Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914ECD7/FD918590567E11ED983A9C61C4F9AE02/FC589960568411EDAE93DA7FC4F9AE02.roa
File: FC589960568411EDAE93DA7FC4F9AE02.roa (raw, json)
Hash identifier: RxZVoTNoSPk+sPPkKG/4HF99n9loOp00db2bHVAlJ14=
Subject key identifier: 66:1A:3A:1E:4F:D1:2D:08:88:05:5B:E8:C2:43:F1:97:9D:24:E1:81
Certificate issuer: /CN=A914ECD7/serialNumber=8B7FDEE46A980C043398FB7B239B054DCF237CD7
Certificate serial: 016F
Authority key identifier: 8B:7F:DE:E4:6A:98:0C:04:33:98:FB:7B:23:9B:05:4D:CF:23:7C:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i3_e5GqYDAQzmPt7I5sFTc8jfNc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914ECD7/FD918590567E11ED983A9C61C4F9AE02/FC589960568411EDAE93DA7FC4F9AE02.roa
Signing time: Thu 03 Oct 2024 03:06:28 +0000
ROA not before: Thu 03 Oct 2024 03:06:28 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 135574
IP address blocks: 103.66.170.0/24 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 367 (0x16f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914ECD7
Validity
Not Before: Oct 3 03:06:28 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=66fe0a34-8666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8f:1e:58:e5:f2:d2:93:76:28:bb:ba:44:b9:
1b:46:41:69:69:42:94:9f:10:8b:ce:4f:c4:37:49:
d0:80:71:a2:15:00:f9:6b:56:a1:bf:a4:10:95:51:
d8:67:21:fb:02:70:c2:d5:c8:a1:d5:7d:3a:7d:c8:
89:34:ca:1c:47:3a:8a:74:15:04:66:e1:4a:67:f1:
30:10:78:17:1d:3b:75:bb:31:6a:6d:73:7b:db:af:
ff:26:bb:53:c9:cc:b0:30:ce:c0:7d:92:9b:0e:27:
9b:1d:30:c2:15:76:80:ee:79:5d:39:0a:98:1e:c8:
73:5d:ee:9a:b9:1b:cf:73:2c:2e:6e:d9:4b:67:42:
f3:2d:2c:97:61:f5:c3:1a:fc:07:a1:73:a5:1b:a8:
5b:21:f8:6a:da:ff:c7:2a:f5:e5:71:7a:94:3d:2a:
10:79:11:84:ad:57:f1:61:51:3d:e1:0b:23:51:95:
b9:f9:79:d2:9e:57:5a:98:4d:4a:fb:20:c8:fc:56:
f1:8e:a5:42:c4:67:ff:23:83:b4:09:2d:8f:86:27:
10:4e:15:fd:a0:e2:4f:59:38:da:67:76:f4:b6:33:
80:ea:bb:9f:b8:85:06:5f:e8:8e:83:fc:ff:9c:44:
c4:a1:81:c3:b8:a2:1e:89:14:46:27:66:4f:af:d0:
d1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1A:3A:1E:4F:D1:2D:08:88:05:5B:E8:C2:43:F1:97:9D:24:E1:81
X509v3 Authority Key Identifier:
keyid:8B:7F:DE:E4:6A:98:0C:04:33:98:FB:7B:23:9B:05:4D:CF:23:7C:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914ECD7/FD918590567E11ED983A9C61C4F9AE02/i3_e5GqYDAQzmPt7I5sFTc8jfNc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i3_e5GqYDAQzmPt7I5sFTc8jfNc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914ECD7/FD918590567E11ED983A9C61C4F9AE02/FC589960568411EDAE93DA7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.170.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:19:33:05:af:c3:09:29:5d:62:9a:45:e0:00:9c:65:46:7c:
dd:e2:7d:41:e9:31:19:a3:79:7e:92:8c:db:82:cd:8c:ee:e2:
96:55:a9:07:62:42:5f:89:2a:70:e9:e1:26:7b:26:74:66:fe:
06:84:fe:0f:fe:4a:a3:41:8f:1c:23:4a:f8:ca:af:4a:c7:6b:
17:06:56:1c:5d:96:f5:c8:1c:40:95:9d:45:81:39:35:0e:6c:
89:af:b7:c3:92:9b:f0:6e:a1:47:24:e9:19:23:1a:21:1d:4d:
99:2b:96:e0:e8:6e:ac:4f:e6:9c:fa:98:a3:85:55:34:de:ef:
2c:99:b4:2a:28:04:b4:ef:15:62:4a:1f:bd:4a:73:c3:cb:3f:
2d:89:8d:3f:d1:a9:0e:31:7d:d7:6d:a5:3d:6d:ce:a2:e7:83:
f7:51:4c:7e:fb:c2:bb:b7:65:b4:7a:16:7e:2c:b8:6c:2d:a9:
92:d0:eb:44:eb:d9:14:ad:6a:7f:22:c5:6a:58:bf:46:9e:0a:
7f:f0:eb:e8:6f:39:18:35:cf:70:a9:7b:b4:b8:10:f4:44:7a:
36:c1:79:11:18:75:87:30:39:34:5e:6c:09:b1:10:6e:d2:63:
1a:ed:a2:87:ea:0b:45:08:3b:7b:ce:ae:c6:a8:48:2a:f6:63:
ea:87:ce:0d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAW8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVDRDcxMTAvBgNVBAUTKDhCN0ZERUU0NkE5ODBDMDQzMzk4RkI3QjIzOUIwNTRE
Q0YyMzdDRDcwHhcNMjQxMDAzMDMwNjI4WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZlMGEzNC04NjY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsY8eWOXy0pN2KLu6RLkbRkFpaUKUnxCLzk/EN0nQgHGiFQD5a1ahv6QQlVHY
ZyH7AnDC1cih1X06fciJNMocRzqKdBUEZuFKZ/EwEHgXHTt1uzFqbXN726//JrtT
ycywMM7AfZKbDiebHTDCFXaA7nldOQqYHshzXe6auRvPcywubtlLZ0LzLSyXYfXD
GvwHoXOlG6hbIfhq2v/HKvXlcXqUPSoQeRGErVfxYVE94QsjUZW5+XnSnldamE1K
+yDI/FbxjqVCxGf/I4O0CS2PhicQThX9oOJPWTjaZ3b0tjOA6rufuIUGX+iOg/z/
nETEoYHDuKIeiRRGJ2ZPr9DRPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGYaOh5P
0S0IiAVb6MJD8ZedJOGBMB8GA1UdIwQYMBaAFIt/3uRqmAwEM5j7eyObBU3PI3zX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUNENy9GRDkxODU5MDU2
N0UxMUVEOTgzQTlDNjFDNEY5QUUwMi9pM19lNUdxWURBUXptUHQ3STVzRlRjOGpm
TmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2kzX2U1R3FZREFRem1QdDdJNXNGVGM4amZOYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVDRDcvRkQ5MTg1OTA1NjdFMTFFRDk4M0E5QzYxQzRGOUFFMDIvRkM1ODk5NjA1
Njg0MTFFREFFOTNEQTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnQqowDQYJKoZIhvcNAQELBQADggEBAKEZMwWvwwkpXWKa
ReAAnGVGfN3ifUHpMRmjeX6SjNuCzYzu4pZVqQdiQl+JKnDp4SZ7JnRm/gaE/g/+
SqNBjxwjSvjKr0rHaxcGVhxdlvXIHECVnUWBOTUObImvt8OSm/BuoUck6RkjGiEd
TZkrluDobqxP5pz6mKOFVTTe7yyZtCooBLTvFWJKH71Kc8PLPy2JjT/RqQ4xfddt
pT1tzqLng/dRTH77wru3ZbR6Fn4suGwtqZLQ60Tr2RStan8ixWpYv0aeCn/w6+hv
ORg1z3Cpe7S4EPREejbBeREYdYcwOTRebAmxEG7SYxrtoofqC0UIO3vOrsaoSCr2
Y+qHzg0=
-----END CERTIFICATE-----
Generated at Fri Apr 11 18:44:57 2025 by rpki-client