Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9126D40/3C6333C6F3F311EBA292E580C4F9AE02/5B0A7AFCF3F611EB8DD81585C4F9AE02.roa
File: 5B0A7AFCF3F611EB8DD81585C4F9AE02.roa (raw, json)
Hash identifier: mmb+6qMWLAl/o5ujhFGq4lHoA5XfllDMtxdPhnJR8HM=
Subject key identifier: B1:63:F2:68:75:03:79:A2:5D:45:4D:42:2C:25:98:DF:2E:3C:80:A1
Certificate issuer: /CN=A9126D40/serialNumber=A7103FD33F6C8A6448FC63940AA97D93F81F8105
Certificate serial: 048B
Authority key identifier: A7:10:3F:D3:3F:6C:8A:64:48:FC:63:94:0A:A9:7D:93:F8:1F:81:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pxA_0z9simRI_GOUCql9k_gfgQU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9126D40/3C6333C6F3F311EBA292E580C4F9AE02/5B0A7AFCF3F611EB8DD81585C4F9AE02.roa
Signing time: Wed 05 Jun 2024 01:57:17 +0000
ROA not before: Wed 05 Jun 2024 01:57:17 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 7600
IP address blocks: 103.27.174.0/24 maxlen: 24
103.92.140.0/23 maxlen: 23
103.92.142.0/24 maxlen: 24
123.253.84.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1163 (0x48b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9126D40
Validity
Not Before: Jun 5 01:57:17 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=665fc5fc-6e59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2e:46:91:92:8d:fb:ef:3c:df:89:31:38:15:
85:c1:6d:89:ac:57:e7:66:c0:da:67:9e:ac:62:00:
30:41:89:c0:87:b2:28:3a:83:5a:5f:26:8f:bb:35:
88:32:28:24:de:df:29:f7:c6:eb:22:93:0d:5f:ba:
bc:d4:97:7f:4c:80:4a:ce:c2:ba:e3:1e:3b:5f:06:
58:93:0f:83:ca:c2:56:60:2b:18:65:10:fc:98:77:
a4:59:64:98:43:d7:f4:60:c5:a9:0f:ae:67:30:11:
5d:6f:44:7d:eb:a8:42:da:60:c4:7e:67:80:89:29:
f4:38:ec:6b:df:ab:ab:0f:17:89:82:62:2b:e7:9c:
8a:34:b5:03:6d:56:d1:dd:3e:6f:ad:15:b8:91:fd:
c1:e8:ea:d3:29:59:e5:77:33:3f:19:ce:a6:01:14:
1e:38:8d:69:51:f6:34:0e:db:89:bc:91:7b:66:48:
c7:36:03:d5:7e:89:1c:1b:cf:e3:03:cf:ff:52:3b:
c6:88:67:1a:26:1f:62:89:d8:32:e6:5d:3e:8d:c0:
e4:4a:5a:41:d3:dc:50:df:cd:f6:75:c1:a3:cf:69:
ef:af:77:8d:6b:22:cc:c5:14:d3:b8:9a:42:7a:c6:
af:e6:9a:98:f3:44:2f:45:61:54:1d:7f:b3:21:f9:
1a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:63:F2:68:75:03:79:A2:5D:45:4D:42:2C:25:98:DF:2E:3C:80:A1
X509v3 Authority Key Identifier:
keyid:A7:10:3F:D3:3F:6C:8A:64:48:FC:63:94:0A:A9:7D:93:F8:1F:81:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9126D40/3C6333C6F3F311EBA292E580C4F9AE02/pxA_0z9simRI_GOUCql9k_gfgQU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pxA_0z9simRI_GOUCql9k_gfgQU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9126D40/3C6333C6F3F311EBA292E580C4F9AE02/5B0A7AFCF3F611EB8DD81585C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.27.174.0/24
