Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8066/18A5124894F511EDB10BC27DC4F9AE02/452D9EF494F811ED85ADE381C4F9AE02.roa
File: 452D9EF494F811ED85ADE381C4F9AE02.roa (raw, json)
Hash identifier: XNcFF969T4muviYB6d8eP/rEqpj8zfL+B4W5dgWu14E=
Subject key identifier: 78:FB:24:75:EE:7B:79:71:B5:CE:89:FC:71:C2:44:ED:CD:E7:61:BA
Certificate issuer: /CN=A91C8066/serialNumber=160C72CC577BD8DE53A2ECB0098C22F35A51AA9E
Certificate serial: D8
Authority key identifier: 16:0C:72:CC:57:7B:D8:DE:53:A2:EC:B0:09:8C:22:F3:5A:51:AA:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgxyzFd72N5TouywCYwi81pRqp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C8066/18A5124894F511EDB10BC27DC4F9AE02/452D9EF494F811ED85ADE381C4F9AE02.roa
Signing time: Tue 27 Feb 2024 05:37:58 +0000
ROA not before: Tue 27 Feb 2024 05:37:58 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 137406
IP address blocks: 103.107.156.0/22 maxlen: 24
2403:8c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 216 (0xd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C8066/serialNumber=160C72CC577BD8DE53A2ECB0098C22F35A51AA9E
Validity
Not Before: Feb 27 05:37:58 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65dd7535-588b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3e:53:f7:92:72:33:d9:48:4c:65:72:33:4c:
7f:97:62:2b:14:6f:a9:ca:6c:ae:54:e3:16:29:95:
91:91:3a:cd:9a:9e:5a:e7:bd:69:0b:f7:73:37:05:
23:e7:c2:30:92:c8:7a:cf:88:3f:d3:08:61:88:d3:
c4:cd:7b:d4:87:47:97:14:8c:78:1e:5e:3e:44:2a:
eb:70:5b:cf:e9:cd:63:0d:3a:9e:34:9d:de:06:3e:
92:e4:bd:82:37:40:f3:4c:57:aa:f2:80:5a:65:3e:
0d:91:04:93:8a:30:60:6f:dc:a1:eb:d4:81:f2:97:
51:59:cb:8d:e5:78:fd:e1:d1:78:20:42:5c:4c:cd:
7f:07:24:05:d9:4d:62:b2:b2:cf:f4:60:0c:b4:7e:
f9:5e:3e:e8:73:ec:56:cb:94:96:a8:b5:4b:f0:23:
ee:a4:6f:68:8e:4e:20:75:0f:16:ea:e5:ea:49:f9:
0a:2d:c6:61:a3:15:57:f5:02:8b:88:ed:8d:2e:8d:
f8:a0:fa:45:2f:f6:03:1d:89:0b:61:ed:88:fa:97:
b1:ec:d8:a3:a0:28:a4:ab:d8:d1:87:c3:d4:d7:c1:
13:34:28:43:c8:fa:9c:ff:47:20:29:a7:ac:8d:11:
80:25:2c:62:04:04:da:a5:20:89:65:27:8f:8a:14:
d4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:FB:24:75:EE:7B:79:71:B5:CE:89:FC:71:C2:44:ED:CD:E7:61:BA
X509v3 Authority Key Identifier:
keyid:16:0C:72:CC:57:7B:D8:DE:53:A2:EC:B0:09:8C:22:F3:5A:51:AA:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C8066/18A5124894F511EDB10BC27DC4F9AE02/FgxyzFd72N5TouywCYwi81pRqp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgxyzFd72N5TouywCYwi81pRqp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8066/18A5124894F511EDB10BC27DC4F9AE02/452D9EF494F811ED85ADE381C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.107.156.0/22
