Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/E938CA160B8311EABDDD354EC4F9AE02.roa
File: E938CA160B8311EABDDD354EC4F9AE02.roa (raw, json)
Hash identifier: w+qmDIsfD0w89E78umG3sSiQHTYHEnECZIGBWLtiSb4=
Subject key identifier: 3D:B4:13:3D:F8:9B:60:AF:95:12:D9:2D:14:1E:12:D3:A7:62:2E:41
Certificate issuer: /CN=A9158840/serialNumber=FAE6201C666392340BEE138ED41799BA86DAA688
Certificate serial: 0BEB
Authority key identifier: FA:E6:20:1C:66:63:92:34:0B:EE:13:8E:D4:17:99:BA:86:DA:A6:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-uYgHGZjkjQL7hOO1BeZuobapog.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/E938CA160B8311EABDDD354EC4F9AE02.roa
Signing time: Tue 04 Feb 2025 07:07:51 +0000
ROA not before: Tue 04 Feb 2025 07:07:51 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 138146
IP address blocks: 103.121.60.0/24 maxlen: 24
103.121.61.0/24 maxlen: 24
103.121.62.0/24 maxlen: 24
103.121.63.0/24 maxlen: 24
2403:6840::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3051 (0xbeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158840
Validity
Not Before: Feb 4 07:07:51 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67a1bcc6-ba4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:55:82:c5:25:57:7d:5a:c2:c5:d3:77:18:7d:
ba:0c:b7:73:01:ed:b9:5a:c0:e8:63:ec:a9:cf:f9:
e2:b2:ff:59:c3:4c:3a:fd:1c:90:82:9a:fc:ea:d5:
49:f5:f0:fc:56:38:00:02:b4:07:4d:5f:33:ab:df:
8a:4f:20:39:28:1f:f9:b4:73:e5:44:d0:3d:c9:54:
ef:28:02:7e:50:6e:4e:c3:77:a5:31:e4:4d:71:9f:
dd:fd:f2:06:de:2a:9e:f4:f2:01:46:bc:20:3e:37:
48:45:7b:a1:58:18:71:9d:71:38:2d:37:11:6a:89:
19:dd:83:2c:5c:fd:45:88:40:4d:e4:ad:78:52:ee:
16:34:12:de:60:1a:b9:0e:9c:b5:72:7a:00:41:01:
70:fb:08:7b:d4:04:3b:84:b2:13:3b:cb:e7:ef:34:
bb:67:56:1b:fd:b2:db:dc:8a:ef:d2:16:ee:af:1c:
4d:ad:9b:40:1b:be:60:bd:70:9d:db:63:29:da:d9:
17:73:20:1f:ea:3f:ed:3a:1e:db:ed:11:29:bb:a5:
43:39:1a:77:42:22:26:89:bf:cb:f3:48:18:1b:cf:
3a:4d:4e:60:15:c4:4e:88:65:b6:69:04:42:23:7b:
d6:21:d8:68:e1:05:f2:fa:66:b5:52:60:d4:db:f3:
03:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B4:13:3D:F8:9B:60:AF:95:12:D9:2D:14:1E:12:D3:A7:62:2E:41
X509v3 Authority Key Identifier:
keyid:FA:E6:20:1C:66:63:92:34:0B:EE:13:8E:D4:17:99:BA:86:DA:A6:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/-uYgHGZjkjQL7hOO1BeZuobapog.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-uYgHGZjkjQL7hOO1BeZuobapog.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/E938CA160B8311EABDDD354EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.60.0/22
IPv6:
2403:6840::/32
