Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADF45/B5B3F6C4140811EFB9D2075AC4F9AE02/376BD314140C11EF81F9F16FC4F9AE02.roa
File: 376BD314140C11EF81F9F16FC4F9AE02.roa (raw, json)
Hash identifier: zX1ubk4lmcSnxGKYtF2AX+YeDbHZ6iQSok83RHSGwqg=
Subject key identifier: 67:DF:A7:82:70:08:D6:92:06:82:E4:DD:14:EB:CB:6E:CB:A5:42:E8
Certificate issuer: /CN=A91ADF45/serialNumber=984C9E177E2E6B37E4A260AB234CE547E0CD9ABC
Certificate serial: 57
Authority key identifier: 98:4C:9E:17:7E:2E:6B:37:E4:A2:60:AB:23:4C:E5:47:E0:CD:9A:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mEyeF34uazfkomCrI0zlR-DNmrw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ADF45/B5B3F6C4140811EFB9D2075AC4F9AE02/376BD314140C11EF81F9F16FC4F9AE02.roa
Signing time: Tue 01 Oct 2024 06:50:24 +0000
ROA not before: Tue 01 Oct 2024 06:50:24 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 396982
IP address blocks: 203.17.4.0/24 maxlen: 24
203.17.95.0/24 maxlen: 24
2001:df0:421::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87 (0x57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ADF45
Validity
Not Before: Oct 1 06:50:24 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66fb9bb0-8e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:09:0d:50:f0:b4:84:13:3b:a0:54:ed:a7:8b:
84:01:3f:32:e9:df:97:10:98:5f:ca:56:6b:80:18:
6b:97:a4:e7:9a:57:41:da:45:fc:fc:df:e5:78:7a:
15:9d:b9:3d:32:63:b6:59:91:f0:02:28:5b:7b:fc:
22:32:28:ef:53:3f:3d:7d:90:40:1d:c6:39:5e:89:
9f:6c:8c:9f:ac:83:b9:a0:97:e8:31:cc:2a:80:30:
f4:b9:e0:4b:bc:99:ec:b9:60:81:66:d9:4f:39:3e:
70:c7:cf:96:57:1b:95:12:6c:1f:61:10:c7:8d:db:
52:46:86:c9:68:3c:88:3c:00:70:8d:b1:43:d6:20:
98:e4:4e:18:5c:ff:35:d6:23:f3:b0:d7:c8:26:78:
3e:22:68:9c:bd:97:bd:7c:30:88:5c:ca:06:10:c9:
2f:da:35:a2:e9:2d:90:0f:71:25:4f:4f:38:35:cf:
4e:2a:ed:a2:82:76:df:88:ef:5f:b7:94:19:7b:21:
9c:18:f3:6d:8e:c0:8a:a0:17:ba:49:a5:b9:e3:81:
6c:e4:7f:2b:cc:1d:7c:cb:7f:fe:11:4d:9b:47:0b:
22:f7:1a:dd:f5:04:64:8e:a3:75:36:93:64:07:4a:
19:38:55:32:f0:c5:3b:d0:29:d3:5c:21:fe:95:d5:
a2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DF:A7:82:70:08:D6:92:06:82:E4:DD:14:EB:CB:6E:CB:A5:42:E8
X509v3 Authority Key Identifier:
keyid:98:4C:9E:17:7E:2E:6B:37:E4:A2:60:AB:23:4C:E5:47:E0:CD:9A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ADF45/B5B3F6C4140811EFB9D2075AC4F9AE02/mEyeF34uazfkomCrI0zlR-DNmrw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mEyeF34uazfkomCrI0zlR-DNmrw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADF45/B5B3F6C4140811EFB9D2075AC4F9AE02/376BD314140C11EF81F9F16FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.17.4.0/24
