Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91847B9/FC558882A14411ED95704386C4F9AE02/B08DD41EE73E11EDB9372A29C4F9AE02.roa
File: B08DD41EE73E11EDB9372A29C4F9AE02.roa (raw, json)
Hash identifier: 0gXG6s1XCg7u3bAeXFvctWsk7n6C+d/n5aBUKeABS1w=
Subject key identifier: 29:15:80:19:72:08:BD:CC:D0:A5:AE:75:AB:C6:37:97:70:D1:7B:50
Certificate issuer: /CN=A91847B9/serialNumber=0E58051B24BD5ADB1BCC9F38E2D3E7374B68DB7C
Certificate serial: 0184
Authority key identifier: 0E:58:05:1B:24:BD:5A:DB:1B:CC:9F:38:E2:D3:E7:37:4B:68:DB:7C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DlgFGyS9WtsbzJ844tPnN0to23w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91847B9/FC558882A14411ED95704386C4F9AE02/B08DD41EE73E11EDB9372A29C4F9AE02.roa
Signing time: Thu 23 Jan 2025 02:16:42 +0000
ROA not before: Thu 23 Jan 2025 02:16:42 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 149478
IP address blocks: 103.77.218.0/23 maxlen: 23
103.77.218.0/24 maxlen: 24
103.77.219.0/24 maxlen: 24
2001:df1:e340::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 388 (0x184)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91847B9
Validity
Not Before: Jan 23 02:16:42 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=6791a68a-9209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:d8:b6:36:13:74:8a:db:f0:66:78:12:4f:84:
0d:85:72:86:dd:c0:2a:ca:4e:dc:2d:eb:32:7c:38:
01:fc:c7:71:da:fc:9a:61:f3:3f:05:87:05:b3:ca:
5d:f5:f7:7e:b7:b1:54:25:f4:c7:15:41:97:e9:61:
8a:70:9c:64:e4:50:00:1b:2e:c0:96:0e:27:93:45:
9f:68:00:24:8f:f0:2e:02:b1:92:51:98:44:22:fc:
f7:17:31:22:39:2a:dd:3c:64:81:1f:c2:59:d5:83:
14:aa:26:3a:d5:58:9a:68:26:86:45:56:d5:e9:d5:
4e:c9:9f:f6:73:25:28:77:ba:f2:f5:88:31:f2:92:
9a:e6:df:14:39:55:36:09:f4:28:4b:c9:4e:1e:3d:
7f:8e:63:74:62:3b:51:3e:9b:1f:d6:40:5d:a3:96:
a4:e5:85:0c:f3:9c:17:aa:0a:78:d7:d0:68:73:05:
f5:84:9e:37:27:8b:3f:3e:95:35:b5:dc:f9:2f:da:
93:35:f1:80:cb:a0:d9:ed:24:ef:a6:b9:be:18:2c:
83:c6:c1:64:58:4d:3f:ca:26:6e:21:5a:8b:cc:8c:
54:81:bf:45:bd:ec:15:c6:0d:96:d9:f0:6a:0c:0d:
cc:0a:b1:c0:74:cd:b1:f9:f0:aa:da:b2:7b:06:63:
cd:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:15:80:19:72:08:BD:CC:D0:A5:AE:75:AB:C6:37:97:70:D1:7B:50
X509v3 Authority Key Identifier:
keyid:0E:58:05:1B:24:BD:5A:DB:1B:CC:9F:38:E2:D3:E7:37:4B:68:DB:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91847B9/FC558882A14411ED95704386C4F9AE02/DlgFGyS9WtsbzJ844tPnN0to23w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DlgFGyS9WtsbzJ844tPnN0to23w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847B9/FC558882A14411ED95704386C4F9AE02/B08DD41EE73E11EDB9372A29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.77.218.0/23
