Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/BAA356B66F5611EB8862606AC4F9AE02.roa
File: BAA356B66F5611EB8862606AC4F9AE02.roa (raw, json)
Hash identifier: xDVK36Ql6TQ1zc7NoYbsV0UMtVuGuHpPe+dZDrcxUOE=
Subject key identifier: 5F:6A:0B:4B:9E:C6:7D:08:F3:6C:91:5E:C9:90:2D:98:88:CC:9B:7B
Certificate issuer: /CN=A9171AD3/serialNumber=DEA07928DE4284960D2CD5E8E7470284260B3266
Certificate serial: 07E9
Authority key identifier: DE:A0:79:28:DE:42:84:96:0D:2C:D5:E8:E7:47:02:84:26:0B:32:66
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/BAA356B66F5611EB8862606AC4F9AE02.roa
Signing time: Thu 08 Aug 2024 21:29:13 +0000
ROA not before: Thu 08 Aug 2024 21:29:13 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 137199
IP address blocks: 103.152.128.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2025 (0x7e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9171AD3/serialNumber=DEA07928DE4284960D2CD5E8E7470284260B3266
Validity
Not Before: Aug 8 21:29:13 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66b538a9-bdad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a7:ad:90:cc:44:79:e1:cc:da:0e:b9:98:3b:
c1:af:f7:7e:2a:9f:3b:7d:31:74:5d:8e:06:f9:3a:
89:ae:f2:c5:aa:e4:d4:58:3d:a2:39:cb:f3:d5:23:
eb:de:2f:a3:bf:ab:c6:20:27:20:0c:b7:b1:95:46:
56:5f:84:bb:ec:da:6f:91:36:02:e4:64:8f:3f:5d:
54:2a:4b:03:55:16:01:a8:2a:11:28:1d:69:77:8a:
04:13:a1:de:dd:0a:9c:10:1f:81:cb:ed:ab:86:bc:
34:77:6d:58:a8:df:67:4d:c3:b1:59:0d:40:e2:9d:
c8:e4:a9:a7:75:73:1f:a6:b1:66:69:1e:c4:2d:f2:
ae:32:45:af:cf:37:eb:48:bd:60:ad:0c:5b:6e:b3:
ee:2a:19:26:18:55:a6:00:8c:6d:dd:8d:0b:ca:3f:
eb:69:db:72:75:70:0c:71:b4:12:30:c9:1e:a4:e4:
cf:46:42:51:cb:83:40:5b:56:f3:15:e1:9f:c7:e1:
50:30:1c:ee:5a:9b:0a:b5:e1:ce:44:11:f2:2b:80:
03:f2:6c:d4:86:3d:8c:f3:6b:61:72:cf:10:fe:22:
03:02:4b:05:92:7e:42:eb:09:5f:cc:5a:5e:ff:08:
24:b8:f8:66:12:01:d5:3e:9b:e1:86:f3:f0:f0:eb:
30:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:6A:0B:4B:9E:C6:7D:08:F3:6C:91:5E:C9:90:2D:98:88:CC:9B:7B
X509v3 Authority Key Identifier:
keyid:DE:A0:79:28:DE:42:84:96:0D:2C:D5:E8:E7:47:02:84:26:0B:32:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/BAA356B66F5611EB8862606AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.128.0/23
Signature Algorithm: sha256WithRSAEncryption
53:ed:90:3b:62:c0:cb:6e:32:82:40:11:3a:70:72:65:ed:f9:
cb:cc:ea:b2:b3:16:3c:2a:53:15:40:ce:ff:cf:83:e5:b5:c2:
60:a6:78:ed:12:41:3a:0f:34:a4:48:f5:d0:bf:f2:64:d4:ed:
a6:f6:f9:ca:1d:75:6e:08:8f:6a:f5:8a:9a:81:c6:1c:86:0e:
ff:b3:41:8c:7a:8a:c1:03:1f:41:98:49:d9:11:d8:be:9e:11:
7c:21:c8:00:0c:ec:c1:e7:fe:62:28:c0:12:c6:bf:5d:e1:f3:
69:27:19:29:12:88:40:7c:3a:24:b8:9b:0b:b9:17:ce:cf:4e:
c6:8a:cb:89:2d:d5:26:a3:aa:f6:76:96:32:f9:4c:e9:fb:b8:
22:24:11:36:a8:b9:24:3d:1f:d6:7c:da:b9:6a:7a:d1:85:5e:
1f:7a:9e:1e:22:a9:6f:a5:dd:82:68:63:b2:6c:87:d1:bc:ac:
f4:ab:d1:dc:a1:fe:5c:9b:f4:a3:79:2b:bd:5b:e8:ef:23:17:
74:75:bd:37:9e:4e:8d:e0:71:88:a4:ee:ba:d8:f5:cf:b3:cb:
e2:3c:cd:b7:14:61:16:e5:2d:79:14:9b:51:bc:b7:fe:3e:d7:
96:22:e2:13:1c:6b:2f:12:9c:4c:28:55:92:e2:42:ac:01:87:
02:bb:79:fc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB+kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzFBRDMxMTAvBgNVBAUTKERFQTA3OTI4REU0Mjg0OTYwRDJDRDVFOEU3NDcwMjg0
MjYwQjMyNjYwHhcNMjQwODA4MjEyOTEzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI1MzhhOS1iZGFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA26etkMxEeeHM2g65mDvBr/d+Kp87fTF0XY4G+TqJrvLFquTUWD2iOcvz1SPr
3i+jv6vGICcgDLexlUZWX4S77NpvkTYC5GSPP11UKksDVRYBqCoRKB1pd4oEE6He
3QqcEB+By+2rhrw0d21YqN9nTcOxWQ1A4p3I5KmndXMfprFmaR7ELfKuMkWvzzfr
SL1grQxbbrPuKhkmGFWmAIxt3Y0Lyj/radtydXAMcbQSMMkepOTPRkJRy4NAW1bz
FeGfx+FQMBzuWpsKteHORBHyK4AD8mzUhj2M82thcs8Q/iIDAksFkn5C6wlfzFpe
/wgkuPhmEgHVPpvhhvPw8OswswIDAQABo4IClTCCApEwHQYDVR0OBBYEFF9qC0ue
xn0I82yRXsmQLZiIzJt7MB8GA1UdIwQYMBaAFN6geSjeQoSWDSzV6OdHAoQmCzJm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUFEMy8wQkM0Rjg0MEMx
QjIxMUVBODMyNzg3NjdDNEY5QUUwMi8zcUI1S041Q2hKWU5MTlhvNTBjQ2hDWUxN
bVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNxQjVLTjVDaEpZTkxOWG81MGNDaENZTE1tWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzFBRDMvMEJDNEY4NDBDMUIyMTFFQTgzMjc4NzY3QzRGOUFFMDIvQkFBMzU2QjY2
RjU2MTFFQjg4NjI2MDZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmIAwDQYJKoZIhvcNAQELBQADggEBAFPtkDtiwMtuMoJA
ETpwcmXt+cvM6rKzFjwqUxVAzv/Pg+W1wmCmeO0SQToPNKRI9dC/8mTU7ab2+cod
dW4Ij2r1ipqBxhyGDv+zQYx6isEDH0GYSdkR2L6eEXwhyAAM7MHn/mIowBLGv13h
82knGSkSiEB8OiS4mwu5F87PTsaKy4kt1SajqvZ2ljL5TOn7uCIkETaouSQ9H9Z8
2rlqetGFXh96nh4iqW+l3YJoY7Jsh9G8rPSr0dyh/lyb9KN5K71b6O8jF3R1vTee
To3gcYik7rrY9c+zy+I8zbcUYRblLXkUm1G8t/4+15Yi4hMcay8SnEwoVZLiQqwB
hwK7efw=
-----END CERTIFICATE-----
Generated at Mon Apr 28 02:40:42 2025 by rpki-client