Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAA44/9CC00A9CC7FF11EC9BDBFE4BC4F9AE02/1054539CC80411ECBA7BB174C4F9AE02.roa
File: 1054539CC80411ECBA7BB174C4F9AE02.roa (raw, json)
Hash identifier: TKnNgWGNwFoC8C24zbH99O5sozDHLNm2T5yHAR3Xfxw=
Subject key identifier: 28:60:9F:99:9B:1E:FE:B7:F7:24:95:34:F1:5F:19:F5:98:CD:4C:5C
Certificate issuer: /CN=A91BAA44/serialNumber=2CC33FBCB864084020894A72DD088505AF9BB66D
Certificate serial: 0279
Authority key identifier: 2C:C3:3F:BC:B8:64:08:40:20:89:4A:72:DD:08:85:05:AF:9B:B6:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LMM_vLhkCEAgiUpy3QiFBa-btm0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BAA44/9CC00A9CC7FF11EC9BDBFE4BC4F9AE02/1054539CC80411ECBA7BB174C4F9AE02.roa
Signing time: Mon 13 May 2024 04:08:19 +0000
ROA not before: Mon 13 May 2024 04:08:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38001
IP address blocks: 45.114.117.0/24 maxlen: 24
103.53.197.0/24 maxlen: 24
103.53.198.0/24 maxlen: 24
103.53.199.0/24 maxlen: 24
2402:2f80:1::/48 maxlen: 48
2402:2f80:8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 633 (0x279)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BAA44
Validity
Not Before: May 13 04:08:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66419233-3747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ac:ed:9a:c1:3c:34:7f:77:9e:92:10:ce:2b:
5a:6e:2a:d2:0d:c0:a1:85:6b:ef:48:d5:bd:bf:e2:
95:41:35:6f:f5:b7:12:b5:fa:2a:b0:d0:ce:11:cd:
bf:49:f7:b1:ae:ff:31:d0:6b:49:43:53:4e:29:c6:
9e:52:6a:92:e6:1d:c9:64:c1:6e:07:f2:70:7f:8c:
dc:73:6a:1a:cf:10:9d:01:b2:23:cf:72:9b:c3:a7:
91:22:86:1b:08:e7:9b:ca:ed:c0:bb:b7:c6:05:13:
09:fb:f2:0d:30:77:a4:6a:8a:4b:a7:7f:9e:24:e5:
69:83:4b:46:68:db:7f:cb:ec:f9:e1:80:bf:66:b5:
22:95:d4:a5:2f:03:9c:c9:1b:aa:3a:b0:1d:8e:10:
a1:82:30:10:ef:49:ff:39:09:1b:bb:12:0c:a6:3f:
10:06:3e:2c:7e:95:30:c6:31:05:ea:e6:c7:b1:ed:
02:a1:77:cc:dd:05:4a:f9:db:7c:7a:8e:0e:1e:99:
8a:1d:a8:ac:5d:32:59:77:36:e2:c0:09:a2:5d:16:
69:98:ae:6e:34:f5:7a:fb:76:6d:44:30:af:81:1f:
ca:43:16:07:ea:ca:95:50:0f:7d:be:27:97:eb:87:
04:cd:0a:7f:ad:34:39:f5:c1:a6:7d:aa:d5:0a:0c:
4e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:60:9F:99:9B:1E:FE:B7:F7:24:95:34:F1:5F:19:F5:98:CD:4C:5C
X509v3 Authority Key Identifier:
keyid:2C:C3:3F:BC:B8:64:08:40:20:89:4A:72:DD:08:85:05:AF:9B:B6:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BAA44/9CC00A9CC7FF11EC9BDBFE4BC4F9AE02/LMM_vLhkCEAgiUpy3QiFBa-btm0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LMM_vLhkCEAgiUpy3QiFBa-btm0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAA44/9CC00A9CC7FF11EC9BDBFE4BC4F9AE02/1054539CC80411ECBA7BB174C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.114.117.0/24
