Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA594/522B6D6E553C11EB8F085C71C4F9AE02/D0EAEA3EB85811EF96935B81C4F9AE02.roa
File: D0EAEA3EB85811EF96935B81C4F9AE02.roa (raw, json)
Hash identifier: uITzFkhM8ocZYzwoSxieBLCf61KmQsM8/iMGu8Y1zSQ=
Subject key identifier: AC:8A:20:2B:95:0E:2D:34:48:AF:25:BD:F6:D5:C6:43:AE:88:94:50
Certificate issuer: /CN=A91BA594/serialNumber=DB1F7798C00117B20C6F3BC32994802CF2094837
Certificate serial: 068C
Authority key identifier: DB:1F:77:98:C0:01:17:B2:0C:6F:3B:C3:29:94:80:2C:F2:09:48:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2x93mMABF7IMbzvDKZSALPIJSDc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BA594/522B6D6E553C11EB8F085C71C4F9AE02/D0EAEA3EB85811EF96935B81C4F9AE02.roa
Signing time: Thu 12 Dec 2024 07:15:07 +0000
ROA not before: Thu 12 Dec 2024 07:15:07 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 153462
IP address blocks: 103.28.76.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1676 (0x68c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BA594/serialNumber=DB1F7798C00117B20C6F3BC32994802CF2094837
Validity
Not Before: Dec 12 07:15:07 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=675a8d7b-f3ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f9:89:47:e7:59:d6:a7:3c:8c:7c:49:12:78:
e5:2d:a5:98:3d:97:cd:97:f6:2f:24:bb:32:64:b3:
76:a4:f8:42:0c:b9:34:8d:13:a3:e9:c6:3c:9d:8b:
1b:02:c3:f9:2c:11:21:b1:02:94:27:1e:07:6f:cc:
b0:29:f2:0d:0d:8f:80:78:cc:2a:57:f3:6a:95:9f:
6b:ab:a8:ec:3d:b3:c6:76:2a:c8:d3:d7:8e:17:c6:
8f:ee:28:d5:c1:1d:0c:e4:7a:83:e9:51:1d:47:80:
a9:41:ed:98:4a:89:f9:29:e8:48:3e:d5:82:52:97:
e6:89:60:b6:d0:2a:40:45:4a:0a:68:ae:23:13:e5:
0f:e6:d7:fb:8b:66:6f:fc:e9:60:3e:cb:bf:63:8b:
89:23:26:0a:ce:e8:43:ae:a6:54:54:ad:6e:36:12:
47:a8:01:a1:8c:4f:31:43:91:a8:19:b6:b4:25:9b:
e6:a4:07:c7:b3:2d:53:d3:c0:43:44:1e:53:07:6c:
d5:f4:63:b2:ef:18:b5:c4:85:15:5f:0d:43:6c:6b:
cd:9f:59:ba:17:4b:cc:0c:c9:6f:d7:68:44:f9:68:
fb:a8:a5:12:dc:c0:4f:c1:58:c6:aa:de:fa:03:f4:
04:83:80:b1:47:ad:13:27:76:39:fe:00:74:75:f4:
db:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:8A:20:2B:95:0E:2D:34:48:AF:25:BD:F6:D5:C6:43:AE:88:94:50
X509v3 Authority Key Identifier:
keyid:DB:1F:77:98:C0:01:17:B2:0C:6F:3B:C3:29:94:80:2C:F2:09:48:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BA594/522B6D6E553C11EB8F085C71C4F9AE02/2x93mMABF7IMbzvDKZSALPIJSDc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2x93mMABF7IMbzvDKZSALPIJSDc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA594/522B6D6E553C11EB8F085C71C4F9AE02/D0EAEA3EB85811EF96935B81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.28.76.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:ef:50:52:b3:96:be:a6:bc:bc:a5:b2:4a:5c:f5:f0:4c:5d:
6b:0a:96:b6:49:ed:6b:f3:b0:ef:df:ae:e2:55:c6:46:12:cf:
12:f3:48:e2:af:2a:89:4d:40:f7:fa:7e:ba:34:7b:ca:63:6e:
8d:b8:27:62:3e:09:de:7e:6c:28:40:c8:50:99:e6:34:2f:28:
2f:c3:71:bb:d3:05:90:6a:46:e4:ed:21:6e:1e:f8:42:0b:27:
68:18:72:32:1d:3c:b6:59:04:f1:a6:45:ca:37:21:c4:6d:89:
4c:8e:11:2f:54:3b:96:53:65:35:c9:cc:64:6d:83:fe:b5:cd:
f1:86:82:17:c6:3c:a9:cd:c1:98:c0:b2:cd:60:57:0c:79:ec:
df:b2:2b:fd:95:e4:b0:38:aa:49:49:59:3c:2e:1d:39:67:91:
df:d2:7a:92:bf:8b:ea:39:4b:eb:c9:03:3f:c9:c2:38:d4:57:
c7:e8:04:69:55:bf:98:84:8e:15:ab:9e:13:14:21:66:19:be:
bf:56:3e:6c:2b:3f:5e:45:24:b0:57:89:36:04:e9:34:fe:ae:
0f:b4:7e:bd:81:ce:35:6d:f9:33:e3:cf:87:8f:32:65:bf:7f:
46:1c:6e:12:b9:c7:e3:64:f3:89:f0:ad:a5:37:5d:bf:1d:fa:
ea:dd:ca:fa
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBowwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkE1OTQxMTAvBgNVBAUTKERCMUY3Nzk4QzAwMTE3QjIwQzZGM0JDMzI5OTQ4MDJD
RjIwOTQ4MzcwHhcNMjQxMjEyMDcxNTA3WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVhOGQ3Yi1mM2JhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4PmJR+dZ1qc8jHxJEnjlLaWYPZfNl/YvJLsyZLN2pPhCDLk0jROj6cY8nYsb
AsP5LBEhsQKUJx4Hb8ywKfINDY+AeMwqV/NqlZ9rq6jsPbPGdirI09eOF8aP7ijV
wR0M5HqD6VEdR4CpQe2YSon5KehIPtWCUpfmiWC20CpARUoKaK4jE+UP5tf7i2Zv
/OlgPsu/Y4uJIyYKzuhDrqZUVK1uNhJHqAGhjE8xQ5GoGba0JZvmpAfHsy1T08BD
RB5TB2zV9GOy7xi1xIUVXw1DbGvNn1m6F0vMDMlv12hE+Wj7qKUS3MBPwVjGqt76
A/QEg4CxR60TJ3Y5/gB0dfTbkwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKyKICuV
Di00SK8lvfbVxkOuiJRQMB8GA1UdIwQYMBaAFNsfd5jAAReyDG87wymUgCzyCUg3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTU5NC81MjJCNkQ2RTU1
M0MxMUVCOEYwODVDNzFDNEY5QUUwMi8yeDkzbU1BQkY3SU1ienZES1pTQUxQSUpT
RGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJ4OTNtTUFCRjdJTWJ6dkRLWlNBTFBJSlNEYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkE1OTQvNTIyQjZENkU1NTNDMTFFQjhGMDg1QzcxQzRGOUFFMDIvRDBFQUVBM0VC
ODU4MTFFRjk2OTM1QjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnHEwwDQYJKoZIhvcNAQELBQADggEBAAvvUFKzlr6mvLyl
skpc9fBMXWsKlrZJ7WvzsO/fruJVxkYSzxLzSOKvKolNQPf6fro0e8pjbo24J2I+
Cd5+bChAyFCZ5jQvKC/DcbvTBZBqRuTtIW4e+EILJ2gYcjIdPLZZBPGmRco3IcRt
iUyOES9UO5ZTZTXJzGRtg/61zfGGghfGPKnNwZjAss1gVwx57N+yK/2V5LA4qklJ
WTwuHTlnkd/SepK/i+o5S+vJAz/JwjjUV8foBGlVv5iEjhWrnhMUIWYZvr9WPmwr
P15FJLBXiTYE6TT+rg+0fr2BzjVt+TPjz4ePMmW/f0YcbhK5x+Nk84nwraU3Xb8d
+urdyvo=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:04:05 2025 by rpki-client