Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136382e302f32322d3234203d3e203337393930.roa
File: 3230332e342e3136382e302f32322d3234203d3e203337393930.roa (raw, json)
Hash identifier: N3iTJv3WnvD3QF81QmjBg5lz2sZgZ1+u7Ys1HcgsSCE=
Subject key identifier: F8:30:65:8B:51:D0:EE:D2:85:A1:7B:79:9C:9B:00:FD:C6:A6:69:AF
Certificate issuer: /CN=A911AC370000/serialNumber=B18F989967D30F2509E3D29707C5F85B5F6BDB6F
Certificate serial: 18CB87119C63714BAD1B6C219451A727FEB2DFA3
Authority key identifier: B1:8F:98:99:67:D3:0F:25:09:E3:D2:97:07:C5:F8:5B:5F:6B:DB:6F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sY-YmWfTDyUJ49KXB8X4W19r228.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136382e302f32322d3234203d3e203337393930.roa
Signing time: Sun 03 Nov 2024 05:08:55 +0000
ROA not before: Sun 03 Nov 2024 05:03:55 +0000
ROA not after: Sun 02 Nov 2025 05:08:55 +0000
asID: 37990
IP address blocks: 203.4.168.0/22 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:cb:87:11:9c:63:71:4b:ad:1b:6c:21:94:51:a7:27:fe:b2:df:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AC370000/serialNumber=B18F989967D30F2509E3D29707C5F85B5F6BDB6F
Validity
Not Before: Nov 3 05:03:55 2024 GMT
Not After : Nov 2 05:08:55 2025 GMT
Subject: CN=F830658B51D0EED285A17B799C9B00FDC6A669AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9b:5c:85:5f:bb:0d:bf:e7:25:21:56:4c:65:
a0:47:60:90:29:ba:15:80:31:77:5a:b0:c3:65:3a:
0c:61:32:57:61:bc:27:a2:70:86:1e:a0:f3:d8:c3:
d7:b4:9f:8e:90:fe:91:91:70:fe:8c:b6:5a:b3:06:
55:b9:0c:34:22:d6:2b:9e:35:26:23:7d:c0:e0:be:
95:46:63:21:00:90:8d:c7:58:de:25:a8:a9:93:27:
ea:b1:18:df:e0:8d:a5:54:a8:82:92:88:26:07:ba:
1d:e7:18:e0:17:32:66:07:6a:3f:95:96:30:71:6f:
8e:d5:fd:0f:10:a8:4c:5b:2e:d3:c0:61:de:d5:cb:
3f:b0:69:33:88:2c:48:eb:4c:f8:b2:0d:8a:7e:92:
36:4d:f9:c5:d9:5b:f4:24:20:e0:b7:8f:f6:0c:a3:
91:bb:e0:89:87:6c:13:c2:c9:fe:9a:3e:e4:98:3c:
04:29:32:fb:8a:06:ca:df:19:84:c6:c9:4d:2d:fc:
80:c3:0c:63:36:b6:2c:6f:9f:01:53:10:24:1e:ad:
11:aa:58:c9:ba:50:fa:e1:21:3d:49:55:ee:4f:61:
79:76:7f:80:ed:52:b5:77:79:89:55:b2:e9:c0:2d:
70:eb:2a:34:69:71:2c:66:96:b8:10:8f:f1:34:8e:
6d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:30:65:8B:51:D0:EE:D2:85:A1:7B:79:9C:9B:00:FD:C6:A6:69:AF
X509v3 Authority Key Identifier:
keyid:B1:8F:98:99:67:D3:0F:25:09:E3:D2:97:07:C5:F8:5B:5F:6B:DB:6F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91905300000/3/B18F989967D30F2509E3D29707C5F85B5F6BDB6F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sY-YmWfTDyUJ49KXB8X4W19r228.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136382e302f32322d3234203d3e203337393930.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.4.168.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:f0:72:56:0c:c2:4d:46:c3:91:f3:33:3e:25:12:97:de:32:
09:a8:39:ea:c4:29:5b:c3:8d:d1:af:91:f0:0d:a8:ae:55:2c:
0c:af:7c:08:52:23:f3:fe:53:d9:a8:d5:f9:0e:cf:be:81:2e:
78:71:8e:f8:92:30:2f:17:91:a8:c3:73:18:07:88:9b:96:cd:
c2:5b:96:a5:44:da:0e:ae:36:08:71:02:38:9f:31:38:7f:8b:
82:e7:83:d0:3a:01:17:87:e5:04:be:87:19:51:0f:70:60:96:
bc:29:71:cb:f4:df:6a:2c:be:ca:b7:60:b1:88:29:e0:e8:ae:
f0:45:4a:4e:c1:63:69:be:e9:6f:66:72:d6:d2:7a:bf:19:37:
1b:e7:09:88:36:a3:31:0e:6d:48:07:27:cc:f7:29:36:f3:62:
21:fd:32:98:6c:f3:6f:fc:23:44:4b:b6:4b:f0:37:bb:a5:6c:
ca:ff:0c:ea:b9:16:93:0f:e1:a3:f5:0d:85:ff:53:67:05:06:
72:a6:f5:13:1a:2e:c1:0f:f5:09:b2:97:ad:8b:fe:be:3a:fe:
4e:4d:a9:7f:50:c7:af:74:7c:f7:fd:33:32:22:c0:e8:49:82:
d4:11:b2:d0:64:63:0d:e8:74:33:dd:8b:b1:95:e8:5d:ae:27:
5b:05:03:23
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUGMuHEZxjcUutG2whlFGnJ/6y36MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMUFDMzcwMDAwMTEwLwYDVQQFEyhCMThGOTg5OTY3
RDMwRjI1MDlFM0QyOTcwN0M1Rjg1QjVGNkJEQjZGMB4XDTI0MTEwMzA1MDM1NVoX
DTI1MTEwMjA1MDg1NVowMzExMC8GA1UEAxMoRjgzMDY1OEI1MUQwRUVEMjg1QTE3
Qjc5OUM5QjAwRkRDNkE2NjlBRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIybXIVfuw2/5yUhVkxloEdgkCm6FYAxd1qww2U6DGEyV2G8J6Jwhh6g89jD
17SfjpD+kZFw/oy2WrMGVbkMNCLWK541JiN9wOC+lUZjIQCQjcdY3iWoqZMn6rEY
3+CNpVSogpKIJge6HecY4BcyZgdqP5WWMHFvjtX9DxCoTFsu08Bh3tXLP7BpM4gs
SOtM+LINin6SNk35xdlb9CQg4LeP9gyjkbvgiYdsE8LJ/po+5Jg8BCky+4oGyt8Z
hMbJTS38gMMMYza2LG+fAVMQJB6tEapYybpQ+uEhPUlV7k9heXZ/gO1StXd5iVWy
6cAtcOsqNGlxLGaWuBCP8TSObaUCAwEAAaOCAg8wggILMB0GA1UdDgQWBBT4MGWL
UdDu0oWhe3mcmwD9xqZprzAfBgNVHSMEGDAWgBSxj5iZZ9MPJQnj0pcHxfhbX2vb
bzAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MDUzMDAwMDAvMy9CMThGOTg5
OTY3RDMwRjI1MDlFM0QyOTcwN0M1Rjg1QjVGNkJEQjZGLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9zWS1ZbVdmVER5
VUo0OUtYQjhYNFcxOXIyMjguY2VyMIGJBggrBgEFBQcBCwR9MHsweQYIKwYBBQUH
MAuGbXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxOTA1
MzAwMDAwLzMvMzIzMDMzMmUzNDJlMzEzNjM4MmUzMDJmMzIzMjJkMzIzNDIwM2Qz
ZTIwMzMzNzM5MzkzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAssEqDANBgkqhkiG9w0BAQsFAAOCAQEA
T/ByVgzCTUbDkfMzPiUSl94yCag56sQpW8ON0a+R8A2orlUsDK98CFIj8/5T2ajV
+Q7PvoEueHGO+JIwLxeRqMNzGAeIm5bNwluWpUTaDq42CHECOJ8xOH+LgueD0DoB
F4flBL6HGVEPcGCWvClxy/Tfaiy+yrdgsYgp4Oiu8EVKTsFjab7pb2Zy1tJ6vxk3
G+cJiDajMQ5tSAcnzPcpNvNiIf0ymGzzb/wjREu2S/A3u6Vsyv8M6rkWkw/ho/UN
hf9TZwUGcqb1ExouwQ/1CbKXrYv+vjr+Tk2pf1DHr3R89/0zMiLA6EmC1BGy0GRj
Deh0M92LsZXoXa4nWwUDIw==
-----END CERTIFICATE-----
Generated at Mon Nov 4 08:26:38 2024 by rpki-client on console-fra.rpki-client.org