Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF0C6/3FCEBD223FEC11EEADF5D338C4F9AE02/A915A3543FEC11EE99AC0F43C4F9AE02.roa
File: A915A3543FEC11EE99AC0F43C4F9AE02.roa (raw, json)
Hash identifier: go8uCjvo0RCrR73Y9GSlxE8uDTmJOu4MaZ77GeOcrFI=
Subject key identifier: 72:EC:03:4F:7C:70:50:8C:77:CA:91:20:3A:23:04:03:68:FF:0B:07
Certificate issuer: /CN=A91AF0C6/serialNumber=B86F2B5ED697A121F4F29D5820372CF14055120B
Certificate serial: C8
Authority key identifier: B8:6F:2B:5E:D6:97:A1:21:F4:F2:9D:58:20:37:2C:F1:40:55:12:0B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uG8rXtaXoSH08p1YIDcs8UBVEgs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AF0C6/3FCEBD223FEC11EEADF5D338C4F9AE02/A915A3543FEC11EE99AC0F43C4F9AE02.roa
Signing time: Sat 31 Aug 2024 06:47:38 +0000
ROA not before: Sat 31 Aug 2024 06:47:38 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 151646
IP address blocks: 103.248.140.0/23 maxlen: 23
103.248.140.0/24 maxlen: 24
103.248.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200 (0xc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AF0C6
Validity
Not Before: Aug 31 06:47:38 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d2bc89-eb54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:88:67:15:47:ec:37:da:e5:cb:0e:01:5f:19:
62:8e:81:0f:0e:25:53:fb:37:55:e0:01:31:b7:fa:
f0:d1:ae:a6:fa:3e:85:bf:93:44:17:8d:45:87:e7:
54:a5:b3:68:2f:2e:2c:7f:9a:80:9e:93:db:7c:92:
55:f6:c3:1f:bc:b0:d9:c6:62:84:09:68:57:b4:22:
0c:45:76:ad:a9:2e:79:6f:78:d7:4b:2a:e2:e5:ab:
89:b6:65:9a:8d:16:ed:fe:fd:3a:42:e4:d3:f6:57:
43:d1:b9:10:1e:ce:24:a6:6b:0d:93:8a:f8:6b:a1:
b1:a4:d3:e1:e4:65:05:de:b2:65:a0:9b:91:f7:9f:
50:d3:e3:23:7d:81:ab:27:75:f7:42:8d:83:c6:82:
51:57:bc:8d:8b:e8:2b:9c:61:7a:c8:04:86:3b:c4:
6c:d6:a3:16:cd:64:17:a5:5a:02:d2:80:96:8e:38:
41:06:e9:71:70:f5:8e:3b:a8:a3:4d:1a:3b:ef:8c:
fe:96:4a:70:ec:e1:10:d6:ef:50:b7:2c:bc:96:a7:
e2:33:e0:bc:b0:84:11:87:14:92:ac:e7:00:4a:1e:
3f:3b:79:35:2d:18:a5:c6:be:7d:15:38:67:26:67:
c0:21:dc:e0:f2:f7:07:8e:f7:14:97:3f:e2:a6:2c:
00:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:EC:03:4F:7C:70:50:8C:77:CA:91:20:3A:23:04:03:68:FF:0B:07
X509v3 Authority Key Identifier:
keyid:B8:6F:2B:5E:D6:97:A1:21:F4:F2:9D:58:20:37:2C:F1:40:55:12:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AF0C6/3FCEBD223FEC11EEADF5D338C4F9AE02/uG8rXtaXoSH08p1YIDcs8UBVEgs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uG8rXtaXoSH08p1YIDcs8UBVEgs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF0C6/3FCEBD223FEC11EEADF5D338C4F9AE02/A915A3543FEC11EE99AC0F43C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.248.140.0/23
