Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3137302e302f32332d3234203d3e2039343439.roa
File: 3230332e342e3137302e302f32332d3234203d3e2039343439.roa (raw, json)
Hash identifier: Lk9hCdJAswzHgeWE7ItjrPoIlolKMdT2MGgfYWcNpKc=
Subject key identifier: 98:34:B4:27:D2:59:B9:14:5B:1C:B3:B3:B9:D0:4E:CB:85:2D:6A:D0
Certificate issuer: /CN=A911AC370000/serialNumber=B18F989967D30F2509E3D29707C5F85B5F6BDB6F
Certificate serial: 5F4C76AE90DA747CCFB6DF419EC8B8470FF7ADC2
Authority key identifier: B1:8F:98:99:67:D3:0F:25:09:E3:D2:97:07:C5:F8:5B:5F:6B:DB:6F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sY-YmWfTDyUJ49KXB8X4W19r228.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3137302e302f32332d3234203d3e2039343439.roa
Signing time: Tue 02 Apr 2024 00:21:09 +0000
ROA not before: Tue 02 Apr 2024 00:16:09 +0000
ROA not after: Tue 01 Apr 2025 00:21:09 +0000
asID: 9449
IP address blocks: 203.4.170.0/23 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:4c:76:ae:90:da:74:7c:cf:b6:df:41:9e:c8:b8:47:0f:f7:ad:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AC370000/serialNumber=B18F989967D30F2509E3D29707C5F85B5F6BDB6F
Validity
Not Before: Apr 2 00:16:09 2024 GMT
Not After : Apr 1 00:21:09 2025 GMT
Subject: CN=9834B427D259B9145B1CB3B3B9D04ECB852D6AD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d2:82:42:f6:e2:da:d8:3e:f9:ca:ba:f3:67:
18:15:9a:ef:cc:1c:af:27:8f:14:e9:65:07:46:ad:
bc:09:ae:b2:fd:31:34:e0:52:37:7a:7e:7a:16:02:
af:f4:23:c6:49:8b:f0:f6:39:be:40:a0:18:e0:bb:
c0:f8:5f:a3:4a:fa:d9:28:84:e6:e5:8f:b1:a2:63:
35:e1:43:52:5d:bb:ac:f5:03:8f:b0:cb:ee:ee:29:
e1:d7:8b:c6:bd:81:0c:bc:76:c6:e2:a8:c3:76:78:
61:e6:f9:f9:c7:2a:7e:08:96:d2:6f:d3:a3:9e:4d:
68:d4:9e:47:4a:25:48:d1:2b:ae:3d:e5:ec:d9:96:
df:90:78:40:89:b3:28:4b:16:60:d4:ce:53:5c:d7:
be:7a:a8:4c:97:01:ec:b6:2d:fe:47:d5:df:1c:aa:
a7:9e:ba:b9:8e:8f:a9:aa:ee:45:5e:6b:20:a8:7a:
78:e2:0a:50:0b:61:af:b9:b3:90:f7:d0:ec:1e:4e:
0e:18:d5:f5:49:7b:75:df:61:88:cf:83:ed:43:c2:
6f:02:e9:d0:03:c6:81:c7:d9:10:25:05:10:ac:7d:
b5:64:0e:2a:22:68:d7:7a:43:5e:0e:96:a7:0f:03:
0d:ed:4a:27:b1:bc:3a:65:39:b3:ea:81:51:8d:34:
08:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:34:B4:27:D2:59:B9:14:5B:1C:B3:B3:B9:D0:4E:CB:85:2D:6A:D0
X509v3 Authority Key Identifier:
keyid:B1:8F:98:99:67:D3:0F:25:09:E3:D2:97:07:C5:F8:5B:5F:6B:DB:6F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91905300000/3/B18F989967D30F2509E3D29707C5F85B5F6BDB6F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sY-YmWfTDyUJ49KXB8X4W19r228.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3137302e302f32332d3234203d3e2039343439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.4.170.0/23
