Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9156F14/3F1288621FDB11EFA751F747C4F9AE02/680D797023E611EF8165F17BC4F9AE02.roa
File: 680D797023E611EF8165F17BC4F9AE02.roa (raw, json)
Hash identifier: A1M8cgXwpueoyV//ap2OtyS//Qc9zVR+BitCHlrnuUc=
Subject key identifier: 85:22:70:34:6A:E9:1C:F5:19:3E:44:4A:C9:AC:DA:29:8B:28:6B:B8
Certificate issuer: /CN=A9156F14/serialNumber=CB2935A1478B4F8B4463100DB2E95B0654406773
Certificate serial: 0B
Authority key identifier: CB:29:35:A1:47:8B:4F:8B:44:63:10:0D:B2:E9:5B:06:54:40:67:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yyk1oUeLT4tEYxANsulbBlRAZ3M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9156F14/3F1288621FDB11EFA751F747C4F9AE02/680D797023E611EF8165F17BC4F9AE02.roa
Signing time: Thu 06 Jun 2024 09:25:51 +0000
ROA not before: Thu 06 Jun 2024 09:25:51 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 137443
IP address blocks: 103.23.148.0/23 maxlen: 23
103.23.148.0/24 maxlen: 24
103.23.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9156F14
Validity
Not Before: Jun 6 09:25:51 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6661809f-bde8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2e:e2:7a:aa:2b:37:a0:fd:bc:8b:0c:59:5f:
a5:03:8a:09:fa:4b:bf:87:70:c3:87:45:b8:f1:47:
84:dd:a3:9e:71:7f:ee:f9:fa:c4:2e:ca:1b:99:1b:
a2:06:27:23:38:3c:6a:1a:50:aa:1c:a7:43:50:eb:
57:e9:cd:d6:68:2b:a9:f6:08:51:35:76:90:87:6e:
4c:f0:60:36:0e:c1:62:fc:26:af:8f:76:48:6b:94:
f9:39:31:23:73:80:23:f9:3a:85:8f:08:a3:37:41:
d8:0e:8f:c4:ed:80:9b:60:9a:e2:00:ab:1f:ce:43:
18:e2:23:51:f1:7f:19:69:8e:f5:d6:95:cb:0e:a6:
a3:f1:fd:f5:da:d8:a6:3c:15:87:96:a8:f6:e0:e3:
c4:d3:72:08:78:1d:c1:97:d0:6d:0b:f1:52:2b:fa:
46:e0:57:a4:6b:16:be:32:1d:ed:a3:15:da:04:66:
45:a3:90:d3:1c:8d:91:f8:bd:58:7f:39:3a:fd:ad:
3e:e4:0d:0a:65:87:4c:a1:9b:a2:c7:97:e3:13:97:
23:61:90:97:24:f1:d6:2b:98:23:00:06:e4:56:46:
fa:b0:13:19:aa:c8:f7:4b:67:2a:f9:8d:84:62:3b:
e5:f2:a3:67:02:07:a0:65:cc:07:e3:e0:3f:00:6a:
26:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:22:70:34:6A:E9:1C:F5:19:3E:44:4A:C9:AC:DA:29:8B:28:6B:B8
X509v3 Authority Key Identifier:
keyid:CB:29:35:A1:47:8B:4F:8B:44:63:10:0D:B2:E9:5B:06:54:40:67:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9156F14/3F1288621FDB11EFA751F747C4F9AE02/yyk1oUeLT4tEYxANsulbBlRAZ3M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yyk1oUeLT4tEYxANsulbBlRAZ3M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156F14/3F1288621FDB11EFA751F747C4F9AE02/680D797023E611EF8165F17BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.148.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:b8:f9:67:25:29:08:a5:4d:69:c3:1c:39:34:fb:b1:cc:af:
81:aa:90:27:c4:92:19:32:a2:c3:1f:fd:6a:dd:6d:65:fc:32:
a7:4c:e8:5c:9c:e4:08:16:b2:3e:09:e0:33:ec:44:fd:3a:53:
45:25:83:7a:50:87:88:1f:03:3d:b4:14:f2:84:b1:60:a0:15:
d9:d7:68:6b:4d:64:c2:b8:4e:7f:d4:c8:79:67:74:3e:49:68:
63:58:37:26:45:d0:f7:2a:80:63:75:c7:d2:52:c2:1f:da:d2:
dd:6c:42:3e:85:67:35:f8:6c:1c:63:c6:9b:e9:b0:cf:fb:19:
a8:07:ab:74:4c:6f:11:b5:90:46:22:86:86:43:c0:14:fa:7d:
88:5f:18:e5:54:07:ae:b9:49:d5:1d:ad:e8:8b:0a:03:cf:10:
72:db:a1:41:df:8d:12:fa:3f:36:20:3d:eb:87:53:23:e1:7b:
01:b2:3f:da:4f:00:51:58:b9:ef:5b:2b:05:8d:c5:ad:23:6b:
55:ea:57:38:7d:42:dd:77:8c:1f:a4:f1:fa:11:3c:1c:cc:bf:
df:2c:80:50:7f:3c:67:90:5f:77:9f:bf:8a:e6:97:6d:3e:e6:
2a:c7:3f:28:86:02:1a:b5:8e:87:ca:35:05:dc:0f:ac:e6:70:
9f:74:f1:e6
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NkYxNDExMC8GA1UEBRMoQ0IyOTM1QTE0NzhCNEY4QjQ0NjMxMDBEQjJFOTVCMDY1
NDQwNjc3MzAeFw0yNDA2MDYwOTI1NTFaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NjE4MDlmLWJkZTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMLuJ6qis3oP28iwxZX6UDign6S7+HcMOHRbjxR4Tdo55xf+75+sQuyhuZG6IG
JyM4PGoaUKocp0NQ61fpzdZoK6n2CFE1dpCHbkzwYDYOwWL8Jq+PdkhrlPk5MSNz
gCP5OoWPCKM3QdgOj8TtgJtgmuIAqx/OQxjiI1HxfxlpjvXWlcsOpqPx/fXa2KY8
FYeWqPbg48TTcgh4HcGX0G0L8VIr+kbgV6RrFr4yHe2jFdoEZkWjkNMcjZH4vVh/
OTr9rT7kDQplh0yhm6LHl+MTlyNhkJck8dYrmCMABuRWRvqwExmqyPdLZyr5jYRi
O+Xyo2cCB6BlzAfj4D8AaiYTAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUhSJwNGrp
HPUZPkRKyazaKYsoa7gwHwYDVR0jBBgwFoAUyyk1oUeLT4tEYxANsulbBlRAZ3Mw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU2RjE0LzNGMTI4ODYyMUZE
QjExRUZBNzUxRjc0N0M0RjlBRTAyL3l5azFvVWVMVDR0RVl4QU5zdWxiQmxSQVoz
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveXlrMW9VZUxUNHRFWXhBTnN1bGJCbFJBWjNNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NkYxNC8zRjEyODg2MjFGREIxMUVGQTc1MUY3NDdDNEY5QUUwMi82ODBENzk3MDIz
RTYxMUVGODE2NUYxN0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcXlDANBgkqhkiG9w0BAQsFAAOCAQEAXrj5ZyUpCKVNacMc
OTT7scyvgaqQJ8SSGTKiwx/9at1tZfwyp0zoXJzkCBayPgngM+xE/TpTRSWDelCH
iB8DPbQU8oSxYKAV2ddoa01kwrhOf9TIeWd0PkloY1g3JkXQ9yqAY3XH0lLCH9rS
3WxCPoVnNfhsHGPGm+mwz/sZqAerdExvEbWQRiKGhkPAFPp9iF8Y5VQHrrlJ1R2t
6IsKA88QctuhQd+NEvo/NiA964dTI+F7AbI/2k8AUVi571srBY3FrSNrVepXOH1C
3XeMH6Tx+hE8HMy/3yyAUH88Z5Bfd5+/iuaXbT7mKsc/KIYCGrWOh8o1BdwPrOZw
n3Tx5g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:17:14 2025 by rpki-client