Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912E5AE/33F74DDC3DCC11EF89B5B073C4F9AE02/4654B41C3DCF11EF9418A322C4F9AE02.roa
File: 4654B41C3DCF11EF9418A322C4F9AE02.roa (raw, json)
Hash identifier: FvOQCogvi9xGBh11M1aTYlZCd0AJ8WKZK2+tYPFYqs0=
Subject key identifier: 76:70:C7:35:BD:8B:AA:CB:69:20:F9:76:15:5E:B8:7D:01:90:30:47
Certificate issuer: /CN=A912E5AE/serialNumber=89FE87C35C91A2655E711EB154B85E6F8ECE2353
Certificate serial: 35
Authority key identifier: 89:FE:87:C3:5C:91:A2:65:5E:71:1E:B1:54:B8:5E:6F:8E:CE:23:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/if6Hw1yRomVecR6xVLheb47OI1M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912E5AE/33F74DDC3DCC11EF89B5B073C4F9AE02/4654B41C3DCF11EF9418A322C4F9AE02.roa
Signing time: Wed 09 Oct 2024 06:20:38 +0000
ROA not before: Wed 09 Oct 2024 06:20:38 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 132392
IP address blocks: 103.20.18.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53 (0x35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912E5AE/serialNumber=89FE87C35C91A2655E711EB154B85E6F8ECE2353
Validity
Not Before: Oct 9 06:20:38 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=670620b6-b029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e7:84:15:c9:57:6b:a5:db:b5:95:c7:ca:59:
bb:f8:74:bb:61:25:f7:92:6e:bd:72:a2:94:af:46:
2e:a9:6d:27:2f:c4:af:91:27:72:f1:42:bd:91:02:
c9:b2:38:a7:04:90:59:65:55:7b:49:a7:b0:23:8c:
2a:c5:ea:08:ab:ea:46:1c:12:ed:cc:ea:4b:82:2d:
65:6c:2e:d6:e1:93:c2:45:f1:16:da:86:df:8a:a8:
1c:b4:f0:ed:9a:c4:87:7a:a2:4e:05:88:48:be:f7:
9b:d8:37:e9:58:90:12:0a:a8:d3:28:f7:55:0d:f9:
1f:3f:a6:96:62:11:1c:72:ee:db:13:78:51:10:7b:
a1:aa:49:a1:8c:19:ed:e1:a4:df:3f:8e:f0:56:e5:
e2:ed:0a:3e:f1:76:5e:a8:a4:85:9a:5d:d9:aa:b4:
c5:b6:c0:97:f9:8b:a7:1b:12:37:c4:fc:59:58:02:
51:09:65:c4:37:98:14:37:4b:ac:cc:41:3b:54:15:
c1:02:d8:6e:22:cf:1b:eb:5e:1c:e5:9c:fe:9e:d6:
94:3b:92:16:f8:18:7d:f8:c8:32:9c:79:b0:33:e7:
34:49:16:ea:d7:4e:63:03:67:bd:c8:cf:bc:a0:fe:
c4:7e:12:b6:63:90:11:f7:bf:17:d4:c5:6d:43:82:
a3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:70:C7:35:BD:8B:AA:CB:69:20:F9:76:15:5E:B8:7D:01:90:30:47
X509v3 Authority Key Identifier:
keyid:89:FE:87:C3:5C:91:A2:65:5E:71:1E:B1:54:B8:5E:6F:8E:CE:23:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912E5AE/33F74DDC3DCC11EF89B5B073C4F9AE02/if6Hw1yRomVecR6xVLheb47OI1M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/if6Hw1yRomVecR6xVLheb47OI1M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E5AE/33F74DDC3DCC11EF89B5B073C4F9AE02/4654B41C3DCF11EF9418A322C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.18.0/23