103.53.197.0-103.53.199.255
IPv6:
2402:2f80:1::/48
2402:2f80:8::/48
Signature Algorithm: sha256WithRSAEncryption
32:d2:9c:ba:77:99:15:2e:95:f6:24:e5:60:54:30:c0:39:a7:
44:53:f6:16:a5:fb:2c:1f:8f:d6:9c:96:70:79:99:f0:3b:72:
66:b7:61:b1:5e:36:13:b1:47:a2:3f:1a:b1:39:f6:82:44:c5:
36:3a:bb:75:b4:7d:98:5c:50:c6:b1:8a:9d:3c:4f:fe:5d:00:
d8:12:fa:09:dd:b0:25:d1:d6:67:08:90:a3:8f:23:9b:f6:b8:
8c:2a:31:f0:17:e6:00:44:23:44:76:b7:c2:dd:8a:38:13:0b:
25:60:d5:41:d2:74:d6:73:83:41:bb:53:06:ae:e9:d1:bc:6a:
93:7f:79:27:bf:e2:83:7e:b3:cc:3b:8d:f7:74:de:6e:b7:ff:
7a:bc:dc:92:c2:a7:68:96:f8:52:12:98:78:bc:d2:b8:0b:5a:
f5:ce:96:2b:5b:d9:43:2f:06:b2:d7:7b:1a:49:cc:42:5b:36:
7d:fe:dc:7c:2c:76:22:8c:5d:3c:3a:aa:fb:50:da:b2:94:86:
de:18:02:bf:90:62:f4:df:f4:9b:2c:c3:43:6a:e0:d4:b5:ac:
c0:91:0e:24:f7:a6:c1:7c:fc:21:fe:24:44:04:00:2e:7d:30:
30:ea:d0:bf:aa:a3:84:34:28:ba:0b:0b:05:9b:24:fa:4f:84:
e4:34:da:b3
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICAnkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkFBNDQxMTAvBgNVBAUTKDJDQzMzRkJDQjg2NDA4NDAyMDg5NEE3MkREMDg4NTA1
QUY5QkI2NkQwHhcNMjQwNTEzMDQwODE5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQxOTIzMy0zNzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4aztmsE8NH93npIQzitabirSDcChhWvvSNW9v+KVQTVv9bcStfoqsNDOEc2/
Sfexrv8x0GtJQ1NOKcaeUmqS5h3JZMFuB/Jwf4zcc2oazxCdAbIjz3Kbw6eRIoYb
COebyu3Au7fGBRMJ+/INMHekaopLp3+eJOVpg0tGaNt/y+z54YC/ZrUildSlLwOc
yRuqOrAdjhChgjAQ70n/OQkbuxIMpj8QBj4sfpUwxjEF6ubHse0CoXfM3QVK+dt8
eo4OHpmKHaisXTJZdzbiwAmiXRZpmK5uNPV6+3ZtRDCvgR/KQxYH6sqVUA99vieX
64cEzQp/rTQ59cGmfarVCgxOfQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFChgn5mb
Hv639ySVNPFfGfWYzUxcMB8GA1UdIwQYMBaAFCzDP7y4ZAhAIIlKct0IhQWvm7Zt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUE0NC85Q0MwMEE5Q0M3
RkYxMUVDOUJEQkZFNEJDNEY5QUUwMi9MTU1fdkxoa0NFQWdpVXB5M1FpRkJhLWJ0
bTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xNTV92TGhrQ0VBZ2lVcHkzUWlGQmEtYnRtMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkFBNDQvOUNDMDBBOUNDN0ZGMTFFQzlCREJGRTRCQzRGOUFFMDIvMTA1NDUzOUND
ODA0MTFFQ0JBN0JCMTc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MBoEAgABMBQDBAAtcnUwDAMEAGc1xQMEA2c1wDAYBAIAAjASAwcAJAIvgAAB
AwcAJAIvgAAIMA0GCSqGSIb3DQEBCwUAA4IBAQAy0py6d5kVLpX2JOVgVDDAOadE
U/YWpfssH4/WnJZweZnwO3Jmt2GxXjYTsUeiPxqxOfaCRMU2Ort1tH2YXFDGsYqd
PE/+XQDYEvoJ3bAl0dZnCJCjjyOb9riMKjHwF+YARCNEdrfC3Yo4EwslYNVB0nTW
c4NBu1MGrunRvGqTf3knv+KDfrPMO433dN5ut/96vNySwqdolvhSEph4vNK4C1r1
zpYrW9lDLway13saScxCWzZ9/tx8LHYijF08Oqr7UNqylIbeGAK/kGL03/SbLMND
auDUtazAkQ4k96bBfPwh/iREBAAufTAw6tC/qqOENCi6CwsFmyT6T4TkNNqz
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:11:38 2025 by rpki-client