Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913F478/499A915E6D1611EDBE12050CC4F9AE02/A89C497E6D1911ED9C34360FC4F9AE02.roa
File: A89C497E6D1911ED9C34360FC4F9AE02.roa (raw, json)
Hash identifier: UQCZG7itJMxo24ik+1Acdmbu5iaW6o2y95pik3WrmR4=
Subject key identifier: 52:50:56:3D:B1:FB:14:22:74:87:E5:9D:82:A7:21:4E:BF:38:43:90
Certificate issuer: /CN=A913F478/serialNumber=568F765CCAB42C5230798E68FBC37C8AA49F5F44
Certificate serial: 0177
Authority key identifier: 56:8F:76:5C:CA:B4:2C:52:30:79:8E:68:FB:C3:7C:8A:A4:9F:5F:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vo92XMq0LFIweY5o-8N8iqSfX0Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913F478/499A915E6D1611EDBE12050CC4F9AE02/A89C497E6D1911ED9C34360FC4F9AE02.roa
Signing time: Sun 03 Nov 2024 02:16:20 +0000
ROA not before: Sun 03 Nov 2024 02:16:20 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 150447
IP address blocks: 103.17.148.0/23 maxlen: 23
103.17.148.0/24 maxlen: 24
103.17.149.0/24 maxlen: 24
2001:df1:5bc0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 375 (0x177)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913F478
Validity
Not Before: Nov 3 02:16:20 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6726dcf4-9798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:01:c8:8f:44:0d:ca:26:d0:ab:d9:9a:6c:26:
4b:cc:8d:3a:84:cf:40:ed:c4:16:68:7f:76:48:1e:
e8:00:f0:f0:b7:70:26:45:cb:5c:5a:17:a4:2c:56:
04:43:e7:6c:f3:27:1e:54:dd:29:25:d9:48:53:52:
06:03:7c:fc:19:1f:af:58:66:0a:d1:89:07:ff:61:
4e:3e:1b:cb:21:e4:c4:31:62:ce:70:c8:69:e3:83:
72:00:d9:87:5e:4c:7a:56:6e:0d:77:ce:5c:a6:42:
bf:e8:13:04:69:8a:75:a9:92:cc:53:2e:95:c7:3a:
6d:8a:4f:58:36:f4:5e:51:f8:40:32:dd:93:41:e2:
e1:e8:4a:4a:ee:d0:48:53:e4:1a:4e:da:21:2c:5f:
c3:7c:b0:a1:5c:21:4d:5f:91:f9:15:7c:33:96:08:
91:fe:4b:9e:be:e1:88:3b:93:f1:87:c7:80:ee:c6:
c8:83:20:09:b2:86:49:93:f8:5d:f1:74:b4:e5:fa:
a8:17:5e:c8:7d:34:c9:ed:86:57:87:df:c2:ca:31:
2f:25:90:07:9f:c8:2d:b0:a0:46:be:b8:61:39:11:
57:53:23:34:f7:be:10:e3:0d:7f:b9:1e:6e:6c:26:
02:1a:21:ca:d3:8b:ff:7d:e2:a8:e6:7d:8e:13:43:
d6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:50:56:3D:B1:FB:14:22:74:87:E5:9D:82:A7:21:4E:BF:38:43:90
X509v3 Authority Key Identifier:
keyid:56:8F:76:5C:CA:B4:2C:52:30:79:8E:68:FB:C3:7C:8A:A4:9F:5F:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913F478/499A915E6D1611EDBE12050CC4F9AE02/Vo92XMq0LFIweY5o-8N8iqSfX0Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vo92XMq0LFIweY5o-8N8iqSfX0Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F478/499A915E6D1611EDBE12050CC4F9AE02/A89C497E6D1911ED9C34360FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.17.148.0/23
