Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91348DF/F02B5DBCC1DD11ECB97B9C7FC4F9AE02/06A2C3E2C1E211EC86C79687C4F9AE02.roa
File: 06A2C3E2C1E211EC86C79687C4F9AE02.roa (raw, json)
Hash identifier: L9t+DRBbmPVBfDehx/WMt8l2VQJogVd/uUcSz4yUxtc=
Subject key identifier: 61:FD:6E:EE:AE:00:78:A9:48:24:8F:2D:24:67:7D:21:91:45:17:E8
Certificate issuer: /CN=A91348DF/serialNumber=F070C1E74DAD12274E8F575DFE0BB7C14EBDC990
Certificate serial: 0284
Authority key identifier: F0:70:C1:E7:4D:AD:12:27:4E:8F:57:5D:FE:0B:B7:C1:4E:BD:C9:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8HDB502tEidOj1dd_gu3wU69yZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91348DF/F02B5DBCC1DD11ECB97B9C7FC4F9AE02/06A2C3E2C1E211EC86C79687C4F9AE02.roa
Signing time: Mon 03 Jun 2024 04:31:53 +0000
ROA not before: Mon 03 Jun 2024 04:31:53 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 58507
IP address blocks: 103.186.28.0/23 maxlen: 24
2400:6ce0::/32 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 644 (0x284)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91348DF
Validity
Not Before: Jun 3 04:31:53 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=665d4738-c408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:78:04:f2:b3:7a:57:0d:c6:ad:91:7f:4f:7f:
54:63:e1:2a:28:58:25:03:1f:35:e1:47:4f:7a:07:
85:51:b6:e1:8f:e4:51:4d:76:51:eb:37:80:1b:ae:
a3:cb:95:77:3f:36:54:2b:67:35:25:06:49:34:fb:
6d:ed:00:b2:78:dd:27:4e:05:31:36:b0:d4:8e:43:
e2:50:0b:2a:41:ac:3b:be:b0:80:21:3a:28:e1:57:
97:5a:88:e8:a7:6b:f6:ab:ee:ca:c5:46:85:86:63:
6d:d5:9d:6c:0e:df:2e:0d:65:53:05:7f:e8:ca:29:
47:8b:91:e6:b9:a1:21:8a:f0:14:10:bb:00:dd:4d:
2e:bd:28:77:25:3e:a8:26:97:29:d3:2d:e5:0c:12:
ff:10:56:f6:4f:1e:b3:62:28:67:bb:b9:46:61:b3:
f2:d1:72:af:47:f0:4a:75:94:da:fe:3e:01:da:3a:
68:8c:5a:bc:f8:30:0d:91:ae:f8:77:71:fa:90:4e:
36:14:cc:87:85:0a:7f:55:ed:0f:29:9f:41:8d:23:
99:55:5e:e2:a3:f5:02:af:35:30:2b:13:8a:35:d0:
1d:92:b4:3c:96:39:d3:58:0e:d0:c8:18:d1:36:7e:
f4:f8:9e:c5:21:6f:43:2c:cc:ec:4d:9f:aa:f1:66:
91:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:FD:6E:EE:AE:00:78:A9:48:24:8F:2D:24:67:7D:21:91:45:17:E8
X509v3 Authority Key Identifier:
keyid:F0:70:C1:E7:4D:AD:12:27:4E:8F:57:5D:FE:0B:B7:C1:4E:BD:C9:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91348DF/F02B5DBCC1DD11ECB97B9C7FC4F9AE02/8HDB502tEidOj1dd_gu3wU69yZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8HDB502tEidOj1dd_gu3wU69yZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91348DF/F02B5DBCC1DD11ECB97B9C7FC4F9AE02/06A2C3E2C1E211EC86C79687C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.28.0/23
