Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9185FD0/3833447809CF11EEA5E82532C4F9AE02/9E5F4D0060E111EEBD81AD43C4F9AE02.roa
File: 9E5F4D0060E111EEBD81AD43C4F9AE02.roa (raw, json)
Hash identifier: CtHJodJQnL5Xz0yuYtNWAz2VQ1bux6VI2UVz4UoYjHI=
Subject key identifier: 86:78:E8:C0:72:18:0D:B2:44:F9:D8:89:50:1D:CC:C1:EB:B5:40:CF
Certificate issuer: /CN=A9185FD0/serialNumber=59B6D6CD7305F2DEEC2B8E613C5D8F49425E0039
Certificate serial: A2
Authority key identifier: 59:B6:D6:CD:73:05:F2:DE:EC:2B:8E:61:3C:5D:8F:49:42:5E:00:39
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WbbWzXMF8t7sK45hPF2PSUJeADk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9185FD0/3833447809CF11EEA5E82532C4F9AE02/9E5F4D0060E111EEBD81AD43C4F9AE02.roa
Signing time: Fri 05 Apr 2024 07:08:28 +0000
ROA not before: Fri 05 Apr 2024 07:08:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151066
IP address blocks: 103.129.124.0/23 maxlen: 23
103.129.124.0/24 maxlen: 24
103.129.125.0/24 maxlen: 24
2001:df2:3b40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162 (0xa2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9185FD0
Validity
Not Before: Apr 5 07:08:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660fa36c-58cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cc:da:94:1c:f9:84:b7:0e:54:02:25:fb:bc:
5e:bc:80:64:5e:a3:76:be:7f:2a:0b:f6:90:c1:8d:
8c:df:e9:a9:e1:49:92:fd:c9:a7:6c:ad:7b:a8:5c:
6b:f0:14:a1:c8:5b:4c:7e:8c:6e:8f:f9:61:64:1c:
ad:15:98:b0:18:2c:81:c4:f2:62:d1:48:c4:15:8a:
d0:e2:03:e6:49:65:78:54:fd:a0:8b:e0:fb:fc:67:
9f:f0:b2:67:89:af:84:02:ce:ed:7b:18:63:30:e2:
80:28:ec:b9:55:f4:c3:ab:4a:85:4d:48:ad:15:34:
a5:e1:52:91:5a:36:17:df:e8:6c:41:f5:08:db:a3:
ba:71:53:7f:18:e3:3b:a2:53:b8:c4:74:81:4a:e2:
9a:d9:3e:47:c5:8e:d5:5a:8f:39:3b:f3:43:2e:43:
e9:d9:0f:9c:1e:e6:04:8b:04:97:35:53:7d:d6:fe:
94:18:8d:ee:d9:99:41:0b:b1:23:24:0c:4c:a1:45:
d7:bb:76:18:c8:6d:55:ae:40:99:bb:ce:76:29:76:
45:db:f7:35:d9:82:de:81:3b:1f:f3:56:34:c5:de:
63:c5:52:44:76:c6:1a:11:11:03:85:1c:55:74:e0:
be:1b:85:f2:e1:25:b5:0e:ad:72:3e:cc:70:df:5a:
33:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:78:E8:C0:72:18:0D:B2:44:F9:D8:89:50:1D:CC:C1:EB:B5:40:CF
X509v3 Authority Key Identifier:
keyid:59:B6:D6:CD:73:05:F2:DE:EC:2B:8E:61:3C:5D:8F:49:42:5E:00:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9185FD0/3833447809CF11EEA5E82532C4F9AE02/WbbWzXMF8t7sK45hPF2PSUJeADk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WbbWzXMF8t7sK45hPF2PSUJeADk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185FD0/3833447809CF11EEA5E82532C4F9AE02/9E5F4D0060E111EEBD81AD43C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.124.0/23
