Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911EDE5/B3BF758AD51211E9B643ED39C4F9AE02/89D124B6D51311E98A41293BC4F9AE02.roa
File: 89D124B6D51311E98A41293BC4F9AE02.roa (raw, json)
Hash identifier: mbBxOC4AR4Py/kqSr6p/HUSw4E4voxLVh0FwxIMWx+Y=
Subject key identifier: D4:06:30:43:2E:38:7A:A2:11:0A:29:D4:34:87:69:83:EE:AD:36:6C
Certificate issuer: /CN=A911EDE5/serialNumber=E971FFB440134121021C625E9B70EB1AE5A28F60
Certificate serial: 0CE0
Authority key identifier: E9:71:FF:B4:40:13:41:21:02:1C:62:5E:9B:70:EB:1A:E5:A2:8F:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6XH_tEATQSECHGJem3DrGuWij2A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911EDE5/B3BF758AD51211E9B643ED39C4F9AE02/89D124B6D51311E98A41293BC4F9AE02.roa
Signing time: Mon 18 Nov 2024 18:07:00 +0000
ROA not before: Mon 18 Nov 2024 18:07:00 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 138433
IP address blocks: 103.142.236.0/23 maxlen: 23
2001:df1:9580::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3296 (0xce0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911EDE5
Validity
Not Before: Nov 18 18:07:00 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=673b8243-df8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b7:5a:e8:de:eb:db:29:ef:dd:08:1a:60:08:
c6:25:5e:d5:f6:a9:7b:fb:dd:26:ec:1d:ce:1c:9c:
44:b4:91:3c:a6:0f:90:bf:73:ed:56:56:6e:c0:2d:
5d:e1:30:b1:31:9b:fe:bc:7d:d3:16:26:52:7c:40:
0a:1b:b2:4d:e4:63:21:36:0d:78:26:11:a1:e3:51:
ba:ec:c3:01:2e:3c:b5:1e:3a:06:0a:0c:0a:37:13:
a7:6d:e1:e4:2b:0e:bf:04:ff:81:f0:73:50:d6:f4:
ba:d4:0b:37:91:4e:c1:f1:bd:d6:16:1f:a9:db:03:
f1:aa:44:81:9d:25:e2:5e:f3:1b:3b:6a:6c:a3:39:
04:70:81:08:7f:dc:e5:c3:a4:f4:95:6f:09:e6:e8:
df:06:f1:a3:62:f4:94:a9:3b:f2:c5:53:3a:06:24:
ef:c9:9e:0f:89:3a:aa:dc:7d:6a:ae:95:dc:08:6b:
d6:90:88:3f:d5:e0:98:33:b6:9f:2a:7a:56:67:fb:
02:f5:93:77:35:08:b7:25:0d:6b:65:92:f1:a0:a5:
95:91:7e:4d:42:b3:40:c9:19:b5:6d:23:57:2b:01:
78:15:4d:f7:2e:71:1a:9e:64:13:5b:56:2b:0a:35:
5b:cd:0b:6f:46:38:fc:0d:c9:35:1e:43:8a:91:16:
3e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:06:30:43:2E:38:7A:A2:11:0A:29:D4:34:87:69:83:EE:AD:36:6C
X509v3 Authority Key Identifier:
keyid:E9:71:FF:B4:40:13:41:21:02:1C:62:5E:9B:70:EB:1A:E5:A2:8F:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911EDE5/B3BF758AD51211E9B643ED39C4F9AE02/6XH_tEATQSECHGJem3DrGuWij2A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6XH_tEATQSECHGJem3DrGuWij2A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911EDE5/B3BF758AD51211E9B643ED39C4F9AE02/89D124B6D51311E98A41293BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.142.236.0/23
