Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA2CC/F26E06CE11F911EA9CB88C35C4F9AE02/A1A3D7886B9911EF898D4645C4F9AE02.roa
File: A1A3D7886B9911EF898D4645C4F9AE02.roa (raw, json)
Hash identifier: RFkMnKmypwqhoKuW5rUexAXXk8MOX8lKq4I17M92bNs=
Subject key identifier: DA:5C:82:18:1B:22:00:48:DC:96:D6:08:93:FB:E8:15:88:56:1D:A5
Certificate issuer: /CN=A91EA2CC/serialNumber=90A98450B9DA938118A2D5AD534D8828F4B94634
Certificate serial: 0B8D
Authority key identifier: 90:A9:84:50:B9:DA:93:81:18:A2:D5:AD:53:4D:88:28:F4:B9:46:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kKmEULnak4EYotWtU02IKPS5RjQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA2CC/F26E06CE11F911EA9CB88C35C4F9AE02/A1A3D7886B9911EF898D4645C4F9AE02.roa
Signing time: Thu 05 Sep 2024 15:15:06 +0000
ROA not before: Thu 05 Sep 2024 15:15:06 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 136022
IP address blocks: 103.134.40.0/24 maxlen: 24
103.134.41.0/24 maxlen: 24
103.134.42.0/24 maxlen: 24
2404:5cc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2957 (0xb8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA2CC/serialNumber=90A98450B9DA938118A2D5AD534D8828F4B94634
Validity
Not Before: Sep 5 15:15:06 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=66d9cafa-4f99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:31:57:fb:66:ef:65:36:55:c3:df:db:28:99:
a3:9e:92:17:ae:64:c3:ce:f2:57:4f:c4:ff:db:e1:
59:a3:50:39:f9:48:a2:c9:6c:03:3c:27:b1:7f:7d:
21:9d:3c:40:19:4a:fe:e7:7d:3e:9f:50:b1:b9:01:
6a:31:e7:cb:7b:53:11:c6:b9:74:25:72:41:ce:7a:
5c:aa:6a:82:fa:4b:4c:6f:79:5e:46:c8:fd:82:5a:
03:aa:e2:f7:72:39:57:8c:84:88:92:40:48:cc:54:
25:f1:4b:0b:f2:ca:40:d6:70:46:32:fb:b8:78:1b:
bb:bf:4d:5f:eb:97:08:51:28:14:14:be:ae:8e:82:
57:3e:a3:97:6d:e8:df:ac:5a:c7:84:72:dd:15:0d:
7f:8e:bc:d9:2b:cf:30:42:4f:6b:a3:3f:e3:23:57:
82:ab:aa:78:16:23:45:1a:ec:a5:3d:79:60:1a:fc:
8e:d2:58:31:4d:fa:a8:e2:25:2d:5e:e5:48:06:01:
33:be:54:e6:ce:72:fc:67:c8:d9:c6:88:41:7e:35:
0c:50:50:91:82:c5:25:2d:f6:25:25:8c:14:bf:07:
6c:b4:76:89:65:10:f6:b0:23:bb:e3:ac:41:12:fc:
ce:38:a8:5d:05:22:44:34:99:76:eb:97:d9:03:67:
a2:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5C:82:18:1B:22:00:48:DC:96:D6:08:93:FB:E8:15:88:56:1D:A5
X509v3 Authority Key Identifier:
keyid:90:A9:84:50:B9:DA:93:81:18:A2:D5:AD:53:4D:88:28:F4:B9:46:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA2CC/F26E06CE11F911EA9CB88C35C4F9AE02/kKmEULnak4EYotWtU02IKPS5RjQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kKmEULnak4EYotWtU02IKPS5RjQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA2CC/F26E06CE11F911EA9CB88C35C4F9AE02/A1A3D7886B9911EF898D4645C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.40.0-103.134.42.255
