Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91905300000/4/3230332e33302e36302e302f32342d3234203d3e2037353436.roa
File: 3230332e33302e36302e302f32342d3234203d3e2037353436.roa (raw, json)
Hash identifier: ntRsyK9fzeeS8dMxETQpCxrPaauKuo+JBiWxiZzdtGE=
Subject key identifier: 20:9D:0A:B9:94:01:47:E2:D5:6A:C7:03:1C:19:F2:C9:44:F0:E7:BE
Certificate issuer: /CN=A91E539C0000/serialNumber=B7351B05B1619E9DE395F0B2FFC9EE1129F300B4
Certificate serial: 68185BA61E46EDFA43D5E7E25E68270C68EB74EB
Authority key identifier: B7:35:1B:05:B1:61:9E:9D:E3:95:F0:B2:FF:C9:EE:11:29:F3:00:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tzUbBbFhnp3jlfCy_8nuESnzALQ.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91905300000/4/3230332e33302e36302e302f32342d3234203d3e2037353436.roa
Signing time: Sun 03 Nov 2024 05:08:53 +0000
ROA not before: Sun 03 Nov 2024 05:03:53 +0000
ROA not after: Sun 02 Nov 2025 05:08:53 +0000
asID: 7546
IP address blocks: 203.30.60.0/24 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:18:5b:a6:1e:46:ed:fa:43:d5:e7:e2:5e:68:27:0c:68:eb:74:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E539C0000/serialNumber=B7351B05B1619E9DE395F0B2FFC9EE1129F300B4
Validity
Not Before: Nov 3 05:03:53 2024 GMT
Not After : Nov 2 05:08:53 2025 GMT
Subject: CN=209D0AB9940147E2D56AC7031C19F2C944F0E7BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:de:e5:80:c2:d6:60:3e:8b:f6:f0:5e:a9:c6:
5b:6d:ee:a3:25:15:57:db:73:cf:3f:ee:5f:2e:89:
57:58:e3:08:52:49:5d:1e:59:a0:38:89:d2:44:f9:
7e:75:f1:10:3e:f4:21:35:46:84:e2:05:9f:20:ee:
90:68:a5:ee:ee:8a:72:56:52:8a:39:4d:a9:d9:06:
cd:ca:e3:c0:5c:08:51:d7:6d:4d:e2:90:0e:04:cb:
a1:a8:ed:7f:d1:33:10:1f:10:c8:36:e5:ed:ac:d5:
8f:40:55:c1:11:c4:33:ec:0d:c2:ef:3c:23:29:f4:
0b:23:33:1a:b2:54:f3:8e:30:9f:d8:9b:cc:39:e3:
6b:ae:83:b4:18:0b:00:f7:63:99:84:35:0b:54:6c:
47:41:e8:e8:f6:cd:f7:77:8a:df:04:a6:0e:00:14:
2a:77:09:51:34:cf:90:88:ee:e3:4c:55:79:11:2d:
3e:c6:8d:80:67:77:40:38:a2:0a:5a:b4:fe:9c:7a:
53:a7:ea:ee:c0:40:87:d1:cf:a0:f9:c8:79:53:33:
5d:4d:c3:db:37:06:9f:2e:f4:3f:3b:91:97:8a:0f:
76:63:aa:c4:22:ba:c9:07:cd:17:03:2b:1d:ff:07:
77:cc:e4:b1:99:64:ac:dc:30:d8:a2:ba:2b:d9:8e:
73:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:9D:0A:B9:94:01:47:E2:D5:6A:C7:03:1C:19:F2:C9:44:F0:E7:BE
X509v3 Authority Key Identifier:
keyid:B7:35:1B:05:B1:61:9E:9D:E3:95:F0:B2:FF:C9:EE:11:29:F3:00:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91905300000/4/B7351B05B1619E9DE395F0B2FFC9EE1129F300B4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tzUbBbFhnp3jlfCy_8nuESnzALQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/4/3230332e33302e36302e302f32342d3234203d3e2037353436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.30.60.0/24