IPv6:
2001:df1:5bc0::/48
Signature Algorithm: sha256WithRSAEncryption
52:f7:53:49:d9:c1:dc:f3:6c:9d:ca:93:5a:05:06:fd:58:c2:
66:7a:29:bf:e5:a1:f9:a5:27:83:3d:68:96:21:1f:a5:f3:a5:
b3:d9:68:c7:8e:2e:d4:3d:04:9e:e7:f5:7f:78:6b:f6:a9:2e:
95:81:2e:44:e2:66:de:c8:35:b1:d1:c8:c4:3c:1e:be:cd:15:
07:0c:97:20:fa:01:46:2e:58:d6:f3:2e:4b:62:86:8c:c3:82:
d0:d4:66:e5:df:9d:0a:b3:05:02:ef:6c:fa:99:3e:04:28:1a:
4a:66:5a:79:47:a8:17:b8:5f:e9:27:0f:88:9d:9d:19:ad:ff:
05:d6:c6:b5:b3:0f:82:2a:6b:7e:ad:a6:3c:82:4f:fa:5d:62:
1f:78:43:0d:3c:c9:57:25:a7:cf:58:f5:e5:5d:ab:2a:be:dd:
cf:76:08:ce:24:79:bc:68:99:30:c6:23:be:e4:be:b0:f9:ba:
6a:bb:d1:33:b2:93:96:de:35:3b:20:31:ae:24:08:06:37:ab:
b9:4f:1a:a8:45:e1:a4:6a:7c:cf:46:c2:52:4b:a9:b9:b2:96:
db:3a:26:26:09:fb:fe:3a:f0:8a:45:5c:0b:c5:66:28:69:9b:
34:9d:4c:27:20:4a:6c:b4:d8:85:a1:0f:cb:69:79:b4:36:52:
ac:60:fd:14
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAXcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0Y0NzgxMTAvBgNVBAUTKDU2OEY3NjVDQ0FCNDJDNTIzMDc5OEU2OEZCQzM3QzhB
QTQ5RjVGNDQwHhcNMjQxMTAzMDIxNjIwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI2ZGNmNC05Nzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAywHIj0QNyibQq9mabCZLzI06hM9A7cQWaH92SB7oAPDwt3AmRctcWhekLFYE
Q+ds8yceVN0pJdlIU1IGA3z8GR+vWGYK0YkH/2FOPhvLIeTEMWLOcMhp44NyANmH
Xkx6Vm4Nd85cpkK/6BMEaYp1qZLMUy6Vxzptik9YNvReUfhAMt2TQeLh6EpK7tBI
U+QaTtohLF/DfLChXCFNX5H5FXwzlgiR/kuevuGIO5Pxh8eA7sbIgyAJsoZJk/hd
8XS05fqoF17IfTTJ7YZXh9/CyjEvJZAHn8gtsKBGvrhhORFXUyM0974Q4w1/uR5u
bCYCGiHK04v/feKo5n2OE0PWMQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFFJQVj2x
+xQidIflnYKnIU6/OEOQMB8GA1UdIwQYMBaAFFaPdlzKtCxSMHmOaPvDfIqkn19E
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjQ3OC80OTlBOTE1RTZE
MTYxMUVEQkUxMjA1MENDNEY5QUUwMi9WbzkyWE1xMExGSXdlWTVvLThOOGlxU2ZY
MFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZvOTJYTXEwTEZJd2VZNW8tOE44aXFTZlgwUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0Y0NzgvNDk5QTkxNUU2RDE2MTFFREJFMTIwNTBDQzRGOUFFMDIvQTg5QzQ5N0U2
RDE5MTFFRDlDMzQzNjBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnEZQwDwQCAAIwCQMHACABDfFbwDANBgkqhkiG9w0BAQsF
AAOCAQEAUvdTSdnB3PNsncqTWgUG/VjCZnopv+Wh+aUngz1oliEfpfOls9lox44u
1D0Enuf1f3hr9qkulYEuROJm3sg1sdHIxDwevs0VBwyXIPoBRi5Y1vMuS2KGjMOC
0NRm5d+dCrMFAu9s+pk+BCgaSmZaeUeoF7hf6ScPiJ2dGa3/BdbGtbMPgiprfq2m
PIJP+l1iH3hDDTzJVyWnz1j15V2rKr7dz3YIziR5vGiZMMYjvuS+sPm6arvRM7KT
lt41OyAxriQIBjeruU8aqEXhpGp8z0bCUkupubKW2zomJgn7/jrwikVcC8VmKGmb
NJ1MJyBKbLTYhaEPy2l5tDZSrGD9FA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:47:38 2025 by rpki-client