Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91688C4/D8947EB830D911EB87E09353C4F9AE02/56FB3BA630DB11EBB36CAB54C4F9AE02.roa
File: 56FB3BA630DB11EBB36CAB54C4F9AE02.roa (raw, json)
Hash identifier: Tkzl81mL9jCkezlpTqealMA+SaYDCxv0/vXNUScGesg=
Subject key identifier: DE:14:3C:85:B1:B4:5C:3F:02:A5:AC:91:39:13:80:33:F2:D6:33:18
Certificate issuer: /CN=A91688C4/serialNumber=689B43B48E111E69F1DF79CCA211CCB4265A267B
Certificate serial: 06E2
Authority key identifier: 68:9B:43:B4:8E:11:1E:69:F1:DF:79:CC:A2:11:CC:B4:26:5A:26:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aJtDtI4RHmnx33nMohHMtCZaJns.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91688C4/D8947EB830D911EB87E09353C4F9AE02/56FB3BA630DB11EBB36CAB54C4F9AE02.roa
Signing time: Sat 14 Dec 2024 21:40:54 +0000
ROA not before: Sat 14 Dec 2024 21:40:54 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 138333
IP address blocks: 103.159.26.0/23 maxlen: 23
103.159.26.0/24 maxlen: 24
103.159.27.0/24 maxlen: 24
2406:c8c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1762 (0x6e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91688C4
Validity
Not Before: Dec 14 21:40:54 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675dfb66-43b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2c:ea:02:d3:92:12:a0:9e:4b:0d:3b:b7:ef:
81:5a:9e:41:99:81:ad:a5:56:28:6e:74:23:35:16:
65:c0:7d:15:81:37:51:61:1c:fe:14:d3:59:7a:21:
bf:95:6a:c3:30:78:71:24:5d:dd:7d:19:a8:d5:87:
a1:bd:2d:08:34:aa:17:04:a5:98:77:5c:c6:a5:c9:
1a:13:1a:4a:bd:52:0c:71:7d:fd:44:dd:9f:29:44:
ac:75:3c:af:41:47:b6:72:62:7a:1a:af:83:cc:60:
af:6d:07:37:9f:35:2f:96:b0:8f:c4:41:c7:b8:81:
52:ff:27:a2:37:b4:0e:36:88:67:d0:8a:1d:2a:3a:
26:e2:46:a6:08:17:4b:92:7f:08:9a:40:5f:dd:b1:
b4:bf:90:09:fe:11:70:66:62:55:f5:ae:06:d4:e1:
f1:91:fd:19:4b:6f:8d:d7:de:da:72:65:9a:46:cf:
3c:af:c2:b5:9b:0a:8b:32:19:5b:87:62:31:b4:64:
59:fe:fb:3a:40:64:a4:d4:8a:8d:75:8d:e5:c2:ad:
41:6d:bc:48:93:05:fd:b3:04:b6:5b:40:61:26:e7:
2a:ad:a2:b2:24:b7:2a:b5:ac:f6:69:61:7e:fa:18:
32:e5:c8:0d:7e:67:83:8e:ce:b6:7b:91:fc:17:a4:
e5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:14:3C:85:B1:B4:5C:3F:02:A5:AC:91:39:13:80:33:F2:D6:33:18
X509v3 Authority Key Identifier:
keyid:68:9B:43:B4:8E:11:1E:69:F1:DF:79:CC:A2:11:CC:B4:26:5A:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91688C4/D8947EB830D911EB87E09353C4F9AE02/aJtDtI4RHmnx33nMohHMtCZaJns.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aJtDtI4RHmnx33nMohHMtCZaJns.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91688C4/D8947EB830D911EB87E09353C4F9AE02/56FB3BA630DB11EBB36CAB54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.26.0/23