Signature Algorithm: sha256WithRSAEncryption
78:1e:7e:77:0b:e5:d5:19:23:ff:5c:9c:2b:c4:12:40:74:7d:
64:40:bc:2c:3a:a8:e7:7c:ad:b3:86:f5:21:04:88:48:23:e8:
2e:b6:75:f2:bc:c2:e7:a0:0f:82:4b:0e:b4:c6:12:6d:b1:7c:
01:c5:26:c8:2c:d0:80:f0:4b:8b:d2:e1:cc:f2:e8:b7:01:5f:
14:7b:46:c2:59:a5:27:94:35:42:d1:65:56:ff:c7:cf:a5:04:
20:81:f7:a3:07:cf:75:55:0d:3f:4d:90:b7:e8:52:ff:60:93:
8f:96:b9:34:31:4f:13:51:8f:68:99:48:31:13:80:1d:e0:c2:
b1:61:16:d4:c9:b3:5e:33:0d:62:58:45:eb:76:39:4a:32:1e:
29:64:dd:08:ee:7d:3c:93:38:64:2c:8d:3a:34:b7:c6:bd:7a:
6f:f3:95:79:24:9f:31:77:db:c4:55:a0:9e:a3:2e:22:dc:22:
cc:9c:ae:38:e7:4b:e4:7c:a7:c2:01:a2:d3:c0:02:3c:d6:f6:
06:e8:6c:be:d2:93:c3:9a:d3:08:62:d7:a8:07:a3:56:61:9d:
81:02:7e:80:c9:45:ce:a4:44:0b:0d:1a:1f:dd:1d:16:22:bf:
07:50:85:00:6e:12:99:a0:e5:66:71:23:aa:c8:10:9f:09:6f:
30:7a:8f:90
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUaBhbph5G7fpD1efiXmgnDGjrdOswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRTUzOUMwMDAwMTEwLwYDVQQFEyhCNzM1MUIwNUIx
NjE5RTlERTM5NUYwQjJGRkM5RUUxMTI5RjMwMEI0MB4XDTI0MTEwMzA1MDM1M1oX
DTI1MTEwMjA1MDg1M1owMzExMC8GA1UEAxMoMjA5RDBBQjk5NDAxNDdFMkQ1NkFD
NzAzMUMxOUYyQzk0NEYwRTdCRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7e5YDC1mA+i/bwXqnGW23uoyUVV9tzzz/uXy6JV1jjCFJJXR5ZoDiJ0kT5
fnXxED70ITVGhOIFnyDukGil7u6KclZSijlNqdkGzcrjwFwIUddtTeKQDgTLoajt
f9EzEB8QyDbl7azVj0BVwRHEM+wNwu88Iyn0CyMzGrJU844wn9ibzDnja66DtBgL
APdjmYQ1C1RsR0Ho6PbN93eK3wSmDgAUKncJUTTPkIju40xVeREtPsaNgGd3QDii
Clq0/px6U6fq7sBAh9HPoPnIeVMzXU3D2zcGny70PzuRl4oPdmOqxCK6yQfNFwMr
Hf8Hd8zksZlkrNww2KK6K9mOc80CAwEAAaOCAg0wggIJMB0GA1UdDgQWBBQgnQq5
lAFH4tVqxwMcGfLJRPDnvjAfBgNVHSMEGDAWgBS3NRsFsWGeneOV8LL/ye4RKfMA
tDAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MDUzMDAwMDAvNC9CNzM1MUIw
NUIxNjE5RTlERTM5NUYwQjJGRkM5RUUxMTI5RjMwMEI0LmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi90elViQmJGaG5w
M2psZkN5XzhudUVTbnpBTFEuY2VyMIGHBggrBgEFBQcBCwR7MHkwdwYIKwYBBQUH
MAuGa3JzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxOTA1
MzAwMDAwLzQvMzIzMDMzMmUzMzMwMmUzNjMwMmUzMDJmMzIzNDJkMzIzNDIwM2Qz
ZTIwMzczNTM0MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYB
BQUHAQcBAf8EEDAOMAwEAgABMAYDBADLHjwwDQYJKoZIhvcNAQELBQADggEBAHge
fncL5dUZI/9cnCvEEkB0fWRAvCw6qOd8rbOG9SEEiEgj6C62dfK8wuegD4JLDrTG
Em2xfAHFJsgs0IDwS4vS4czy6LcBXxR7RsJZpSeUNULRZVb/x8+lBCCB96MHz3VV
DT9NkLfoUv9gk4+WuTQxTxNRj2iZSDETgB3gwrFhFtTJs14zDWJYRet2OUoyHilk
3QjufTyTOGQsjTo0t8a9em/zlXkknzF328RVoJ6jLiLcIsycrjjnS+R8p8IBotPA
AjzW9gbobL7Sk8Oa0whi16gHo1ZhnYECfoDJRc6kRAsNGh/dHRYivwdQhQBuEpmg
5WZxI6rIEJ8JbzB6j5A=
-----END CERTIFICATE-----
Generated at Mon Nov 4 10:08:01 2024 by rpki-client on console-fra.rpki-client.org