Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A9B1B/4B3864D80E0B11EDA8D12E58C4F9AE02/B4A58FE60E0F11ED89E89675C4F9AE02.roa
File: B4A58FE60E0F11ED89E89675C4F9AE02.roa (raw, json)
Hash identifier: xbGvdrnN3RARHETkrmNSzdVV6UQzyx3squYg0aDBmMc=
Subject key identifier: BE:43:49:71:1F:98:28:BC:2A:13:75:74:4E:FB:34:E1:50:7C:79:8E
Certificate issuer: /CN=A91A9B1B/serialNumber=4B4414AE685E488F42B1B647EEA01DEBB0C4F3A0
Certificate serial: 01F9
Authority key identifier: 4B:44:14:AE:68:5E:48:8F:42:B1:B6:47:EE:A0:1D:EB:B0:C4:F3:A0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S0QUrmheSI9CsbZH7qAd67DE86A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A9B1B/4B3864D80E0B11EDA8D12E58C4F9AE02/B4A58FE60E0F11ED89E89675C4F9AE02.roa
Signing time: Thu 19 Sep 2024 02:16:06 +0000
ROA not before: Thu 19 Sep 2024 02:16:06 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 16509
IP address blocks: 103.23.68.0/23 maxlen: 23
2400:9920::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 505 (0x1f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A9B1B/serialNumber=4B4414AE685E488F42B1B647EEA01DEBB0C4F3A0
Validity
Not Before: Sep 19 02:16:06 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66eb8966-d474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:95:0b:1f:9e:65:fa:22:31:04:29:ab:27:6b:
07:86:a6:19:70:af:73:03:a6:7a:3b:25:3a:34:9e:
10:b2:ac:0b:14:68:e5:c6:a1:b8:7e:2a:a8:cd:ca:
d2:be:42:86:33:d5:c9:e4:e7:3b:0d:cd:65:66:73:
bd:81:2e:d9:a4:d9:63:04:c4:20:40:b7:d0:d4:cc:
70:05:81:70:20:65:ee:34:ab:c5:e5:3f:9f:4c:82:
4c:95:22:f3:a0:6c:3b:f9:64:37:ce:ee:63:22:b7:
3e:54:5a:71:59:ee:4c:57:fa:1f:ab:c8:41:f6:b4:
94:b4:08:dd:f7:c4:08:5f:c8:92:cc:e0:3a:e7:62:
46:f4:7c:b8:e6:37:be:7e:f5:cb:a5:bd:07:61:08:
1b:5f:aa:04:0e:05:b7:82:31:91:13:54:7a:97:09:
79:28:86:b9:e1:f2:ca:26:7d:49:8b:d6:d0:83:92:
2e:ef:47:76:1b:22:04:04:cf:2b:b3:b2:dc:e5:fe:
1f:a4:d6:b0:2c:0c:bd:1f:d6:0a:1c:6f:ca:9d:e5:
1c:2c:4f:5f:c6:64:20:12:d2:2f:96:0f:cd:92:23:
86:43:53:ec:fe:3b:ad:17:6e:f7:09:95:7b:e1:bd:
34:90:23:69:0e:1c:2f:bb:ba:8a:ab:ce:ab:d5:ad:
c4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:43:49:71:1F:98:28:BC:2A:13:75:74:4E:FB:34:E1:50:7C:79:8E
X509v3 Authority Key Identifier:
keyid:4B:44:14:AE:68:5E:48:8F:42:B1:B6:47:EE:A0:1D:EB:B0:C4:F3:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A9B1B/4B3864D80E0B11EDA8D12E58C4F9AE02/S0QUrmheSI9CsbZH7qAd67DE86A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S0QUrmheSI9CsbZH7qAd67DE86A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A9B1B/4B3864D80E0B11EDA8D12E58C4F9AE02/B4A58FE60E0F11ED89E89675C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.68.0/23
