Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE9D6/9E66F5127A5511EABFBE947AC4F9AE02/E4EFE6905ECB11ECA9B55A3BC4F9AE02.roa
File: E4EFE6905ECB11ECA9B55A3BC4F9AE02.roa (raw, json)
Hash identifier: 2/vrRanjIvJ85A1uVxImmh8dfMsQj3ydRiChMXIyicw=
Subject key identifier: 7D:A9:95:58:CD:82:F8:D3:F4:16:96:2D:5A:03:B8:52:42:04:86:12
Certificate issuer: /CN=A91CE9D6/serialNumber=136741BD9E870F06ECE5CB355B8C7571CC96BA74
Certificate serial: 096E
Authority key identifier: 13:67:41:BD:9E:87:0F:06:EC:E5:CB:35:5B:8C:75:71:CC:96:BA:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E2dBvZ6HDwbs5cs1W4x1ccyWunQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE9D6/9E66F5127A5511EABFBE947AC4F9AE02/E4EFE6905ECB11ECA9B55A3BC4F9AE02.roa
Signing time: Mon 12 Aug 2024 20:38:43 +0000
ROA not before: Mon 12 Aug 2024 20:38:43 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 64073
IP address blocks: 103.140.143.0/24 maxlen: 24
2001:df0:c480::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2414 (0x96e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE9D6
Validity
Not Before: Aug 12 20:38:43 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66ba72d2-cf54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:62:e2:0e:d4:5a:1e:ba:1a:f1:46:08:3d:6e:
30:a4:ac:40:8c:c2:ce:a6:21:6d:5d:8c:3e:a2:ba:
0b:5a:d9:b4:c3:d4:e5:84:41:5d:69:48:2a:f8:47:
7b:d5:a8:e8:ec:e2:0e:83:99:4f:b8:98:66:08:a2:
f6:95:e7:f6:c1:a9:3a:4c:5b:a5:32:a3:2d:3e:33:
f0:36:8e:85:21:0d:27:88:de:07:1b:56:77:58:cb:
e5:35:98:ea:c5:1c:94:08:f5:78:5c:eb:f1:f5:bb:
ba:29:cb:ec:52:f0:be:07:30:fb:9a:e6:ec:12:64:
1d:46:f4:95:8a:97:aa:d3:b1:3f:e3:49:c6:92:4e:
6b:76:f4:09:68:e2:e5:a6:e5:56:4e:22:29:e0:e2:
4e:15:24:37:df:c2:69:f1:d5:c1:89:fd:0d:d7:42:
7c:da:34:b6:9c:3d:d5:e4:5b:ae:23:63:8e:91:79:
a8:70:8f:93:08:70:63:10:30:51:2d:25:09:82:2c:
da:d6:9a:e3:03:87:96:c6:05:3b:6c:73:70:77:11:
fa:39:23:19:19:e7:bc:c6:53:84:98:85:ee:e6:46:
b4:2a:81:3c:22:ca:24:be:ca:90:6f:07:b3:60:0a:
f5:f9:f0:54:1c:96:24:58:6c:71:5d:5e:43:e5:78:
31:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:A9:95:58:CD:82:F8:D3:F4:16:96:2D:5A:03:B8:52:42:04:86:12
X509v3 Authority Key Identifier:
keyid:13:67:41:BD:9E:87:0F:06:EC:E5:CB:35:5B:8C:75:71:CC:96:BA:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE9D6/9E66F5127A5511EABFBE947AC4F9AE02/E2dBvZ6HDwbs5cs1W4x1ccyWunQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E2dBvZ6HDwbs5cs1W4x1ccyWunQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE9D6/9E66F5127A5511EABFBE947AC4F9AE02/E4EFE6905ECB11ECA9B55A3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.140.143.0/24