Signature Algorithm: sha256WithRSAEncryption
20:00:97:29:3f:db:65:03:52:82:3f:e1:17:ca:9f:cd:a0:f6:
5f:20:9f:c2:28:2a:88:a3:80:13:f1:fc:03:7d:e6:3a:fc:03:
47:c4:09:9e:be:51:a1:82:4b:b7:6a:22:69:52:5c:35:89:4b:
1d:f1:7c:1b:aa:29:ba:cf:e7:f4:6c:ae:bb:b6:63:70:37:89:
9f:47:5f:70:1c:5d:a2:ef:be:cd:5b:18:23:3c:0c:a2:39:d9:
94:8c:c7:26:92:19:13:3e:d5:57:79:d2:6c:87:a7:46:d5:08:
11:97:d6:d5:00:d2:c3:8c:93:74:70:cb:7f:9a:ac:d9:22:7c:
d9:aa:49:5a:02:9a:4d:99:4f:a6:00:be:2b:c9:07:64:61:3f:
b8:b1:84:5f:07:8f:70:a1:49:3c:7a:20:93:f8:cb:0a:af:6c:
00:d5:54:86:28:e9:9e:6e:0c:7f:1d:f2:6e:22:c4:20:fa:01:
e5:73:c1:39:1c:da:61:4c:0f:8d:97:7f:ad:2d:21:87:35:8b:
5f:6b:2c:93:28:81:38:da:c2:43:aa:05:01:0a:28:35:bb:e7:
bc:13:17:a9:89:b8:38:7a:f8:ff:fc:46:61:ca:06:b7:59:40:
20:b2:fc:eb:8e:4f:51:a8:2c:c9:82:aa:90:d6:44:7e:8d:5c:
5b:12:d6:2b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
RTVBRTExMC8GA1UEBRMoODlGRTg3QzM1QzkxQTI2NTVFNzExRUIxNTRCODVFNkY4
RUNFMjM1MzAeFw0yNDEwMDkwNjIwMzhaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MDYyMGI2LWIwMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCn54QVyVdrpdu1lcfKWbv4dLthJfeSbr1yopSvRi6pbScvxK+RJ3LxQr2RAsmy
OKcEkFllVXtJp7AjjCrF6gir6kYcEu3M6kuCLWVsLtbhk8JF8Rbaht+KqBy08O2a
xId6ok4FiEi+95vYN+lYkBIKqNMo91UN+R8/ppZiERxy7tsTeFEQe6GqSaGMGe3h
pN8/jvBW5eLtCj7xdl6opIWaXdmqtMW2wJf5i6cbEjfE/FlYAlEJZcQ3mBQ3S6zM
QTtUFcEC2G4izxvrXhzlnP6e1pQ7khb4GH34yDKcebAz5zRJFurXTmMDZ73Iz7yg
/sR+ErZjkBH3vxfUxW1DgqMdAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUdnDHNb2L
qstpIPl2FV64fQGQMEcwHwYDVR0jBBgwFoAUif6Hw1yRomVecR6xVLheb47OI1Mw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJFNUFFLzMzRjc0RERDM0RD
QzExRUY4OUI1QjA3M0M0RjlBRTAyL2lmNkh3MXlSb21WZWNSNnhWTGhlYjQ3T0kx
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaWY2SHcxeVJvbVZlY1I2eFZMaGViNDdPSTFNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
RTVBRS8zM0Y3NEREQzNEQ0MxMUVGODlCNUIwNzNDNEY5QUUwMi80NjU0QjQxQzNE
Q0YxMUVGOTQxOEEzMjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcUEjANBgkqhkiG9w0BAQsFAAOCAQEAIACXKT/bZQNSgj/h
F8qfzaD2XyCfwigqiKOAE/H8A33mOvwDR8QJnr5RoYJLt2oiaVJcNYlLHfF8G6op
us/n9Gyuu7ZjcDeJn0dfcBxdou++zVsYIzwMojnZlIzHJpIZEz7VV3nSbIenRtUI
EZfW1QDSw4yTdHDLf5qs2SJ82apJWgKaTZlPpgC+K8kHZGE/uLGEXwePcKFJPHog
k/jLCq9sANVUhijpnm4Mfx3ybiLEIPoB5XPBORzaYUwPjZd/rS0hhzWLX2sskyiB
ONrCQ6oFAQooNbvnvBMXqYm4OHr4//xGYcoGt1lAILL8645PUagsyYKqkNZEfo1c
WxLWKw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:43:22 2025 by rpki-client