IPv6:
2001:df1:9580::/48
Signature Algorithm: sha256WithRSAEncryption
27:a1:b2:f1:d6:ea:1f:54:08:f0:70:a4:77:53:80:8f:52:0d:
c7:99:d7:75:93:95:78:51:ad:2a:3f:10:b7:ad:35:c0:6c:57:
42:69:62:88:d1:e9:6e:28:8d:86:e0:f9:28:f4:1c:cb:5f:79:
72:a8:f8:5c:a9:e4:4c:13:13:31:40:9b:0e:82:28:66:9c:26:
61:ea:21:5b:8c:b7:2d:a4:01:ed:15:d6:7a:a4:67:19:a3:0b:
5d:d7:86:20:96:79:90:d0:f3:74:8a:19:92:71:0e:17:96:5a:
f1:7f:88:17:e7:52:14:6a:27:9c:05:2f:23:34:c5:66:3f:50:
0f:3a:6e:a2:1f:16:e3:d2:43:20:57:db:b0:1c:55:f8:93:47:
b5:f0:d4:82:4b:ed:b9:cf:16:e9:ca:d9:1d:2d:cf:f1:a2:8d:
a9:66:a1:09:a5:1a:e5:19:f0:40:8e:c9:fc:0b:74:4c:e8:8d:
ae:1f:6c:a1:41:c5:72:ec:9c:1e:ce:14:35:47:87:d2:47:8e:
26:57:f2:2b:09:6f:23:c2:55:49:93:8c:06:9f:4c:ff:ba:b9:
43:7f:70:df:8f:d6:8f:fe:7a:3f:f4:17:96:54:ed:ba:82:a4:
7d:a2:49:a9:36:bf:8f:05:a3:15:ff:56:b7:5c:53:8e:a4:50:
56:90:88:2c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICDOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUVERTUxMTAvBgNVBAUTKEU5NzFGRkI0NDAxMzQxMjEwMjFDNjI1RTlCNzBFQjFB
RTVBMjhGNjAwHhcNMjQxMTE4MTgwNzAwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNiODI0My1kZjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1rda6N7r2ynv3QgaYAjGJV7V9ql7+90m7B3OHJxEtJE8pg+Qv3PtVlZuwC1d
4TCxMZv+vH3TFiZSfEAKG7JN5GMhNg14JhGh41G67MMBLjy1HjoGCgwKNxOnbeHk
Kw6/BP+B8HNQ1vS61As3kU7B8b3WFh+p2wPxqkSBnSXiXvMbO2psozkEcIEIf9zl
w6T0lW8J5ujfBvGjYvSUqTvyxVM6BiTvyZ4PiTqq3H1qrpXcCGvWkIg/1eCYM7af
KnpWZ/sC9ZN3NQi3JQ1rZZLxoKWVkX5NQrNAyRm1bSNXKwF4FU33LnEanmQTW1Yr
CjVbzQtvRjj8Dck1HkOKkRY+hQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNQGMEMu
OHqiEQop1DSHaYPurTZsMB8GA1UdIwQYMBaAFOlx/7RAE0EhAhxiXptw6xrloo9g
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRURFNS9CM0JGNzU4QUQ1
MTIxMUU5QjY0M0VEMzlDNEY5QUUwMi82WEhfdEVBVFFTRUNIR0plbTNEckd1V2lq
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZYSF90RUFUUVNFQ0hHSmVtM0RyR3VXaWoyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUVERTUvQjNCRjc1OEFENTEyMTFFOUI2NDNFRDM5QzRGOUFFMDIvODlEMTI0QjZE
NTEzMTFFOThBNDEyOTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnjuwwDwQCAAIwCQMHACABDfGVgDANBgkqhkiG9w0BAQsF
AAOCAQEAJ6Gy8dbqH1QI8HCkd1OAj1INx5nXdZOVeFGtKj8Qt601wGxXQmliiNHp
biiNhuD5KPQcy195cqj4XKnkTBMTMUCbDoIoZpwmYeohW4y3LaQB7RXWeqRnGaML
XdeGIJZ5kNDzdIoZknEOF5Za8X+IF+dSFGonnAUvIzTFZj9QDzpuoh8W49JDIFfb
sBxV+JNHtfDUgkvtuc8W6crZHS3P8aKNqWahCaUa5RnwQI7J/At0TOiNrh9soUHF
cuycHs4UNUeH0keOJlfyKwlvI8JVSZOMBp9M/7q5Q39w34/Wj/56P/QXllTtuoKk
faJJqTa/jwWjFf9Wt1xTjqRQVpCILA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:19:20 2025 by rpki-client