Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/554CBDE4AC8211EF9F0F0527C4F9AE02.roa
File: 554CBDE4AC8211EF9F0F0527C4F9AE02.roa (raw, json)
Hash identifier: lbbmbAw4hUmylGgBcA7/xxhiMMrgDMFwnpwimnN7HJI=
Subject key identifier: D9:F7:37:42:84:97:6A:FF:BA:84:84:45:D8:72:84:9D:A2:C3:03:FC
Certificate issuer: /CN=A9143DB0/serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4
Certificate serial: 2637
Authority key identifier: 9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/554CBDE4AC8211EF9F0F0527C4F9AE02.roa
Signing time: Fri 20 Dec 2024 15:29:16 +0000
ROA not before: Fri 20 Dec 2024 15:29:16 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 139870
IP address blocks: 103.139.234.0/23 maxlen: 23
103.139.234.0/24 maxlen: 24
103.139.235.0/24 maxlen: 24
150.107.48.0/24 maxlen: 24
150.107.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9783 (0x2637)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143DB0
Validity
Not Before: Dec 20 15:29:16 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67658d4c-a5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:23:d3:cb:84:5b:4c:90:26:52:28:e2:13:ef:
e1:c4:a2:a0:fb:a4:50:1b:cc:16:c7:f6:ae:a9:92:
b6:8e:86:38:46:88:88:67:51:7e:c5:57:d8:03:a2:
d5:2c:90:87:d9:a3:b5:2c:3a:c4:7e:54:0c:f3:cc:
6e:8e:01:ab:3d:80:08:9c:91:81:7c:7f:54:d5:7e:
9b:02:e1:d8:ea:80:fd:0d:5b:8f:5d:c4:60:b8:2a:
bd:35:a6:34:ef:b2:6e:fe:e4:f7:62:04:e6:4e:99:
d7:10:69:85:e3:71:b5:bd:f0:b7:37:5f:c3:5f:be:
02:45:61:cc:63:46:13:b8:f2:d2:0e:4e:59:18:dc:
9e:29:2d:04:ca:f4:e6:46:9e:75:88:92:f0:c4:6d:
ae:9a:3a:d1:fe:16:4a:0f:0b:56:70:08:49:da:32:
c0:cd:5d:89:65:31:c8:6b:20:c0:59:8e:fb:c7:45:
e4:65:90:a5:57:c6:d0:e8:92:f6:67:a1:c0:63:25:
9d:20:aa:aa:99:da:71:a0:e9:57:dc:1b:80:0e:95:
3a:d2:a1:bb:15:a9:b7:38:91:58:ee:21:76:84:d0:
02:12:b8:b2:43:31:fd:8b:c3:73:dd:8f:27:0c:44:
f4:8b:9b:57:1c:1e:f8:e5:1d:df:45:ce:ad:e9:41:
e0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F7:37:42:84:97:6A:FF:BA:84:84:45:D8:72:84:9D:A2:C3:03:FC
X509v3 Authority Key Identifier:
keyid:9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/m8dlGsS6v4xEeFNPraYQrNp0a9Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/554CBDE4AC8211EF9F0F0527C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.234.0/23
150.107.48.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:fe:67:23:82:71:e6:b0:92:59:ee:5b:25:ff:32:af:9e:d2:
ce:70:79:55:a6:aa:fc:06:6e:d3:0c:b0:88:07:78:0d:6e:20:
96:03:47:88:a7:21:99:2a:a8:91:52:85:d3:12:05:d0:d7:d1:
55:bc:4e:7c:e8:16:95:49:f5:89:17:69:73:bb:c5:d5:99:3a:
dc:41:d6:91:31:73:f4:9c:ab:b2:11:19:b8:7b:ff:04:ee:76:
5d:35:32:ed:d8:ec:3b:61:06:dd:c5:b1:8d:b8:ba:4a:8e:f8:
78:9d:86:c1:65:48:83:5e:ef:29:62:1e:0b:b7:f6:0d:92:46:
a9:6d:88:68:84:aa:20:78:f1:03:b8:e3:15:c7:ad:e1:f9:89:
a8:b6:3b:d3:0d:b1:dc:a5:59:af:3b:37:58:c6:57:54:d3:5a:
03:2a:30:a0:04:c2:9f:8f:9e:ed:7d:2f:e9:af:3d:29:c5:02:
f5:09:07:79:c4:73:0d:f5:29:10:59:80:57:b9:81:64:5b:76:
c9:f2:28:1d:84:6a:43:38:ce:30:44:eb:68:23:88:92:87:f0:
32:ee:cc:72:80:be:83:ef:df:62:8d:2d:e0:fd:1e:71:12:5d:
33:ab:7d:3e:81:b7:b7:bd:f9:fa:c9:84:35:fe:01:a4:d7:ac:
79:1d:80:c8
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICJjcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNEQjAxMTAvBgNVBAUTKDlCQzc2NTFBQzRCQUJGOEM0NDc4NTM0RkFEQTYxMEFD
REE3NDZCRDQwHhcNMjQxMjIwMTUyOTE2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY1OGQ0Yy1hNWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0yPTy4RbTJAmUijiE+/hxKKg+6RQG8wWx/auqZK2joY4RoiIZ1F+xVfYA6LV
LJCH2aO1LDrEflQM88xujgGrPYAInJGBfH9U1X6bAuHY6oD9DVuPXcRguCq9NaY0
77Ju/uT3YgTmTpnXEGmF43G1vfC3N1/DX74CRWHMY0YTuPLSDk5ZGNyeKS0EyvTm
Rp51iJLwxG2umjrR/hZKDwtWcAhJ2jLAzV2JZTHIayDAWY77x0XkZZClV8bQ6JL2
Z6HAYyWdIKqqmdpxoOlX3BuADpU60qG7Fam3OJFY7iF2hNACEriyQzH9i8Nz3Y8n
DET0i5tXHB745R3fRc6t6UHgGwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNn3N0KE
l2r/uoSERdhyhJ2iwwP8MB8GA1UdIwQYMBaAFJvHZRrEur+MRHhTT62mEKzadGvU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RCMC9CODk1QUY3NDA1
MTUxMUU1OEQ0OUFFNDJDNEY5QUUwMi9tOGRsR3NTNnY0eEVlRk5QcmFZUXJOcDBh
OVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL204ZGxHc1M2djR4RWVGTlByYVlRck5wMGE5US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNEQjAvQjg5NUFGNzQwNTE1MTFFNThENDlBRTQyQzRGOUFFMDIvNTU0Q0JERTRB
QzgyMTFFRjlGMEYwNTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFni+oDBAGWazAwDQYJKoZIhvcNAQELBQADggEBAGv+ZyOC
ceawklnuWyX/Mq+e0s5weVWmqvwGbtMMsIgHeA1uIJYDR4inIZkqqJFShdMSBdDX
0VW8TnzoFpVJ9YkXaXO7xdWZOtxB1pExc/Scq7IRGbh7/wTudl01Mu3Y7DthBt3F
sY24ukqO+HidhsFlSINe7yliHgu39g2SRqltiGiEqiB48QO44xXHreH5iai2O9MN
sdylWa87N1jGV1TTWgMqMKAEwp+Pnu19L+mvPSnFAvUJB3nEcw31KRBZgFe5gWRb
dsnyKB2EakM4zjBE62gjiJKH8DLuzHKAvoPv32KNLeD9HnESXTOrfT6Bt7e9+frJ
hDX+AaTXrHkdgMg=
-----END CERTIFICATE-----
Generated at Fri Apr 11 18:18:10 2025 by rpki-client