Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8E2C/0FE1ED06A2FB11E9A526A57EC4F9AE02/6C153768CE5511EB9DD80C30C4F9AE02.roa
File: 6C153768CE5511EB9DD80C30C4F9AE02.roa (raw, json)
Hash identifier: 8FSx/7pmWfnqq5buFAKmXuNtb84bNl4hKWrDWfIfWSE=
Subject key identifier: 38:DF:C6:76:DF:E8:21:E1:41:F6:22:75:07:6A:CA:D3:0D:14:A5:D9
Certificate issuer: /CN=A91D8E2C/serialNumber=9690C5D609FCE442C35B9916D563F9F187B68AD4
Certificate serial: 0D88
Authority key identifier: 96:90:C5:D6:09:FC:E4:42:C3:5B:99:16:D5:63:F9:F1:87:B6:8A:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lpDF1gn85ELDW5kW1WP58Ye2itQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D8E2C/0FE1ED06A2FB11E9A526A57EC4F9AE02/6C153768CE5511EB9DD80C30C4F9AE02.roa
Signing time: Wed 12 Jun 2024 19:32:22 +0000
ROA not before: Wed 12 Jun 2024 19:32:22 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 142423
IP address blocks: 103.139.208.0/23 maxlen: 23
103.139.208.0/24 maxlen: 24
103.139.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3464 (0xd88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D8E2C
Validity
Not Before: Jun 12 19:32:22 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6669f7c5-ebf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2b:c2:91:7a:67:4a:76:d7:ae:39:1a:b8:c9:
ee:25:fd:d1:e6:ab:94:0c:c8:f1:c3:a1:44:7d:a8:
71:08:ba:af:5b:53:8f:cd:f0:33:39:55:59:5d:b9:
e4:f6:b8:d2:cb:0c:d4:df:ba:72:52:47:28:98:6a:
a1:40:cc:3a:d8:05:79:47:68:5e:71:f9:e7:6b:b5:
fa:d5:d9:85:81:4c:fc:e6:27:ae:e0:c3:79:85:f2:
67:a3:45:e8:f6:c5:07:6d:01:e5:c1:62:3e:0c:15:
df:50:52:1c:d6:fb:d8:e7:fa:d6:c7:90:61:e3:74:
ac:d3:d0:bd:2c:7a:58:61:21:f3:10:48:b6:c0:e2:
c1:50:9f:8c:5d:b2:b5:66:b2:bc:57:9f:f1:d6:17:
4c:27:13:8d:51:f8:33:7a:86:51:9b:01:44:af:cb:
47:06:4f:06:70:ca:d0:7b:ff:ce:04:44:1e:c5:af:
31:a1:fb:2f:f7:38:0c:6c:a0:89:3d:96:59:20:fb:
3e:c2:7a:0c:3e:27:ca:a4:fa:4b:e4:38:97:1c:51:
1c:bb:a4:ac:5b:55:d0:de:34:3b:c9:32:73:26:25:
0d:d3:5b:9b:5e:36:f7:e7:06:ed:8a:a7:1b:76:2c:
bd:6b:2d:b5:a3:46:92:ac:00:e0:dd:de:e1:7d:bb:
0c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DF:C6:76:DF:E8:21:E1:41:F6:22:75:07:6A:CA:D3:0D:14:A5:D9
X509v3 Authority Key Identifier:
keyid:96:90:C5:D6:09:FC:E4:42:C3:5B:99:16:D5:63:F9:F1:87:B6:8A:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D8E2C/0FE1ED06A2FB11E9A526A57EC4F9AE02/lpDF1gn85ELDW5kW1WP58Ye2itQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lpDF1gn85ELDW5kW1WP58Ye2itQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8E2C/0FE1ED06A2FB11E9A526A57EC4F9AE02/6C153768CE5511EB9DD80C30C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.208.0/23
