Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA13E/54D6A50E06B511EB9372D32BC4F9AE02/298965AC06B611EBBBFD6B2CC4F9AE02.roa
File: 298965AC06B611EBBBFD6B2CC4F9AE02.roa (raw, json)
Hash identifier: 4189wGj0EPbmCiBfwKVkbJETVgwnkFWeQOcnoateYoU=
Subject key identifier: 71:8E:AA:2A:B5:52:6B:F9:AA:D6:40:D1:42:01:3B:C6:35:6A:68:D2
Certificate issuer: /CN=A91DA13E/serialNumber=DE8A8DA70E165009D140D9F624524DC4D479D5E8
Certificate serial: 0719
Authority key identifier: DE:8A:8D:A7:0E:16:50:09:D1:40:D9:F6:24:52:4D:C4:D4:79:D5:E8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3oqNpw4WUAnRQNn2JFJNxNR51eg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA13E/54D6A50E06B511EB9372D32BC4F9AE02/298965AC06B611EBBBFD6B2CC4F9AE02.roa
Signing time: Tue 02 Jul 2024 22:30:04 +0000
ROA not before: Tue 02 Jul 2024 22:30:04 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 55720
IP address blocks: 103.27.74.0/24 maxlen: 24
220.158.200.0/24 maxlen: 24
220.158.201.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1817 (0x719)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA13E
Validity
Not Before: Jul 2 22:30:04 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66847f6b-eec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:51:af:07:8a:3e:f8:cc:ea:61:8e:42:fe:5b:
be:8b:4a:28:72:30:f7:b3:df:8c:70:36:8f:85:c5:
1b:a1:d1:a1:e0:5b:b6:88:07:ae:89:e8:64:43:f2:
bb:52:24:e5:b0:26:6d:38:53:70:05:c2:a8:9b:33:
b8:ce:e9:d6:23:89:d0:dd:08:95:d2:79:39:99:32:
ab:fc:70:34:45:cb:dc:17:25:c1:36:8d:37:cf:f8:
46:25:bf:c9:ab:4c:87:b3:67:21:66:45:4f:40:0e:
ed:12:1f:61:1d:66:7c:8d:6a:5b:f8:73:aa:7c:39:
c2:75:59:4d:9a:0a:15:05:5a:78:07:41:fe:78:aa:
9d:85:ec:bc:58:2b:cf:36:95:21:cd:9b:c2:35:34:
c0:38:f7:c7:3e:9e:a8:d0:a5:75:14:01:36:70:7f:
fa:61:3f:07:3d:db:51:66:95:12:da:9b:78:10:fb:
62:7c:2a:4c:2d:f1:dd:04:75:9b:a1:7c:2e:b7:46:
13:fe:ae:c8:66:8e:b5:b4:89:b7:1f:0d:87:e4:91:
e4:6f:b4:34:c2:0e:8f:4b:f4:90:b6:c5:b8:42:83:
4e:67:6d:7e:27:24:9b:75:c5:57:5c:40:df:a9:82:
d2:58:24:ba:7d:68:ec:1f:da:76:89:39:32:c8:07:
d5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:8E:AA:2A:B5:52:6B:F9:AA:D6:40:D1:42:01:3B:C6:35:6A:68:D2
X509v3 Authority Key Identifier:
keyid:DE:8A:8D:A7:0E:16:50:09:D1:40:D9:F6:24:52:4D:C4:D4:79:D5:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA13E/54D6A50E06B511EB9372D32BC4F9AE02/3oqNpw4WUAnRQNn2JFJNxNR51eg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3oqNpw4WUAnRQNn2JFJNxNR51eg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA13E/54D6A50E06B511EB9372D32BC4F9AE02/298965AC06B611EBBBFD6B2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.27.74.0/24
