Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B7EB/791F4E7673E311EABA7A886EC4F9AE02/4A074A90E19511EC8AD57C6CC4F9AE02.roa
File: 4A074A90E19511EC8AD57C6CC4F9AE02.roa (raw, json)
Hash identifier: m/p8bbAHJM24HdYiY9DoNYUeIyo2VNJNxbaHYIEgDWw=
Subject key identifier: 09:1D:93:C8:27:8C:E1:C5:FA:BA:EC:79:B6:40:32:6E:57:6F:9A:1E
Certificate issuer: /CN=A911B7EB/serialNumber=8CF6F26283E0943E17D412B19CA2AF2CD60D4587
Certificate serial: 0976
Authority key identifier: 8C:F6:F2:62:83:E0:94:3E:17:D4:12:B1:9C:A2:AF:2C:D6:0D:45:87
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jPbyYoPglD4X1BKxnKKvLNYNRYc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B7EB/791F4E7673E311EABA7A886EC4F9AE02/4A074A90E19511EC8AD57C6CC4F9AE02.roa
Signing time: Fri 14 Jun 2024 21:27:55 +0000
ROA not before: Fri 14 Jun 2024 21:27:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 140502
IP address blocks: 103.150.6.0/23 maxlen: 23
103.150.6.0/24 maxlen: 24
103.150.7.0/24 maxlen: 24
2001:df3:4c80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2422 (0x976)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B7EB
Validity
Not Before: Jun 14 21:27:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=666cb5db-6cdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:e0:06:f9:40:e1:f4:a2:05:46:d7:b3:3c:8e:
24:6c:a6:6e:e6:6a:fe:bf:98:84:d6:c5:8a:33:23:
3b:a3:bd:ac:dc:52:32:9d:15:05:d1:f9:a7:4f:93:
b1:49:2c:90:44:97:c0:e4:a2:1f:d2:7f:2e:31:21:
a5:4a:ab:42:5b:99:6c:c0:70:51:52:db:fe:3e:51:
a5:a9:de:9d:ff:59:22:dc:a8:b5:6e:cf:40:f0:bd:
cc:bc:e2:ca:c8:41:5b:a3:6a:4b:98:18:b0:fb:9c:
e3:0b:b4:be:ce:10:9d:75:29:1f:21:9d:20:58:25:
fa:66:df:1f:cb:d6:3a:f8:85:04:74:8a:f6:8a:38:
c9:7a:f9:c7:28:e8:34:a1:a8:f0:b5:78:b8:3e:67:
1c:da:3e:86:e9:63:61:99:d0:65:67:26:1c:a8:e5:
fb:97:f8:72:52:40:92:65:3e:70:15:4a:5a:9c:16:
65:e7:1c:51:12:58:71:06:88:18:ca:c9:d5:f9:21:
50:ed:ee:3f:8e:7f:3c:65:b5:e7:54:19:c4:d3:71:
00:a4:47:e4:de:f4:a4:13:bc:39:fa:12:c5:6e:9c:
9b:f6:b3:a0:6f:fc:68:66:f1:c4:e6:a3:f7:ad:55:
91:72:b8:dd:36:8c:a3:f1:39:4a:ef:cc:45:5c:ce:
d1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:1D:93:C8:27:8C:E1:C5:FA:BA:EC:79:B6:40:32:6E:57:6F:9A:1E
X509v3 Authority Key Identifier:
keyid:8C:F6:F2:62:83:E0:94:3E:17:D4:12:B1:9C:A2:AF:2C:D6:0D:45:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B7EB/791F4E7673E311EABA7A886EC4F9AE02/jPbyYoPglD4X1BKxnKKvLNYNRYc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jPbyYoPglD4X1BKxnKKvLNYNRYc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B7EB/791F4E7673E311EABA7A886EC4F9AE02/4A074A90E19511EC8AD57C6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.150.6.0/23