IPv6:
2001:df0:c480::/48
Signature Algorithm: sha256WithRSAEncryption
22:2b:32:f0:70:1b:69:9a:67:5f:e0:da:22:e0:cb:2d:3e:9e:
a4:6f:14:cf:21:ed:ef:fb:93:06:1b:08:cf:01:24:a8:39:f3:
df:9d:5d:85:49:80:d6:b9:70:24:66:14:2a:08:70:27:ef:b9:
21:ea:34:bc:ac:0f:55:64:33:e0:47:a2:b6:d7:8f:9a:72:37:
13:87:af:b1:05:4a:8e:38:9a:c6:ab:21:54:2c:33:40:a5:8b:
f6:02:98:94:72:dd:62:b7:84:53:85:a3:41:84:e6:12:fc:b3:
4a:9a:b6:6f:9e:90:84:08:f6:e0:d2:46:b4:d2:21:aa:2e:39:
a1:68:16:80:ec:e5:9a:6c:c1:41:84:0d:38:aa:e2:e4:3e:b9:
5d:c8:b9:55:df:f0:fd:05:5a:84:b9:ca:aa:20:42:07:0d:5f:
15:68:12:38:d2:c1:e9:63:d2:23:2e:42:a0:54:cf:21:0f:58:
04:93:59:43:af:70:6e:60:b2:25:86:b8:76:ed:c0:90:82:fd:
27:62:c0:19:1b:e3:b7:29:90:2d:85:20:7f:99:46:e7:e9:87:
de:7f:98:96:14:d9:ad:d8:c3:e1:cf:e3:84:1d:45:50:40:43:
a1:d6:99:74:62:59:0a:8d:27:96:4e:25:2f:3c:77:f4:3d:94:
de:2b:f7:a1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICCW4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0U5RDYxMTAvBgNVBAUTKDEzNjc0MUJEOUU4NzBGMDZFQ0U1Q0IzNTVCOEM3NTcx
Q0M5NkJBNzQwHhcNMjQwODEyMjAzODQzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJhNzJkMi1jZjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAumLiDtRaHroa8UYIPW4wpKxAjMLOpiFtXYw+oroLWtm0w9TlhEFdaUgq+Ed7
1ajo7OIOg5lPuJhmCKL2lef2wak6TFulMqMtPjPwNo6FIQ0niN4HG1Z3WMvlNZjq
xRyUCPV4XOvx9bu6KcvsUvC+BzD7mubsEmQdRvSVipeq07E/40nGkk5rdvQJaOLl
puVWTiIp4OJOFSQ338Jp8dXBif0N10J82jS2nD3V5FuuI2OOkXmocI+TCHBjEDBR
LSUJgiza1prjA4eWxgU7bHNwdxH6OSMZGee8xlOEmIXu5ka0KoE8IsokvsqQbwez
YAr1+fBUHJYkWGxxXV5D5XgxpQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFH2plVjN
gvjT9BaWLVoDuFJCBIYSMB8GA1UdIwQYMBaAFBNnQb2ehw8G7OXLNVuMdXHMlrp0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTlENi85RTY2RjUxMjdB
NTUxMUVBQkZCRTk0N0FDNEY5QUUwMi9FMmRCdlo2SER3YnM1Y3MxVzR4MWNjeVd1
blEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0UyZEJ2WjZIRHdiczVjczFXNHgxY2N5V3VuUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0U5RDYvOUU2NkY1MTI3QTU1MTFFQUJGQkU5NDdBQzRGOUFFMDIvRTRFRkU2OTA1
RUNCMTFFQ0E5QjU1QTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnjI8wDwQCAAIwCQMHACABDfDEgDANBgkqhkiG9w0BAQsF
AAOCAQEAIisy8HAbaZpnX+DaIuDLLT6epG8UzyHt7/uTBhsIzwEkqDnz351dhUmA
1rlwJGYUKghwJ++5Ieo0vKwPVWQz4EeittePmnI3E4evsQVKjjiaxqshVCwzQKWL
9gKYlHLdYreEU4WjQYTmEvyzSpq2b56QhAj24NJGtNIhqi45oWgWgOzlmmzBQYQN
OKri5D65Xci5Vd/w/QVahLnKqiBCBw1fFWgSONLB6WPSIy5CoFTPIQ9YBJNZQ69w
bmCyJYa4du3AkIL9J2LAGRvjtymQLYUgf5lG5+mH3n+YlhTZrdjD4c/jhB1FUEBD
odaZdGJZCo0nlk4lLzx39D2U3iv3oQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:33:27 2025 by rpki-client