Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9154AA5/830E2694A0A911EAAF2EF211C4F9AE02/8F1FBA54B0AA11EA9603E729C4F9AE02.roa
File: 8F1FBA54B0AA11EA9603E729C4F9AE02.roa (raw, json)
Hash identifier: HE0g4qbaerNpZYgQWXYLHZHHXWJ2DGWdgE2xVoh1wXg=
Subject key identifier: 4F:6B:8C:DA:91:E1:50:29:AC:44:18:A7:0E:04:8E:94:56:EF:D2:75
Certificate issuer: /CN=A9154AA5/serialNumber=7AFA9872E8D0FF922995E5893B59C3214767B1FC
Certificate serial: 0880
Authority key identifier: 7A:FA:98:72:E8:D0:FF:92:29:95:E5:89:3B:59:C3:21:47:67:B1:FC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/evqYcujQ_5IpleWJO1nDIUdnsfw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9154AA5/830E2694A0A911EAAF2EF211C4F9AE02/8F1FBA54B0AA11EA9603E729C4F9AE02.roa
Signing time: Fri 28 Jun 2024 22:05:41 +0000
ROA not before: Fri 28 Jun 2024 22:05:41 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 139224
IP address blocks: 103.139.254.0/23 maxlen: 23
103.139.254.0/24 maxlen: 24
103.139.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2176 (0x880)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9154AA5
Validity
Not Before: Jun 28 22:05:41 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=667f33b4-0d6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c5:58:ae:9c:64:0f:63:5b:0b:a2:f5:d3:8a:
13:b5:7f:1d:80:25:5f:68:bc:44:b8:36:2b:bf:45:
11:91:1c:ac:99:66:e8:57:25:9b:e5:1a:99:a2:bd:
23:6b:28:45:1e:a7:a1:8d:db:41:ef:a0:d6:ad:e7:
4d:2d:01:d1:00:12:b2:6b:ae:12:17:08:1a:2f:e7:
7b:88:e5:15:c8:61:3e:f6:5d:61:65:c7:f7:05:0c:
7b:1b:05:8a:5d:1a:c3:2a:b3:cd:f6:ec:db:47:e8:
8d:78:02:51:cb:f3:35:22:b0:bf:45:8a:39:90:0e:
89:46:f3:e9:05:1d:3f:de:1b:84:b7:77:e1:31:ad:
1a:65:6f:20:b9:b4:5e:6a:99:8a:ee:b6:66:51:e5:
d4:e2:9a:84:bc:c5:22:1d:ce:6f:bd:e7:9f:51:b6:
79:39:87:52:15:ad:c3:9b:0f:c8:7b:cd:65:39:2a:
01:f3:68:cf:a2:eb:32:b7:f1:53:5b:fe:f0:04:60:
3f:d1:b6:a8:35:b9:ba:82:c3:eb:be:04:f5:8a:4d:
17:35:d7:ba:38:01:7a:a3:0f:ec:e9:f1:b4:ba:21:
3a:cb:23:7c:17:f8:48:b1:84:e7:f3:0e:da:31:75:
ce:e7:50:7c:30:78:29:0f:9c:16:d4:39:ec:e6:a9:
3c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:6B:8C:DA:91:E1:50:29:AC:44:18:A7:0E:04:8E:94:56:EF:D2:75
X509v3 Authority Key Identifier:
keyid:7A:FA:98:72:E8:D0:FF:92:29:95:E5:89:3B:59:C3:21:47:67:B1:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9154AA5/830E2694A0A911EAAF2EF211C4F9AE02/evqYcujQ_5IpleWJO1nDIUdnsfw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/evqYcujQ_5IpleWJO1nDIUdnsfw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154AA5/830E2694A0A911EAAF2EF211C4F9AE02/8F1FBA54B0AA11EA9603E729C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.254.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:ee:c5:ca:a7:8f:cc:ee:d7:d6:7f:fa:22:c6:fa:6c:8d:f6:
86:5b:19:37:ad:56:d6:e8:16:a5:1c:0f:74:3e:10:8a:cb:0c:
d9:23:ae:a6:a5:a5:20:9e:9e:7a:54:a0:56:72:a9:f9:61:18:
f5:99:20:a8:a6:0f:26:74:ff:75:1b:5f:c1:2b:bd:60:5a:c8:
6d:1c:86:e0:dc:4a:76:b5:8e:dd:0f:ba:e1:f9:77:62:7b:9d:
f8:ff:b6:a8:a0:d8:8a:81:bd:ad:b2:fb:06:74:af:d6:73:81:
a2:42:de:5d:6a:01:75:ec:d4:64:fe:4f:6d:af:d0:ef:6d:4b:
78:4d:17:03:e8:18:0b:31:f6:f7:f2:66:22:d0:c9:68:da:5f:
f3:98:0d:b6:8b:96:bf:4c:4e:00:c5:5c:d1:e3:1f:9e:6d:0e:
5d:04:b4:01:bd:e2:8e:2f:5f:97:d5:98:73:07:2e:23:31:07:
8c:a1:0c:e2:7b:14:63:45:0a:9b:91:37:30:0e:29:2c:b6:77:
8f:64:f4:0f:6d:27:46:45:83:65:12:1c:43:c7:17:ef:ae:e9:
92:4c:08:76:55:56:a7:d0:fd:ae:e8:cb:68:f9:ec:9c:a6:15:
9f:fc:c1:4f:4a:28:14:c9:87:3a:5c:dd:47:e0:f1:bd:d3:a7:
fa:ff:23:a2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCIAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTRBQTUxMTAvBgNVBAUTKDdBRkE5ODcyRThEMEZGOTIyOTk1RTU4OTNCNTlDMzIx
NDc2N0IxRkMwHhcNMjQwNjI4MjIwNTQxWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdmMzNiNC0wZDZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2sVYrpxkD2NbC6L104oTtX8dgCVfaLxEuDYrv0URkRysmWboVyWb5RqZor0j
ayhFHqehjdtB76DWredNLQHRABKya64SFwgaL+d7iOUVyGE+9l1hZcf3BQx7GwWK
XRrDKrPN9uzbR+iNeAJRy/M1IrC/RYo5kA6JRvPpBR0/3huEt3fhMa0aZW8gubRe
apmK7rZmUeXU4pqEvMUiHc5vveefUbZ5OYdSFa3Dmw/Ie81lOSoB82jPousyt/FT
W/7wBGA/0baoNbm6gsPrvgT1ik0XNde6OAF6ow/s6fG0uiE6yyN8F/hIsYTn8w7a
MXXO51B8MHgpD5wW1Dns5qk8nQIDAQABo4IClTCCApEwHQYDVR0OBBYEFE9rjNqR
4VAprEQYpw4EjpRW79J1MB8GA1UdIwQYMBaAFHr6mHLo0P+SKZXliTtZwyFHZ7H8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NEFBNS84MzBFMjY5NEEw
QTkxMUVBQUYyRUYyMTFDNEY5QUUwMi9ldnFZY3VqUV81SXBsZVdKTzFuRElVZG5z
ZncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V2cVljdWpRXzVJcGxlV0pPMW5ESVVkbnNmdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTRBQTUvODMwRTI2OTRBMEE5MTFFQUFGMkVGMjExQzRGOUFFMDIvOEYxRkJBNTRC
MEFBMTFFQTk2MDNFNzI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFni/4wDQYJKoZIhvcNAQELBQADggEBAEzuxcqnj8zu19Z/
+iLG+myN9oZbGTetVtboFqUcD3Q+EIrLDNkjrqalpSCennpUoFZyqflhGPWZIKim
DyZ0/3UbX8ErvWBayG0chuDcSna1jt0PuuH5d2J7nfj/tqig2IqBva2y+wZ0r9Zz
gaJC3l1qAXXs1GT+T22v0O9tS3hNFwPoGAsx9vfyZiLQyWjaX/OYDbaLlr9MTgDF
XNHjH55tDl0EtAG94o4vX5fVmHMHLiMxB4yhDOJ7FGNFCpuRNzAOKSy2d49k9A9t
J0ZFg2USHEPHF++u6ZJMCHZVVqfQ/a7oy2j57JymFZ/8wU9KKBTJhzpc3Ufg8b3T
p/r/I6I=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:09:02 2025 by rpki-client