Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/A473C9A008F311EE98719810C4F9AE02.roa
File: A473C9A008F311EE98719810C4F9AE02.roa (raw, json)
Hash identifier: XJVLx8NnT51CedP11E2S/7EWqPqU5YY70j5sKBFjL+M=
Subject key identifier: 6D:31:BA:71:C6:4F:2C:B5:C1:BB:5C:D2:8D:57:CA:C7:BF:B3:71:3E
Certificate issuer: /CN=A917A17B/serialNumber=83718E9ED4A1B229279E3CA555D44D6E1FCA8CC5
Certificate serial: 0B8A
Authority key identifier: 83:71:8E:9E:D4:A1:B2:29:27:9E:3C:A5:55:D4:4D:6E:1F:CA:8C:C5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/A473C9A008F311EE98719810C4F9AE02.roa
Signing time: Thu 16 May 2024 19:58:32 +0000
ROA not before: Thu 16 May 2024 19:58:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138692
IP address blocks: 103.136.200.0/24 maxlen: 24
103.136.201.0/24 maxlen: 24
103.136.202.0/24 maxlen: 24
103.136.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2954 (0xb8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A17B
Validity
Not Before: May 16 19:58:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66466568-54e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2d:6a:9f:be:f7:08:c8:f9:7d:8f:88:c5:e1:
63:3b:0b:63:5b:34:7d:e8:5c:78:90:cf:f3:ac:c1:
f0:de:05:3b:ef:8c:3e:a0:f1:3d:c7:32:c2:de:6e:
1d:17:8c:0a:fd:aa:53:d6:3b:6f:42:c1:26:70:5d:
9c:b2:b3:0b:eb:b4:ee:12:f6:11:4d:8a:83:db:dc:
39:e7:1d:2d:1a:60:7a:cf:a3:31:f5:86:43:0e:ec:
d7:d7:98:94:35:9b:d3:8f:72:c7:2a:58:46:1e:a0:
b4:b1:f5:b9:c8:a8:cf:54:75:ac:db:4c:eb:f2:04:
20:c9:99:a7:6b:16:96:d7:8c:da:01:6f:26:4b:b8:
7d:01:aa:1f:3e:99:1e:c7:90:c3:bf:a8:47:bc:60:
1c:07:e0:d9:8d:a0:61:6c:04:bc:28:c5:16:38:74:
75:d8:57:83:7a:e8:cf:54:09:a1:17:80:ee:99:b2:
18:ea:0e:12:09:77:3f:ef:79:58:c1:4a:8e:a4:26:
54:c1:ef:68:57:09:dd:ff:36:d5:8c:e5:90:c6:bf:
c4:81:ee:70:96:33:28:b0:8f:da:6d:d5:74:b9:0f:
07:d1:c7:c0:0f:27:63:0b:6e:3e:2e:58:0c:a1:e0:
90:59:8d:91:ad:af:75:81:1f:cb:c1:39:f7:4e:fc:
38:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:31:BA:71:C6:4F:2C:B5:C1:BB:5C:D2:8D:57:CA:C7:BF:B3:71:3E
X509v3 Authority Key Identifier:
keyid:83:71:8E:9E:D4:A1:B2:29:27:9E:3C:A5:55:D4:4D:6E:1F:CA:8C:C5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/A473C9A008F311EE98719810C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.200.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:bb:58:ea:fb:ad:6d:b8:14:df:bc:18:a7:66:fe:fd:57:c3:
8e:80:ed:b6:71:b7:3e:a7:90:7d:bd:a9:58:01:a8:c9:76:c5:
5c:70:a2:98:5e:e5:e2:83:b8:a4:fd:68:84:61:72:13:81:30:
93:66:2b:53:09:63:a4:b3:87:83:aa:ea:83:23:8b:15:01:eb:
fc:1d:4a:7e:5b:65:b3:35:99:97:1d:45:7e:f8:7c:c5:c0:ab:
5b:31:4e:46:98:80:d1:91:06:e3:07:c2:77:9b:9b:79:3b:4e:
86:95:82:fc:de:eb:62:6d:c8:83:58:46:06:f1:89:9e:67:e0:
31:f7:8e:e9:77:2c:46:31:7e:39:92:9f:5f:13:96:37:dc:97:
b9:51:98:7b:de:60:7c:c6:8b:d6:15:56:e8:60:3b:fb:3e:61:
d2:a5:8b:23:85:02:4e:5e:57:a2:a2:a1:ab:d1:66:fa:a3:6d:
0f:2f:95:c0:7f:1a:bf:3e:dd:17:aa:1b:4f:4b:8e:66:4b:eb:
77:5a:9e:6d:7d:74:31:33:14:65:94:9b:8b:6c:cf:02:1b:fb:
c4:1b:fa:75:6a:e3:8f:e7:c4:7c:7f:b0:20:90:fe:a1:93:6e:
e3:7c:6f:d1:d2:f6:fe:79:5f:b0:ba:1d:5e:b7:05:ff:11:bb:
84:7b:e5:ca
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC4owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0ExN0IxMTAvBgNVBAUTKDgzNzE4RTlFRDRBMUIyMjkyNzlFM0NBNTU1RDQ0RDZF
MUZDQThDQzUwHhcNMjQwNTE2MTk1ODMyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQ2NjU2OC01NGUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvi1qn773CMj5fY+IxeFjOwtjWzR96Fx4kM/zrMHw3gU774w+oPE9xzLC3m4d
F4wK/apT1jtvQsEmcF2csrML67TuEvYRTYqD29w55x0tGmB6z6Mx9YZDDuzX15iU
NZvTj3LHKlhGHqC0sfW5yKjPVHWs20zr8gQgyZmnaxaW14zaAW8mS7h9AaofPpke
x5DDv6hHvGAcB+DZjaBhbAS8KMUWOHR12FeDeujPVAmhF4DumbIY6g4SCXc/73lY
wUqOpCZUwe9oVwnd/zbVjOWQxr/Ege5wljMosI/abdV0uQ8H0cfADydjC24+LlgM
oeCQWY2Rra91gR/LwTn3Tvw4+wIDAQABo4IClTCCApEwHQYDVR0OBBYEFG0xunHG
Tyy1wbtc0o1Xyse/s3E+MB8GA1UdIwQYMBaAFINxjp7UobIpJ548pVXUTW4fyozF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTE3Qi84NTM5NUQ2RTA2
RDMxMUVBQkE1RDVBNDlDNEY5QUUwMi9nM0dPbnRTaHNpa25uanlsVmRSTmJoX0tq
TVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2czR09udFNoc2lrbm5qeWxWZFJOYmhfS2pNVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0ExN0IvODUzOTVENkUwNkQzMTFFQUJBNUQ1QTQ5QzRGOUFFMDIvQTQ3M0M5QTAw
OEYzMTFFRTk4NzE5ODEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJniMgwDQYJKoZIhvcNAQELBQADggEBACq7WOr7rW24FN+8
GKdm/v1Xw46A7bZxtz6nkH29qVgBqMl2xVxwophe5eKDuKT9aIRhchOBMJNmK1MJ
Y6Szh4Oq6oMjixUB6/wdSn5bZbM1mZcdRX74fMXAq1sxTkaYgNGRBuMHwnebm3k7
ToaVgvze62JtyINYRgbxiZ5n4DH3jul3LEYxfjmSn18Tljfcl7lRmHveYHzGi9YV
VuhgO/s+YdKliyOFAk5eV6KioavRZvqjbQ8vlcB/Gr8+3ReqG09LjmZL63danm19
dDEzFGWUm4tszwIb+8Qb+nVq44/nxHx/sCCQ/qGTbuN8b9HS9v55X7C6HV63Bf8R
u4R75co=
-----END CERTIFICATE-----
Generated at Fri Apr 11 19:52:19 2025 by rpki-client