Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/590697D6465611EE8128031BC4F9AE02.roa
File: 590697D6465611EE8128031BC4F9AE02.roa (raw, json)
Hash identifier: JIQ3Z5Vql3trgih29wB+iKDBgbYVi7iH8FQ6aCEf6sw=
Subject key identifier: 6D:E5:BA:A2:5F:80:C0:12:E7:29:07:09:6D:44:A2:5E:3B:4C:BA:A3
Certificate issuer: /CN=A9136109/serialNumber=28E0177C70A5724707DBB149ED557C0F8156E0E9
Certificate serial: 0520
Authority key identifier: 28:E0:17:7C:70:A5:72:47:07:DB:B1:49:ED:55:7C:0F:81:56:E0:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/590697D6465611EE8128031BC4F9AE02.roa
Signing time: Mon 03 Jun 2024 01:56:50 +0000
ROA not before: Mon 03 Jun 2024 01:56:50 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 48014
IP address blocks: 103.167.234.0/24 maxlen: 24
103.167.235.0/24 maxlen: 24
2407:79c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1312 (0x520)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9136109
Validity
Not Before: Jun 3 01:56:50 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=665d22e2-646b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e7:6c:4d:70:b2:61:df:6e:4a:39:ec:6d:36:
b6:0b:d4:eb:20:4e:68:66:1c:13:09:a9:59:c2:25:
7d:a9:f4:c1:b9:46:f6:0b:de:1a:1b:0e:b2:56:c6:
4d:ec:cf:c2:83:f1:2a:d4:62:7c:db:0d:12:d3:30:
56:b9:98:4b:02:fe:26:db:23:df:0c:f6:c2:ec:ed:
a1:85:ed:33:27:96:48:fd:df:df:a5:8c:05:26:b7:
31:4f:e7:63:1c:ad:f7:8d:5d:96:b5:84:6a:03:bc:
0b:82:28:9b:59:83:14:db:5e:4f:1b:2c:73:5e:16:
91:54:37:df:cf:20:ae:8e:cc:d4:be:64:6f:ae:49:
e0:d2:4c:ad:26:41:d3:46:1d:1c:64:0e:3d:a3:ce:
90:14:b9:5d:92:ff:7c:83:6c:d7:70:fe:81:bb:25:
80:71:ba:7b:5d:ba:09:38:8e:0b:d0:4c:52:97:05:
32:87:46:20:4a:47:7a:da:b0:7a:5b:38:85:b0:e1:
b3:c7:08:46:c3:13:a8:9c:66:e6:c6:f1:67:d3:06:
f2:49:36:fd:81:1e:b6:55:6e:e2:23:89:11:d8:98:
e4:ca:af:4f:26:4c:0b:4e:b8:ab:23:e4:95:4c:97:
52:d8:36:92:a0:e1:50:9f:ea:c6:72:91:f0:7d:2e:
44:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E5:BA:A2:5F:80:C0:12:E7:29:07:09:6D:44:A2:5E:3B:4C:BA:A3
X509v3 Authority Key Identifier:
keyid:28:E0:17:7C:70:A5:72:47:07:DB:B1:49:ED:55:7C:0F:81:56:E0:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/590697D6465611EE8128031BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.234.0/23
IPv6:
2407:79c0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:01:e5:48:ec:97:21:17:20:9d:83:e0:d4:98:12:d8:5f:3c:
ca:cb:a7:cf:92:26:f5:51:16:3f:9a:90:08:94:b6:d1:36:0a:
bd:2e:7a:6e:70:27:33:77:85:67:97:62:3d:4f:32:16:06:d0:
06:e1:4f:e2:62:cb:49:2f:66:41:59:80:a4:d6:68:4f:42:14:
b9:7e:5f:8a:a8:f9:4e:75:86:bd:c0:4f:f7:3a:82:b1:32:77:
4c:db:88:17:87:f8:e0:57:7b:46:04:e8:46:19:ad:d0:a1:7d:
71:07:d3:af:6c:b1:78:cb:4a:c0:e2:7f:9e:40:56:c6:58:a8:
a7:36:7c:13:15:1a:43:29:cf:5e:31:04:f1:68:5e:ae:61:be:
9e:54:50:cd:4a:8b:6b:28:f2:67:b6:90:45:6c:c9:60:f2:ba:
fc:b4:3c:80:e0:a7:bd:0d:6a:33:d9:33:03:df:f4:bb:2b:a0:
af:eb:62:09:7f:4e:e3:c2:d7:90:8b:62:95:ac:a1:c1:c0:5a:
b1:b0:43:97:50:a6:9a:3a:f8:ab:10:89:24:1a:94:3b:67:97:
b8:d8:71:e3:6a:c9:f7:03:ef:e2:0a:f3:3a:ce:cd:a6:35:94:
4f:d0:4a:27:3e:43:c8:9a:9b:ec:ff:36:92:b3:cf:82:84:d9:
35:39:a8:ea
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBSAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzYxMDkxMTAvBgNVBAUTKDI4RTAxNzdDNzBBNTcyNDcwN0RCQjE0OUVENTU3QzBG
ODE1NkUwRTkwHhcNMjQwNjAzMDE1NjUwWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVkMjJlMi02NDZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo+dsTXCyYd9uSjnsbTa2C9TrIE5oZhwTCalZwiV9qfTBuUb2C94aGw6yVsZN
7M/Cg/Eq1GJ82w0S0zBWuZhLAv4m2yPfDPbC7O2hhe0zJ5ZI/d/fpYwFJrcxT+dj
HK33jV2WtYRqA7wLgiibWYMU215PGyxzXhaRVDffzyCujszUvmRvrkng0kytJkHT
Rh0cZA49o86QFLldkv98g2zXcP6BuyWAcbp7XboJOI4L0ExSlwUyh0YgSkd62rB6
WziFsOGzxwhGwxOonGbmxvFn0wbySTb9gR62VW7iI4kR2Jjkyq9PJkwLTrirI+SV
TJdS2DaSoOFQn+rGcpHwfS5EFwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFG3luqJf
gMAS5ykHCW1Eol47TLqjMB8GA1UdIwQYMBaAFCjgF3xwpXJHB9uxSe1VfA+BVuDp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjEwOS9DODIwNzIxMkM1
MEQxMUVCOUFBRUU4N0JDNEY5QUUwMi9LT0FYZkhDbGNrY0gyN0ZKN1ZWOEQ0Rlc0
T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPQVhmSENsY2tjSDI3Rko3VlY4RDRGVzRPay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzYxMDkvQzgyMDcyMTJDNTBEMTFFQjlBQUVFODdCQzRGOUFFMDIvNTkwNjk3RDY0
NjU2MTFFRTgxMjgwMzFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnp+owDQQCAAIwBwMFACQHecAwDQYJKoZIhvcNAQELBQAD
ggEBAG4B5UjslyEXIJ2D4NSYEthfPMrLp8+SJvVRFj+akAiUttE2Cr0uem5wJzN3
hWeXYj1PMhYG0AbhT+Jiy0kvZkFZgKTWaE9CFLl+X4qo+U51hr3AT/c6grEyd0zb
iBeH+OBXe0YE6EYZrdChfXEH069ssXjLSsDif55AVsZYqKc2fBMVGkMpz14xBPFo
Xq5hvp5UUM1Ki2so8me2kEVsyWDyuvy0PIDgp70NajPZMwPf9LsroK/rYgl/TuPC
15CLYpWsocHAWrGwQ5dQppo6+KsQiSQalDtnl7jYceNqyfcD7+IK8zrOzaY1lE/Q
Sic+Q8iam+z/NpKzz4KE2TU5qOo=
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:23:09 2025 by rpki-client