Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/A0142C706B6611EF88C61580C4F9AE02.roa
File: A0142C706B6611EF88C61580C4F9AE02.roa (raw, json)
Hash identifier: WL6knuhT+IT7g3hW2IRpH1KnEWqyPmGpIe/IXLQK6so=
Subject key identifier: CF:5F:F0:EA:08:14:1D:E9:81:56:13:E5:17:92:2F:C3:3D:96:0E:50
Certificate issuer: /CN=A91BECBA/serialNumber=8D8A80EC720AE7ED53FD2103E8E69C8555AD0F86
Certificate serial: 32
Authority key identifier: 8D:8A:80:EC:72:0A:E7:ED:53:FD:21:03:E8:E6:9C:85:55:AD:0F:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jYqA7HIK5-1T_SED6OachVWtD4Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/A0142C706B6611EF88C61580C4F9AE02.roa
Signing time: Tue 03 Dec 2024 06:10:34 +0000
ROA not before: Tue 03 Dec 2024 06:10:34 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 55531
IP address blocks: 103.146.76.0/23 maxlen: 23
103.146.76.0/24 maxlen: 24
103.146.77.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50 (0x32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BECBA
Validity
Not Before: Dec 3 06:10:34 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=674ea0da-b94a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:05:98:7a:bd:9e:be:39:24:d9:04:eb:5c:a9:
62:02:46:76:94:96:cc:ef:bd:7c:6a:1c:98:64:44:
82:04:15:d6:c1:3d:be:9a:56:42:17:15:ef:d6:30:
71:3a:cb:44:e7:c0:1d:91:5e:29:37:8e:c2:6c:6e:
16:f6:3b:b5:9f:75:ad:5a:ca:21:50:06:6f:f8:b4:
a9:23:4b:7c:b8:3c:53:81:a8:35:0a:0d:4d:4d:42:
40:5c:41:b6:5d:43:b7:90:ec:f7:0e:19:05:25:49:
fd:31:38:a6:f4:17:ce:de:c0:fc:8b:54:42:bc:68:
ef:7e:32:5f:8c:ac:85:09:08:0d:cd:1d:4c:9f:28:
d9:bd:1f:b2:e0:bb:54:d6:cc:f3:71:e0:b1:af:4e:
04:e4:37:c5:89:98:0f:75:12:e2:bb:99:31:a9:63:
ac:c9:7e:5c:a0:99:c3:2b:30:b9:d7:0e:9c:dd:4a:
e1:2f:cf:82:b8:56:a8:07:da:f5:fa:6a:58:84:3c:
2d:15:e2:80:b5:8c:e8:dc:dc:2f:31:b2:63:41:77:
d7:d7:8e:07:9c:0f:81:f1:79:38:fa:dd:73:cf:19:
55:1f:71:a6:ad:4c:b8:c1:33:b5:dd:17:46:a2:a9:
3e:97:7a:82:cf:38:22:b5:0c:8e:62:a5:77:f8:32:
d3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:5F:F0:EA:08:14:1D:E9:81:56:13:E5:17:92:2F:C3:3D:96:0E:50
X509v3 Authority Key Identifier:
keyid:8D:8A:80:EC:72:0A:E7:ED:53:FD:21:03:E8:E6:9C:85:55:AD:0F:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/jYqA7HIK5-1T_SED6OachVWtD4Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jYqA7HIK5-1T_SED6OachVWtD4Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/A0142C706B6611EF88C61580C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.146.76.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:2f:85:21:53:0a:35:ca:00:9a:77:f5:9e:50:01:e0:95:b3:
25:8a:8e:a8:5b:01:d6:9e:13:af:32:ff:ef:09:4e:48:64:7d:
d1:94:d5:10:e5:a8:73:8d:d3:30:b0:74:6e:6b:c7:18:51:b3:
4a:e0:f2:8e:91:af:14:17:72:79:4c:15:df:59:bd:04:6b:48:
cf:4f:2d:da:fe:5e:40:cf:d3:66:1e:bb:1a:69:73:34:c2:03:
fa:41:03:9c:d1:92:26:a4:49:81:bb:94:7f:2b:13:e1:a8:94:
49:71:a6:45:7b:5d:f6:ee:49:68:a2:fe:d8:5f:0e:c2:da:ca:
4e:6e:8b:60:a4:4f:ce:a7:c5:7b:7a:db:82:fa:f9:81:27:67:
b4:ed:0d:2e:f9:af:cf:0e:d1:b6:f1:f4:e4:42:64:96:b6:30:
6b:91:ef:a7:cc:d0:5d:f6:ce:25:7b:9d:43:a2:3c:42:c8:23:
26:73:9f:69:1c:2a:9b:db:27:68:51:81:5c:da:02:c4:70:b6:
7d:ae:83:a9:31:f9:7d:a2:a8:06:4a:c0:b1:03:b8:80:14:57:
7e:00:37:ba:59:e3:0f:f9:e1:4f:37:f2:39:18:cd:df:3a:65:
bf:4f:e2:ed:a6:a5:45:ba:d5:d2:84:d4:4b:2c:b9:0d:67:3a:
2e:ab:6b:7a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBMjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
RUNCQTExMC8GA1UEBRMoOEQ4QTgwRUM3MjBBRTdFRDUzRkQyMTAzRThFNjlDODU1
NUFEMEY4NjAeFw0yNDEyMDMwNjEwMzRaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NGVhMGRhLWI5NGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtBZh6vZ6+OSTZBOtcqWICRnaUlszvvXxqHJhkRIIEFdbBPb6aVkIXFe/WMHE6
y0TnwB2RXik3jsJsbhb2O7Wfda1ayiFQBm/4tKkjS3y4PFOBqDUKDU1NQkBcQbZd
Q7eQ7PcOGQUlSf0xOKb0F87ewPyLVEK8aO9+Ml+MrIUJCA3NHUyfKNm9H7Lgu1TW
zPNx4LGvTgTkN8WJmA91EuK7mTGpY6zJflygmcMrMLnXDpzdSuEvz4K4VqgH2vX6
aliEPC0V4oC1jOjc3C8xsmNBd9fXjgecD4HxeTj63XPPGVUfcaatTLjBM7XdF0ai
qT6XeoLPOCK1DI5ipXf4MtP7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUz1/w6ggU
HemBVhPlF5Ivwz2WDlAwHwYDVR0jBBgwFoAUjYqA7HIK5+1T/SED6OachVWtD4Yw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJFQ0JBLzU4M0UyQjlBNkI2
NTExRUZBODU3RTgwQ0M0RjlBRTAyL2pZcUE3SElLNS0xVF9TRUQ2T2FjaFZXdEQ0
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvallxQTdISUs1LTFUX1NFRDZPYWNoVld0RDRZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
RUNCQS81ODNFMkI5QTZCNjUxMUVGQTg1N0U4MENDNEY5QUUwMi9BMDE0MkM3MDZC
NjYxMUVGODhDNjE1ODBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeSTDANBgkqhkiG9w0BAQsFAAOCAQEAHC+FIVMKNcoAmnf1
nlAB4JWzJYqOqFsB1p4TrzL/7wlOSGR90ZTVEOWoc43TMLB0bmvHGFGzSuDyjpGv
FBdyeUwV31m9BGtIz08t2v5eQM/TZh67GmlzNMID+kEDnNGSJqRJgbuUfysT4aiU
SXGmRXtd9u5JaKL+2F8OwtrKTm6LYKRPzqfFe3rbgvr5gSdntO0NLvmvzw7RtvH0
5EJklrYwa5Hvp8zQXfbOJXudQ6I8QsgjJnOfaRwqm9snaFGBXNoCxHC2fa6DqTH5
faKoBkrAsQO4gBRXfgA3ulnjD/nhTzfyORjN3zplv0/i7aalRbrV0oTUSyy5DWc6
Lqtreg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:21:50 2025 by rpki-client