Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91383D8/09CC360CCA2B11EBADF5455EC4F9AE02/F14DD31CCA2D11EB8B7FE060C4F9AE02.roa
File: F14DD31CCA2D11EB8B7FE060C4F9AE02.roa (raw, json)
Hash identifier: nlbZwdmWCR0rCntJsOjXUzxC/iQIDD9NG+5T6R9ZlqQ=
Subject key identifier: E8:F3:D6:53:E9:1A:47:92:A8:DE:29:73:D0:D0:C7:B3:1E:A6:68:ED
Certificate issuer: /CN=A91383D8/serialNumber=4D27988B29E52B26503DCABC041AB3F61F241051
Certificate serial: 04FF
Authority key identifier: 4D:27:98:8B:29:E5:2B:26:50:3D:CA:BC:04:1A:B3:F6:1F:24:10:51
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TSeYiynlKyZQPcq8BBqz9h8kEFE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91383D8/09CC360CCA2B11EBADF5455EC4F9AE02/F14DD31CCA2D11EB8B7FE060C4F9AE02.roa
Signing time: Wed 05 Jun 2024 01:56:23 +0000
ROA not before: Wed 05 Jun 2024 01:56:23 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 142123
IP address blocks: 103.166.166.0/23 maxlen: 24
2407:5940::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1279 (0x4ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91383D8
Validity
Not Before: Jun 5 01:56:23 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=665fc5c6-730f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4d:5e:b4:94:c8:df:28:14:2e:84:42:e8:96:
91:7a:4a:ac:8b:88:d1:91:58:06:15:5b:a6:97:40:
c3:84:41:d7:a3:fb:55:34:d4:68:7e:a8:95:3f:90:
2a:be:7c:5e:7e:3e:91:02:74:5b:33:0e:58:f7:3d:
d6:7d:b7:fe:e7:df:80:24:45:a9:e6:8c:14:9f:6f:
25:bb:83:82:d7:4e:b9:26:e8:66:e1:ea:c1:f1:1a:
18:e3:8b:91:da:d2:fc:d2:85:a5:2d:e6:91:25:51:
22:ec:78:25:17:85:54:7b:36:a6:7f:5e:f6:f5:b2:
37:3b:74:5a:9d:15:c8:c3:96:a8:a1:12:5d:45:f8:
81:d1:7f:5b:95:5f:3b:fc:01:5c:03:03:d8:80:c3:
74:d5:1a:b5:6f:78:13:8e:18:77:e3:3f:62:1a:5b:
ef:9a:0d:a4:ad:b7:dc:ed:10:ae:b2:73:40:96:ac:
b4:f0:f0:24:a1:03:08:d7:ac:2e:c6:a2:2f:4c:67:
88:8e:59:00:0d:34:e9:61:e8:91:5f:b4:18:53:2f:
35:74:5d:91:bc:d9:44:8f:16:30:5c:fe:7d:0a:7e:
99:89:d8:8b:c8:e5:4c:59:71:ed:2d:c5:13:4a:98:
d8:43:c6:42:4f:56:ab:a8:59:28:c2:dc:b4:86:da:
8c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:F3:D6:53:E9:1A:47:92:A8:DE:29:73:D0:D0:C7:B3:1E:A6:68:ED
X509v3 Authority Key Identifier:
keyid:4D:27:98:8B:29:E5:2B:26:50:3D:CA:BC:04:1A:B3:F6:1F:24:10:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91383D8/09CC360CCA2B11EBADF5455EC4F9AE02/TSeYiynlKyZQPcq8BBqz9h8kEFE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TSeYiynlKyZQPcq8BBqz9h8kEFE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91383D8/09CC360CCA2B11EBADF5455EC4F9AE02/F14DD31CCA2D11EB8B7FE060C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.166.166.0/23
