Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E178D/0624B4D4201911EEB5DFB129C4F9AE02/BAE2161A201D11EE8BD7393AC4F9AE02.roa
File: BAE2161A201D11EE8BD7393AC4F9AE02.roa (raw, json)
Hash identifier: L8I7JYPfbhcuY46qRMAsvjQCSFHSx3iFXsB4N5aW8gU=
Subject key identifier: 2A:0C:FC:80:D2:0F:81:4B:80:2D:06:C9:D0:54:5A:4C:3C:E3:66:37
Certificate issuer: /CN=A91E178D/serialNumber=23448B1856AFDE7CEEBB5924FD8AD805F07E06B0
Certificate serial: 03
Authority key identifier: 23:44:8B:18:56:AF:DE:7C:EE:BB:59:24:FD:8A:D8:05:F0:7E:06:B0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I0SLGFav3nzuu1kk_YrYBfB-BrA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E178D/0624B4D4201911EEB5DFB129C4F9AE02/BAE2161A201D11EE8BD7393AC4F9AE02.roa
Signing time: Tue 11 Jul 2023 19:04:16 +0000
ROA not before: Tue 11 Jul 2023 19:04:16 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 137843
IP address blocks: 103.104.242.0/23 maxlen: 23
103.104.242.0/24 maxlen: 24
103.104.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E178D/serialNumber=23448B1856AFDE7CEEBB5924FD8AD805F07E06B0
Validity
Not Before: Jul 11 19:04:16 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=64ada7af-56a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c6:5d:70:d6:61:e4:74:82:50:c3:26:5e:6f:
f7:ed:bc:fd:aa:f6:35:9a:b4:ce:5a:2f:c2:99:00:
23:42:5f:35:b1:2b:22:2d:68:21:8b:09:d3:f7:30:
10:3c:69:d9:aa:2f:d9:da:76:2f:7d:0c:46:65:29:
21:18:b8:8d:9d:03:2c:35:34:db:72:b2:47:ca:fd:
ac:c9:8a:9b:8f:e3:a8:d4:11:61:ae:ec:1b:02:01:
00:8a:bd:2f:97:89:92:21:68:b9:24:cf:5a:2b:da:
ca:1a:2f:6d:a9:0a:6d:e8:31:e5:6c:bd:72:39:8f:
b6:3e:9c:90:8e:6c:16:e5:0c:d7:0d:7d:93:b3:04:
64:a4:c4:ab:b8:91:95:3a:a6:db:2f:fa:2d:48:64:
ea:c5:bb:a0:27:ce:89:1d:31:64:2d:47:2e:e4:80:
3d:6f:e1:bc:24:5a:4c:69:3c:14:38:d3:17:bc:29:
76:96:49:dd:46:4c:4a:b6:08:12:a7:e2:a6:59:ef:
21:50:27:60:bd:78:91:1c:cf:0d:d3:97:69:49:af:
05:28:06:f6:a9:53:61:29:24:34:95:9b:5a:14:8c:
ff:71:13:ab:55:bb:72:2b:f2:c2:f5:8d:8d:28:54:
b4:49:97:a1:fd:57:33:f2:74:d7:07:a0:d6:4d:1e:
0f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0C:FC:80:D2:0F:81:4B:80:2D:06:C9:D0:54:5A:4C:3C:E3:66:37
X509v3 Authority Key Identifier:
keyid:23:44:8B:18:56:AF:DE:7C:EE:BB:59:24:FD:8A:D8:05:F0:7E:06:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E178D/0624B4D4201911EEB5DFB129C4F9AE02/I0SLGFav3nzuu1kk_YrYBfB-BrA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I0SLGFav3nzuu1kk_YrYBfB-BrA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E178D/0624B4D4201911EEB5DFB129C4F9AE02/BAE2161A201D11EE8BD7393AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.242.0/23
