Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6172/BA54C134722B11ED97D73C5AC4F9AE02/08A71970723811EDB0BD0312C4F9AE02.roa
File: 08A71970723811EDB0BD0312C4F9AE02.roa (raw, json)
Hash identifier: Tjdi12mwJxE8vytdEEm6LYs9NXU4cX9jhBUfI2VO1fQ=
Subject key identifier: 8A:11:47:22:C2:95:E8:AD:61:33:B8:71:26:AA:C1:97:07:49:2F:6A
Certificate issuer: /CN=A91B6172/serialNumber=21B2EA742FF0EF9EBCCEF3998790E3F5B08D6B63
Certificate serial: 0161
Authority key identifier: 21:B2:EA:74:2F:F0:EF:9E:BC:CE:F3:99:87:90:E3:F5:B0:8D:6B:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IbLqdC_w7568zvOZh5Dj9bCNa2M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6172/BA54C134722B11ED97D73C5AC4F9AE02/08A71970723811EDB0BD0312C4F9AE02.roa
Signing time: Fri 27 Sep 2024 02:57:03 +0000
ROA not before: Fri 27 Sep 2024 02:57:03 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 4826
IP address blocks: 203.23.97.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 353 (0x161)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6172/serialNumber=21B2EA742FF0EF9EBCCEF3998790E3F5B08D6B63
Validity
Not Before: Sep 27 02:57:03 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f61efe-fc00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:61:98:86:14:f0:88:9e:3f:7e:97:1b:c0:1c:
b9:6b:5d:58:59:8d:9d:8b:3f:17:0d:57:9c:76:02:
0e:4f:2a:cc:3c:9e:23:1c:44:47:4f:6b:2f:bc:a5:
5b:78:72:cd:5f:87:53:ec:53:5d:9b:88:49:cf:32:
c8:ba:c9:11:f5:48:6f:07:c8:19:17:f8:c9:5b:2e:
f2:c5:11:70:05:3a:c4:13:b9:cd:66:d4:9f:b3:a8:
2f:69:7c:b5:a7:d0:e5:e9:ac:70:47:28:06:75:fd:
b6:2c:da:66:a5:68:b2:43:5a:7d:99:52:28:e8:1a:
b4:b3:0a:ff:4c:57:93:6c:9b:02:80:ea:6e:54:2c:
83:2e:cc:f1:bc:de:3b:9c:07:7d:31:b2:c4:a6:61:
33:a7:e4:88:ca:4c:51:39:0d:b6:77:1e:13:a4:23:
1b:f0:ae:9f:97:63:00:31:a1:09:d5:00:62:82:17:
75:86:c3:6e:51:8a:70:64:a6:87:58:32:aa:68:59:
ff:de:ab:49:4e:4b:d6:54:0c:cc:5b:91:95:bf:54:
28:78:fa:b2:e6:99:17:03:b2:e9:c7:84:35:b7:8e:
0c:69:39:02:af:3d:47:be:f5:3d:9b:8f:b4:4b:88:
af:b1:af:d8:63:b6:dd:72:7b:e4:be:76:c8:9a:3b:
99:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:11:47:22:C2:95:E8:AD:61:33:B8:71:26:AA:C1:97:07:49:2F:6A
X509v3 Authority Key Identifier:
keyid:21:B2:EA:74:2F:F0:EF:9E:BC:CE:F3:99:87:90:E3:F5:B0:8D:6B:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6172/BA54C134722B11ED97D73C5AC4F9AE02/IbLqdC_w7568zvOZh5Dj9bCNa2M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IbLqdC_w7568zvOZh5Dj9bCNa2M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6172/BA54C134722B11ED97D73C5AC4F9AE02/08A71970723811EDB0BD0312C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.23.97.0/24