203.17.95.0/24
IPv6:
2001:df0:421::/48
Signature Algorithm: sha256WithRSAEncryption
86:7d:17:78:db:5d:e5:a9:02:25:6d:6a:6e:df:2d:b2:44:aa:
a0:da:1e:2f:71:0b:f3:e8:81:05:5a:aa:a7:f8:66:64:21:b5:
66:b2:4b:da:75:26:e9:4e:fb:77:7e:5e:eb:de:54:51:a3:3e:
c4:5c:a1:d6:e1:ae:58:82:3f:81:53:a7:05:aa:1c:d3:f0:2b:
cb:73:58:4f:99:7c:6f:49:61:b4:a8:6f:d2:60:f7:28:ac:db:
64:85:27:8b:bd:69:4e:2b:58:fb:d6:b2:5f:b3:cc:15:20:16:
b3:02:8d:ec:b8:cf:1a:0a:e5:5b:c6:b0:6a:76:ab:82:e3:30:
63:63:8b:26:55:96:a1:d5:fe:85:48:50:0a:84:d8:95:ba:7a:
33:a9:82:3c:1b:63:42:75:f7:33:55:1d:03:2f:4c:c1:4e:bf:
88:56:ec:db:3c:cc:48:44:7d:6e:78:5c:26:69:14:95:8a:c0:
5a:90:00:f0:39:ac:e7:a7:31:ce:3f:cf:c2:79:10:20:d3:32:
41:74:67:f0:41:e0:4f:26:d7:04:4f:5f:93:88:d0:2a:e2:db:
35:6e:35:9f:55:0c:5f:4d:7e:d0:6a:9e:2e:65:4d:3f:ca:f0:
26:ae:fa:c3:92:93:22:25:a6:08:14:90:66:53:97:a1:b9:9b:
95:42:a2:84
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIBVzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
REY0NTExMC8GA1UEBRMoOTg0QzlFMTc3RTJFNkIzN0U0QTI2MEFCMjM0Q0U1NDdF
MENEOUFCQzAeFw0yNDEwMDEwNjUwMjRaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZmI5YmIwLThlOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDqCQ1Q8LSEEzugVO2ni4QBPzLp35cQmF/KVmuAGGuXpOeaV0HaRfz83+V4ehWd
uT0yY7ZZkfACKFt7/CIyKO9TPz19kEAdxjleiZ9sjJ+sg7mgl+gxzCqAMPS54Eu8
mey5YIFm2U85PnDHz5ZXG5USbB9hEMeN21JGhsloPIg8AHCNsUPWIJjkThhc/zXW
I/Ow18gmeD4iaJy9l718MIhcygYQyS/aNaLpLZAPcSVPTzg1z04q7aKCdt+I71+3
lBl7IZwY822OwIqgF7pJpbnjgWzkfyvMHXzLf/4RTZtHCyL3Gt31BGSOo3U2k2QH
Shk4VTLwxTvQKdNcIf6V1aK/AgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUZ9+ngnAI
1pIGguTdFOvLbsulQugwHwYDVR0jBBgwFoAUmEyeF34uazfkomCrI0zlR+DNmrww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFERjQ1L0I1QjNGNkM0MTQw
ODExRUZCOUQyMDc1QUM0RjlBRTAyL21FeWVGMzR1YXpma29tQ3JJMHpsUi1ETm1y
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbUV5ZUYzNHVhemZrb21DckkwemxSLURObXJ3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
REY0NS9CNUIzRjZDNDE0MDgxMUVGQjlEMjA3NUFDNEY5QUUwMi8zNzZCRDMxNDE0
MEMxMUVGODFGOUYxNkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn
MCUwEgQCAAEwDAMEAMsRBAMEAMsRXzAPBAIAAjAJAwcAIAEN8AQhMA0GCSqGSIb3
DQEBCwUAA4IBAQCGfRd4213lqQIlbWpu3y2yRKqg2h4vcQvz6IEFWqqn+GZkIbVm
skvadSbpTvt3fl7r3lRRoz7EXKHW4a5Ygj+BU6cFqhzT8CvLc1hPmXxvSWG0qG/S
YPcorNtkhSeLvWlOK1j71rJfs8wVIBazAo3suM8aCuVbxrBqdquC4zBjY4smVZah
1f6FSFAKhNiVunozqYI8G2NCdfczVR0DL0zBTr+IVuzbPMxIRH1ueFwmaRSVisBa
kADwOaznpzHOP8/CeRAg0zJBdGfwQeBPJtcET1+TiNAq4ts1bjWfVQxfTX7Qap4u
ZU0/yvAmrvrDkpMiJaYIFJBmU5ehuZuVQqKE
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:55:57 2025 by rpki-client