Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCD09/2F8B8552548511E7B1D84713C4F9AE02/64A7FFE2F74811E8A07B9609C4F9AE02.roa
File: 64A7FFE2F74811E8A07B9609C4F9AE02.roa (raw, json)
Hash identifier: zSKXyhNbfFoYNCqEVuHbtopb0K0RjSYVs5+6fMK45yM=
Subject key identifier: 8A:29:74:B7:B3:6F:4D:0C:3A:E2:89:61:81:1C:8F:9D:D8:AA:E5:F6
Certificate issuer: /CN=A91DCD09/serialNumber=18F97D098E4EBD0610D54F48D5B3E1AA743A2029
Certificate serial: 19A2
Authority key identifier: 18:F9:7D:09:8E:4E:BD:06:10:D5:4F:48:D5:B3:E1:AA:74:3A:20:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GPl9CY5OvQYQ1U9I1bPhqnQ6ICk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DCD09/2F8B8552548511E7B1D84713C4F9AE02/64A7FFE2F74811E8A07B9609C4F9AE02.roa
Signing time: Tue 24 Sep 2024 16:54:16 +0000
ROA not before: Tue 24 Sep 2024 16:54:16 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 36351
IP address blocks: 103.241.84.0/24 maxlen: 24
103.241.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6562 (0x19a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DCD09
Validity
Not Before: Sep 24 16:54:16 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f2eeb7-e5ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:c5:74:9f:00:b2:2c:ff:29:4b:da:8c:4b:ca:
9b:5d:29:44:cc:8d:61:96:c3:87:6d:15:20:6e:bb:
b7:f0:11:12:2f:7e:0a:3f:81:8c:e1:06:0b:06:9a:
91:a9:ea:52:c3:c7:d3:b0:40:f4:af:86:fe:70:aa:
b5:e0:da:92:c9:39:58:44:4d:3c:b5:50:df:15:89:
ab:82:6b:b7:a4:e0:38:30:b4:7b:24:f9:27:b3:3d:
52:b8:a5:28:62:3b:da:bf:ca:e9:d1:7c:6e:80:8d:
26:45:f4:d3:5c:33:80:31:8d:49:6b:1d:b2:f8:66:
7e:3c:54:c3:72:38:33:1f:8c:c0:b6:0c:f3:f6:b5:
f8:b7:fd:f1:a4:f5:16:1b:42:83:b6:36:2f:97:de:
76:37:a4:b6:fe:0f:df:16:e0:e1:89:f9:08:3a:87:
1c:68:a8:3c:e2:9a:1a:94:0f:29:2a:b4:06:50:33:
fb:45:ab:1b:6c:ea:cf:fa:7e:fd:36:7c:ca:b9:2e:
ed:6f:fd:64:9b:0a:3f:a7:e7:d0:9b:41:5d:fb:01:
0d:8c:00:20:11:da:17:18:81:7e:17:0e:cd:de:6f:
5b:75:7f:e7:af:b8:66:10:13:93:54:dc:34:89:fb:
90:75:58:31:00:4f:a9:ee:55:00:2c:75:32:0e:97:
3c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:29:74:B7:B3:6F:4D:0C:3A:E2:89:61:81:1C:8F:9D:D8:AA:E5:F6
X509v3 Authority Key Identifier:
keyid:18:F9:7D:09:8E:4E:BD:06:10:D5:4F:48:D5:B3:E1:AA:74:3A:20:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DCD09/2F8B8552548511E7B1D84713C4F9AE02/GPl9CY5OvQYQ1U9I1bPhqnQ6ICk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GPl9CY5OvQYQ1U9I1bPhqnQ6ICk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCD09/2F8B8552548511E7B1D84713C4F9AE02/64A7FFE2F74811E8A07B9609C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.241.84.0/24