IPv6:
2404:5cc0::/32
Signature Algorithm: sha256WithRSAEncryption
5f:44:27:a9:d7:7e:fb:71:3b:74:62:9e:b8:f9:1f:63:1f:e4:
c8:cb:15:de:f6:3f:54:03:30:51:fd:82:a2:a3:11:3e:75:91:
d0:39:df:5c:81:d9:1f:a7:d7:57:cf:f1:8b:3d:5a:ab:3e:21:
fd:b1:c0:c2:41:58:60:1e:8b:11:91:4f:b0:d3:d9:66:dd:df:
9a:3a:89:c7:e5:9e:20:39:cf:01:33:bd:00:c0:af:9d:b7:43:
ef:75:18:6f:cd:e0:4d:33:7f:83:59:dd:e2:c4:6c:ab:87:73:
e1:4c:e7:62:46:32:7d:63:bd:c9:ac:64:4d:5c:23:85:8f:83:
7d:98:f5:89:c1:a7:a5:bc:17:66:42:b5:42:a3:f4:1e:3e:7f:
14:28:15:4c:64:a9:38:cd:9a:d6:20:98:ff:59:97:a8:d0:1d:
d2:bd:f6:6a:d2:02:90:67:7a:be:39:f1:fa:04:27:06:c6:d5:
94:e1:e6:db:49:1c:3c:75:3c:61:6f:d2:52:15:36:34:9c:34:
e8:03:d6:cb:37:44:16:73:1b:a2:8a:ec:2e:aa:65:d5:8e:57:
a4:c7:84:2e:d3:11:7f:67:64:b6:7e:8f:c3:06:f9:5d:4a:b8:
48:7f:56:40:09:31:0a:d7:46:4d:40:fa:81:e4:ab:33:2f:d7:
07:51:57:54
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICC40wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUEyQ0MxMTAvBgNVBAUTKDkwQTk4NDUwQjlEQTkzODExOEEyRDVBRDUzNEQ4ODI4
RjRCOTQ2MzQwHhcNMjQwOTA1MTUxNTA2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5Y2FmYS00Zjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtzFX+2bvZTZVw9/bKJmjnpIXrmTDzvJXT8T/2+FZo1A5+UiiyWwDPCexf30h
nTxAGUr+530+n1CxuQFqMefLe1MRxrl0JXJBznpcqmqC+ktMb3leRsj9gloDquL3
cjlXjISIkkBIzFQl8UsL8spA1nBGMvu4eBu7v01f65cIUSgUFL6ujoJXPqOXbejf
rFrHhHLdFQ1/jrzZK88wQk9roz/jI1eCq6p4FiNFGuylPXlgGvyO0lgxTfqo4iUt
XuVIBgEzvlTmznL8Z8jZxohBfjUMUFCRgsUlLfYlJYwUvwdstHaJZRD2sCO746xB
EvzOOKhdBSJENJl265fZA2eiyQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFNpcghgb
IgBI3JbWCJP76BWIVh2lMB8GA1UdIwQYMBaAFJCphFC52pOBGKLVrVNNiCj0uUY0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTJDQy9GMjZFMDZDRTEx
RjkxMUVBOUNCODhDMzVDNEY5QUUwMi9rS21FVUxuYWs0RVlvdFd0VTAySUtQUzVS
alEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tLbUVVTG5hazRFWW90V3RVMDJJS1BTNVJqUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUEyQ0MvRjI2RTA2Q0UxMUY5MTFFQTlDQjg4QzM1QzRGOUFFMDIvQTFBM0Q3ODg2
Qjk5MTFFRjg5OEQ0NjQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBQEAgABMA4wDAMEA2eGKAMEAGeGKjANBAIAAjAHAwUAJARcwDANBgkqhkiG
9w0BAQsFAAOCAQEAX0Qnqdd++3E7dGKeuPkfYx/kyMsV3vY/VAMwUf2CoqMRPnWR
0DnfXIHZH6fXV8/xiz1aqz4h/bHAwkFYYB6LEZFPsNPZZt3fmjqJx+WeIDnPATO9
AMCvnbdD73UYb83gTTN/g1nd4sRsq4dz4UznYkYyfWO9yaxkTVwjhY+DfZj1icGn
pbwXZkK1QqP0Hj5/FCgVTGSpOM2a1iCY/1mXqNAd0r32atICkGd6vjnx+gQnBsbV
lOHm20kcPHU8YW/SUhU2NJw06APWyzdEFnMboorsLqpl1Y5XpMeELtMRf2dktn6P
wwb5XUq4SH9WQAkxCtdGTUD6geSrMy/XB1FXVA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 02:35:41 2025 by rpki-client