Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6BF5/9D0B422213F311EA80B3745FC4F9AE02/03EE880413F511EA8D120C65C4F9AE02.roa
File: 03EE880413F511EA8D120C65C4F9AE02.roa (raw, json)
Hash identifier: RpJ/3A2zXQw9C0hNB2vN4upiPschgzxuaxvOtctAWMc=
Subject key identifier: 4A:B7:3C:FC:88:61:06:01:4F:66:0C:EF:C1:34:EF:79:A4:DE:37:CC
Certificate issuer: /CN=A91A6BF5/serialNumber=3E845EA84E11030BC2A1061308979F798A12113F
Certificate serial: 0BA4
Authority key identifier: 3E:84:5E:A8:4E:11:03:0B:C2:A1:06:13:08:97:9F:79:8A:12:11:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PoReqE4RAwvCoQYTCJefeYoSET8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A6BF5/9D0B422213F311EA80B3745FC4F9AE02/03EE880413F511EA8D120C65C4F9AE02.roa
Signing time: Wed 04 Dec 2024 18:57:01 +0000
ROA not before: Wed 04 Dec 2024 18:57:01 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 136007
IP address blocks: 103.78.248.0/24 maxlen: 24
103.78.249.0/24 maxlen: 24
103.78.250.0/24 maxlen: 24
103.78.251.0/24 maxlen: 24
2400:10c0::/32 maxlen: 32
2400:10c0::/35 maxlen: 35
2400:10c0:2000::/35 maxlen: 35
2400:10c0:4000::/35 maxlen: 35
2400:10c0:6000::/35 maxlen: 35
2400:10c0:8000::/35 maxlen: 35
2400:10c0:a000::/35 maxlen: 35
2400:10c0:c000::/35 maxlen: 35
2400:10c0:e000::/35 maxlen: 35
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2980 (0xba4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A6BF5
Validity
Not Before: Dec 4 18:57:01 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6750a5fd-a525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:36:a9:ed:5f:7e:59:96:62:89:72:2b:15:49:
32:f7:c4:99:11:bf:4b:05:28:76:b8:a7:ec:ce:72:
ed:be:fe:59:67:18:cf:7b:fd:46:ac:95:52:58:fb:
c1:de:94:35:78:c0:04:68:b0:70:16:c7:a1:cd:bc:
6b:c3:b4:2f:ea:d0:84:b7:eb:b1:b9:76:01:c4:e4:
7c:99:4c:b3:d2:c1:b0:19:01:fc:23:78:d8:e9:6d:
e1:a4:d3:23:6d:98:9f:00:2c:d5:05:8b:0c:cc:ad:
e8:2f:05:c4:f8:52:4b:ca:e1:ef:92:0e:f9:ae:fb:
ca:18:95:fc:88:a2:ae:50:86:47:41:2f:1f:88:0a:
ea:97:de:4d:34:e2:e0:a5:68:d1:40:e5:39:c3:dc:
87:16:68:c3:e8:35:88:7f:2d:54:ee:32:49:61:ab:
65:70:fa:e4:eb:5b:de:94:02:8b:f6:31:8c:de:fc:
c6:67:f7:c4:8f:ad:e9:7a:29:b4:ef:80:42:40:a8:
ab:8d:82:97:95:f8:a1:de:8d:f5:7e:51:4d:60:0c:
a8:c3:77:4c:e1:30:05:4c:ac:ad:50:95:bf:9e:b6:
fb:75:9e:9c:ef:a0:db:bc:09:e6:52:7e:99:0c:82:
55:ab:bd:2b:e7:97:35:72:bc:9f:fd:f2:f9:c8:b9:
1f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:B7:3C:FC:88:61:06:01:4F:66:0C:EF:C1:34:EF:79:A4:DE:37:CC
X509v3 Authority Key Identifier:
keyid:3E:84:5E:A8:4E:11:03:0B:C2:A1:06:13:08:97:9F:79:8A:12:11:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A6BF5/9D0B422213F311EA80B3745FC4F9AE02/PoReqE4RAwvCoQYTCJefeYoSET8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PoReqE4RAwvCoQYTCJefeYoSET8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6BF5/9D0B422213F311EA80B3745FC4F9AE02/03EE880413F511EA8D120C65C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.78.248.0/22
