Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8B67/2FA00D3EC6AA11EF84FB0D0DC4F9AE02/8C293C92C6AA11EF8BCD0A11C4F9AE02.roa
File: 8C293C92C6AA11EF8BCD0A11C4F9AE02.roa (raw, json)
Hash identifier: MuD/wPLuVqCwHXluDzMMjr5sOZ3G8oyIiZ4H3JFgaA0=
Subject key identifier: 78:46:9A:CE:1B:C1:0C:2F:66:5E:C1:C4:22:17:F2:B1:57:54:4E:D6
Certificate issuer: /CN=A91A8B67/serialNumber=D459D267525234A0535EC38D8CCC8990194DE189
Certificate serial: 02
Authority key identifier: D4:59:D2:67:52:52:34:A0:53:5E:C3:8D:8C:CC:89:90:19:4D:E1:89
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FnSZ1JSNKBTXsONjMyJkBlN4Yk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A8B67/2FA00D3EC6AA11EF84FB0D0DC4F9AE02/8C293C92C6AA11EF8BCD0A11C4F9AE02.roa
Signing time: Mon 30 Dec 2024 12:35:27 +0000
ROA not before: Mon 30 Dec 2024 12:35:27 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 135660
IP address blocks: 103.137.20.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A8B67
Validity
Not Before: Dec 30 12:35:27 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6772938f-bedc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a1:e8:bf:d1:3b:d9:71:85:ab:4d:52:9d:1c:
a0:ea:c9:4f:bc:ca:41:d1:b3:f1:8e:53:53:1a:18:
91:a8:32:f3:55:72:92:96:34:ff:f2:25:11:36:f8:
f7:b4:ec:b5:06:58:be:3d:2c:81:5a:d0:29:44:17:
82:7a:86:f4:70:ad:1e:8f:41:58:16:b0:cf:4e:27:
a5:17:f4:58:5b:83:92:a0:ee:3c:c7:84:41:2e:3d:
68:32:40:fc:fe:8c:9c:65:ae:f1:a1:10:f7:f2:71:
a0:47:1b:fc:49:61:c3:e0:f8:05:bc:bb:3e:89:1f:
ec:3c:b1:10:72:97:42:e1:f3:5a:3f:06:50:d9:80:
54:b3:61:3a:1f:bf:d6:8c:1e:13:b8:6f:1f:4b:e5:
65:f8:d5:f7:72:fa:83:fb:4f:99:02:45:55:c2:87:
f7:a2:6d:18:6f:2c:e7:fe:c1:51:f3:85:7e:0b:4f:
86:48:fc:9e:4b:8a:08:2a:68:3e:47:19:19:38:82:
97:40:34:bf:de:84:9e:58:84:f6:38:2e:f5:71:0c:
3e:68:db:d9:08:a3:19:b5:ad:a6:38:d3:43:3a:d3:
0a:94:e1:1e:6e:5e:74:34:27:e1:7a:fb:1b:cf:b1:
81:f9:01:11:74:4d:0f:04:0f:1a:a6:24:88:b0:79:
ff:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:46:9A:CE:1B:C1:0C:2F:66:5E:C1:C4:22:17:F2:B1:57:54:4E:D6
X509v3 Authority Key Identifier:
keyid:D4:59:D2:67:52:52:34:A0:53:5E:C3:8D:8C:CC:89:90:19:4D:E1:89
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A8B67/2FA00D3EC6AA11EF84FB0D0DC4F9AE02/1FnSZ1JSNKBTXsONjMyJkBlN4Yk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FnSZ1JSNKBTXsONjMyJkBlN4Yk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8B67/2FA00D3EC6AA11EF84FB0D0DC4F9AE02/8C293C92C6AA11EF8BCD0A11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.20.0/23