220.158.200.0/23
Signature Algorithm: sha256WithRSAEncryption
05:98:7a:96:d3:8f:0c:16:a5:38:ae:89:5b:2b:05:3b:72:b7:
16:b0:f5:fa:2f:c3:d9:7c:f0:8c:3a:fe:13:24:92:86:7f:c9:
ab:34:2e:bf:fa:4b:a8:02:1f:cd:d0:d3:fc:77:69:ea:98:a5:
3f:57:19:6f:52:22:68:60:f3:ba:1d:d4:b3:75:f0:43:32:5f:
ba:b5:a7:38:91:9e:4c:56:10:bb:ea:49:a0:97:21:e7:68:1a:
98:80:f9:d0:7b:22:9b:38:a9:0d:42:00:f5:ff:76:dd:d6:0b:
7b:bb:66:65:35:04:d2:5a:2a:ba:7e:f4:4f:77:b1:0c:cb:a1:
65:bc:cd:b0:d2:f3:b2:d8:58:0d:f3:6d:62:b1:b1:67:4d:fa:
17:55:34:af:fd:e8:94:42:28:25:8e:25:0f:67:04:ad:f2:fd:
26:a4:a2:43:5d:ab:d3:9a:ac:87:36:7e:dd:24:06:35:f0:d4:
16:a3:53:bf:f1:50:89:44:40:65:77:9a:fb:8d:bd:51:ad:a1:
82:50:be:e6:ab:ee:46:94:aa:de:c5:00:9d:54:bc:da:f5:e9:
b1:7c:ef:02:75:f7:5c:33:f8:bc:00:0c:f5:e2:e0:70:bc:42:
e2:c0:f5:d0:8b:af:d9:64:97:3f:6a:a8:01:11:fc:ea:ff:99:
47:ff:9c:02
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBxkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REExM0UxMTAvBgNVBAUTKERFOEE4REE3MEUxNjUwMDlEMTQwRDlGNjI0NTI0REM0
RDQ3OUQ1RTgwHhcNMjQwNzAyMjIzMDA0WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg0N2Y2Yi1lZWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvFGvB4o++MzqYY5C/lu+i0oocjD3s9+McDaPhcUbodGh4Fu2iAeuiehkQ/K7
UiTlsCZtOFNwBcKomzO4zunWI4nQ3QiV0nk5mTKr/HA0RcvcFyXBNo03z/hGJb/J
q0yHs2chZkVPQA7tEh9hHWZ8jWpb+HOqfDnCdVlNmgoVBVp4B0H+eKqdhey8WCvP
NpUhzZvCNTTAOPfHPp6o0KV1FAE2cH/6YT8HPdtRZpUS2pt4EPtifCpMLfHdBHWb
oXwut0YT/q7IZo61tIm3Hw2H5JHkb7Q0wg6PS/SQtsW4QoNOZ21+JySbdcVXXEDf
qYLSWCS6fWjsH9p2iTkyyAfVFwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHGOqiq1
Umv5qtZA0UIBO8Y1amjSMB8GA1UdIwQYMBaAFN6KjacOFlAJ0UDZ9iRSTcTUedXo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTEzRS81NEQ2QTUwRTA2
QjUxMUVCOTM3MkQzMkJDNEY5QUUwMi8zb3FOcHc0V1VBblJRTm4ySkZKTnhOUjUx
ZWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNvcU5wdzRXVUFuUlFObjJKRkpOeE5SNTFlZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REExM0UvNTRENkE1MEUwNkI1MTFFQjkzNzJEMzJCQzRGOUFFMDIvMjk4OTY1QUMw
NkI2MTFFQkJCRkQ2QjJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnG0oDBAHcnsgwDQYJKoZIhvcNAQELBQADggEBAAWYepbT
jwwWpTiuiVsrBTtytxaw9fovw9l88Iw6/hMkkoZ/yas0Lr/6S6gCH83Q0/x3aeqY
pT9XGW9SImhg87od1LN18EMyX7q1pziRnkxWELvqSaCXIedoGpiA+dB7Ips4qQ1C
APX/dt3WC3u7ZmU1BNJaKrp+9E93sQzLoWW8zbDS87LYWA3zbWKxsWdN+hdVNK/9
6JRCKCWOJQ9nBK3y/SakokNdq9OarIc2ft0kBjXw1BajU7/xUIlEQGV3mvuNvVGt
oYJQvuar7kaUqt7FAJ1UvNr16bF87wJ191wz+LwADPXi4HC8QuLA9dCLr9lklz9q
qAER/Or/mUf/nAI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:08:09 2025 by rpki-client