IPv6:
2001:df2:3b40::/48
Signature Algorithm: sha256WithRSAEncryption
43:2a:a8:1f:7c:e9:f8:0f:87:62:88:5a:da:36:41:3c:15:79:
2d:bc:68:75:79:0b:86:a8:4a:27:74:11:9d:c9:c2:90:27:3a:
6e:f3:34:8c:dd:5b:7a:00:bb:10:45:ba:54:d2:9d:d2:da:94:
5d:f9:7e:05:c4:6c:8f:8e:a8:dd:14:2e:5a:8b:09:0a:f3:4d:
de:66:6f:0d:47:62:83:fb:56:83:8e:14:2e:95:a4:ab:da:91:
dc:58:11:85:73:26:a8:a6:84:c1:97:e4:86:0c:0b:96:3e:48:
1b:06:50:ba:ba:8b:ae:a3:15:5c:d1:60:d1:0e:6d:ad:8b:0a:
30:6e:e2:c5:33:a1:a6:39:81:06:1f:fb:2f:81:42:1d:5a:0f:
50:88:92:95:c3:13:14:b0:a5:ef:59:e3:8e:b1:a6:80:a0:cf:
9f:74:8b:46:26:3c:25:19:27:b6:17:22:2a:c2:01:95:73:25:
d8:53:c6:2e:ea:c7:cf:51:5e:f0:f9:54:23:06:f2:40:cf:d0:
d5:d0:ea:d0:69:2a:c7:38:73:0f:5f:4e:8d:a1:c3:e3:c2:04:
18:66:20:42:a6:dc:60:d7:b5:de:8a:b9:61:d0:4e:22:de:49:
c3:cb:10:98:af:0c:40:29:22:c5:26:b0:de:40:27:48:53:0d:
16:c0:6d:ab
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODVGRDAxMTAvBgNVBAUTKDU5QjZENkNENzMwNUYyREVFQzJCOEU2MTNDNUQ4RjQ5
NDI1RTAwMzkwHhcNMjQwNDA1MDcwODI4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBmYTM2Yy01OGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwMzalBz5hLcOVAIl+7xevIBkXqN2vn8qC/aQwY2M3+mp4UmS/cmnbK17qFxr
8BShyFtMfoxuj/lhZBytFZiwGCyBxPJi0UjEFYrQ4gPmSWV4VP2gi+D7/Gef8LJn
ia+EAs7texhjMOKAKOy5VfTDq0qFTUitFTSl4VKRWjYX3+hsQfUI26O6cVN/GOM7
olO4xHSBSuKa2T5HxY7VWo85O/NDLkPp2Q+cHuYEiwSXNVN91v6UGI3u2ZlBC7Ej
JAxMoUXXu3YYyG1VrkCZu852KXZF2/c12YLegTsf81Y0xd5jxVJEdsYaEREDhRxV
dOC+G4Xy4SW1Dq1yPsxw31ozJwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIZ46MBy
GA2yRPnYiVAdzMHrtUDPMB8GA1UdIwQYMBaAFFm21s1zBfLe7CuOYTxdj0lCXgA5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUZEMC8zODMzNDQ3ODA5
Q0YxMUVFQTVFODI1MzJDNEY5QUUwMi9XYmJXelhNRjh0N3NLNDVoUEYyUFNVSmVB
RGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1diYld6WE1GOHQ3c0s0NWhQRjJQU1VKZUFEay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODVGRDAvMzgzMzQ0NzgwOUNGMTFFRUE1RTgyNTMyQzRGOUFFMDIvOUU1RjREMDA2
MEUxMTFFRUJEODFBRDQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFngXwwDwQCAAIwCQMHACABDfI7QDANBgkqhkiG9w0BAQsF
AAOCAQEAQyqoH3zp+A+HYoha2jZBPBV5LbxodXkLhqhKJ3QRncnCkCc6bvM0jN1b
egC7EEW6VNKd0tqUXfl+BcRsj46o3RQuWosJCvNN3mZvDUdig/tWg44ULpWkq9qR
3FgRhXMmqKaEwZfkhgwLlj5IGwZQurqLrqMVXNFg0Q5trYsKMG7ixTOhpjmBBh/7
L4FCHVoPUIiSlcMTFLCl71njjrGmgKDPn3SLRiY8JRknthciKsIBlXMl2FPGLurH
z1Fe8PlUIwbyQM/Q1dDq0GkqxzhzD19OjaHD48IEGGYgQqbcYNe13oq5YdBOIt5J
w8sQmK8MQCkixSaw3kAnSFMNFsBtqw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:36:49 2025 by rpki-client