Signature Algorithm: sha256WithRSAEncryption
78:65:0a:ef:54:1f:a5:51:7d:38:27:69:39:a1:3b:90:14:1f:
ba:6b:ff:e2:7f:a7:9f:67:87:be:c1:78:ff:6f:48:fb:7f:cf:
d3:ba:84:62:6e:5d:c2:76:b0:c8:e5:bb:d3:12:06:07:bb:5c:
d6:f3:72:98:eb:d2:5e:21:af:51:a6:65:d9:9d:23:4a:e8:98:
5f:f0:a5:e7:93:30:80:ff:45:41:17:1d:a1:5d:7b:58:7d:a0:
34:6a:b9:19:29:05:1b:21:84:2c:0b:53:30:f7:c4:0d:b7:c4:
8d:ed:73:fa:cc:06:0a:99:ac:39:e5:41:72:bb:74:b2:8b:16:
bd:80:f5:5f:33:87:44:39:15:01:64:ed:bc:01:bf:01:9c:52:
e4:45:fd:80:c5:b3:0c:09:a2:05:35:ca:0f:41:67:a5:74:70:
31:23:10:c3:68:5e:dc:5a:71:53:1b:e2:3d:f5:b3:93:46:3a:
a4:8f:e0:ec:2a:4c:c7:06:f5:64:57:63:84:fc:53:0a:3c:24:
c2:9b:a5:4d:ae:b9:8c:34:b3:9c:59:82:a9:2c:c6:10:cd:99:
c6:fb:65:3d:97:3c:55:bf:04:78:fa:75:fe:eb:5e:1f:d0:20:
c7:8f:5f:79:b3:12:da:69:ca:ec:0b:4b:c3:05:29:4a:7d:11:
b7:5b:6c:d3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
OEI2NzExMC8GA1UEBRMoRDQ1OUQyNjc1MjUyMzRBMDUzNUVDMzhEOENDQzg5OTAx
OTRERTE4OTAeFw0yNDEyMzAxMjM1MjdaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NzI5MzhmLWJlZGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQChoei/0TvZcYWrTVKdHKDqyU+8ykHRs/GOU1MaGJGoMvNVcpKWNP/yJRE2+Pe0
7LUGWL49LIFa0ClEF4J6hvRwrR6PQVgWsM9OJ6UX9Fhbg5Kg7jzHhEEuPWgyQPz+
jJxlrvGhEPfycaBHG/xJYcPg+AW8uz6JH+w8sRByl0Lh81o/BlDZgFSzYTofv9aM
HhO4bx9L5WX41fdy+oP7T5kCRVXCh/eibRhvLOf+wVHzhX4LT4ZI/J5LiggqaD5H
GRk4gpdANL/ehJ5YhPY4LvVxDD5o29kIoxm1raY400M60wqU4R5uXnQ0J+F6+xvP
sYH5ARF0TQ8EDxqmJIiwef+nAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUeEaazhvB
DC9mXsHEIhfysVdUTtYwHwYDVR0jBBgwFoAU1FnSZ1JSNKBTXsONjMyJkBlN4Ykw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE4QjY3LzJGQTAwRDNFQzZB
QTExRUY4NEZCMEQwREM0RjlBRTAyLzFGblNaMUpTTktCVFhzT05qTXlKa0JsTjRZ
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMUZuU1oxSlNOS0JUWHNPTmpNeUprQmxONFlrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
OEI2Ny8yRkEwMEQzRUM2QUExMUVGODRGQjBEMERDNEY5QUUwMi84QzI5M0M5MkM2
QUExMUVGOEJDRDBBMTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeJFDANBgkqhkiG9w0BAQsFAAOCAQEAeGUK71QfpVF9OCdp
OaE7kBQfumv/4n+nn2eHvsF4/29I+3/P07qEYm5dwnawyOW70xIGB7tc1vNymOvS
XiGvUaZl2Z0jSuiYX/Cl55MwgP9FQRcdoV17WH2gNGq5GSkFGyGELAtTMPfEDbfE
je1z+swGCpmsOeVBcrt0sosWvYD1XzOHRDkVAWTtvAG/AZxS5EX9gMWzDAmiBTXK
D0FnpXRwMSMQw2he3FpxUxviPfWzk0Y6pI/g7CpMxwb1ZFdjhPxTCjwkwpulTa65
jDSznFmCqSzGEM2ZxvtlPZc8Vb8EePp1/uteH9Agx49febMS2mnK7AtLwwUpSn0R
t1ts0w==
-----END CERTIFICATE-----
Generated at Sat Feb 22 04:13:33 2025 by rpki-client