IPv6:
2400:10c0::/32
Signature Algorithm: sha256WithRSAEncryption
52:9f:cf:aa:c7:32:a6:e1:69:95:1f:32:e2:65:37:ba:d8:80:
d0:cb:60:26:ca:01:ae:38:d7:9a:6b:c0:81:11:43:5d:f9:95:
38:6a:57:5a:1e:78:8e:ac:16:4c:bf:72:35:3a:2b:03:c5:db:
c6:53:68:c3:2b:36:35:08:fc:f7:8d:8d:9a:88:d2:7d:ac:e9:
cb:8d:a8:ad:41:ef:0e:e6:66:da:19:82:0d:49:22:90:b3:ef:
84:b0:79:f6:39:7a:91:54:9e:91:5c:54:ae:cc:6a:08:13:d0:
66:9a:c2:79:db:06:21:a1:b2:c7:1b:2a:da:52:b9:14:1d:83:
db:79:10:3e:1f:16:7f:8b:f7:40:5b:ec:7f:75:da:24:4f:6f:
83:ac:d9:28:2e:6e:ec:ef:59:ca:cb:ba:dc:38:5d:59:45:2e:
74:04:72:1f:d4:0d:db:0a:0f:62:63:87:c5:09:71:db:dd:b5:
fd:74:1b:80:9a:58:7a:83:ad:28:30:ce:fd:a8:ef:66:8b:97:
56:05:e4:43:a5:c6:90:53:c6:d5:0b:dd:f1:87:9c:80:77:e2:
63:53:c4:0b:33:3c:c7:83:3d:71:25:8e:df:60:38:5e:7c:a4:
51:f1:ea:c9:96:3a:66:6d:05:1d:d0:e9:2e:05:83:cf:36:bd:
4d:b7:e3:b4
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC6QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTZCRjUxMTAvBgNVBAUTKDNFODQ1RUE4NEUxMTAzMEJDMkExMDYxMzA4OTc5Rjc5
OEExMjExM0YwHhcNMjQxMjA0MTg1NzAxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwYTVmZC1hNTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuzap7V9+WZZiiXIrFUky98SZEb9LBSh2uKfsznLtvv5ZZxjPe/1GrJVSWPvB
3pQ1eMAEaLBwFsehzbxrw7Qv6tCEt+uxuXYBxOR8mUyz0sGwGQH8I3jY6W3hpNMj
bZifACzVBYsMzK3oLwXE+FJLyuHvkg75rvvKGJX8iKKuUIZHQS8fiArql95NNOLg
pWjRQOU5w9yHFmjD6DWIfy1U7jJJYatlcPrk61velAKL9jGM3vzGZ/fEj63peim0
74BCQKirjYKXlfih3o31flFNYAyow3dM4TAFTKytUJW/nrb7dZ6c76DbvAnmUn6Z
DIJVq70r55c1cryf/fL5yLkfZwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEq3PPyI
YQYBT2YM78E073mk3jfMMB8GA1UdIwQYMBaAFD6EXqhOEQMLwqEGEwiXn3mKEhE/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNkJGNS85RDBCNDIyMjEz
RjMxMUVBODBCMzc0NUZDNEY5QUUwMi9Qb1JlcUU0UkF3dkNvUVlUQ0plZmVZb1NF
VDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BvUmVxRTRSQXd2Q29RWVRDSmVmZVlvU0VUOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTZCRjUvOUQwQjQyMjIxM0YzMTFFQTgwQjM3NDVGQzRGOUFFMDIvMDNFRTg4MDQx
M0Y1MTFFQThEMTIwQzY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnTvgwDQQCAAIwBwMFACQAEMAwDQYJKoZIhvcNAQELBQAD
ggEBAFKfz6rHMqbhaZUfMuJlN7rYgNDLYCbKAa4415prwIERQ135lThqV1oeeI6s
Fky/cjU6KwPF28ZTaMMrNjUI/PeNjZqI0n2s6cuNqK1B7w7mZtoZgg1JIpCz74Sw
efY5epFUnpFcVK7MaggT0GaawnnbBiGhsscbKtpSuRQdg9t5ED4fFn+L90Bb7H91
2iRPb4Os2SgubuzvWcrLutw4XVlFLnQEch/UDdsKD2Jjh8UJcdvdtf10G4CaWHqD
rSgwzv2o72aLl1YF5EOlxpBTxtUL3fGHnIB34mNTxAszPMeDPXEljt9gOF58pFHx
6smWOmZtBR3Q6S4Fg882vU2347Q=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:28:54 2025 by rpki-client