IPv6:
2001:df1:e340::/48
Signature Algorithm: sha256WithRSAEncryption
a1:45:e5:3d:68:d6:0b:4d:f9:18:ef:80:ee:f1:ae:df:96:9f:
c8:fa:57:c7:dd:f8:df:d6:89:1d:73:f2:6b:f8:b2:99:ff:3c:
73:44:49:77:7b:9f:07:7c:3e:aa:0c:e9:8a:b3:15:52:3f:ca:
fd:4d:dd:09:10:6d:f3:2d:98:03:93:f9:e4:a1:a9:70:e4:38:
f3:a2:b9:a8:59:8d:03:74:23:89:43:82:77:87:c1:15:d3:c2:
58:2d:81:f3:4f:88:9d:d2:5b:8a:e9:b5:70:c7:04:41:ec:ff:
50:0e:ca:0c:bc:02:48:80:46:31:9c:98:d1:03:eb:15:17:99:
0a:46:61:f4:4f:34:5c:4c:b4:b5:ce:ca:22:9e:c3:df:f4:72:
22:60:63:96:5f:28:44:56:33:2a:2d:d4:10:47:a6:2a:58:09:
91:09:41:80:cc:d3:38:bb:be:8e:03:11:bf:19:b2:01:ee:6c:
a6:e4:7e:7f:88:8b:15:36:49:78:43:1a:91:f6:8d:3d:55:6e:
c2:90:f1:c7:29:53:7e:57:36:5c:84:59:84:76:cc:20:4a:a5:
c4:3c:cc:e2:34:c6:c8:1a:4e:1f:f3:41:37:a4:24:4f:43:66:
6a:55:d2:50:c2:85:15:94:c0:0e:63:fa:90:b6:49:b1:db:4f:
60:95:53:d1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAYQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQ3QjkxMTAvBgNVBAUTKDBFNTgwNTFCMjRCRDVBREIxQkNDOUYzOEUyRDNFNzM3
NEI2OERCN0MwHhcNMjUwMTIzMDIxNjQyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxYTY4YS05MjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9ti2NhN0itvwZngST4QNhXKG3cAqyk7cLesyfDgB/Mdx2vyaYfM/BYcFs8pd
9fd+t7FUJfTHFUGX6WGKcJxk5FAAGy7Alg4nk0WfaAAkj/AuArGSUZhEIvz3FzEi
OSrdPGSBH8JZ1YMUqiY61ViaaCaGRVbV6dVOyZ/2cyUod7ry9Ygx8pKa5t8UOVU2
CfQoS8lOHj1/jmN0YjtRPpsf1kBdo5ak5YUM85wXqgp419BocwX1hJ43J4s/PpU1
tdz5L9qTNfGAy6DZ7STvprm+GCyDxsFkWE0/yiZuIVqLzIxUgb9FvewVxg2W2fBq
DA3MCrHAdM2x+fCq2rJ7BmPNuwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFCkVgBly
CL3M0KWudavGN5dw0XtQMB8GA1UdIwQYMBaAFA5YBRskvVrbG8yfOOLT5zdLaNt8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDdCOS9GQzU1ODg4MkEx
NDQxMUVEOTU3MDQzODZDNEY5QUUwMi9EbGdGR3lTOVd0c2J6Sjg0NHRQbk4wdG8y
M3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RsZ0ZHeVM5V3RzYnpKODQ0dFBuTjB0bzIzdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQ3QjkvRkM1NTg4ODJBMTQ0MTFFRDk1NzA0Mzg2QzRGOUFFMDIvQjA4REQ0MUVF
NzNFMTFFREI5MzcyQTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnTdowDwQCAAIwCQMHACABDfHjQDANBgkqhkiG9w0BAQsF
AAOCAQEAoUXlPWjWC035GO+A7vGu35afyPpXx93439aJHXPya/iymf88c0RJd3uf
B3w+qgzpirMVUj/K/U3dCRBt8y2YA5P55KGpcOQ486K5qFmNA3QjiUOCd4fBFdPC
WC2B80+IndJbium1cMcEQez/UA7KDLwCSIBGMZyY0QPrFReZCkZh9E80XEy0tc7K
Ip7D3/RyImBjll8oRFYzKi3UEEemKlgJkQlBgMzTOLu+jgMRvxmyAe5spuR+f4iL
FTZJeEMakfaNPVVuwpDxxylTflc2XIRZhHbMIEqlxDzM4jTGyBpOH/NBN6QkT0Nm
alXSUMKFFZTADmP6kLZJsdtPYJVT0Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:57:30 2025 by rpki-client