Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/86A2CEB60F3E11EEA4C55465C4F9AE02.roa
File: 86A2CEB60F3E11EEA4C55465C4F9AE02.roa (raw, json)
Hash identifier: LEuGWO/AHJLUDwLeABLdjtuQr5+JNGq1678nn2RoAyI=
Subject key identifier: E5:6E:73:40:97:0A:23:FB:52:97:17:83:5A:CD:CD:0C:B8:05:9C:22
Certificate issuer: /CN=A911B4ED/serialNumber=908E789034F18415D8759C26A346EB810EF5A415
Certificate serial: C3
Authority key identifier: 90:8E:78:90:34:F1:84:15:D8:75:9C:26:A3:46:EB:81:0E:F5:A4:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI54kDTxhBXYdZwmo0brgQ71pBU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/86A2CEB60F3E11EEA4C55465C4F9AE02.roa
Signing time: Mon 01 Jul 2024 06:07:19 +0000
ROA not before: Mon 01 Jul 2024 06:07:19 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 141765
IP address blocks: 103.79.178.0/23 maxlen: 23
103.79.178.0/24 maxlen: 24
103.79.179.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 195 (0xc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B4ED
Validity
Not Before: Jul 1 06:07:19 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66824795-56dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0d:fd:47:d1:a9:05:ac:7c:17:f8:ef:c9:19:
fd:05:c5:cf:d1:36:7c:06:a2:2e:32:2e:68:4c:f8:
d7:54:37:e9:c7:95:7b:ab:72:ff:d3:a0:12:9f:a2:
6f:d1:90:df:ce:d4:b4:60:ed:63:9a:e4:d8:47:4a:
ef:89:92:17:57:f6:5a:e8:c3:b3:b9:a4:1f:2c:8e:
d5:26:42:bf:16:91:a8:23:cf:9f:03:51:b4:c6:09:
8a:41:28:20:db:67:38:7d:7b:84:97:99:76:d9:dc:
38:aa:5b:42:4d:2d:fa:59:d2:ab:72:36:19:b7:51:
9c:1d:14:0e:4d:d6:14:33:50:e2:28:50:de:83:e6:
ea:8e:89:dd:29:c7:0a:da:00:ec:b9:cb:bb:15:00:
b4:94:64:8a:b7:86:9b:78:c8:65:50:d1:92:35:fa:
92:67:a1:47:40:26:73:04:65:4b:22:2e:00:30:5e:
4f:8c:ed:51:f9:65:35:96:74:5c:79:91:22:3b:80:
7b:fc:d6:ad:22:d3:7e:5e:d4:52:b2:3f:75:e2:2b:
05:81:7a:2a:b6:62:95:67:34:42:a3:f2:14:6a:50:
87:f5:a6:bb:9e:f1:85:02:29:9b:fb:ba:5e:8f:76:
78:42:2a:f0:a4:c1:f7:e0:aa:74:39:f5:40:ed:b3:
f8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:6E:73:40:97:0A:23:FB:52:97:17:83:5A:CD:CD:0C:B8:05:9C:22
X509v3 Authority Key Identifier:
keyid:90:8E:78:90:34:F1:84:15:D8:75:9C:26:A3:46:EB:81:0E:F5:A4:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/kI54kDTxhBXYdZwmo0brgQ71pBU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI54kDTxhBXYdZwmo0brgQ71pBU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/86A2CEB60F3E11EEA4C55465C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.178.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:b3:ae:d2:2c:73:55:10:92:c9:a6:b6:3a:ff:8b:df:88:dd:
e6:be:37:89:ce:7f:8e:89:44:56:26:5c:37:d2:55:dc:27:85:
4d:67:c6:98:05:42:59:a1:ae:22:78:fe:02:04:6c:d3:9d:84:
32:44:ce:9d:0a:f1:af:0a:f6:e1:c1:57:01:43:27:c4:46:6e:
dd:e2:8f:82:c2:f9:86:79:87:0b:1c:08:a1:4f:7f:86:00:27:
c8:68:2d:62:77:c0:90:67:ce:e2:38:ba:0c:9f:12:45:50:2c:
16:1f:5a:29:22:b6:e8:e4:dd:01:60:03:4a:73:b8:59:08:0f:
e4:f6:5b:9d:5e:41:46:45:86:68:70:07:51:bb:bd:66:ee:f6:
a6:30:1f:66:b0:a0:d5:a4:b9:34:c9:48:c4:47:40:98:41:03:
54:2b:0c:72:58:14:d5:d7:6b:7e:6e:68:0f:e8:9e:66:3e:22:
5b:bf:26:23:0b:ad:7a:7f:04:ed:0c:99:5a:56:c4:31:3e:df:
d4:e4:68:43:b5:59:ac:24:63:50:f3:13:fb:6c:a0:67:5a:86:
a3:53:6f:f4:76:b1:d4:f9:0b:20:9b:98:28:58:5f:c9:ca:0a:
4f:bd:84:62:7d:69:a5:8d:73:ca:77:a4:2e:2f:7c:60:a9:3e:
01:c7:aa:48
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0RUQxMTAvBgNVBAUTKDkwOEU3ODkwMzRGMTg0MTVEODc1OUMyNkEzNDZFQjgx
MEVGNUE0MTUwHhcNMjQwNzAxMDYwNzE5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjgyNDc5NS01NmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwg39R9GpBax8F/jvyRn9BcXP0TZ8BqIuMi5oTPjXVDfpx5V7q3L/06ASn6Jv
0ZDfztS0YO1jmuTYR0rviZIXV/Za6MOzuaQfLI7VJkK/FpGoI8+fA1G0xgmKQSgg
22c4fXuEl5l22dw4qltCTS36WdKrcjYZt1GcHRQOTdYUM1DiKFDeg+bqjondKccK
2gDsucu7FQC0lGSKt4abeMhlUNGSNfqSZ6FHQCZzBGVLIi4AMF5PjO1R+WU1lnRc
eZEiO4B7/NatItN+XtRSsj914isFgXoqtmKVZzRCo/IUalCH9aa7nvGFAimb+7pe
j3Z4QirwpMH34Kp0OfVA7bP4MQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOVuc0CX
CiP7UpcXg1rNzQy4BZwiMB8GA1UdIwQYMBaAFJCOeJA08YQV2HWcJqNG64EO9aQV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjRFRC9GQTRCMEFDNDBG
MzcxMUVFQUI5RDk0NjhDNEY5QUUwMi9rSTU0a0RUeGhCWFlkWndtbzBicmdRNzFw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tJNTRrRFR4aEJYWWRad21vMGJyZ1E3MXBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0RUQvRkE0QjBBQzQwRjM3MTFFRUFCOUQ5NDY4QzRGOUFFMDIvODZBMkNFQjYw
RjNFMTFFRUE0QzU1NDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnT7IwDQYJKoZIhvcNAQELBQADggEBAEuzrtIsc1UQksmm
tjr/i9+I3ea+N4nOf46JRFYmXDfSVdwnhU1nxpgFQlmhriJ4/gIEbNOdhDJEzp0K
8a8K9uHBVwFDJ8RGbt3ij4LC+YZ5hwscCKFPf4YAJ8hoLWJ3wJBnzuI4ugyfEkVQ
LBYfWikitujk3QFgA0pzuFkID+T2W51eQUZFhmhwB1G7vWbu9qYwH2awoNWkuTTJ
SMRHQJhBA1QrDHJYFNXXa35uaA/onmY+Ilu/JiMLrXp/BO0MmVpWxDE+39TkaEO1
WawkY1DzE/tsoGdahqNTb/R2sdT5CyCbmChYX8nKCk+9hGJ9aaWNc8p3pC4vfGCp
PgHHqkg=
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:08:18 2025 by rpki-client