IPv6:
2403:8c0::/32
Signature Algorithm: sha256WithRSAEncryption
7b:74:1f:2f:fb:a9:54:66:fd:1d:f6:8e:77:ac:d4:19:90:56:
47:ce:1e:43:d0:d8:5f:e5:fb:b8:5c:bc:44:7e:9a:36:dc:1e:
40:2c:f9:c9:4d:27:c3:2d:dc:54:91:cc:84:8a:e9:87:4d:b0:
cf:c1:c9:e6:3f:62:f6:19:d8:40:f9:78:b2:05:66:8e:35:81:
d0:e9:6b:1d:30:e9:5f:23:df:be:95:28:13:06:1a:f6:20:30:
3d:45:bf:db:be:7c:cf:9d:ce:85:17:97:cb:64:89:8f:15:9a:
d0:18:d1:c7:6f:23:25:94:24:63:bf:86:5c:7b:f0:d4:48:ae:
79:59:e6:16:26:63:e6:84:b7:72:ed:ff:fa:88:e7:02:8f:04:
6c:81:ce:93:0b:d7:7c:00:e9:16:fa:79:11:d8:28:62:bd:73:
54:d2:37:ae:77:8c:16:99:81:8a:fc:33:b7:a5:10:1d:4a:21:
6c:5e:5a:94:41:94:67:79:1a:8d:7f:61:16:d4:d5:d8:d9:ed:
1a:c4:88:20:e3:ee:3c:c8:47:3f:e7:74:97:62:9f:b4:e9:b5:
17:72:ea:5f:ff:43:36:c5:f9:2f:2b:46:76:fe:38:d3:84:58:
f0:eb:d8:20:ec:97:2b:45:b4:17:74:5f:a4:7e:61:28:16:ef:
d2:56:f7:f2
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICANgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzgwNjYxMTAvBgNVBAUTKDE2MEM3MkNDNTc3QkQ4REU1M0EyRUNCMDA5OEMyMkYz
NUE1MUFBOUUwHhcNMjQwMjI3MDUzNzU4WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRkNzUzNS01ODhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmj5T95JyM9lITGVyM0x/l2IrFG+pymyuVOMWKZWRkTrNmp5a571pC/dzNwUj
58Iwksh6z4g/0whhiNPEzXvUh0eXFIx4Hl4+RCrrcFvP6c1jDTqeNJ3eBj6S5L2C
N0DzTFeq8oBaZT4NkQSTijBgb9yh69SB8pdRWcuN5Xj94dF4IEJcTM1/ByQF2U1i
srLP9GAMtH75Xj7oc+xWy5SWqLVL8CPupG9ojk4gdQ8W6uXqSfkKLcZhoxVX9QKL
iO2NLo34oPpFL/YDHYkLYe2I+pex7NijoCikq9jRh8PU18ETNChDyPqc/0cgKaes
jRGAJSxiBATapSCJZSePihTURwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFHj7JHXu
e3lxtc6J/HHCRO3N52G6MB8GA1UdIwQYMBaAFBYMcsxXe9jeU6LssAmMIvNaUaqe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDODA2Ni8xOEE1MTI0ODk0
RjUxMUVEQjEwQkMyN0RDNEY5QUUwMi9GZ3h5ekZkNzJONVRvdXl3Q1l3aTgxcFJx
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZneHl6RmQ3Mk41VG91eXdDWXdpODFwUnFwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzgwNjYvMThBNTEyNDg5NEY1MTFFREIxMEJDMjdEQzRGOUFFMDIvNDUyRDlFRjQ5
NEY4MTFFRDg1QURFMzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJna5wwDQQCAAIwBwMFACQDCMAwDQYJKoZIhvcNAQELBQAD
ggEBAHt0Hy/7qVRm/R32jnes1BmQVkfOHkPQ2F/l+7hcvER+mjbcHkAs+clNJ8Mt
3FSRzISK6YdNsM/ByeY/YvYZ2ED5eLIFZo41gdDpax0w6V8j376VKBMGGvYgMD1F
v9u+fM+dzoUXl8tkiY8VmtAY0cdvIyWUJGO/hlx78NRIrnlZ5hYmY+aEt3Lt//qI
5wKPBGyBzpML13wA6Rb6eRHYKGK9c1TSN653jBaZgYr8M7elEB1KIWxeWpRBlGd5
Go1/YRbU1djZ7RrEiCDj7jzIRz/ndJdin7TptRdy6l//QzbF+S8rRnb+ONOEWPDr
2CDslytFtBd0X6R+YSgW79JW9/I=
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:49:51 2025 by rpki-client