Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/5C3F2BB6932811E8BC93865BC4F9AE02.roa
File: 5C3F2BB6932811E8BC93865BC4F9AE02.roa (raw, json)
Hash identifier: EYATmfrVQplrHeXLwwsW1L6CDc1lZrLnBOvjrWbcFfM=
Subject key identifier: 92:F1:6D:13:6E:3D:3D:C0:FC:87:AD:C1:24:FD:A1:DE:36:03:45:6B
Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial: 352B
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/5C3F2BB6932811E8BC93865BC4F9AE02.roa
Signing time: Mon 16 Sep 2024 14:51:09 +0000
ROA not before: Mon 16 Sep 2024 14:51:09 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 29713
IP address blocks: 103.230.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13611 (0x352b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8C90
Validity
Not Before: Sep 16 14:51:09 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66e845dd-91dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bf:96:67:be:95:c7:5b:6f:7e:c8:ca:cc:80:
ce:77:93:c2:2f:d0:c7:9f:0f:0d:b3:de:9c:bb:70:
35:a5:2c:9f:d5:91:ec:3d:3c:1f:3d:08:2a:63:f1:
2e:b7:1c:5d:73:96:cb:a9:7d:e4:50:a9:6d:ad:99:
df:ad:cd:5f:97:9e:ab:96:a5:6d:fc:f9:a3:fb:06:
53:20:59:97:70:e9:ff:bd:89:80:f9:f5:d0:79:41:
f1:13:30:37:d1:c8:60:25:3c:15:db:a4:04:34:68:
d3:35:0d:e8:9b:e3:9a:da:ca:20:92:b7:2c:c9:5c:
c1:1f:aa:c5:f5:9d:43:e8:33:05:cf:94:fc:7f:4f:
62:53:c5:95:60:0c:bb:d0:37:6b:1c:5c:7f:dd:9f:
b1:b5:80:00:54:1a:62:2c:37:b4:32:8c:59:2f:77:
17:b2:d6:d8:c1:cb:b7:9e:e8:13:86:fb:f9:c7:bf:
d4:08:63:e9:75:80:06:b0:dd:8e:7c:b3:9b:cc:6c:
97:46:0a:18:f0:95:47:5f:ba:6b:89:71:3a:a1:52:
25:b9:76:b7:cb:d8:ee:1f:38:53:d5:f6:b2:8f:7a:
9a:bd:e4:b9:7d:86:cf:79:36:5d:ee:71:52:67:92:
90:3b:6a:e6:b3:79:8c:df:09:ab:78:56:4c:df:4d:
f9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F1:6D:13:6E:3D:3D:C0:FC:87:AD:C1:24:FD:A1:DE:36:03:45:6B
X509v3 Authority Key Identifier:
keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/5C3F2BB6932811E8BC93865BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.230.71.0/24
Signature Algorithm: sha256WithRSAEncryption
39:e8:f2:d2:1f:95:a2:23:d3:10:8e:8f:34:7d:b2:66:7a:3b:
69:8e:4b:90:00:c8:91:7d:3b:df:62:d3:5f:e1:31:d6:bc:ed:
10:1c:32:0b:0e:4d:2b:34:82:99:19:71:32:62:b7:80:d8:62:
2b:6f:5a:fd:9b:b5:5b:47:83:70:23:f2:3f:7e:e0:e0:dc:33:
41:8f:77:52:05:9b:0f:9d:75:1b:72:22:2f:25:f8:59:64:b8:
ee:99:d2:36:b6:70:92:c2:2d:2a:ef:86:4b:2a:9d:60:09:8b:
f5:54:f4:38:1f:42:d8:49:fc:c1:a5:b3:1e:3f:cc:ef:05:48:
c5:7f:37:e6:33:e5:2e:2d:ce:05:ed:3c:1c:23:0f:60:1e:e1:
29:f3:ad:01:11:b5:32:61:7e:f2:50:c5:32:6b:94:dd:ae:cf:
3a:d8:3a:9b:a5:8f:b8:5c:79:a9:57:86:6d:f8:1b:d3:64:c5:
23:27:bf:0d:85:a1:b5:da:c5:62:1a:d3:4e:ae:b2:78:30:87:
6b:97:92:00:a2:14:c0:c2:01:3a:00:ba:0c:50:6e:fd:9b:5b:
c0:72:83:ce:8d:0e:23:bb:35:40:43:7b:c5:1e:8e:cc:98:6a:
d9:e9:59:25:2f:4b:e4:80:d7:a5:40:1f:c1:e6:66:5c:e2:2a:
86:fa:03:69
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNSswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjQwOTE2MTQ1MTA5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmU4NDVkZC05MWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtr+WZ76Vx1tvfsjKzIDOd5PCL9DHnw8Ns96cu3A1pSyf1ZHsPTwfPQgqY/Eu
txxdc5bLqX3kUKltrZnfrc1fl56rlqVt/Pmj+wZTIFmXcOn/vYmA+fXQeUHxEzA3
0chgJTwV26QENGjTNQ3om+Oa2sogkrcsyVzBH6rF9Z1D6DMFz5T8f09iU8WVYAy7
0DdrHFx/3Z+xtYAAVBpiLDe0MoxZL3cXstbYwcu3nugThvv5x7/UCGPpdYAGsN2O
fLObzGyXRgoY8JVHX7priXE6oVIluXa3y9juHzhT1fayj3qaveS5fYbPeTZd7nFS
Z5KQO2rms3mM3wmreFZM3035TQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJLxbRNu
PT3A/IetwST9od42A0VrMB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvNUMzRjJCQjY5
MzI4MTFFOEJDOTM4NjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn5kcwDQYJKoZIhvcNAQELBQADggEBADno8tIflaIj0xCO
jzR9smZ6O2mOS5AAyJF9O99i01/hMda87RAcMgsOTSs0gpkZcTJit4DYYitvWv2b
tVtHg3Aj8j9+4ODcM0GPd1IFmw+ddRtyIi8l+FlkuO6Z0ja2cJLCLSrvhksqnWAJ
i/VU9DgfQthJ/MGlsx4/zO8FSMV/N+Yz5S4tzgXtPBwjD2Ae4SnzrQERtTJhfvJQ
xTJrlN2uzzrYOpulj7hcealXhm34G9NkxSMnvw2FobXaxWIa006usngwh2uXkgCi
FMDCAToAugxQbv2bW8Byg86NDiO7NUBDe8UejsyYatnpWSUvS+SA16VAH8HmZlzi
Kob6A2k=
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:28:12 2025 by rpki-client