Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911933B/E98A113E926411EE9947DA5BC4F9AE02/1B000B60A70A11EE9D90E754C4F9AE02.roa
File: 1B000B60A70A11EE9D90E754C4F9AE02.roa (raw, json)
Hash identifier: XRSbm92iiBJ9xxjhhCi5I/tUaB0t9fuY2aP6/h6Ck2c=
Subject key identifier: 7F:31:B8:B0:DC:D3:10:25:C9:7B:FE:B0:7C:9F:64:ED:38:96:41:63
Certificate issuer: /CN=A911933B/serialNumber=86DA1900E6150CBD9CD815AC67DC53A5E6D3C027
Certificate serial: 88
Authority key identifier: 86:DA:19:00:E6:15:0C:BD:9C:D8:15:AC:67:DC:53:A5:E6:D3:C0:27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htoZAOYVDL2c2BWsZ9xTpebTwCc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911933B/E98A113E926411EE9947DA5BC4F9AE02/1B000B60A70A11EE9D90E754C4F9AE02.roa
Signing time: Wed 07 Aug 2024 06:27:35 +0000
ROA not before: Wed 07 Aug 2024 06:27:35 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 137975
IP address blocks: 103.119.24.0/24 maxlen: 24
103.119.25.0/24 maxlen: 24
103.119.26.0/24 maxlen: 24
103.119.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136 (0x88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911933B
Validity
Not Before: Aug 7 06:27:35 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66b313d6-a9a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ca:4c:d4:7e:48:50:fb:10:59:bb:c2:78:1e:
0c:b3:77:f3:06:b0:ec:0a:f0:73:1b:ad:5f:a6:b3:
8a:36:18:f7:4b:64:59:85:7d:2f:b7:66:ad:db:18:
56:02:d7:7e:f0:97:3f:d3:4b:de:ca:c7:c9:62:7b:
c0:f0:ba:89:40:45:45:7c:57:60:2a:c1:16:d2:a0:
d5:a8:f0:66:39:76:08:c0:77:d9:bb:04:ba:58:ce:
3b:64:d1:60:cb:cd:fb:d1:81:14:2a:28:c6:f5:2f:
dc:76:f4:f3:65:3d:de:e8:31:81:0b:21:e7:3a:14:
b3:91:dd:b5:5c:47:b8:9d:24:c7:2d:c4:84:ae:7d:
25:a4:e3:15:f6:96:94:23:a3:c6:b3:26:62:32:54:
66:19:7a:57:90:8d:34:21:d0:0e:59:59:98:57:1d:
8f:60:7a:c3:7b:6a:2c:81:b3:dd:e5:1e:3c:bd:df:
86:d4:de:5b:d2:14:e8:36:c5:4f:78:8d:a1:31:a3:
98:39:5b:6a:7f:9d:67:93:56:a1:4b:01:77:84:db:
82:84:a3:9a:53:59:fc:42:3c:83:fb:67:e5:0a:4c:
8a:b2:52:9b:85:95:2a:c3:b9:cf:9a:19:0b:2a:c8:
7e:2b:07:52:47:9b:8d:71:30:8b:de:bb:68:d1:b1:
ec:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:31:B8:B0:DC:D3:10:25:C9:7B:FE:B0:7C:9F:64:ED:38:96:41:63
X509v3 Authority Key Identifier:
keyid:86:DA:19:00:E6:15:0C:BD:9C:D8:15:AC:67:DC:53:A5:E6:D3:C0:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911933B/E98A113E926411EE9947DA5BC4F9AE02/htoZAOYVDL2c2BWsZ9xTpebTwCc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htoZAOYVDL2c2BWsZ9xTpebTwCc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911933B/E98A113E926411EE9947DA5BC4F9AE02/1B000B60A70A11EE9D90E754C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.119.24.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:83:68:4d:8d:6a:5b:f3:67:b2:a4:b7:a8:47:03:5d:84:5a:
3d:3b:b3:be:f2:c7:ab:4b:45:d1:ad:83:87:21:76:ce:a0:e8:
02:9f:2b:9b:93:5a:9d:ad:3d:2f:d5:5a:b9:e2:5f:1d:ec:3f:
df:53:58:d0:64:ba:3a:f4:72:8b:4e:c6:48:a3:0a:06:13:a2:
68:18:d4:a9:09:7d:0e:fe:d1:ce:6e:04:7f:f0:22:f8:53:d2:
04:b2:99:40:94:ee:a2:48:ee:eb:89:a6:71:74:8e:23:13:a8:
fa:a1:5b:f6:e9:5a:3c:e3:a7:96:1b:51:ce:9a:2f:c8:eb:f2:
fe:c1:49:22:6f:03:98:6d:ee:ff:22:ea:d0:37:10:d9:a5:ec:
e5:65:f5:c3:24:76:cb:50:0b:0f:c4:ec:3d:0f:bf:27:fa:8a:
b4:7b:f7:75:08:e0:ac:96:84:43:05:09:3a:36:b6:6d:dc:53:
02:03:9d:f7:86:08:e3:06:c8:66:30:53:47:c4:bf:3d:f7:89:
66:9e:f0:14:63:09:d4:71:76:a8:61:ec:4e:1b:51:0b:32:49:
0e:4d:a3:1b:ff:9f:7e:bb:f3:54:3d:bf:28:2a:d5:9f:f3:81:
02:85:22:ac:2b:65:09:e8:11:85:a3:ba:a7:40:8a:28:98:3a:
bc:40:24:44
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTkzM0IxMTAvBgNVBAUTKDg2REExOTAwRTYxNTBDQkQ5Q0Q4MTVBQzY3REM1M0E1
RTZEM0MwMjcwHhcNMjQwODA3MDYyNzM1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIzMTNkNi1hOWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA38pM1H5IUPsQWbvCeB4Ms3fzBrDsCvBzG61fprOKNhj3S2RZhX0vt2at2xhW
Atd+8Jc/00veysfJYnvA8LqJQEVFfFdgKsEW0qDVqPBmOXYIwHfZuwS6WM47ZNFg
y8370YEUKijG9S/cdvTzZT3e6DGBCyHnOhSzkd21XEe4nSTHLcSErn0lpOMV9paU
I6PGsyZiMlRmGXpXkI00IdAOWVmYVx2PYHrDe2osgbPd5R48vd+G1N5b0hToNsVP
eI2hMaOYOVtqf51nk1ahSwF3hNuChKOaU1n8QjyD+2flCkyKslKbhZUqw7nPmhkL
Ksh+KwdSR5uNcTCL3rto0bHs0QIDAQABo4IClTCCApEwHQYDVR0OBBYEFH8xuLDc
0xAlyXv+sHyfZO04lkFjMB8GA1UdIwQYMBaAFIbaGQDmFQy9nNgVrGfcU6Xm08An
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTMzQi9FOThBMTEzRTky
NjQxMUVFOTk0N0RBNUJDNEY5QUUwMi9odG9aQU9ZVkRMMmMyQldzWjl4VHBlYlR3
Q2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h0b1pBT1lWREwyYzJCV3NaOXhUcGViVHdDYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTkzM0IvRTk4QTExM0U5MjY0MTFFRTk5NDdEQTVCQzRGOUFFMDIvMUIwMDBCNjBB
NzBBMTFFRTlEOTBFNzU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJndxgwDQYJKoZIhvcNAQELBQADggEBAAyDaE2NalvzZ7Kk
t6hHA12EWj07s77yx6tLRdGtg4chds6g6AKfK5uTWp2tPS/VWrniXx3sP99TWNBk
ujr0cotOxkijCgYTomgY1KkJfQ7+0c5uBH/wIvhT0gSymUCU7qJI7uuJpnF0jiMT
qPqhW/bpWjzjp5YbUc6aL8jr8v7BSSJvA5ht7v8i6tA3ENml7OVl9cMkdstQCw/E
7D0Pvyf6irR793UI4KyWhEMFCTo2tm3cUwIDnfeGCOMGyGYwU0fEvz33iWae8BRj
CdRxdqhh7E4bUQsySQ5Noxv/n36781Q9vygq1Z/zgQKFIqwrZQnoEYWjuqdAiiiY
OrxAJEQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:07:12 2025 by rpki-client