Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADB98/E2DA8518492111EDABD59C53C4F9AE02/310AEC7A5B7C11EDAAFAB831C4F9AE02.roa
File: 310AEC7A5B7C11EDAAFAB831C4F9AE02.roa (raw, json)
Hash identifier: zlITfZLHsMNVlWM6CMC7I7wVdGV5/Bkdsa+Va+/z0io=
Subject key identifier: 0D:6B:95:53:CD:13:92:54:D3:9A:17:B0:C6:64:68:58:8B:5C:B4:97
Certificate issuer: /CN=A91ADB98/serialNumber=567F9AB2B2C79692685C03055AF969E60B66B800
Certificate serial: 01B3
Authority key identifier: 56:7F:9A:B2:B2:C7:96:92:68:5C:03:05:5A:F9:69:E6:0B:66:B8:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vn-asrLHlpJoXAMFWvlp5gtmuAA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ADB98/E2DA8518492111EDABD59C53C4F9AE02/310AEC7A5B7C11EDAAFAB831C4F9AE02.roa
Signing time: Tue 31 Dec 2024 02:06:09 +0000
ROA not before: Tue 31 Dec 2024 02:06:09 +0000
ROA not after: Wed 30 Apr 2025 00:00:00 +0000
asID: 45867
IP address blocks: 203.17.185.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 435 (0x1b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ADB98/serialNumber=567F9AB2B2C79692685C03055AF969E60B66B800
Validity
Not Before: Dec 31 02:06:09 2024 GMT
Not After : Apr 30 00:00:00 2025 GMT
Subject: CN=67735191-0a90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9e:32:57:23:68:1e:18:21:c9:75:b5:90:38:
93:e4:3f:77:58:d4:21:7d:11:e8:ea:dc:1e:ab:8f:
9a:2b:14:91:f4:3b:e2:6f:79:6e:f4:83:60:59:86:
c2:4d:1f:88:f6:cc:97:51:64:cc:89:fc:db:9b:88:
30:6a:dd:25:2a:2e:4f:71:79:e3:69:ad:67:9b:57:
23:94:f1:12:a3:81:4f:38:72:26:56:2b:09:12:48:
e8:77:b0:23:12:2b:57:c8:49:2a:b1:00:19:52:72:
a7:50:26:82:09:39:16:31:b2:7c:ca:da:cc:c1:4c:
16:69:cb:b9:ae:5b:2b:a1:b9:1e:dd:d3:42:cd:d3:
79:ea:8e:aa:57:54:eb:a4:8d:6e:86:62:bb:88:6c:
8d:37:a6:bd:1d:48:a0:3b:6c:61:a9:69:51:42:2c:
e8:bd:25:55:d5:3e:69:c8:8c:ff:d5:cf:10:e4:00:
53:76:0d:f2:07:25:0c:82:6c:89:11:50:03:2c:8b:
31:61:32:cc:bc:db:75:90:01:8e:4a:14:e7:1d:bd:
a5:c8:ae:47:63:a7:ea:52:f5:50:06:08:e8:de:b3:
ef:4e:20:0f:11:39:9a:75:7a:48:8e:22:f0:1d:96:
38:ec:52:ac:85:c6:77:c3:d8:bc:50:0f:8b:5b:68:
aa:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:6B:95:53:CD:13:92:54:D3:9A:17:B0:C6:64:68:58:8B:5C:B4:97
X509v3 Authority Key Identifier:
keyid:56:7F:9A:B2:B2:C7:96:92:68:5C:03:05:5A:F9:69:E6:0B:66:B8:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ADB98/E2DA8518492111EDABD59C53C4F9AE02/Vn-asrLHlpJoXAMFWvlp5gtmuAA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vn-asrLHlpJoXAMFWvlp5gtmuAA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADB98/E2DA8518492111EDABD59C53C4F9AE02/310AEC7A5B7C11EDAAFAB831C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.17.185.0/24