IPv6:
2400:9920::/32
Signature Algorithm: sha256WithRSAEncryption
4c:02:ba:de:46:4a:84:91:f3:06:14:1e:b7:c1:95:52:bb:58:
50:cd:23:3e:10:a6:06:87:ea:49:2d:91:8a:e7:e5:44:ed:da:
86:cd:cd:c6:81:f5:3f:27:c0:03:22:5e:c3:5c:79:b0:c3:6e:
84:b1:b3:d7:22:7a:ca:f0:dc:85:b0:c1:1c:e3:4e:eb:fb:47:
1f:7d:c6:52:c6:fb:64:c2:6c:35:18:e0:fc:5b:93:7d:f2:1b:
6b:67:d1:0f:c5:d7:d7:69:77:e6:51:14:38:36:a8:e4:4c:9b:
dd:f0:e0:b9:ef:69:68:b7:40:2e:b6:f3:33:fd:69:b4:86:a6:
46:a3:b6:e5:af:bd:3e:eb:c8:95:45:47:0b:51:8f:b0:24:6d:
ef:68:9d:56:bf:b5:d7:ae:37:42:d2:19:10:3a:bd:0c:26:b4:
c8:b0:8f:87:98:c4:56:07:ae:96:0f:87:1b:cd:3d:e5:66:5e:
63:d0:f7:b6:c0:60:69:d1:40:5e:0c:8c:d7:4f:35:2b:0a:7c:
98:a2:6d:3c:fc:67:f3:e8:6d:2e:74:19:44:c7:aa:dc:f1:38:
19:e9:e8:6c:8a:07:f8:4c:bb:f1:3a:47:42:1f:6c:b0:92:ab:
4e:b8:8e:ca:b4:52:30:72:65:fb:a4:e9:e8:a4:55:fd:96:e7:
84:cf:a3:01
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAfkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTlCMUIxMTAvBgNVBAUTKDRCNDQxNEFFNjg1RTQ4OEY0MkIxQjY0N0VFQTAxREVC
QjBDNEYzQTAwHhcNMjQwOTE5MDIxNjA2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmViODk2Ni1kNDc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyZULH55l+iIxBCmrJ2sHhqYZcK9zA6Z6OyU6NJ4QsqwLFGjlxqG4fiqozcrS
vkKGM9XJ5Oc7Dc1lZnO9gS7ZpNljBMQgQLfQ1MxwBYFwIGXuNKvF5T+fTIJMlSLz
oGw7+WQ3zu5jIrc+VFpxWe5MV/ofq8hB9rSUtAjd98QIX8iSzOA652JG9Hy45je+
fvXLpb0HYQgbX6oEDgW3gjGRE1R6lwl5KIa54fLKJn1Ji9bQg5Iu70d2GyIEBM8r
s7Lc5f4fpNawLAy9H9YKHG/KneUcLE9fxmQgEtIvlg/NkiOGQ1Ps/jutF273CZV7
4b00kCNpDhwvu7qKq86r1a3EeQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFL5DSXEf
mCi8KhN1dE77NOFQfHmOMB8GA1UdIwQYMBaAFEtEFK5oXkiPQrG2R+6gHeuwxPOg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOUIxQi80QjM4NjREODBF
MEIxMUVEQThEMTJFNThDNEY5QUUwMi9TMFFVcm1oZVNJOUNzYlpIN3FBZDY3REU4
NkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1MwUVVybWhlU0k5Q3NiWkg3cUFkNjdERTg2QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTlCMUIvNEIzODY0RDgwRTBCMTFFREE4RDEyRTU4QzRGOUFFMDIvQjRBNThGRTYw
RTBGMTFFRDg5RTg5Njc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnF0QwDQQCAAIwBwMFACQAmSAwDQYJKoZIhvcNAQELBQAD
ggEBAEwCut5GSoSR8wYUHrfBlVK7WFDNIz4QpgaH6kktkYrn5UTt2obNzcaB9T8n
wAMiXsNcebDDboSxs9ciesrw3IWwwRzjTuv7Rx99xlLG+2TCbDUY4Pxbk33yG2tn
0Q/F19dpd+ZRFDg2qORMm93w4LnvaWi3QC628zP9abSGpkajtuWvvT7ryJVFRwtR
j7Akbe9onVa/tdeuN0LSGRA6vQwmtMiwj4eYxFYHrpYPhxvNPeVmXmPQ97bAYGnR
QF4MjNdPNSsKfJiibTz8Z/PobS50GUTHqtzxOBnp6GyKB/hMu/E6R0IfbLCSq064
jsq0UjByZfuk6eikVf2W54TPowE=
-----END CERTIFICATE-----
Generated at Sun Apr 27 00:46:02 2025 by rpki-client