Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E96BC/6687EF22D14D11EE9DB4180FC4F9AE02/DD3BD44A97F811EFA3214A76C4F9AE02.roa
File: DD3BD44A97F811EFA3214A76C4F9AE02.roa (raw, json)
Hash identifier: qmZEP9aC14nh+m/MAqOLG4I9jGYzcZX3SHvHLwpgPis=
Subject key identifier: EA:C7:99:59:E2:FE:89:43:4B:F8:06:85:F4:A4:8E:32:C6:98:84:A9
Certificate issuer: /CN=A91E96BC/serialNumber=ED11EB4C34804199EA77500EDDBBEEE10B7549AB
Certificate serial: 96
Authority key identifier: ED:11:EB:4C:34:80:41:99:EA:77:50:0E:DD:BB:EE:E1:0B:75:49:AB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RHrTDSAQZnqd1AO3bvu4Qt1Sas.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E96BC/6687EF22D14D11EE9DB4180FC4F9AE02/DD3BD44A97F811EFA3214A76C4F9AE02.roa
Signing time: Sun 03 Nov 2024 04:48:00 +0000
ROA not before: Sun 03 Nov 2024 04:48:00 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 141883
IP address blocks: 103.143.14.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150 (0x96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E96BC
Validity
Not Before: Nov 3 04:48:00 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67270080-b3af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:48:ad:d1:a4:f3:f4:cf:48:99:92:89:07:77:
36:76:d9:2e:9a:22:43:7a:af:07:33:46:9c:dc:a6:
e5:62:08:fd:62:40:71:74:8e:ac:47:03:fb:a0:45:
f7:77:ae:64:19:ce:90:bc:7e:d9:8c:92:7a:89:80:
4a:db:5a:02:d2:83:17:8d:b5:ac:a8:61:8b:49:23:
92:b7:6c:15:72:83:0e:2d:99:55:fd:a0:95:04:74:
e4:6a:2c:05:c4:e2:e9:2b:d4:6c:69:3f:30:27:89:
88:9b:13:c1:c7:7d:a9:dd:74:d6:18:80:ba:df:0c:
23:19:67:28:ad:f7:22:41:46:c1:d9:94:ad:40:7f:
20:81:72:ca:5f:ca:cb:01:20:8e:11:67:02:1e:62:
e1:3a:0d:f7:49:d0:7b:33:84:6a:54:e9:a7:0f:30:
fe:85:01:b0:d9:f8:cd:4c:5f:68:60:b4:ef:a1:ea:
22:f3:62:e4:6c:4d:d0:44:7d:65:2e:30:9f:36:14:
25:57:7d:04:c5:2c:09:8e:88:68:d0:1f:22:90:b3:
d9:fa:1a:47:ce:6e:d6:a6:99:8f:1b:42:d1:12:c9:
d9:6d:f0:5f:b2:8f:93:fa:51:11:e5:6d:d1:ad:42:
d2:0d:5d:cb:45:76:96:c1:22:c7:78:a2:d8:dc:70:
de:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:C7:99:59:E2:FE:89:43:4B:F8:06:85:F4:A4:8E:32:C6:98:84:A9
X509v3 Authority Key Identifier:
keyid:ED:11:EB:4C:34:80:41:99:EA:77:50:0E:DD:BB:EE:E1:0B:75:49:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E96BC/6687EF22D14D11EE9DB4180FC4F9AE02/7RHrTDSAQZnqd1AO3bvu4Qt1Sas.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RHrTDSAQZnqd1AO3bvu4Qt1Sas.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E96BC/6687EF22D14D11EE9DB4180FC4F9AE02/DD3BD44A97F811EFA3214A76C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.143.14.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:ec:ac:2e:5b:46:0e:66:25:57:bb:62:a0:c7:c7:79:af:ae:
82:b6:62:f5:1e:1c:88:0a:38:6e:ad:fd:d8:fd:f9:2f:91:10:
56:d9:a7:66:ad:56:03:a9:3e:90:1b:77:49:33:81:06:84:3e:
a1:c6:a7:6b:80:55:71:af:8a:f9:19:f7:e0:73:fb:96:b2:10:
d3:41:2e:15:5f:3e:87:57:e3:16:d6:44:19:cb:75:f4:14:94:
58:b0:6d:be:c6:0f:a7:8e:fb:ff:1c:f0:56:e7:8c:a5:3b:d7:
e3:5e:3d:84:e2:02:de:fb:57:a5:b0:5b:77:95:a7:b4:3b:28:
da:d9:da:21:1a:6b:61:44:5c:05:4a:a0:f1:03:3f:20:26:ac:
13:d4:ff:e2:19:67:de:2a:51:17:b3:33:dd:eb:7b:1b:7f:e3:
aa:9d:70:cf:92:ec:1b:42:be:ea:c7:c2:34:f3:66:4c:a6:a4:
82:22:ff:18:e5:a7:d6:77:f4:13:b5:10:db:d3:76:e5:3a:52:
ea:6c:cd:05:38:29:9a:51:0e:f8:a2:48:65:a7:1e:43:10:9a:
c4:f8:ab:ea:90:a4:f8:85:0a:fd:6f:61:c7:f6:d7:2f:81:e3:
90:f1:bb:43:cb:16:e5:fb:f9:83:e4:72:df:87:b5:b7:37:df:
cd:12:0d:ab
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAJYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTk2QkMxMTAvBgNVBAUTKEVEMTFFQjRDMzQ4MDQxOTlFQTc3NTAwRUREQkJFRUUx
MEI3NTQ5QUIwHhcNMjQxMTAzMDQ0ODAwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI3MDA4MC1iM2FmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx0it0aTz9M9ImZKJB3c2dtkumiJDeq8HM0ac3KblYgj9YkBxdI6sRwP7oEX3
d65kGc6QvH7ZjJJ6iYBK21oC0oMXjbWsqGGLSSOSt2wVcoMOLZlV/aCVBHTkaiwF
xOLpK9RsaT8wJ4mImxPBx32p3XTWGIC63wwjGWcorfciQUbB2ZStQH8ggXLKX8rL
ASCOEWcCHmLhOg33SdB7M4RqVOmnDzD+hQGw2fjNTF9oYLTvoeoi82LkbE3QRH1l
LjCfNhQlV30ExSwJjoho0B8ikLPZ+hpHzm7WppmPG0LREsnZbfBfso+T+lER5W3R
rULSDV3LRXaWwSLHeKLY3HDeSwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOrHmVni
/olDS/gGhfSkjjLGmISpMB8GA1UdIwQYMBaAFO0R60w0gEGZ6ndQDt277uELdUmr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTZCQy82Njg3RUYyMkQx
NEQxMUVFOURCNDE4MEZDNEY5QUUwMi83UkhyVERTQVFabnFkMUFPM2J2dTRRdDFT
YXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdSSHJURFNBUVpucWQxQU8zYnZ1NFF0MVNhcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTk2QkMvNjY4N0VGMjJEMTREMTFFRTlEQjQxODBGQzRGOUFFMDIvREQzQkQ0NEE5
N0Y4MTFFRkEzMjE0QTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnjw4wDQYJKoZIhvcNAQELBQADggEBAKvsrC5bRg5mJVe7
YqDHx3mvroK2YvUeHIgKOG6t/dj9+S+REFbZp2atVgOpPpAbd0kzgQaEPqHGp2uA
VXGvivkZ9+Bz+5ayENNBLhVfPodX4xbWRBnLdfQUlFiwbb7GD6eO+/8c8FbnjKU7
1+NePYTiAt77V6WwW3eVp7Q7KNrZ2iEaa2FEXAVKoPEDPyAmrBPU/+IZZ94qURez
M93rext/46qdcM+S7BtCvurHwjTzZkympIIi/xjlp9Z39BO1ENvTduU6UupszQU4
KZpRDviiSGWnHkMQmsT4q+qQpPiFCv1vYcf21y+B45Dxu0PLFuX7+YPkct+Htbc3
380SDas=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:05:27 2025 by rpki-client