Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/70CD850071DE11EFA543C55CC4F9AE02.roa
File: 70CD850071DE11EFA543C55CC4F9AE02.roa (raw, json)
Hash identifier: VTk/TnaWkWqlXiaCv1SPhWMrmq/k9L+YL6Xsj9+00fs=
Subject key identifier: 97:5F:4B:6A:C0:CB:7D:26:7A:05:A1:1F:C1:7F:1C:88:1D:7B:A3:E4
Certificate issuer: /CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Certificate serial: 0130
Authority key identifier: 09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/70CD850071DE11EFA543C55CC4F9AE02.roa
Signing time: Sat 21 Dec 2024 03:37:30 +0000
ROA not before: Sat 21 Dec 2024 03:37:30 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 13383
IP address blocks: 103.218.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 304 (0x130)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F17AA
Validity
Not Before: Dec 21 03:37:30 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=676637fa-ebd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4b:bb:ce:27:05:ae:b6:1f:95:c6:99:4a:37:
e8:c6:07:12:25:59:d9:ab:ad:17:eb:ef:19:57:cc:
bd:e4:7d:86:49:9c:2f:90:cd:53:c4:73:05:ba:d8:
ca:18:80:02:74:c5:7e:d1:eb:cd:f4:1b:84:b9:da:
4c:7c:ee:2c:2d:6d:13:bb:6c:65:ee:b2:22:29:af:
df:1a:61:f5:2f:2e:be:af:57:2e:5e:26:0c:d2:f7:
aa:d1:27:f9:05:be:5f:3b:bd:6e:be:0f:dc:d8:8c:
83:b3:4c:00:d4:d5:fa:ed:a2:83:d3:47:da:a4:c9:
19:8a:59:24:d4:5e:91:78:94:97:36:8d:36:bc:88:
d4:10:75:7e:61:6e:44:98:c2:83:18:32:97:51:bb:
57:d3:77:79:4c:59:2d:c4:c9:94:29:cd:31:c0:8e:
64:1f:d1:5d:f6:2d:17:75:40:67:c0:65:be:78:9a:
c3:e0:b0:b0:38:ff:60:73:48:fb:53:65:a9:b3:8c:
dd:4b:5b:59:e4:96:f2:1d:62:a3:94:0c:05:5d:79:
84:85:55:a1:e8:8a:f1:3d:d9:66:fc:10:13:ed:ce:
16:3d:49:f9:ec:1a:8a:46:dd:56:71:ef:bf:09:5a:
dd:06:fa:59:d8:6a:1f:ec:90:6d:ba:a4:40:7b:5b:
fe:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5F:4B:6A:C0:CB:7D:26:7A:05:A1:1F:C1:7F:1C:88:1D:7B:A3:E4
X509v3 Authority Key Identifier:
keyid:09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/CUcFHvpQQpIVdQpIvAMa2pJu9m4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/70CD850071DE11EFA543C55CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.172.0/24
Signature Algorithm: sha256WithRSAEncryption
35:de:50:67:7b:da:44:89:8c:c3:0b:e5:d0:bd:c9:de:d2:3d:
cd:e2:cd:b7:6a:b8:00:38:f5:e7:b1:e8:be:17:55:c8:43:12:
25:b6:df:6a:71:24:f8:c3:26:a7:6f:97:9e:55:12:28:93:09:
ff:96:40:a2:9f:58:cd:0d:d2:7a:01:1d:a5:da:e5:09:a4:dc:
3b:5d:74:2b:9d:d4:af:24:23:9a:ad:fd:37:2c:4c:75:14:5c:
7d:8c:60:81:6f:d8:cb:9e:4f:5d:46:5e:10:28:35:46:55:24:
9b:9f:35:ec:ef:24:3f:f8:1f:64:5a:ff:62:6c:dd:37:66:96:
07:8a:3a:c6:e0:04:48:18:b2:3a:6b:8f:81:da:af:24:23:58:
78:08:4b:98:a6:d4:45:48:e9:48:fb:c9:b8:51:17:e9:be:3e:
ce:fd:29:45:35:d5:81:a5:5a:72:52:1d:98:f2:a0:6e:67:c9:
9c:dc:6d:d1:70:5e:9c:ae:ff:65:88:5a:4a:d2:d7:5b:03:f2:
d0:d1:a6:a2:11:0f:b2:c0:9d:ae:57:72:f9:c2:5f:78:57:68:
5f:48:90:93:57:d6:73:28:98:c1:e4:04:42:6c:64:bf:27:b4:
07:32:fb:eb:41:bc:b1:3b:3c:52:c3:49:a4:04:73:1d:e9:b1:
fc:c6:aa:7d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICATAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjE3QUExMTAvBgNVBAUTKDA5NDcwNTFFRkE1MDQyOTIxNTc1MEE0OEJDMDMxQURB
OTI2RUY2NkUwHhcNMjQxMjIxMDMzNzMwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY2MzdmYS1lYmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt0u7zicFrrYflcaZSjfoxgcSJVnZq60X6+8ZV8y95H2GSZwvkM1TxHMFutjK
GIACdMV+0evN9BuEudpMfO4sLW0Tu2xl7rIiKa/fGmH1Ly6+r1cuXiYM0veq0Sf5
Bb5fO71uvg/c2IyDs0wA1NX67aKD00fapMkZilkk1F6ReJSXNo02vIjUEHV+YW5E
mMKDGDKXUbtX03d5TFktxMmUKc0xwI5kH9Fd9i0XdUBnwGW+eJrD4LCwOP9gc0j7
U2Wps4zdS1tZ5JbyHWKjlAwFXXmEhVWh6IrxPdlm/BAT7c4WPUn57BqKRt1Wce+/
CVrdBvpZ2Gof7JBtuqRAe1v+TQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJdfS2rA
y30megWhH8F/HIgde6PkMB8GA1UdIwQYMBaAFAlHBR76UEKSFXUKSLwDGtqSbvZu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTdBQS80MUYwRjk3RTUy
QjgxMUVFOEU0MzAwMERDNEY5QUUwMi9DVWNGSHZwUVFwSVZkUXBJdkFNYTJwSnU5
bTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NVY0ZIdnBRUXBJVmRRcEl2QU1hMnBKdTltNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjE3QUEvNDFGMEY5N0U1MkI4MTFFRThFNDMwMDBEQzRGOUFFMDIvNzBDRDg1MDA3
MURFMTFFRkE1NDNDNTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn2qwwDQYJKoZIhvcNAQELBQADggEBADXeUGd72kSJjMML
5dC9yd7SPc3izbdquAA49eex6L4XVchDEiW232pxJPjDJqdvl55VEiiTCf+WQKKf
WM0N0noBHaXa5Qmk3DtddCud1K8kI5qt/TcsTHUUXH2MYIFv2MueT11GXhAoNUZV
JJufNezvJD/4H2Ra/2Js3TdmlgeKOsbgBEgYsjprj4HaryQjWHgIS5im1EVI6Uj7
ybhRF+m+Ps79KUU11YGlWnJSHZjyoG5nyZzcbdFwXpyu/2WIWkrS11sD8tDRpqIR
D7LAna5XcvnCX3hXaF9IkJNX1nMomMHkBEJsZL8ntAcy++tBvLE7PFLDSaQEcx3p
sfzGqn0=
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:43:47 2025 by rpki-client