Signature Algorithm: sha256WithRSAEncryption
68:7f:7f:d1:15:a4:09:bf:b9:2b:67:de:32:a0:b5:4d:9d:15:
9d:6a:a7:2c:3f:6e:9e:2b:bf:16:b1:e5:c4:df:94:4a:2a:79:
91:ef:d0:e3:ee:7f:03:70:7f:ea:66:76:69:2d:c9:7a:b2:97:
ac:94:0f:a3:7d:9b:50:69:08:71:50:56:ba:57:25:f2:d0:99:
62:b1:20:db:c1:86:20:28:5f:a1:9c:a3:2c:c9:77:99:da:65:
39:d0:be:d4:58:80:d8:2f:bf:33:d9:c9:19:91:2f:54:95:57:
9b:30:3a:a6:27:13:87:62:fe:4d:92:c1:c0:4e:69:4e:9f:da:
e2:f6:9c:8c:e5:86:60:31:1f:26:75:c9:47:f1:8c:f4:ee:84:
52:a5:2f:e2:9e:d3:3f:5a:ae:20:ae:aa:0e:08:b9:a2:2d:31:
d5:3b:f9:f1:e1:af:88:85:6a:7b:dc:09:c6:d7:df:07:f0:f4:
83:45:2c:2d:4b:45:12:56:2f:95:2a:a4:00:58:60:d5:df:e1:
9e:bb:ec:d7:91:f1:2c:18:e7:9f:35:59:1a:ce:db:41:d5:28:
39:63:4a:db:96:ac:43:f2:8f:0c:96:a5:4c:8c:e0:d1:96:5d:
ed:53:2e:b4:f5:4d:a0:32:c9:84:63:69:32:5d:4f:c8:d0:de:
73:66:8b:30
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUYwQzYxMTAvBgNVBAUTKEI4NkYyQjVFRDY5N0ExMjFGNEYyOUQ1ODIwMzcyQ0Yx
NDA1NTEyMEIwHhcNMjQwODMxMDY0NzM4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQyYmM4OS1lYjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+ohnFUfsN9rlyw4BXxlijoEPDiVT+zdV4AExt/rw0a6m+j6Fv5NEF41Fh+dU
pbNoLy4sf5qAnpPbfJJV9sMfvLDZxmKECWhXtCIMRXatqS55b3jXSyri5auJtmWa
jRbt/v06QuTT9ldD0bkQHs4kpmsNk4r4a6GxpNPh5GUF3rJloJuR959Q0+MjfYGr
J3X3Qo2DxoJRV7yNi+grnGF6yASGO8Rs1qMWzWQXpVoC0oCWjjhBBulxcPWOO6ij
TRo774z+lkpw7OEQ1u9Qtyy8lqfiM+C8sIQRhxSSrOcASh4/O3k1LRilxr59FThn
JmfAIdzg8vcHjvcUlz/ipiwALwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHLsA098
cFCMd8qRIDojBANo/wsHMB8GA1UdIwQYMBaAFLhvK17Wl6Eh9PKdWCA3LPFAVRIL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjBDNi8zRkNFQkQyMjNG
RUMxMUVFQURGNUQzMzhDNEY5QUUwMi91RzhyWHRhWG9TSDA4cDFZSURjczhVQlZF
Z3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VHOHJYdGFYb1NIMDhwMVlJRGNzOFVCVkVncy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUYwQzYvM0ZDRUJEMjIzRkVDMTFFRUFERjVEMzM4QzRGOUFFMDIvQTkxNUEzNTQz
RkVDMTFFRTk5QUMwRjQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn+IwwDQYJKoZIhvcNAQELBQADggEBAGh/f9EVpAm/uStn
3jKgtU2dFZ1qpyw/bp4rvxax5cTflEoqeZHv0OPufwNwf+pmdmktyXqyl6yUD6N9
m1BpCHFQVrpXJfLQmWKxINvBhiAoX6GcoyzJd5naZTnQvtRYgNgvvzPZyRmRL1SV
V5swOqYnE4di/k2SwcBOaU6f2uL2nIzlhmAxHyZ1yUfxjPTuhFKlL+Ke0z9ariCu
qg4IuaItMdU7+fHhr4iFanvcCcbX3wfw9INFLC1LRRJWL5UqpABYYNXf4Z677NeR
8SwY5581WRrO20HVKDljStuWrEPyjwyWpUyM4NGWXe1TLrT1TaAyyYRjaTJdT8jQ
3nNmizA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:05:23 2025 by rpki-client