103.241.87.0/24
Signature Algorithm: sha256WithRSAEncryption
39:3b:9a:ed:63:cd:1b:d2:0b:79:ff:1f:77:30:20:94:ea:6a:
ad:f6:90:91:69:03:8a:4c:20:a1:f3:7c:43:75:51:ad:74:55:
47:82:ea:1d:75:7d:f9:66:81:43:1d:21:93:b1:65:6c:40:13:
80:1c:79:41:1b:b0:c9:f8:0a:c9:04:34:1a:bd:17:46:69:30:
83:0d:8c:0a:b7:e8:b2:cd:25:6f:50:25:8a:04:88:33:a7:56:
73:5c:fe:cd:fd:59:0b:3c:00:d9:3a:b1:22:90:b4:1b:d6:2a:
83:8f:bb:41:c5:c9:08:e7:ad:df:19:1d:bb:37:3c:4c:c2:c4:
c7:fc:24:59:17:58:a6:dd:28:aa:d4:36:f1:2c:f9:70:ba:75:
e4:87:d5:d0:b9:e1:48:93:54:36:ac:2b:d1:64:20:70:4b:5f:
94:48:c2:60:c8:9e:5c:61:2d:19:7d:9a:91:3b:cc:f2:3c:bc:
3c:b7:ad:a7:75:78:9c:52:c8:98:54:22:8a:cd:cf:7b:f3:08:
59:2d:b5:00:14:bd:dc:58:df:13:84:2c:fc:df:00:b3:08:f1:
1c:c4:cb:c6:49:63:0f:95:23:6d:de:bc:f6:d6:8e:9a:0e:26:
59:80:4a:97:44:0d:a5:9d:44:09:86:d1:ce:aa:2d:d5:5b:08:
5f:55:54:dd
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICGaIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RENEMDkxMTAvBgNVBAUTKDE4Rjk3RDA5OEU0RUJEMDYxMEQ1NEY0OEQ1QjNFMUFB
NzQzQTIwMjkwHhcNMjQwOTI0MTY1NDE2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYyZWViNy1lNWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+MV0nwCyLP8pS9qMS8qbXSlEzI1hlsOHbRUgbru38BESL34KP4GM4QYLBpqR
qepSw8fTsED0r4b+cKq14NqSyTlYRE08tVDfFYmrgmu3pOA4MLR7JPknsz1SuKUo
Yjvav8rp0XxugI0mRfTTXDOAMY1Jax2y+GZ+PFTDcjgzH4zAtgzz9rX4t/3xpPUW
G0KDtjYvl952N6S2/g/fFuDhifkIOoccaKg84poalA8pKrQGUDP7RasbbOrP+n79
NnzKuS7tb/1kmwo/p+fQm0Fd+wENjAAgEdoXGIF+Fw7N3m9bdX/nr7hmEBOTVNw0
ifuQdVgxAE+p7lUALHUyDpc8gwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIopdLez
b00MOuKJYYEcj53YquX2MB8GA1UdIwQYMBaAFBj5fQmOTr0GENVPSNWz4ap0OiAp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0QwOS8yRjhCODU1MjU0
ODUxMUU3QjFEODQ3MTNDNEY5QUUwMi9HUGw5Q1k1T3ZRWVExVTlJMWJQaHFuUTZJ
Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dQbDlDWTVPdlFZUTFVOUkxYlBocW5RNklDay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RENEMDkvMkY4Qjg1NTI1NDg1MTFFN0IxRDg0NzEzQzRGOUFFMDIvNjRBN0ZGRTJG
NzQ4MTFFOEEwN0I5NjA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABn8VQDBABn8VcwDQYJKoZIhvcNAQELBQADggEBADk7mu1j
zRvSC3n/H3cwIJTqaq32kJFpA4pMIKHzfEN1Ua10VUeC6h11fflmgUMdIZOxZWxA
E4AceUEbsMn4CskENBq9F0ZpMIMNjAq36LLNJW9QJYoEiDOnVnNc/s39WQs8ANk6
sSKQtBvWKoOPu0HFyQjnrd8ZHbs3PEzCxMf8JFkXWKbdKKrUNvEs+XC6deSH1dC5
4UiTVDasK9FkIHBLX5RIwmDInlxhLRl9mpE7zPI8vDy3rad1eJxSyJhUIorNz3vz
CFkttQAUvdxY3xOELPzfALMI8RzEy8ZJYw+VI23evPbWjpoOJlmASpdEDaWdRAmG
0c6qLdVbCF9VVN0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:37:34 2025 by rpki-client