103.92.140.0-103.92.142.255
123.253.84.0/22
Signature Algorithm: sha256WithRSAEncryption
98:21:7b:91:57:db:46:82:bf:f1:97:8e:33:78:84:f0:f8:37:
65:fd:dd:7b:84:dd:34:26:cf:74:70:9b:66:b0:ba:0f:45:5b:
b5:1b:65:7c:ab:81:da:19:57:f0:58:cf:ea:15:06:1b:1a:9b:
ab:4a:32:8f:34:e3:79:39:d8:3f:f1:88:64:58:e9:c7:c3:91:
5f:6d:b1:a3:f5:56:4e:ea:99:3c:59:e5:59:52:76:2f:b9:36:
86:1a:ed:4d:06:79:74:c7:cf:41:68:01:9c:eb:ea:e6:5f:66:
30:d1:83:f5:b7:3e:47:8f:40:65:93:8e:c7:14:cc:f3:d8:7c:
94:f7:d2:a9:3e:63:58:e5:cf:c3:92:7f:11:26:f9:ad:d4:d4:
cc:c6:5d:8c:5d:68:0f:40:16:5e:02:1b:34:01:65:4d:e8:78:
e5:0d:33:c1:39:77:26:86:33:3b:43:4d:6c:54:3b:77:e3:03:
87:dd:ec:68:0d:7c:9a:e9:c4:24:14:3a:74:a8:89:e0:ad:ba:
24:3d:0f:68:bf:5b:bf:39:4c:9e:59:be:43:47:55:78:3b:61:
ed:25:fe:bf:2e:52:58:f2:21:d3:21:be:c4:6f:3c:8d:1b:05:
44:dd:b5:d3:13:60:1b:d8:58:49:c2:d9:60:de:0c:f2:9f:76:
e3:c9:d5:c0
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICBIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjZENDAxMTAvBgNVBAUTKEE3MTAzRkQzM0Y2QzhBNjQ0OEZDNjM5NDBBQTk3RDkz
RjgxRjgxMDUwHhcNMjQwNjA1MDE1NzE3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVmYzVmYy02ZTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzi5GkZKN++8834kxOBWFwW2JrFfnZsDaZ56sYgAwQYnAh7IoOoNaXyaPuzWI
Migk3t8p98brIpMNX7q81Jd/TIBKzsK64x47XwZYkw+DysJWYCsYZRD8mHekWWSY
Q9f0YMWpD65nMBFdb0R966hC2mDEfmeAiSn0OOxr36urDxeJgmIr55yKNLUDbVbR
3T5vrRW4kf3B6OrTKVnldzM/Gc6mARQeOI1pUfY0DtuJvJF7ZkjHNgPVfokcG8/j
A8//UjvGiGcaJh9iidgy5l0+jcDkSlpB09xQ3832dcGjz2nvr3eNayLMxRTTuJpC
esav5pqY80QvRWFUHX+zIfkaswIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFLFj8mh1
A3miXUVNQiwlmN8uPIChMB8GA1UdIwQYMBaAFKcQP9M/bIpkSPxjlAqpfZP4H4EF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNkQ0MC8zQzYzMzNDNkYz
RjMxMUVCQTI5MkU1ODBDNEY5QUUwMi9weEFfMHo5c2ltUklfR09VQ3FsOWtfZ2Zn
UVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3B4QV8wejlzaW1SSV9HT1VDcWw5a19nZmdRVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjZENDAvM0M2MzMzQzZGM0YzMTFFQkEyOTJFNTgwQzRGOUFFMDIvNUIwQTdBRkNG
M0Y2MTFFQjhERDgxNTg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBABnG64wDAMEAmdcjAMEAGdcjgMEAnv9VDANBgkqhkiG9w0B
AQsFAAOCAQEAmCF7kVfbRoK/8ZeOM3iE8Pg3Zf3de4TdNCbPdHCbZrC6D0VbtRtl
fKuB2hlX8FjP6hUGGxqbq0oyjzTjeTnYP/GIZFjpx8ORX22xo/VWTuqZPFnlWVJ2
L7k2hhrtTQZ5dMfPQWgBnOvq5l9mMNGD9bc+R49AZZOOxxTM89h8lPfSqT5jWOXP
w5J/ESb5rdTUzMZdjF1oD0AWXgIbNAFlTeh45Q0zwTl3JoYzO0NNbFQ7d+MDh93s
aA18munEJBQ6dKiJ4K26JD0PaL9bvzlMnlm+Q0dVeDth7SX+vy5SWPIh0yG+xG88
jRsFRN210xNgG9hYScLZYN4M8p9248nVwA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:12:18 2025 by rpki-client