Signature Algorithm: sha256WithRSAEncryption
19:c0:1b:76:8a:62:fc:b6:5a:fc:44:ff:cd:0d:7b:7b:a4:ea:
c8:ae:16:f8:09:01:51:01:09:e9:5e:34:eb:0b:ac:10:2f:03:
38:2b:ce:ee:a8:6e:f8:00:b1:ab:4d:70:af:93:91:90:8a:23:
ef:ee:01:4f:95:e5:2d:2c:aa:42:9a:18:af:d1:36:a4:ea:15:
3b:bb:40:fc:2d:46:a4:54:ff:cf:98:cc:d4:55:e8:1d:08:7c:
79:83:fb:c5:a8:3f:d9:d2:25:cd:5d:c2:31:65:23:4e:4e:d0:
5c:f7:5d:a7:85:e9:c0:4d:68:92:8f:a2:20:c7:36:2f:77:ab:
b7:86:a9:1a:53:ba:e0:d4:ad:0d:0f:c7:be:b8:73:b0:ba:ca:
e2:66:1e:13:cf:3b:6c:32:8a:08:8d:f8:f2:64:8a:01:69:b0:
cd:a3:8d:ea:aa:52:59:b2:68:19:77:eb:5e:d8:f6:32:8e:78:
4f:74:00:5a:68:99:43:81:56:fa:ea:c9:a1:a6:5f:a6:36:14:
00:b5:2e:fc:21:77:8a:0f:d5:f7:4c:da:50:3c:13:57:a1:46:
e4:ee:b1:d4:7d:d2:b1:e4:4b:6e:0b:59:c0:33:6f:88:79:41:
65:6b:e1:32:fc:ba:03:ad:31:a3:fb:4f:dd:81:58:93:79:23:
f2:15:1f:13
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAWEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjYxNzIxMTAvBgNVBAUTKDIxQjJFQTc0MkZGMEVGOUVCQ0NFRjM5OTg3OTBFM0Y1
QjA4RDZCNjMwHhcNMjQwOTI3MDI1NzAzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY2MWVmZS1mYzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt2GYhhTwiJ4/fpcbwBy5a11YWY2diz8XDVecdgIOTyrMPJ4jHERHT2svvKVb
eHLNX4dT7FNdm4hJzzLIuskR9UhvB8gZF/jJWy7yxRFwBTrEE7nNZtSfs6gvaXy1
p9Dl6axwRygGdf22LNpmpWiyQ1p9mVIo6Bq0swr/TFeTbJsCgOpuVCyDLszxvN47
nAd9MbLEpmEzp+SIykxROQ22dx4TpCMb8K6fl2MAMaEJ1QBighd1hsNuUYpwZKaH
WDKqaFn/3qtJTkvWVAzMW5GVv1QoePqy5pkXA7Lpx4Q1t44MaTkCrz1HvvU9m4+0
S4ivsa/YY7bdcnvkvnbImjuZPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIoRRyLC
leitYTO4cSaqwZcHSS9qMB8GA1UdIwQYMBaAFCGy6nQv8O+evM7zmYeQ4/WwjWtj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjE3Mi9CQTU0QzEzNDcy
MkIxMUVEOTdENzNDNUFDNEY5QUUwMi9JYkxxZENfdzc1Njh6dk9aaDVEajliQ05h
Mk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0liTHFkQ193NzU2OHp2T1poNURqOWJDTmEyTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjYxNzIvQkE1NEMxMzQ3MjJCMTFFRDk3RDczQzVBQzRGOUFFMDIvMDhBNzE5NzA3
MjM4MTFFREIwQkQwMzEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLF2EwDQYJKoZIhvcNAQELBQADggEBABnAG3aKYvy2WvxE
/80Ne3uk6siuFvgJAVEBCeleNOsLrBAvAzgrzu6obvgAsatNcK+TkZCKI+/uAU+V
5S0sqkKaGK/RNqTqFTu7QPwtRqRU/8+YzNRV6B0IfHmD+8WoP9nSJc1dwjFlI05O
0Fz3XaeF6cBNaJKPoiDHNi93q7eGqRpTuuDUrQ0Px764c7C6yuJmHhPPO2wyigiN
+PJkigFpsM2jjeqqUlmyaBl3617Y9jKOeE90AFpomUOBVvrqyaGmX6Y2FAC1Lvwh
d4oP1fdM2lA8E1ehRuTusdR90rHkS24LWcAzb4h5QWVr4TL8ugOtMaP7T92BWJN5
I/IVHxM=
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:15:59 2025 by rpki-client