IPv6:
2406:c8c0::/32
Signature Algorithm: sha256WithRSAEncryption
37:26:19:92:be:32:08:31:a6:f7:66:0e:66:40:d1:a4:ca:d1:
ac:16:9d:63:0e:79:5e:e6:30:4b:5b:05:1b:4f:7d:16:8c:be:
4a:e8:91:0f:41:99:0f:91:e4:10:04:52:2e:c6:5a:72:46:19:
6a:3e:89:ad:f2:64:28:ed:6e:51:d5:3c:ee:33:17:57:1a:41:
35:6d:02:bb:a5:40:be:26:0d:9d:40:86:25:7f:a4:8d:ef:ec:
90:38:83:79:3b:6e:fe:a7:4c:54:93:34:e5:a7:11:e4:51:7c:
97:bf:94:67:cd:5e:8e:55:89:55:ba:e4:d7:7e:8f:dd:b2:ad:
25:25:52:f3:f8:dd:86:ab:88:8b:2d:02:2d:8d:ab:36:98:1e:
7f:dd:43:6a:2b:b2:33:06:90:3d:9d:74:50:5e:af:39:41:5a:
01:a9:aa:e1:d9:2f:69:e1:5d:27:29:6b:2c:83:91:5b:3b:79:
bc:4c:45:ad:74:ff:4b:ea:99:ef:c8:c0:2d:78:81:6d:2d:92:
45:34:20:ce:e8:ac:5c:54:79:69:93:22:26:80:47:10:2f:0d:
26:fd:94:0d:7f:74:ef:fe:28:5a:79:fa:6d:5e:cd:7c:fe:02:
bb:5a:5c:00:6d:f7:ac:73:2e:ab:40:28:3d:55:dd:a8:84:82:
4d:06:d3:58
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBuIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njg4QzQxMTAvBgNVBAUTKDY4OUI0M0I0OEUxMTFFNjlGMURGNzlDQ0EyMTFDQ0I0
MjY1QTI2N0IwHhcNMjQxMjE0MjE0MDU0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVkZmI2Ni00M2I2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwyzqAtOSEqCeSw07t++BWp5BmYGtpVYobnQjNRZlwH0VgTdRYRz+FNNZeiG/
lWrDMHhxJF3dfRmo1YehvS0INKoXBKWYd1zGpckaExpKvVIMcX39RN2fKUSsdTyv
QUe2cmJ6Gq+DzGCvbQc3nzUvlrCPxEHHuIFS/yeiN7QONohn0IodKjom4kamCBdL
kn8ImkBf3bG0v5AJ/hFwZmJV9a4G1OHxkf0ZS2+N197acmWaRs88r8K1mwqLMhlb
h2IxtGRZ/vs6QGSk1IqNdY3lwq1BbbxIkwX9swS2W0BhJucqraKyJLcqtaz2aWF+
+hgy5cgNfmeDjs62e5H8F6TlowIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFN4UPIWx
tFw/AqWskTkTgDPy1jMYMB8GA1UdIwQYMBaAFGibQ7SOER5p8d95zKIRzLQmWiZ7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODhDNC9EODk0N0VCODMw
RDkxMUVCODdFMDkzNTNDNEY5QUUwMi9hSnREdEk0UkhtbngzM25Nb2hITXRDWmFK
bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FKdER0STRSSG1ueDMzbk1vaEhNdENaYUpucy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njg4QzQvRDg5NDdFQjgzMEQ5MTFFQjg3RTA5MzUzQzRGOUFFMDIvNTZGQjNCQTYz
MERCMTFFQkIzNkNBQjU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnnxowDQQCAAIwBwMFACQGyMAwDQYJKoZIhvcNAQELBQAD
ggEBADcmGZK+MggxpvdmDmZA0aTK0awWnWMOeV7mMEtbBRtPfRaMvkrokQ9BmQ+R
5BAEUi7GWnJGGWo+ia3yZCjtblHVPO4zF1caQTVtArulQL4mDZ1AhiV/pI3v7JA4
g3k7bv6nTFSTNOWnEeRRfJe/lGfNXo5ViVW65Nd+j92yrSUlUvP43YariIstAi2N
qzaYHn/dQ2orsjMGkD2ddFBerzlBWgGpquHZL2nhXScpayyDkVs7ebxMRa10/0vq
me/IwC14gW0tkkU0IM7orFxUeWmTIiaARxAvDSb9lA1/dO/+KFp5+m1ezXz+Arta
XABt96xzLqtAKD1V3aiEgk0G01g=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:10:17 2025 by rpki-client