IPv6:
2400:6ce0::/32
Signature Algorithm: sha256WithRSAEncryption
af:81:c1:2e:51:2a:d5:a3:5d:21:34:62:93:9b:37:46:99:d8:
af:a6:7c:43:38:bc:58:3b:75:69:d9:45:1e:12:d2:8e:74:19:
91:11:e6:b5:f0:ab:98:26:d0:0a:e5:d3:00:d1:67:90:1e:88:
82:0a:79:75:0f:1e:9e:a7:f7:16:cc:aa:b3:92:1b:06:7c:09:
76:42:0b:96:0a:7c:d9:66:d0:6d:63:c3:f1:df:82:5a:b2:ab:
a3:a1:4d:0c:77:fd:fb:53:ce:30:d8:51:a9:11:16:e3:b3:d2:
87:98:a3:9d:cf:22:3f:5b:42:a1:2d:1f:fa:5d:08:24:1d:06:
03:f7:e1:a0:8a:36:24:01:b5:19:b7:74:0e:82:04:8c:5e:1e:
18:66:aa:74:a8:93:f1:b2:6a:cf:48:1b:a7:42:55:86:bd:8a:
5e:ba:ba:78:46:29:97:54:2c:09:23:55:22:58:38:7a:64:f1:
2f:90:d0:fc:dd:fb:f2:bc:8f:8e:4f:0a:17:c5:4c:a9:47:3a:
a1:66:12:fe:1a:72:f0:cc:c2:5c:34:ac:5c:17:a5:8f:f8:de:
33:39:52:75:43:2f:ed:11:89:d2:4c:99:c7:e1:8d:d8:b7:08:
81:27:4b:46:48:40:c5:23:c5:e4:9d:df:86:aa:6d:4c:10:c3:
54:76:b7:8e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAoQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQ4REYxMTAvBgNVBAUTKEYwNzBDMUU3NERBRDEyMjc0RThGNTc1REZFMEJCN0Mx
NEVCREM5OTAwHhcNMjQwNjAzMDQzMTUzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVkNDczOC1jNDA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx3gE8rN6Vw3GrZF/T39UY+EqKFglAx814UdPegeFUbbhj+RRTXZR6zeAG66j
y5V3PzZUK2c1JQZJNPtt7QCyeN0nTgUxNrDUjkPiUAsqQaw7vrCAIToo4VeXWojo
p2v2q+7KxUaFhmNt1Z1sDt8uDWVTBX/oyilHi5HmuaEhivAUELsA3U0uvSh3JT6o
Jpcp0y3lDBL/EFb2Tx6zYihnu7lGYbPy0XKvR/BKdZTa/j4B2jpojFq8+DANka74
d3H6kE42FMyHhQp/Ve0PKZ9BjSOZVV7io/UCrzUwKxOKNdAdkrQ8ljnTWA7QyBjR
Nn70+J7FIW9DLMzsTZ+q8WaRfQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGH9bu6u
AHipSCSPLSRnfSGRRRfoMB8GA1UdIwQYMBaAFPBwwedNrRInTo9XXf4Lt8FOvcmQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDhERi9GMDJCNURCQ0Mx
REQxMUVDQjk3QjlDN0ZDNEY5QUUwMi84SERCNTAydEVpZE9qMWRkX2d1M3dVNjl5
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhIREI1MDJ0RWlkT2oxZGRfZ3Uzd1U2OXlaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQ4REYvRjAyQjVEQkNDMUREMTFFQ0I5N0I5QzdGQzRGOUFFMDIvMDZBMkMzRTJD
MUUyMTFFQzg2Qzc5Njg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnuhwwDQQCAAIwBwMFACQAbOAwDQYJKoZIhvcNAQELBQAD
ggEBAK+BwS5RKtWjXSE0YpObN0aZ2K+mfEM4vFg7dWnZRR4S0o50GZER5rXwq5gm
0Arl0wDRZ5AeiIIKeXUPHp6n9xbMqrOSGwZ8CXZCC5YKfNlm0G1jw/Hfglqyq6Oh
TQx3/ftTzjDYUakRFuOz0oeYo53PIj9bQqEtH/pdCCQdBgP34aCKNiQBtRm3dA6C
BIxeHhhmqnSok/Gyas9IG6dCVYa9il66unhGKZdULAkjVSJYOHpk8S+Q0Pzd+/K8
j45PChfFTKlHOqFmEv4acvDMwlw0rFwXpY/43jM5UnVDL+0RidJMmcfhjdi3CIEn
S0ZIQMUjxeSd34aqbUwQw1R2t44=
-----END CERTIFICATE-----
Generated at Fri Apr 11 06:27:29 2025 by rpki-client