Signature Algorithm: sha256WithRSAEncryption
37:a1:d2:c0:a7:ed:2c:f4:87:d8:be:6f:f5:d9:c7:d6:f3:8f:
5b:04:83:14:7f:e3:46:a8:47:67:27:0c:bb:e8:b0:8d:01:0d:
78:7f:fa:ed:37:cf:ba:b9:72:81:40:e9:b3:0b:a0:10:db:01:
ee:36:8c:f0:03:97:91:f0:94:30:cf:c4:a1:3d:e1:2f:ba:98:
9c:ce:65:cd:17:97:69:23:6f:18:9a:bf:e8:1a:d5:96:f8:05:
45:bc:ee:07:35:9f:f1:10:47:a5:87:8d:91:73:00:86:9b:ab:
83:ba:39:03:3f:aa:04:97:57:57:62:fd:18:7e:6c:5a:5a:d9:
ba:df:11:52:fe:12:18:7c:e5:95:78:d1:5f:a1:31:69:4a:3c:
75:6b:5c:ff:38:a3:1d:fc:18:fb:16:49:d6:56:96:fc:a8:ba:
72:aa:8e:18:e9:df:a8:9c:8b:ff:32:bf:32:68:f7:32:00:1a:
ee:e5:05:19:69:5c:51:51:b5:c9:de:df:ea:ec:47:98:0c:0d:
f0:61:e5:41:79:c8:f5:ee:f1:3e:9c:eb:e2:db:28:9f:46:ca:
0b:c1:5a:d2:5c:d5:c2:ce:e9:00:94:38:08:aa:1c:43:d8:00:
b4:e2:ea:1d:ae:4f:36:f8:61:ce:9c:e4:e4:89:bc:30:c3:8e:
89:22:a4:06
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QURCOTgxMTAvBgNVBAUTKDU2N0Y5QUIyQjJDNzk2OTI2ODVDMDMwNTVBRjk2OUU2
MEI2NkI4MDAwHhcNMjQxMjMxMDIwNjA5WhcNMjUwNDMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzczNTE5MS0wYTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnZ4yVyNoHhghyXW1kDiT5D93WNQhfRHo6tweq4+aKxSR9Dvib3lu9INgWYbC
TR+I9syXUWTMifzbm4gwat0lKi5PcXnjaa1nm1cjlPESo4FPOHImVisJEkjod7Aj
EitXyEkqsQAZUnKnUCaCCTkWMbJ8ytrMwUwWacu5rlsrobke3dNCzdN56o6qV1Tr
pI1uhmK7iGyNN6a9HUigO2xhqWlRQizovSVV1T5pyIz/1c8Q5ABTdg3yByUMgmyJ
EVADLIsxYTLMvNt1kAGOShTnHb2lyK5HY6fqUvVQBgjo3rPvTiAPETmadXpIjiLw
HZY47FKshcZ3w9i8UA+LW2iqXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFA1rlVPN
E5JU05oXsMZkaFiLXLSXMB8GA1UdIwQYMBaAFFZ/mrKyx5aSaFwDBVr5aeYLZrgA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREI5OC9FMkRBODUxODQ5
MjExMUVEQUJENTlDNTNDNEY5QUUwMi9Wbi1hc3JMSGxwSm9YQU1GV3ZscDVndG11
QUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZuLWFzckxIbHBKb1hBTUZXdmxwNWd0bXVBQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QURCOTgvRTJEQTg1MTg0OTIxMTFFREFCRDU5QzUzQzRGOUFFMDIvMzEwQUVDN0E1
QjdDMTFFREFBRkFCODMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLEbkwDQYJKoZIhvcNAQELBQADggEBADeh0sCn7Sz0h9i+
b/XZx9bzj1sEgxR/40aoR2cnDLvosI0BDXh/+u03z7q5coFA6bMLoBDbAe42jPAD
l5HwlDDPxKE94S+6mJzOZc0Xl2kjbxiav+ga1Zb4BUW87gc1n/EQR6WHjZFzAIab
q4O6OQM/qgSXV1di/Rh+bFpa2brfEVL+Ehh85ZV40V+hMWlKPHVrXP84ox38GPsW
SdZWlvyounKqjhjp36ici/8yvzJo9zIAGu7lBRlpXFFRtcne3+rsR5gMDfBh5UF5
yPXu8T6c6+LbKJ9GygvBWtJc1cLO6QCUOAiqHEPYALTi6h2uTzb4Yc6c5OSJvDDD
jokipAY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:31:59 2025 by rpki-client