Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136382e302f32342d3234203d3e2039343439.roa
File: 3230332e342e3136382e302f32342d3234203d3e2039343439.roa (raw, json)
Hash identifier: 08Ei1JUfSuJSJ0cXQ4eivis521j4ewCa7m7zZIghJk0=
Subject key identifier: D9:53:27:66:45:FE:FF:C3:52:5C:4F:06:E2:DC:8C:8D:26:1A:00:66
Certificate issuer: /CN=A911AC370000/serialNumber=B18F989967D30F2509E3D29707C5F85B5F6BDB6F
Certificate serial: 46F1CFF4A396E2E92C78C88AE51C00890726BF3D
Authority key identifier: B1:8F:98:99:67:D3:0F:25:09:E3:D2:97:07:C5:F8:5B:5F:6B:DB:6F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sY-YmWfTDyUJ49KXB8X4W19r228.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136382e302f32342d3234203d3e2039343439.roa
Signing time: Mon 12 Feb 2024 23:49:17 +0000
ROA not before: Mon 12 Feb 2024 23:44:17 +0000
ROA not after: Mon 10 Feb 2025 23:49:17 +0000
asID: 9449
IP address blocks: 203.4.168.0/24 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:f1:cf:f4:a3:96:e2:e9:2c:78:c8:8a:e5:1c:00:89:07:26:bf:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AC370000/serialNumber=B18F989967D30F2509E3D29707C5F85B5F6BDB6F
Validity
Not Before: Feb 12 23:44:17 2024 GMT
Not After : Feb 10 23:49:17 2025 GMT
Subject: CN=D953276645FEFFC3525C4F06E2DC8C8D261A0066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d2:90:37:31:19:1c:da:1b:96:23:c2:ec:75:
8b:8d:b5:27:e4:47:d5:50:49:0f:43:da:71:12:9c:
56:f0:51:c1:e6:8b:7f:c0:e0:ce:c8:08:13:68:85:
4b:50:89:e7:0a:ac:a8:0f:a9:67:52:ff:3d:c6:22:
8e:5a:6a:52:17:9f:71:d6:08:90:a8:31:09:15:a5:
5c:2e:e8:ff:94:85:28:fc:76:df:4e:ed:85:0c:89:
80:c3:3b:5e:f2:e5:9c:da:74:1a:c0:9a:fa:ef:44:
ee:8d:2c:4c:4c:0f:38:b6:53:2c:98:9e:2f:78:2c:
c9:8a:d6:13:74:c5:7c:12:78:02:3f:18:5f:f6:76:
e3:4d:cb:7f:c8:e5:0c:27:52:c1:46:2c:6b:c2:3a:
ea:c5:3c:f6:1e:46:eb:c0:c3:e2:7e:84:cc:24:e8:
2f:1f:52:ac:f6:46:4e:64:5e:8c:9b:ea:ea:a1:67:
2b:05:d3:7c:ee:e2:97:26:21:21:f1:38:b1:6c:76:
94:bc:27:30:99:ab:f9:2b:c3:d4:ae:e4:74:d0:26:
db:28:0a:20:4f:7a:d7:64:a2:74:93:5b:d5:e2:cf:
e6:f8:a0:25:a1:57:de:83:b6:5f:91:55:3a:c6:e8:
09:7b:5f:42:1a:35:af:51:58:c7:7c:d2:30:3c:6b:
bd:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:53:27:66:45:FE:FF:C3:52:5C:4F:06:E2:DC:8C:8D:26:1A:00:66
X509v3 Authority Key Identifier:
keyid:B1:8F:98:99:67:D3:0F:25:09:E3:D2:97:07:C5:F8:5B:5F:6B:DB:6F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91905300000/3/B18F989967D30F2509E3D29707C5F85B5F6BDB6F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sY-YmWfTDyUJ49KXB8X4W19r228.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136382e302f32342d3234203d3e2039343439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.4.168.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:19:5d:19:3a:4d:49:4c:26:e3:16:e5:b6:e7:e3:a1:a3:16:
46:68:e5:20:7e:87:60:a4:ee:eb:29:41:eb:c0:e4:47:59:af:
f2:7b:36:5b:ad:70:ea:c1:a9:cb:cd:12:65:2b:9e:1d:0b:5d:
b6:8f:2b:64:a1:12:c4:46:cd:d4:38:5a:5f:09:ea:a3:91:0b:
f2:a4:a2:a0:80:1e:4e:8a:d6:d6:08:9a:27:a2:d9:99:57:1c:
4d:a4:c9:14:c6:0e:bb:ac:ac:a2:aa:b9:35:07:99:00:9d:b4:
bd:4d:a7:7d:7f:d8:ff:7d:44:a4:76:4b:ac:12:d5:a9:d1:6a:
c6:2f:0b:3b:b9:b3:cf:4b:19:73:73:0f:32:42:f9:1f:3e:df:
1c:3c:7d:6c:91:9f:45:31:be:4d:a6:f4:5a:6f:dc:d1:4a:df:
79:c6:67:ce:75:bb:98:23:78:77:70:24:bf:0d:37:c5:ff:0e:
df:6a:d9:3e:a3:3e:42:50:72:ea:3e:c5:b9:a9:f5:9e:d7:c5:
29:3b:b8:21:19:31:2a:e9:5a:eb:8a:d0:62:d6:28:86:30:82:
80:4a:9c:f6:38:71:d2:c5:44:c7:b6:a4:98:a0:72:e6:2a:22:
b3:25:61:da:a0:ab:af:ab:66:25:ae:77:c7:2d:17:58:8b:9c:
d0:b5:e5:af
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIURvHP9KOW4ukseMiK5RwAiQcmvz0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMUFDMzcwMDAwMTEwLwYDVQQFEyhCMThGOTg5OTY3
RDMwRjI1MDlFM0QyOTcwN0M1Rjg1QjVGNkJEQjZGMB4XDTI0MDIxMjIzNDQxN1oX
DTI1MDIxMDIzNDkxN1owMzExMC8GA1UEAxMoRDk1MzI3NjY0NUZFRkZDMzUyNUM0
RjA2RTJEQzhDOEQyNjFBMDA2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnSkDcxGRzaG5Yjwux1i421J+RH1VBJD0PacRKcVvBRweaLf8DgzsgIE2iF
S1CJ5wqsqA+pZ1L/PcYijlpqUhefcdYIkKgxCRWlXC7o/5SFKPx2307thQyJgMM7
XvLlnNp0GsCa+u9E7o0sTEwPOLZTLJieL3gsyYrWE3TFfBJ4Aj8YX/Z2403Lf8jl
DCdSwUYsa8I66sU89h5G68DD4n6EzCToLx9SrPZGTmRejJvq6qFnKwXTfO7ilyYh
IfE4sWx2lLwnMJmr+SvD1K7kdNAm2ygKIE9612SidJNb1eLP5vigJaFX3oO2X5FV
OsboCXtfQho1r1FYx3zSMDxrvQ0CAwEAAaOCAg0wggIJMB0GA1UdDgQWBBTZUydm
Rf7/w1JcTwbi3IyNJhoAZjAfBgNVHSMEGDAWgBSxj5iZZ9MPJQnj0pcHxfhbX2vb
bzAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MDUzMDAwMDAvMy9CMThGOTg5
OTY3RDMwRjI1MDlFM0QyOTcwN0M1Rjg1QjVGNkJEQjZGLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9zWS1ZbVdmVER5
VUo0OUtYQjhYNFcxOXIyMjguY2VyMIGHBggrBgEFBQcBCwR7MHkwdwYIKwYBBQUH
MAuGa3JzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxOTA1
MzAwMDAwLzMvMzIzMDMzMmUzNDJlMzEzNjM4MmUzMDJmMzIzNDJkMzIzNDIwM2Qz
ZTIwMzkzNDM0Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYB
BQUHAQcBAf8EEDAOMAwEAgABMAYDBADLBKgwDQYJKoZIhvcNAQELBQADggEBAKcZ
XRk6TUlMJuMW5bbn46GjFkZo5SB+h2Ck7uspQevA5EdZr/J7NlutcOrBqcvNEmUr
nh0LXbaPK2ShEsRGzdQ4Wl8J6qORC/KkoqCAHk6K1tYImiei2ZlXHE2kyRTGDrus
rKKquTUHmQCdtL1Np31/2P99RKR2S6wS1anRasYvCzu5s89LGXNzDzJC+R8+3xw8
fWyRn0Uxvk2m9Fpv3NFK33nGZ851u5gjeHdwJL8NN8X/Dt9q2T6jPkJQcuo+xbmp
9Z7XxSk7uCEZMSrpWuuK0GLWKIYwgoBKnPY4cdLFRMe2pJigcuYqIrMlYdqgq6+r
ZiWud8ctF1iLnNC15a8=
-----END CERTIFICATE-----
Generated at Mon Nov 4 08:26:38 2024 by rpki-client on console-fra.rpki-client.org