IPv6:
2407:5940::/32
Signature Algorithm: sha256WithRSAEncryption
45:d0:bc:be:61:86:48:8a:6a:29:5c:ea:26:7b:cd:4c:bc:88:
8b:28:c0:82:f4:89:b2:68:12:3b:ba:1c:a8:be:d2:5a:59:3d:
6d:0a:7f:07:09:db:5b:d9:e5:7b:4b:72:a0:fb:7e:fb:e3:c6:
3d:89:07:82:92:80:b8:cf:23:2e:89:ae:7c:59:cc:b5:29:17:
66:52:2b:b8:8b:46:45:c1:61:d6:19:bf:d1:69:a4:1d:77:bd:
de:83:74:d9:27:45:a4:2c:84:a7:79:e8:79:a5:5e:9e:0d:3e:
99:dd:1c:a3:41:fd:37:3b:76:ed:cd:2b:e4:c2:24:c9:d5:1a:
71:e5:7b:f6:cb:96:91:48:64:69:04:34:67:43:bc:73:73:2e:
c3:c9:2b:77:76:e4:c7:71:5e:d0:af:cb:d9:9f:1d:74:1c:56:
ff:34:cd:9f:51:2c:34:0b:0e:87:de:3b:3e:f0:12:31:94:ab:
c8:20:56:9e:6c:bf:8e:3d:95:bb:c1:3f:af:3e:68:bf:cf:d1:
e0:a3:c8:e7:76:77:d2:60:92:f3:d2:79:33:90:e9:43:28:dd:
f4:b9:7d:16:18:f3:61:f9:03:99:b2:7f:42:2b:5b:bf:5a:e3:
ee:52:a7:28:f8:cb:59:58:7e:54:ff:dc:78:0c:a1:10:45:81:
cc:97:26:af
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzgzRDgxMTAvBgNVBAUTKDREMjc5ODhCMjlFNTJCMjY1MDNEQ0FCQzA0MUFCM0Y2
MUYyNDEwNTEwHhcNMjQwNjA1MDE1NjIzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVmYzVjNi03MzBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtU1etJTI3ygULoRC6JaRekqsi4jRkVgGFVuml0DDhEHXo/tVNNRofqiVP5Aq
vnxefj6RAnRbMw5Y9z3Wfbf+59+AJEWp5owUn28lu4OC1065Juhm4erB8RoY44uR
2tL80oWlLeaRJVEi7HglF4VUezamf1729bI3O3RanRXIw5aooRJdRfiB0X9blV87
/AFcAwPYgMN01Rq1b3gTjhh34z9iGlvvmg2krbfc7RCusnNAlqy08PAkoQMI16wu
xqIvTGeIjlkADTTpYeiRX7QYUy81dF2RvNlEjxYwXP59Cn6ZidiLyOVMWXHtLcUT
SpjYQ8ZCT1arqFkowty0htqMHwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOjz1lPp
GkeSqN4pc9DQx7MepmjtMB8GA1UdIwQYMBaAFE0nmIsp5SsmUD3KvAQas/YfJBBR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzODNEOC8wOUNDMzYwQ0NB
MkIxMUVCQURGNTQ1NUVDNEY5QUUwMi9UU2VZaXlubEt5WlFQY3E4QkJxejloOGtF
RkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RTZVlpeW5sS3laUVBjcThCQnF6OWg4a0VGRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzgzRDgvMDlDQzM2MENDQTJCMTFFQkFERjU0NTVFQzRGOUFFMDIvRjE0REQzMUND
QTJEMTFFQjhCN0ZFMDYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnpqYwDQQCAAIwBwMFACQHWUAwDQYJKoZIhvcNAQELBQAD
ggEBAEXQvL5hhkiKailc6iZ7zUy8iIsowIL0ibJoEju6HKi+0lpZPW0KfwcJ21vZ
5XtLcqD7fvvjxj2JB4KSgLjPIy6JrnxZzLUpF2ZSK7iLRkXBYdYZv9FppB13vd6D
dNknRaQshKd56HmlXp4NPpndHKNB/Tc7du3NK+TCJMnVGnHle/bLlpFIZGkENGdD
vHNzLsPJK3d25MdxXtCvy9mfHXQcVv80zZ9RLDQLDofeOz7wEjGUq8ggVp5sv449
lbvBP68+aL/P0eCjyOd2d9JgkvPSeTOQ6UMo3fS5fRYY82H5A5myf0IrW79a4+5S
pyj4y1lYflT/3HgMoRBFgcyXJq8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:27:29 2025 by rpki-client