Signature Algorithm: sha256WithRSAEncryption
27:0b:81:f4:b5:85:e6:e1:8a:e9:7b:59:16:a8:a9:ea:58:c6:
5d:a7:fa:cc:b6:21:e4:1c:34:44:fb:31:b8:95:88:4d:6f:fe:
dc:f0:e4:31:72:03:b3:6a:d8:9a:b7:f1:3a:c5:c7:7e:3f:db:
89:c9:9c:da:7a:20:3d:81:27:66:dd:68:f2:36:dd:bc:12:dd:
4a:4d:dc:21:89:14:9a:df:72:0e:dd:4c:f6:2e:e6:71:08:09:
e2:82:af:ea:d5:b9:13:3a:c8:e5:f6:d3:89:2c:a0:05:e5:87:
c9:02:17:7b:05:57:67:d5:b4:95:31:08:a3:05:b0:6c:7c:2f:
ec:b6:03:c0:f8:f9:ba:30:01:16:23:2a:af:fc:7e:31:16:a5:
e5:ce:84:ca:25:f3:bc:9d:39:59:df:7d:01:25:6a:3d:9d:67:
32:8f:8b:57:de:bc:21:42:26:7a:51:61:cb:2a:2b:d3:fc:dc:
cd:b4:df:1c:56:93:3f:46:5b:cc:36:24:c4:82:5d:3b:a8:b7:
41:02:ef:db:f9:e3:5a:90:ee:dc:e2:bc:4a:da:36:34:24:31:
4a:3e:88:d8:3d:e4:ce:4f:fe:58:51:97:c6:02:7b:90:67:f5:
55:ef:57:1a:99:73:97:97:35:d8:4d:4d:63:3e:06:d2:27:60:
e4:d0:d4:eb
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUX0x2rpDadHzPtt9Bnsi4Rw/3rcIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMUFDMzcwMDAwMTEwLwYDVQQFEyhCMThGOTg5OTY3
RDMwRjI1MDlFM0QyOTcwN0M1Rjg1QjVGNkJEQjZGMB4XDTI0MDQwMjAwMTYwOVoX
DTI1MDQwMTAwMjEwOVowMzExMC8GA1UEAxMoOTgzNEI0MjdEMjU5QjkxNDVCMUNC
M0IzQjlEMDRFQ0I4NTJENkFEMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXSgkL24trYPvnKuvNnGBWa78wcryePFOllB0atvAmusv0xNOBSN3p+ehYC
r/QjxkmL8PY5vkCgGOC7wPhfo0r62SiE5uWPsaJjNeFDUl27rPUDj7DL7u4p4deL
xr2BDLx2xuKow3Z4Yeb5+ccqfgiW0m/To55NaNSeR0olSNErrj3l7NmW35B4QImz
KEsWYNTOU1zXvnqoTJcB7LYt/kfV3xyqp566uY6PqaruRV5rIKh6eOIKUAthr7mz
kPfQ7B5ODhjV9Ul7dd9hiM+D7UPCbwLp0APGgcfZECUFEKx9tWQOKiJo13pDXg6W
pw8DDe1KJ7G8OmU5s+qBUY00CCUCAwEAAaOCAg0wggIJMB0GA1UdDgQWBBSYNLQn
0lm5FFscs7O50E7LhS1q0DAfBgNVHSMEGDAWgBSxj5iZZ9MPJQnj0pcHxfhbX2vb
bzAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MDUzMDAwMDAvMy9CMThGOTg5
OTY3RDMwRjI1MDlFM0QyOTcwN0M1Rjg1QjVGNkJEQjZGLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9zWS1ZbVdmVER5
VUo0OUtYQjhYNFcxOXIyMjguY2VyMIGHBggrBgEFBQcBCwR7MHkwdwYIKwYBBQUH
MAuGa3JzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxOTA1
MzAwMDAwLzMvMzIzMDMzMmUzNDJlMzEzNzMwMmUzMDJmMzIzMzJkMzIzNDIwM2Qz
ZTIwMzkzNDM0Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYB
BQUHAQcBAf8EEDAOMAwEAgABMAYDBAHLBKowDQYJKoZIhvcNAQELBQADggEBACcL
gfS1hebhiul7WRaoqepYxl2n+sy2IeQcNET7MbiViE1v/tzw5DFyA7Nq2Jq38TrF
x34/24nJnNp6ID2BJ2bdaPI23bwS3UpN3CGJFJrfcg7dTPYu5nEICeKCr+rVuRM6
yOX204ksoAXlh8kCF3sFV2fVtJUxCKMFsGx8L+y2A8D4+bowARYjKq/8fjEWpeXO
hMol87ydOVnffQElaj2dZzKPi1fevCFCJnpRYcsqK9P83M203xxWkz9GW8w2JMSC
XTuot0EC79v541qQ7tzivEraNjQkMUo+iNg95M5P/lhRl8YCe5Bn9VXvVxqZc5eX
NdhNTWM+BtInYOTQ1Os=
-----END CERTIFICATE-----
Generated at Mon Nov 4 09:05:01 2024 by rpki-client on console-ams.rpki-client.org