Signature Algorithm: sha256WithRSAEncryption
09:0a:63:be:46:74:39:22:9e:18:4b:8f:04:b7:bf:ec:5b:08:
82:31:db:26:f9:db:86:34:5d:9f:aa:bf:59:06:83:b7:ed:62:
2b:f6:a7:b3:c9:9f:63:f0:65:3c:c5:c6:c4:01:39:f8:df:96:
5e:c4:1c:f9:05:d3:b9:4c:44:76:53:88:f5:c0:be:3b:dc:64:
f3:a3:94:8f:4a:65:47:41:73:18:d0:fa:b1:18:28:0f:ae:f0:
24:3c:0f:10:97:99:f2:d4:a9:3b:bf:fb:8c:84:e7:ac:b9:73:
d2:e8:39:0b:36:a3:6f:aa:05:fb:29:4b:51:10:87:a3:72:bf:
20:d4:7e:48:47:53:e0:e3:67:b8:06:b1:a4:c5:19:bb:c3:d9:
71:94:c2:49:bc:ad:f8:7b:cc:05:cb:75:2e:a8:38:ba:8c:d9:
43:e6:c3:cc:85:8c:b6:85:e2:89:d0:2c:3f:55:72:26:37:09:
ac:8c:f8:9b:9b:41:db:00:4d:d8:42:0e:15:21:85:6b:93:f1:
9a:e1:8b:11:14:22:07:05:13:3f:49:1c:39:78:2c:0c:9d:1b:
34:f6:e3:aa:cc:95:77:3c:2a:27:1c:8f:9b:13:92:f6:a4:7c:
1e:28:b3:63:4a:b8:70:05:d8:d0:e8:f8:3d:7d:01:d3:ae:fc:
4d:d7:9a:21
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDYgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDhFMkMxMTAvBgNVBAUTKDk2OTBDNUQ2MDlGQ0U0NDJDMzVCOTkxNkQ1NjNGOUYx
ODdCNjhBRDQwHhcNMjQwNjEyMTkzMjIyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjY5ZjdjNS1lYmY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyyvCkXpnSnbXrjkauMnuJf3R5quUDMjxw6FEfahxCLqvW1OPzfAzOVVZXbnk
9rjSywzU37pyUkcomGqhQMw62AV5R2hecfnna7X61dmFgUz85ieu4MN5hfJno0Xo
9sUHbQHlwWI+DBXfUFIc1vvY5/rWx5Bh43Ss09C9LHpYYSHzEEi2wOLBUJ+MXbK1
ZrK8V5/x1hdMJxONUfgzeoZRmwFEr8tHBk8GcMrQe//OBEQexa8xofsv9zgMbKCJ
PZZZIPs+wnoMPifKpPpL5DiXHFEcu6SsW1XQ3jQ7yTJzJiUN01ubXjb35wbtiqcb
diy9ay21o0aSrADg3d7hfbsMsQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDjfxnbf
6CHhQfYidQdqytMNFKXZMB8GA1UdIwQYMBaAFJaQxdYJ/ORCw1uZFtVj+fGHtorU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOEUyQy8wRkUxRUQwNkEy
RkIxMUU5QTUyNkE1N0VDNEY5QUUwMi9scERGMWduODVFTERXNWtXMVdQNThZZTJp
dFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xwREYxZ244NUVMRFc1a1cxV1A1OFllMml0US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDhFMkMvMEZFMUVEMDZBMkZCMTFFOUE1MjZBNTdFQzRGOUFFMDIvNkMxNTM3NjhD
RTU1MTFFQjlERDgwQzMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFni9AwDQYJKoZIhvcNAQELBQADggEBAAkKY75GdDkinhhL
jwS3v+xbCIIx2yb524Y0XZ+qv1kGg7ftYiv2p7PJn2PwZTzFxsQBOfjfll7EHPkF
07lMRHZTiPXAvjvcZPOjlI9KZUdBcxjQ+rEYKA+u8CQ8DxCXmfLUqTu/+4yE56y5
c9LoOQs2o2+qBfspS1EQh6NyvyDUfkhHU+DjZ7gGsaTFGbvD2XGUwkm8rfh7zAXL
dS6oOLqM2UPmw8yFjLaF4onQLD9VciY3CayM+JubQdsATdhCDhUhhWuT8ZrhixEU
IgcFEz9JHDl4LAydGzT246rMlXc8Kiccj5sTkvakfB4os2NKuHAF2NDo+D19AdOu
/E3XmiE=
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:45:28 2025 by rpki-client