Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/05449490E17B11EC93AB7473C4F9AE02.roa
File: 05449490E17B11EC93AB7473C4F9AE02.roa (raw, json)
Hash identifier: PcZWjC6UVwgJAg7JfBerYqiOjHVIHel2AtVeK/QvypU=
Subject key identifier: 05:3B:16:48:AC:20:6B:89:39:6F:AA:F7:7A:62:D1:32:8D:A6:A2:3B
Certificate issuer: /CN=A912B2EE/serialNumber=C824347425BAC8AF59B4E1966BC10DBFA8BDAB82
Certificate serial: 0EC1
Authority key identifier: C8:24:34:74:25:BA:C8:AF:59:B4:E1:96:6B:C1:0D:BF:A8:BD:AB:82
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/05449490E17B11EC93AB7473C4F9AE02.roa
Signing time: Sat 08 Jun 2024 18:41:39 +0000
ROA not before: Sat 08 Jun 2024 18:41:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139924
IP address blocks: 103.138.158.0/23 maxlen: 23
103.138.158.0/24 maxlen: 24
103.138.159.0/24 maxlen: 24
2407:98c0::/32 maxlen: 32
2407:98c0::/48 maxlen: 48
2407:98c0:1::/48 maxlen: 48
2407:98c0:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3777 (0xec1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912B2EE
Validity
Not Before: Jun 8 18:41:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6664a5e2-8836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:36:78:64:da:cf:84:ac:bd:65:03:0a:0f:4e:
1a:38:c2:96:6d:6d:6e:44:38:c1:80:4c:e3:cb:82:
3e:04:b2:55:6e:56:8a:c3:42:ca:5d:11:1a:b7:c9:
ee:a4:40:d9:94:a5:00:32:30:5f:e8:1f:13:8f:1b:
a1:70:4e:dc:b5:3f:37:e6:83:ab:3f:b0:7f:bf:58:
24:c5:36:a2:dc:85:ad:43:71:1a:b1:93:89:4e:b3:
43:8b:4e:2f:20:43:19:12:16:97:39:ea:e5:8d:f1:
0e:28:bd:61:46:a1:dc:ac:55:04:d4:f8:da:fd:bd:
3d:21:d3:77:8d:69:67:1b:37:c0:e9:20:ec:a8:d3:
e9:f6:03:21:f7:e3:36:b7:72:75:2a:f2:6b:76:f5:
46:f8:19:c7:d6:20:07:81:77:db:18:15:4f:7b:2a:
ca:e1:80:71:db:05:3c:d6:cd:eb:85:61:51:c5:6b:
90:67:bc:eb:5a:ca:34:28:de:e3:f5:77:06:3e:a8:
97:0e:45:85:f3:48:49:54:88:96:3c:62:d6:13:3c:
e0:02:ff:f4:76:24:84:6f:4c:19:9e:41:ff:6c:58:
4f:60:0e:f3:07:bf:ae:f0:79:90:42:0d:53:89:e7:
40:55:09:a6:ef:db:74:68:fb:15:26:8b:4e:3b:d7:
ed:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:3B:16:48:AC:20:6B:89:39:6F:AA:F7:7A:62:D1:32:8D:A6:A2:3B
X509v3 Authority Key Identifier:
keyid:C8:24:34:74:25:BA:C8:AF:59:B4:E1:96:6B:C1:0D:BF:A8:BD:AB:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/05449490E17B11EC93AB7473C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.158.0/23
IPv6:
2407:98c0::/32
Signature Algorithm: sha256WithRSAEncryption
21:ee:7f:c3:1d:d9:a4:a9:5d:60:a4:71:ca:92:d3:84:04:f2:
f8:6b:21:ff:74:bf:1e:92:59:52:b8:14:a7:1f:93:88:3b:c0:
6c:dd:a6:9f:c2:91:b2:40:7c:92:b4:18:60:57:ef:c9:e8:06:
95:cb:c7:c2:1d:35:2d:40:36:af:15:64:3d:f4:b9:cb:91:8b:
d5:ac:f0:bf:8d:08:ae:9c:0a:87:8f:ce:d9:0f:4a:14:e8:4f:
7f:37:7c:1e:cc:3d:f5:29:ce:49:39:e7:74:01:78:6c:91:92:
bd:bb:85:b5:2f:a1:e5:35:fe:ae:70:0a:93:06:0a:a4:b2:59:
df:74:bc:ee:7d:5c:d4:60:32:ca:61:93:77:b7:05:47:97:f2:
b9:e1:4e:eb:22:0f:a4:bb:0a:18:57:d8:51:24:24:23:c5:38:
59:2b:dc:8a:47:9e:db:a0:e3:5b:c8:88:3c:ca:37:5a:02:25:
7f:1e:45:c0:dd:62:53:ca:99:32:a8:30:f2:d8:1e:25:b6:64:
31:8a:26:1c:9a:ea:8e:52:a7:87:b3:fc:a2:2d:b0:7b:ba:00:
25:fe:af:b6:4e:13:45:77:03:a7:0e:b0:00:0e:d3:f5:c8:4d:
d1:8f:f7:13:17:dc:99:17:f1:00:4c:c8:85:96:d7:7f:3e:a1:
98:b3:ac:e5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDsEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkIyRUUxMTAvBgNVBAUTKEM4MjQzNDc0MjVCQUM4QUY1OUI0RTE5NjZCQzEwREJG
QThCREFCODIwHhcNMjQwNjA4MTg0MTM5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjY0YTVlMi04ODM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqTZ4ZNrPhKy9ZQMKD04aOMKWbW1uRDjBgEzjy4I+BLJVblaKw0LKXREat8nu
pEDZlKUAMjBf6B8TjxuhcE7ctT835oOrP7B/v1gkxTai3IWtQ3EasZOJTrNDi04v
IEMZEhaXOerljfEOKL1hRqHcrFUE1Pja/b09IdN3jWlnGzfA6SDsqNPp9gMh9+M2
t3J1KvJrdvVG+BnH1iAHgXfbGBVPeyrK4YBx2wU81s3rhWFRxWuQZ7zrWso0KN7j
9XcGPqiXDkWF80hJVIiWPGLWEzzgAv/0diSEb0wZnkH/bFhPYA7zB7+u8HmQQg1T
iedAVQmm79t0aPsVJotOO9ftxQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAU7Fkis
IGuJOW+q93pi0TKNpqI7MB8GA1UdIwQYMBaAFMgkNHQlusivWbThlmvBDb+ovauC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQjJFRS8xRjQxMUY1ODZD
MjExMUU5Qjc2RkE5MDlDNEY5QUUwMi95Q1EwZENXNnlLOVp0T0dXYThFTnY2aTlx
NEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lDUTBkQ1c2eUs5WnRPR1dhOEVOdjZpOXE0SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkIyRUUvMUY0MTFGNTg2QzIxMTFFOUI3NkZBOTA5QzRGOUFFMDIvMDU0NDk0OTBF
MTdCMTFFQzkzQUI3NDczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnip4wDQQCAAIwBwMFACQHmMAwDQYJKoZIhvcNAQELBQAD
ggEBACHuf8Md2aSpXWCkccqS04QE8vhrIf90vx6SWVK4FKcfk4g7wGzdpp/CkbJA
fJK0GGBX78noBpXLx8IdNS1ANq8VZD30ucuRi9Ws8L+NCK6cCoePztkPShToT383
fB7MPfUpzkk553QBeGyRkr27hbUvoeU1/q5wCpMGCqSyWd90vO59XNRgMsphk3e3
BUeX8rnhTusiD6S7ChhX2FEkJCPFOFkr3IpHntug41vIiDzKN1oCJX8eRcDdYlPK
mTKoMPLYHiW2ZDGKJhya6o5Sp4ez/KItsHu6ACX+r7ZOE0V3A6cOsAAO0/XITdGP
9xMX3JkX8QBMyIWW138+oZizrOU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:12:08 2025 by rpki-client