEQ3MS85ODNBMEM5RTlE
MUYxMUU3ODc2RTY2MTFDNEY5QUUwMi8zZm45cVV1Nk5abzM0TnV3QjFjYV96NVJG
NkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNmbjlxVXU2TlpvMzROdXdCMWNhX3o1UkY2SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODRENzEvOTgzQTBDOUU5RDFGMTFFNzg3NkU2NjExQzRGOUFFMDIvMTE1OEY0QjQ1
MUY2MTFFOUE1RURCRTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnPAkwDQYJKoZIhvcNAQELBQADggEBAJlZf7viUsXmo19D
+xukkuvt0HWvlzzosd/+dV7doIHi++0pIMLWIxmxYobTqAg9WWk9DRiedFYAxi3G
8v2cojIvsW3U5R71lipJdULQt7DtW98qk5TV4pY58UYUpCOFzMPot1VZKH6yufcf
wdunthP0wXzqfAhwD4XGrZkFlVbVrL7H46ZTpXKc/rFS2zZwr3nvmGZtcY3QPD67
fbZNYeb5iAXmHma2XPI+rIiJjHmBw303MW7Oy0MLjEkoEybQR/xeTgjHIM/eF2Ja
rBVtYqzgMzOl3U4oxcqGcC7UJowOuC8XVgfssEkcgtWxkcAQp4xf4CIAxPjKMGdJ
EIpi3/w=
-----END CERTIFICATE-----
Generated at Wed Apr 17 18:55:18 2024 by rpki-client on console-fra.rpki-client.org