Signature Algorithm: sha256WithRSAEncryption
4a:2a:1a:4c:ca:f8:c0:f8:14:e2:59:04:28:82:56:cb:b7:c5:
4d:12:7b:92:4c:52:26:ea:57:48:0a:c9:96:61:95:10:31:f6:
ac:a1:2a:d7:55:ca:5b:08:cd:d6:89:ad:90:6f:b4:89:97:55:
01:47:e9:2f:9a:88:de:be:48:06:03:c1:26:24:42:a3:0d:7f:
71:bf:3a:08:6c:29:ff:34:8f:00:3c:5d:54:c8:1e:bc:a6:4b:
07:75:e7:f2:c5:e8:a6:9b:10:7f:c3:b8:e9:0f:7a:a6:8a:34:
c5:3e:b9:fc:3b:9d:f7:86:68:c3:0b:ca:ce:5a:4f:96:45:ac:
48:d0:04:84:03:ff:7b:91:38:2a:bc:33:59:be:36:19:6d:39:
c4:dd:ad:b3:ec:79:71:7d:ff:97:a1:03:22:60:68:bf:06:40:
c9:d5:4c:e6:e8:e8:76:54:ab:f5:ff:b6:33:15:51:12:ab:b1:
ad:a8:bc:0a:e9:0c:c4:c3:e6:8a:6a:6f:e6:a3:8e:f0:32:f1:
81:92:54:cb:0c:06:33:ec:75:c5:bb:da:60:4d:1e:83:d1:62:
6c:fa:8b:85:f3:78:1e:1c:71:6f:26:9d:01:66:70:68:26:0b:
77:f9:24:86:a1:f9:68:76:ff:ef:59:52:50:66:56:9b:78:b9:
98:9f:01:f1
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC+swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTg4NDAxMTAvBgNVBAUTKEZBRTYyMDFDNjY2MzkyMzQwQkVFMTM4RUQ0MTc5OUJB
ODZEQUE2ODgwHhcNMjUwMjA0MDcwNzUxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ExYmNjNi1iYTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApFWCxSVXfVrCxdN3GH26DLdzAe25WsDoY+ypz/nisv9Zw0w6/RyQgpr86tVJ
9fD8VjgAArQHTV8zq9+KTyA5KB/5tHPlRNA9yVTvKAJ+UG5Ow3elMeRNcZ/d/fIG
3iqe9PIBRrwgPjdIRXuhWBhxnXE4LTcRaokZ3YMsXP1FiEBN5K14Uu4WNBLeYBq5
Dpy1cnoAQQFw+wh71AQ7hLITO8vn7zS7Z1Yb/bLb3Irv0hburxxNrZtAG75gvXCd
22Mp2tkXcyAf6j/tOh7b7REpu6VDORp3QiImib/L80gYG886TU5gFcROiGW2aQRC
I3vWIdho4QXy+ma1UmDU2/MD6QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFD20Ez34
m2CvlRLZLRQeEtOnYi5BMB8GA1UdIwQYMBaAFPrmIBxmY5I0C+4TjtQXmbqG2qaI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODg0MC82MTc3MzMyQTBC
ODIxMUVBODA0MTE1NEJDNEY5QUUwMi8tdVlnSEdaamtqUUw3aE9PMUJlWnVvYmFw
b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy11WWdIR1pqa2pRTDdoT08xQmVadW9iYXBvZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTg4NDAvNjE3NzMzMkEwQjgyMTFFQTgwNDExNTRCQzRGOUFFMDIvRTkzOENBMTYw
QjgzMTFFQUJEREQzNTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJneTwwDQQCAAIwBwMFACQDaEAwDQYJKoZIhvcNAQELBQAD
ggEBAEoqGkzK+MD4FOJZBCiCVsu3xU0Se5JMUibqV0gKyZZhlRAx9qyhKtdVylsI
zdaJrZBvtImXVQFH6S+aiN6+SAYDwSYkQqMNf3G/OghsKf80jwA8XVTIHrymSwd1
5/LF6KabEH/DuOkPeqaKNMU+ufw7nfeGaMMLys5aT5ZFrEjQBIQD/3uROCq8M1m+
NhltOcTdrbPseXF9/5ehAyJgaL8GQMnVTObo6HZUq/X/tjMVURKrsa2ovArpDMTD
5opqb+ajjvAy8YGSVMsMBjPsdcW72mBNHoPRYmz6i4XzeB4ccW8mnQFmcGgmC3f5
JIah+Wh2/+9ZUlBmVpt4uZifAfE=
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:16:16 2025 by rpki-client