Signature Algorithm: sha256WithRSAEncryption
93:f6:32:59:1f:61:8d:66:72:cf:37:ec:aa:71:92:a8:b8:4b:
6f:28:c1:69:4f:8e:e7:a5:ea:0c:66:bf:b9:a5:92:8a:e1:e7:
85:88:65:0f:6a:22:72:39:c9:7e:d7:19:fc:82:99:47:01:fb:
b8:d0:2a:90:16:4a:cb:35:d5:e3:5f:8d:fc:d7:4d:e0:91:aa:
12:89:94:e1:61:d4:6c:19:5e:93:19:75:d8:03:76:c4:32:64:
4d:ac:28:1e:2b:c9:9c:41:5a:a4:5b:f8:85:60:71:64:7d:36:
e4:12:c0:b3:d5:0e:81:a2:fa:00:d9:fc:1a:4a:a8:c4:d7:d0:
3a:c5:5e:39:bb:25:b7:a3:0f:22:b6:7b:6b:22:89:00:20:87:
74:53:97:bf:cc:08:19:e3:2e:11:5d:c9:6b:0b:0a:3a:74:28:
20:2f:19:3b:84:a8:41:2f:d4:a7:14:91:13:74:7c:fd:67:b5:
78:52:cb:4b:d6:6d:d8:7d:48:3a:63:3d:7a:d0:23:a7:37:86:
6b:9a:62:0b:b6:0b:a1:7e:af:92:b4:0f:02:99:e5:44:41:cc:
be:55:03:ca:8a:93:62:ef:95:cf:c5:af:9c:22:aa:73:48:2e:
46:21:c6:7e:f0:2f:0c:0c:5b:7d:ff:b4:51:19:c0:fc:ac:13:
ad:5b:b6:93
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MTc4RDExMC8GA1UEBRMoMjM0NDhCMTg1NkFGREU3Q0VFQkI1OTI0RkQ4QUQ4MDVG
MDdFMDZCMDAeFw0yMzA3MTExOTA0MTZaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YWRhN2FmLTU2YTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDRxl1w1mHkdIJQwyZeb/ftvP2q9jWatM5aL8KZACNCXzWxKyItaCGLCdP3MBA8
admqL9nadi99DEZlKSEYuI2dAyw1NNtyskfK/azJipuP46jUEWGu7BsCAQCKvS+X
iZIhaLkkz1or2soaL22pCm3oMeVsvXI5j7Y+nJCObBblDNcNfZOzBGSkxKu4kZU6
ptsv+i1IZOrFu6AnzokdMWQtRy7kgD1v4bwkWkxpPBQ40xe8KXaWSd1GTEq2CBKn
4qZZ7yFQJ2C9eJEczw3Tl2lJrwUoBvapU2EpJDSVm1oUjP9xE6tVu3Ir8sL1jY0o
VLRJl6H9VzPydNcHoNZNHg8jAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUKgz8gNIP
gUuALQbJ0FRaTDzjZjcwHwYDVR0jBBgwFoAUI0SLGFav3nzuu1kk/YrYBfB+BrAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUxNzhELzA2MjRCNEQ0MjAx
OTExRUVCNURGQjEyOUM0RjlBRTAyL0kwU0xHRmF2M256dXUxa2tfWXJZQmZCLUJy
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSTBTTEdGYXYzbnp1dTFra19ZcllCZkItQnJBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MTc4RC8wNjI0QjRENDIwMTkxMUVFQjVERkIxMjlDNEY5QUUwMi9CQUUyMTYxQTIw
MUQxMUVFOEJENzM5M0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdo8jANBgkqhkiG9w0BAQsFAAOCAQEAk/YyWR9hjWZyzzfs
qnGSqLhLbyjBaU+O56XqDGa/uaWSiuHnhYhlD2oicjnJftcZ/IKZRwH7uNAqkBZK
yzXV41+N/NdN4JGqEomU4WHUbBlekxl12AN2xDJkTawoHivJnEFapFv4hWBxZH02
5BLAs9UOgaL6ANn8GkqoxNfQOsVeObslt6MPIrZ7ayKJACCHdFOXv8wIGeMuEV3J
awsKOnQoIC8ZO4SoQS/UpxSRE3R8/We1eFLLS9Zt2H1IOmM9etAjpzeGa5piC7YL
oX6vkrQPApnlREHMvlUDyoqTYu+Vz8WvnCKqc0guRiHGfvAvDAxbff+0URnA/KwT
rVu2kw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org