Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/8D106846FB0E11EEB5B4A70BC4F9AE02.roa
File: 8D106846FB0E11EEB5B4A70BC4F9AE02.roa (raw, json)
Hash identifier: ywKo2I6Izu9y9bphydPhm+Dq6OMqEXQCzyaDnuPjN7w=
Subject key identifier: FD:97:80:A7:15:41:A3:64:05:B4:F5:E9:D5:07:E4:08:BC:DF:00:ED
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4582
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/8D106846FB0E11EEB5B4A70BC4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:32:56 +0000
ROA not before: Thu 05 Sep 2024 03:32:56 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 135973
IP address blocks: 103.139.40.0/23 maxlen: 23
2001:df0:6980::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17794 (0x4582)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:32:56 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d92667-56cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ee:99:bf:23:4f:dc:b4:ff:a3:7c:b0:08:67:
fa:6e:03:78:61:a9:6a:f1:92:45:f8:bb:81:f6:96:
b1:62:9f:b7:44:6f:38:51:0e:65:13:ee:54:ac:4d:
b8:cc:0c:34:3b:e9:5e:14:da:27:0a:47:81:0f:09:
29:ca:d6:3c:66:e6:b5:6f:d1:9f:7f:1c:0c:c8:ea:
c1:23:ea:96:e4:5b:4e:dd:87:e3:df:c1:a0:df:0e:
85:32:3e:5e:96:3e:7f:1b:19:7c:b3:23:82:e7:5f:
64:04:92:3b:54:6b:b9:aa:7a:13:51:dd:70:52:e5:
3a:ee:56:f6:45:19:8a:83:f8:74:c4:29:9b:a6:93:
53:e7:8e:7c:cd:c6:6a:9c:0f:94:7c:c4:d5:85:e0:
89:7d:06:f9:a8:e7:60:41:16:f9:ce:2d:bf:c8:5e:
19:83:34:66:c8:f3:14:49:5e:b2:4f:8e:a2:8c:3a:
f0:c7:72:48:3c:66:00:23:21:80:e5:50:b2:6c:89:
da:0c:48:27:2d:0f:f6:56:b1:e7:09:e2:6b:bb:c5:
97:d4:f7:c8:68:3a:ea:ec:2e:44:c1:09:17:81:ae:
cc:50:37:07:6d:e2:a4:0c:2b:11:8a:8c:90:5e:5b:
35:6d:f2:48:b6:d9:e0:74:2a:52:57:2d:96:47:e2:
3f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:97:80:A7:15:41:A3:64:05:B4:F5:E9:D5:07:E4:08:BC:DF:00:ED
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/8D106846FB0E11EEB5B4A70BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.40.0/23
IPv6:
2001:df0:6980::/48
Signature Algorithm: sha256WithRSAEncryption
9f:26:71:6c:81:cf:ce:e0:1d:34:00:87:3a:8e:3c:0a:5a:3e:
88:97:92:9a:6b:d0:97:04:f1:ea:8d:32:61:3f:56:a6:69:66:
b3:c9:0c:c9:77:45:3b:cd:c0:d0:13:9a:2e:ed:ec:55:2a:bb:
5b:d9:f7:0d:07:b3:95:5a:12:79:3b:0a:6d:36:2a:a1:06:44:
a4:8b:6b:93:e0:76:c1:c4:12:5c:64:0d:c1:79:09:a2:ca:ec:
6b:82:ed:cd:89:14:e7:6f:e8:7b:08:12:bd:b5:5a:06:c0:dd:
b3:24:d6:05:f4:17:5a:68:d9:81:84:8c:b9:8a:88:f8:de:4d:
e2:f4:f5:57:89:e4:ac:69:e9:97:4b:49:83:86:6e:58:2a:8c:
16:85:03:fe:04:92:36:6d:c8:6f:8b:ef:48:a7:8c:c8:c4:1d:
c0:29:ee:1f:a7:01:24:88:11:e1:8d:41:3c:9b:35:e3:65:e7:
4b:f7:89:e8:a4:f4:65:7d:9d:36:d3:35:66:6f:c5:1f:69:8d:
7b:62:ea:b1:35:b1:4f:e7:e3:56:2a:35:06:ec:88:2d:23:06:
27:e3:d2:39:65:0b:49:df:8d:68:c6:96:36:f0:fc:58:1a:62:
04:bc:33:ad:90:2b:75:32:85:51:69:07:a5:9b:30:24:11:78:
ba:1b:9c:d8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICRYIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzMjU2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjY2Ny01NmNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsu6ZvyNP3LT/o3ywCGf6bgN4Yalq8ZJF+LuB9paxYp+3RG84UQ5lE+5UrE24
zAw0O+leFNonCkeBDwkpytY8Zua1b9GffxwMyOrBI+qW5FtO3Yfj38Gg3w6FMj5e
lj5/Gxl8syOC519kBJI7VGu5qnoTUd1wUuU67lb2RRmKg/h0xCmbppNT5458zcZq
nA+UfMTVheCJfQb5qOdgQRb5zi2/yF4ZgzRmyPMUSV6yT46ijDrwx3JIPGYAIyGA
5VCybInaDEgnLQ/2VrHnCeJru8WX1PfIaDrq7C5EwQkXga7MUDcHbeKkDCsRioyQ
Xls1bfJIttngdCpSVy2WR+I/hQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFP2XgKcV
QaNkBbT16dUH5Ai83wDtMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvOEQxMDY4NDZG
QjBFMTFFRUI1QjRBNzBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFniygwDwQCAAIwCQMHACABDfBpgDANBgkqhkiG9w0BAQsF
AAOCAQEAnyZxbIHPzuAdNACHOo48Clo+iJeSmmvQlwTx6o0yYT9Wpmlms8kMyXdF
O83A0BOaLu3sVSq7W9n3DQezlVoSeTsKbTYqoQZEpItrk+B2wcQSXGQNwXkJosrs
a4LtzYkU52/oewgSvbVaBsDdsyTWBfQXWmjZgYSMuYqI+N5N4vT1V4nkrGnpl0tJ
g4ZuWCqMFoUD/gSSNm3Ib4vvSKeMyMQdwCnuH6cBJIgR4Y1BPJs142XnS/eJ6KT0
ZX2dNtM1Zm/FH2mNe2LqsTWxT+fjVio1BuyILSMGJ+PSOWULSd+NaMaWNvD8WBpi
BLwzrZArdTKFUWkHpZswJBF4uhuc2A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:35:49 2025 by rpki-client