Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9183EB3/3DB6A362637511EAB9C3680BC4F9AE02/D67C31E8637511EA8A698E0BC4F9AE02.roa
File: D67C31E8637511EA8A698E0BC4F9AE02.roa (raw, json)
Hash identifier: yH51MrOnrCMRnU8jdZMxQRRlfTnvexHS8d47tx5HLls=
Subject key identifier: FE:E9:69:29:4F:8E:F0:C4:D3:BA:5C:45:F8:EA:BF:3B:52:9E:9B:89
Certificate issuer: /CN=A9183EB3/serialNumber=5703B55CD8E280229604A10BC8CF5B38011163FA
Certificate serial: 0999
Authority key identifier: 57:03:B5:5C:D8:E2:80:22:96:04:A1:0B:C8:CF:5B:38:01:11:63:FA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VwO1XNjigCKWBKELyM9bOAERY_o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9183EB3/3DB6A362637511EAB9C3680BC4F9AE02/D67C31E8637511EA8A698E0BC4F9AE02.roa
Signing time: Wed 24 Apr 2024 20:59:40 +0000
ROA not before: Wed 24 Apr 2024 20:59:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137067
IP address blocks: 103.149.56.0/23 maxlen: 23
103.149.56.0/24 maxlen: 24
103.149.57.0/24 maxlen: 24
2405:e340::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2457 (0x999)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9183EB3
Validity
Not Before: Apr 24 20:59:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=662972bc-43c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ea:dd:37:ab:84:11:83:bf:a9:b0:5f:48:19:
c8:dd:a7:e3:e9:da:a8:ca:88:83:83:e2:32:92:aa:
01:6f:05:d6:e7:b6:3f:26:c8:96:90:82:e0:3e:43:
36:65:4c:34:41:66:ed:63:34:d5:4a:da:12:08:71:
ff:bc:e1:8f:49:91:28:2c:75:56:7e:9f:94:8f:0d:
22:4a:1b:96:e0:5a:a1:91:f6:13:63:b1:bf:be:2e:
13:00:b9:c7:23:3b:3b:e3:10:0d:b4:99:46:42:6e:
70:61:df:7f:8c:dd:11:0c:f8:ff:05:dd:8b:ae:79:
c8:e7:5e:da:d9:f3:60:6b:ae:0d:32:f9:aa:49:3c:
17:42:cd:5e:4f:37:e1:36:18:22:fb:f6:eb:88:f0:
18:89:3e:07:9b:cc:e4:5d:73:47:89:23:94:81:bf:
27:27:e3:6d:45:67:d3:fa:da:60:6c:bd:29:66:39:
21:01:7a:ef:92:ea:b8:8b:59:a9:92:42:78:0b:c5:
58:b0:80:57:fa:88:96:66:68:ea:db:c3:a8:8b:d2:
76:a1:8c:ab:2f:d8:8a:83:a3:97:51:61:a2:67:56:
00:26:25:4e:2d:41:40:8e:0a:a8:b4:77:52:a5:93:
99:03:05:05:16:e8:f7:91:c8:d0:1c:f3:47:e0:96:
fa:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E9:69:29:4F:8E:F0:C4:D3:BA:5C:45:F8:EA:BF:3B:52:9E:9B:89
X509v3 Authority Key Identifier:
keyid:57:03:B5:5C:D8:E2:80:22:96:04:A1:0B:C8:CF:5B:38:01:11:63:FA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9183EB3/3DB6A362637511EAB9C3680BC4F9AE02/VwO1XNjigCKWBKELyM9bOAERY_o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VwO1XNjigCKWBKELyM9bOAERY_o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183EB3/3DB6A362637511EAB9C3680BC4F9AE02/D67C31E8637511EA8A698E0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.56.0/23
