Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91747E1/CE3472DE4CC811EAA058EC14C4F9AE02/D9C33050560B11EDA1636E52C4F9AE02.roa
File: D9C33050560B11EDA1636E52C4F9AE02.roa (raw, json)
Hash identifier: RuSZgMZ4QoYvu76O7V8W4nab76a8ye3lfqmWyPmtPvU=
Subject key identifier: 87:0D:81:CC:4A:B7:66:8E:39:A1:0F:CA:D0:3A:CB:86:67:5F:ED:6C
Certificate issuer: /CN=A91747E1/serialNumber=7AC6EFFB04C2B580F5A56B6A746CDFE053AF6A9E
Certificate serial: 0A94
Authority key identifier: 7A:C6:EF:FB:04:C2:B5:80:F5:A5:6B:6A:74:6C:DF:E0:53:AF:6A:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esbv-wTCtYD1pWtqdGzf4FOvap4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91747E1/CE3472DE4CC811EAA058EC14C4F9AE02/D9C33050560B11EDA1636E52C4F9AE02.roa
Signing time: Sun 24 Nov 2024 19:27:53 +0000
ROA not before: Sun 24 Nov 2024 19:27:53 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 138362
IP address blocks: 103.131.144.0/22 maxlen: 24
2403:cc40::/32 maxlen: 36
2403:cc40::/40 maxlen: 40
2403:cc40:1::/48 maxlen: 48
2403:cc40:2::/48 maxlen: 48
2403:cc40:3::/48 maxlen: 48
2403:cc40:22::/48 maxlen: 48
2403:cc40:100::/40 maxlen: 40
2403:cc40:200::/40 maxlen: 40
2403:cc40:300::/40 maxlen: 40
2403:cc40:400::/40 maxlen: 40
2403:cc40:1000::/40 maxlen: 40
2403:cc40:1100::/40 maxlen: 40
2403:cc40:1200::/40 maxlen: 40
2403:cc40:1300::/40 maxlen: 40
2403:cc40:1400::/40 maxlen: 40
2403:cc40:1500::/40 maxlen: 40
2403:cc40:ff00::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2708 (0xa94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91747E1
Validity
Not Before: Nov 24 19:27:53 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67437e39-3836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:db:fb:39:80:34:9a:0b:cf:9b:f5:15:90:dc:
9b:3f:12:2e:67:28:9c:6b:e2:75:97:d9:1f:94:6e:
ff:39:20:8e:5c:98:ae:01:8b:f3:77:d1:e4:e9:a8:
84:44:56:21:3c:d6:bd:90:22:3b:cf:be:ce:f3:90:
85:9b:19:c2:db:9a:3b:99:3e:3c:65:3f:10:42:8b:
2b:32:61:35:e3:7f:da:c3:ac:19:81:85:23:ec:da:
18:a4:ab:42:cb:75:c5:f4:a7:cc:0b:32:d9:d4:e8:
8a:c9:fe:61:a3:f8:6f:b1:42:92:3a:52:b8:be:e7:
73:b9:85:39:c8:be:01:e6:4d:96:9b:6f:cd:df:61:
f0:39:ac:49:68:73:3c:f1:72:33:ee:37:a4:1a:ec:
97:72:6f:8d:45:27:a4:88:d1:b9:d9:3f:71:3f:37:
7f:f1:f6:c0:35:dc:2d:e4:00:b7:f8:2b:a7:02:a3:
44:6b:7b:b9:00:f9:a6:ad:ac:c8:ee:c0:31:09:4a:
93:c3:87:81:62:4d:ac:69:f6:6c:6f:a4:4f:5a:ee:
1d:73:f8:f0:a5:ae:2a:72:f9:10:c7:ba:06:43:b0:
78:59:36:74:5c:4b:de:5a:47:4e:b4:89:18:6d:c7:
27:2a:da:99:cf:b5:61:8a:37:6c:48:0f:e7:a5:11:
98:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:0D:81:CC:4A:B7:66:8E:39:A1:0F:CA:D0:3A:CB:86:67:5F:ED:6C
X509v3 Authority Key Identifier:
keyid:7A:C6:EF:FB:04:C2:B5:80:F5:A5:6B:6A:74:6C:DF:E0:53:AF:6A:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91747E1/CE3472DE4CC811EAA058EC14C4F9AE02/esbv-wTCtYD1pWtqdGzf4FOvap4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esbv-wTCtYD1pWtqdGzf4FOvap4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91747E1/CE3472DE4CC811EAA058EC14C4F9AE02/D9C33050560B11EDA1636E52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.131.144.0/22
IPv6:
2403:cc40::/32
Signature Algorithm: sha256WithRSAEncryption
70:d8:90:ef:05:4f:a4:2f:8d:fd:09:d6:8d:26:3a:a8:0a:1f:
9d:72:9c:54:75:26:83:c4:9d:f9:9d:d0:ad:ab:71:3e:80:1f:
b5:78:01:3d:f7:a9:1c:e8:ac:ef:83:c9:3a:33:b3:95:1a:3b:
79:7e:07:7a:39:5e:9b:4b:0e:81:2b:15:ac:76:82:da:b5:f7:
97:e7:fb:a8:79:21:fd:98:84:91:d2:72:25:80:72:d3:eb:a8:
8d:4f:27:88:47:9e:63:25:a0:99:8b:65:66:4a:5d:77:74:6d:
78:0d:37:fe:b8:89:91:f2:7a:09:81:f2:47:91:d2:4e:27:36:
84:18:3d:03:a7:14:1c:6b:d5:6a:55:00:52:a4:27:b1:57:b9:
0a:62:18:55:81:13:2b:f2:de:4b:3e:58:83:d1:7a:51:2e:ba:
c2:62:d5:14:30:8f:6a:c4:30:d6:10:1c:69:f8:be:d3:50:35:
9f:54:c0:c7:f5:10:bf:53:e4:d9:7b:41:4d:dd:26:d1:75:09:
6b:25:01:27:73:f8:7a:97:b5:7e:f1:e7:f5:ba:63:0b:aa:76:
fd:d9:ed:da:bb:8a:6b:65:50:5b:9a:6e:de:1c:7c:b9:a0:72:
a3:4c:68:df:5f:c6:c3:10:80:c9:9a:4a:a6:3c:5d:69:91:91:
33:68:4d:a0
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCpQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQ3RTExMTAvBgNVBAUTKDdBQzZFRkZCMDRDMkI1ODBGNUE1NkI2QTc0NkNERkUw
NTNBRjZBOUUwHhcNMjQxMTI0MTkyNzUzWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQzN2UzOS0zODM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4Nv7OYA0mgvPm/UVkNybPxIuZyica+J1l9kflG7/OSCOXJiuAYvzd9Hk6aiE
RFYhPNa9kCI7z77O85CFmxnC25o7mT48ZT8QQosrMmE143/aw6wZgYUj7NoYpKtC
y3XF9KfMCzLZ1OiKyf5ho/hvsUKSOlK4vudzuYU5yL4B5k2Wm2/N32HwOaxJaHM8
8XIz7jekGuyXcm+NRSekiNG52T9xPzd/8fbANdwt5AC3+CunAqNEa3u5APmmrazI
7sAxCUqTw4eBYk2safZsb6RPWu4dc/jwpa4qcvkQx7oGQ7B4WTZ0XEveWkdOtIkY
bccnKtqZz7VhijdsSA/npRGYtQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFIcNgcxK
t2aOOaEPytA6y4ZnX+1sMB8GA1UdIwQYMBaAFHrG7/sEwrWA9aVranRs3+BTr2qe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDdFMS9DRTM0NzJERTRD
QzgxMUVBQTA1OEVDMTRDNEY5QUUwMi9lc2J2LXdUQ3RZRDFwV3RxZEd6ZjRGT3Zh
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VzYnYtd1RDdFlEMXBXdHFkR3pmNEZPdmFwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQ3RTEvQ0UzNDcyREU0Q0M4MTFFQUEwNThFQzE0QzRGOUFFMDIvRDlDMzMwNTA1
NjBCMTFFREExNjM2RTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJng5AwDQQCAAIwBwMFACQDzEAwDQYJKoZIhvcNAQELBQAD
ggEBAHDYkO8FT6Qvjf0J1o0mOqgKH51ynFR1JoPEnfmd0K2rcT6AH7V4AT33qRzo
rO+DyTozs5UaO3l+B3o5XptLDoErFax2gtq195fn+6h5If2YhJHSciWActPrqI1P
J4hHnmMloJmLZWZKXXd0bXgNN/64iZHyegmB8keR0k4nNoQYPQOnFBxr1WpVAFKk
J7FXuQpiGFWBEyvy3ks+WIPRelEuusJi1RQwj2rEMNYQHGn4vtNQNZ9UwMf1EL9T
5Nl7QU3dJtF1CWslASdz+HqXtX7x5/W6Ywuqdv3Z7dq7imtlUFuabt4cfLmgcqNM
aN9fxsMQgMmaSqY8XWmRkTNoTaA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:55:18 2025 by rpki-client