IPv6:
2001:df3:4c80::/48
Signature Algorithm: sha256WithRSAEncryption
59:38:be:d6:33:3e:4d:be:f1:d5:d0:54:bc:0a:a6:88:f5:72:
da:fd:e1:d0:ab:a7:cc:ce:03:40:7b:23:42:0d:c9:ec:3d:fc:
f0:f4:52:d5:1c:da:d4:d7:ef:6d:3e:b9:60:ff:09:34:4b:2e:
b6:61:ed:a1:0f:71:38:23:96:16:3f:76:1d:78:59:6a:fb:07:
56:2c:ea:f7:55:f8:b5:58:3f:e4:9a:2a:ff:c5:1d:77:b0:1a:
2a:c2:dd:46:07:6b:33:9b:ea:f8:68:89:aa:48:51:e3:d5:e8:
95:86:d2:e9:0f:fa:ed:b5:e5:25:e2:62:dc:0c:2f:2f:77:d9:
79:7c:4a:13:58:57:a9:fa:f9:4d:69:96:c1:48:9b:b7:a0:c0:
3c:38:ad:b2:b4:9e:73:94:e7:68:4d:e1:c0:85:c7:9e:3c:9e:
4c:aa:05:83:e6:1e:92:d9:b7:81:4e:18:a8:86:90:eb:92:4b:
7c:63:5e:ea:34:13:60:5e:5e:88:b7:7e:5e:d8:41:59:ae:6a:
85:fc:dd:c7:26:0f:0a:f1:3c:29:19:ce:24:2a:c0:e0:2b:4b:
73:89:8a:41:1f:60:b3:30:63:01:b3:ab:65:a7:45:d6:0f:de:
89:61:70:ea:93:d4:a3:5b:76:ad:d0:61:ae:18:c2:59:84:9b:
c2:af:27:1e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICCXYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI3RUIxMTAvBgNVBAUTKDhDRjZGMjYyODNFMDk0M0UxN0Q0MTJCMTlDQTJBRjJD
RDYwRDQ1ODcwHhcNMjQwNjE0MjEyNzU1WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZjYjVkYi02Y2RmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3+AG+UDh9KIFRtezPI4kbKZu5mr+v5iE1sWKMyM7o72s3FIynRUF0fmnT5Ox
SSyQRJfA5KIf0n8uMSGlSqtCW5lswHBRUtv+PlGlqd6d/1ki3Ki1bs9A8L3MvOLK
yEFbo2pLmBiw+5zjC7S+zhCddSkfIZ0gWCX6Zt8fy9Y6+IUEdIr2ijjJevnHKOg0
oajwtXi4Pmcc2j6G6WNhmdBlZyYcqOX7l/hyUkCSZT5wFUpanBZl5xxRElhxBogY
ysnV+SFQ7e4/jn88ZbXnVBnE03EApEfk3vSkE7w5+hLFbpyb9rOgb/xoZvHE5qP3
rVWRcrjdNoyj8TlK78xFXM7R6QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFAkdk8gn
jOHF+rrsebZAMm5Xb5oeMB8GA1UdIwQYMBaAFIz28mKD4JQ+F9QSsZyiryzWDUWH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjdFQi83OTFGNEU3Njcz
RTMxMUVBQkE3QTg4NkVDNEY5QUUwMi9qUGJ5WW9QZ2xENFgxQkt4bktLdkxOWU5S
WWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pQYnlZb1BnbEQ0WDFCS3huS0t2TE5ZTlJZYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI3RUIvNzkxRjRFNzY3M0UzMTFFQUJBN0E4ODZFQzRGOUFFMDIvNEEwNzRBOTBF
MTk1MTFFQzhBRDU3QzZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnlgYwDwQCAAIwCQMHACABDfNMgDANBgkqhkiG9w0BAQsF
AAOCAQEAWTi+1jM+Tb7x1dBUvAqmiPVy2v3h0KunzM4DQHsjQg3J7D388PRS1Rza
1NfvbT65YP8JNEsutmHtoQ9xOCOWFj92HXhZavsHVizq91X4tVg/5Joq/8Udd7Aa
KsLdRgdrM5vq+GiJqkhR49XolYbS6Q/67bXlJeJi3AwvL3fZeXxKE1hXqfr5TWmW
wUibt6DAPDitsrSec5TnaE3hwIXHnjyeTKoFg+Yektm3gU4YqIaQ65JLfGNe6jQT
YF5eiLd+XthBWa5qhfzdxyYPCvE8KRnOJCrA4CtLc4mKQR9gszBjAbOrZadF1g/e
iWFw6pPUo1t2rdBhrhjCWYSbwq8nHg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:24:02 2025 by rpki-client