IPv6:
2405:e340::/32
Signature Algorithm: sha256WithRSAEncryption
92:46:fd:a7:35:fd:ca:c4:6f:51:6e:ff:d3:9e:0c:12:4e:1d:
9d:0b:01:e6:84:fb:c4:50:57:07:c7:1e:32:45:5f:42:18:0f:
53:d6:c1:ff:ab:4b:1c:85:f0:e0:06:52:74:49:7f:26:9c:36:
af:32:fa:5f:d7:79:95:64:c8:46:63:2a:8a:17:3e:9c:56:ef:
9d:75:d8:ca:e9:bf:bd:20:3f:28:0d:c7:1b:07:6a:9e:b2:04:
e8:c9:d6:e1:5a:42:1d:a8:f6:f4:ef:a1:ed:37:40:23:36:f5:
b7:2d:a1:e1:81:64:44:5f:d3:07:33:09:6f:06:8c:c1:a2:64:
51:a8:0e:33:9f:40:72:3f:d2:1f:d9:05:64:83:62:9f:c6:ca:
74:11:88:51:ec:ba:67:c1:f9:83:ed:67:23:53:d3:d5:eb:20:
fa:5d:5d:ca:8c:a2:11:00:d5:53:92:e5:bd:b9:8e:75:91:7d:
80:51:9f:81:4f:58:f3:81:ec:42:0d:4a:c8:42:b7:c1:5e:cd:
c4:79:4a:bc:4e:5e:b1:db:cb:03:0d:88:f1:b2:ac:b7:32:27:
8e:c0:6b:d3:a4:33:50:f4:b8:15:b9:2b:fd:8d:75:70:3e:20:
e9:f6:f4:6c:a4:b5:7f:16:fb:73:19:7d:99:a2:e3:51:8b:11:
27:a1:61:e8
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCZkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODNFQjMxMTAvBgNVBAUTKDU3MDNCNTVDRDhFMjgwMjI5NjA0QTEwQkM4Q0Y1QjM4
MDExMTYzRkEwHhcNMjQwNDI0MjA1OTQwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI5NzJiYy00M2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApurdN6uEEYO/qbBfSBnI3afj6dqoyoiDg+IykqoBbwXW57Y/JsiWkILgPkM2
ZUw0QWbtYzTVStoSCHH/vOGPSZEoLHVWfp+Ujw0iShuW4FqhkfYTY7G/vi4TALnH
Izs74xANtJlGQm5wYd9/jN0RDPj/Bd2LrnnI517a2fNga64NMvmqSTwXQs1eTzfh
Nhgi+/briPAYiT4Hm8zkXXNHiSOUgb8nJ+NtRWfT+tpgbL0pZjkhAXrvkuq4i1mp
kkJ4C8VYsIBX+oiWZmjq28Ooi9J2oYyrL9iKg6OXUWGiZ1YAJiVOLUFAjgqotHdS
pZOZAwUFFuj3kcjQHPNH4Jb6WwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFP7paSlP
jvDE07pcRfjqvztSnpuJMB8GA1UdIwQYMBaAFFcDtVzY4oAilgShC8jPWzgBEWP6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4M0VCMy8zREI2QTM2MjYz
NzUxMUVBQjlDMzY4MEJDNEY5QUUwMi9Wd08xWE5qaWdDS1dCS0VMeU05Yk9BRVJZ
X28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1Z3TzFYTmppZ0NLV0JLRUx5TTliT0FFUllfby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODNFQjMvM0RCNkEzNjI2Mzc1MTFFQUI5QzM2ODBCQzRGOUFFMDIvRDY3QzMxRTg2
Mzc1MTFFQThBNjk4RTBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnlTgwDQQCAAIwBwMFACQF40AwDQYJKoZIhvcNAQELBQAD
ggEBAJJG/ac1/crEb1Fu/9OeDBJOHZ0LAeaE+8RQVwfHHjJFX0IYD1PWwf+rSxyF
8OAGUnRJfyacNq8y+l/XeZVkyEZjKooXPpxW75112Mrpv70gPygNxxsHap6yBOjJ
1uFaQh2o9vTvoe03QCM29bctoeGBZERf0wczCW8GjMGiZFGoDjOfQHI/0h/ZBWSD
Yp/GynQRiFHsumfB+YPtZyNT09XrIPpdXcqMohEA1VOS5b25jnWRfYBRn4FPWPOB
7EINSshCt8FezcR5SrxOXrHbywMNiPGyrLcyJ47Aa9OkM1D0uBW5K/2NdXA+IOn2
9GyktX8W+3MZfZmi41GLESehYeg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:08:40 2025 by rpki-client