Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/0963FDF0C35711EC9F5ADC3DC4F9AE02.roa
File: 0963FDF0C35711EC9F5ADC3DC4F9AE02.roa (raw, json)
Hash identifier: ZC6B1slbJ+NBUR+XleTIQLrCjIWpOaVIltQbveTaTb8=
Subject key identifier: 1C:95:ED:C9:35:12:84:CC:BC:F7:B7:3F:D3:3D:CB:15:DD:25:22:E7
Certificate issuer: /CN=A91717D1/serialNumber=DC187FC8416CE5B347BAF221A3613A3B47828E88
Certificate serial: 0E39
Authority key identifier: DC:18:7F:C8:41:6C:E5:B3:47:BA:F2:21:A3:61:3A:3B:47:82:8E:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/0963FDF0C35711EC9F5ADC3DC4F9AE02.roa
Signing time: Sun 30 Jun 2024 18:58:53 +0000
ROA not before: Sun 30 Jun 2024 18:58:53 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 135413
IP address blocks: 103.139.8.0/23 maxlen: 23
103.139.8.0/24 maxlen: 24
2001:df0:6180::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3641 (0xe39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91717D1
Validity
Not Before: Jun 30 18:58:53 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6681aaed-34e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:57:e9:78:3d:f2:6e:00:c2:76:cd:26:c0:84:
3d:37:c3:72:23:e2:12:13:2b:cb:f4:7e:b0:f5:a9:
06:f8:2c:26:64:e2:38:cc:08:12:a2:d2:8a:b9:78:
b2:95:96:e3:31:be:89:51:94:f4:1e:0b:05:61:b0:
34:25:ae:12:55:99:64:66:bf:2e:08:f8:5a:af:76:
48:79:cd:45:17:f5:f6:c4:c1:21:4a:96:0b:b4:07:
77:9c:78:f3:19:be:5d:c7:01:c8:a9:64:c6:87:93:
9d:6b:51:af:10:43:94:06:a8:09:f0:5a:ba:f0:81:
68:3f:2c:35:66:76:ec:7a:d5:e5:b3:54:04:f9:08:
2d:4e:14:a7:0a:24:d2:72:74:ee:74:96:9a:bd:53:
2b:c2:c7:b3:38:71:a6:cb:fe:41:0d:de:74:b0:9a:
7e:04:48:7f:2d:34:c2:be:6b:85:35:a2:06:56:57:
51:69:3c:94:6e:e1:a0:31:1c:25:ee:d1:85:8f:70:
e1:dc:76:5e:f1:f8:6a:48:8f:4d:cb:a5:56:8d:70:
9f:e7:09:12:87:39:73:e0:00:5d:78:0d:4f:76:29:
24:07:a7:ee:02:cb:be:50:2b:bf:ba:bd:46:2c:f0:
41:0f:39:45:13:cd:b6:bf:c3:0b:11:b2:0b:a6:ba:
3c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:95:ED:C9:35:12:84:CC:BC:F7:B7:3F:D3:3D:CB:15:DD:25:22:E7
X509v3 Authority Key Identifier:
keyid:DC:18:7F:C8:41:6C:E5:B3:47:BA:F2:21:A3:61:3A:3B:47:82:8E:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/0963FDF0C35711EC9F5ADC3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.8.0/23
IPv6:
2001:df0:6180::/48
Signature Algorithm: sha256WithRSAEncryption
34:25:eb:55:c6:f4:8f:26:ac:ca:b4:69:af:cf:ed:07:4e:c2:
0b:fd:3e:84:7d:15:c4:29:e5:2f:00:34:47:8d:80:f5:66:80:
4e:da:88:1b:a5:fc:e4:a8:90:16:34:83:2a:91:21:b6:08:f9:
70:9c:ee:46:19:7f:b0:d3:92:ca:b6:92:8b:80:ba:f8:86:36:
14:33:a0:c7:64:44:0b:5c:9b:6b:61:1b:b5:78:b7:30:28:23:
bb:f8:c6:06:6b:7f:6a:16:d0:00:17:55:86:80:67:3b:4b:94:
30:b0:9f:d0:bd:62:4c:99:2c:47:be:b8:76:73:72:17:03:ea:
49:44:0f:a9:bb:9f:05:47:93:ca:45:60:e4:ca:03:ac:ea:9f:
18:ab:a8:29:7d:38:33:ae:99:0c:7a:47:68:14:05:dd:9c:ac:
60:78:00:1c:3c:4e:1a:f5:3d:31:4c:fe:36:19:2a:a7:5a:0b:
87:db:eb:3c:55:37:44:55:40:9b:45:93:6a:c9:a2:e3:29:16:
58:5e:ab:21:3a:fc:c5:09:97:3e:a2:c8:4e:5c:d1:a4:6b:43:
d5:7e:51:ef:98:14:4d:02:d9:91:4a:4c:03:f2:be:c4:1a:25:
69:db:9c:5b:89:fc:9a:3a:77:c4:10:94:4a:8d:07:f7:58:05:
7d:63:97:70
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICDjkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE3RDExMTAvBgNVBAUTKERDMTg3RkM4NDE2Q0U1QjM0N0JBRjIyMUEzNjEzQTNC
NDc4MjhFODgwHhcNMjQwNjMwMTg1ODUzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjgxYWFlZC0zNGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxFfpeD3ybgDCds0mwIQ9N8NyI+ISEyvL9H6w9akG+CwmZOI4zAgSotKKuXiy
lZbjMb6JUZT0HgsFYbA0Ja4SVZlkZr8uCPhar3ZIec1FF/X2xMEhSpYLtAd3nHjz
Gb5dxwHIqWTGh5Oda1GvEEOUBqgJ8Fq68IFoPyw1ZnbsetXls1QE+QgtThSnCiTS
cnTudJaavVMrwsezOHGmy/5BDd50sJp+BEh/LTTCvmuFNaIGVldRaTyUbuGgMRwl
7tGFj3Dh3HZe8fhqSI9Ny6VWjXCf5wkShzlz4ABdeA1PdikkB6fuAsu+UCu/ur1G
LPBBDzlFE822v8MLEbILpro8SwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFByV7ck1
EoTMvPe3P9M9yxXdJSLnMB8GA1UdIwQYMBaAFNwYf8hBbOWzR7ryIaNhOjtHgo6I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTdEMS85QTlCNDhBMjgy
QTMxMUU5OUU1ODIzODRDNEY5QUUwMi8zQmhfeUVGczViTkh1dklobzJFNk8wZUNq
b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNCaF95RUZzNWJOSHV2SWhvMkU2TzBlQ2pvZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE3RDEvOUE5QjQ4QTI4MkEzMTFFOTlFNTgyMzg0QzRGOUFFMDIvMDk2M0ZERjBD
MzU3MTFFQzlGNUFEQzNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFniwgwDwQCAAIwCQMHACABDfBhgDANBgkqhkiG9w0BAQsF
AAOCAQEANCXrVcb0jyasyrRpr8/tB07CC/0+hH0VxCnlLwA0R42A9WaATtqIG6X8
5KiQFjSDKpEhtgj5cJzuRhl/sNOSyraSi4C6+IY2FDOgx2REC1yba2EbtXi3MCgj
u/jGBmt/ahbQABdVhoBnO0uUMLCf0L1iTJksR764dnNyFwPqSUQPqbufBUeTykVg
5MoDrOqfGKuoKX04M66ZDHpHaBQF3ZysYHgAHDxOGvU9MUz+Nhkqp1oLh9vrPFU3
RFVAm0WTasmi4ykWWF6rITr8xQmXPqLITlzRpGtD1X5R75gUTQLZkUpMA/K+xBol
aducW4n8mjp3xBCUSo0H91gFfWOXcA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 14:54:33 2025 by rpki-client