Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/410BAD2095F011EFA9137C67C4F9AE02.roa
File: 410BAD2095F011EFA9137C67C4F9AE02.roa (raw, json)
Hash identifier: SNO/bBZDGGjsIOKkc1Q9a6n7NxtIrWP6e7L/IhWULh8=
Subject key identifier: 6E:75:67:F8:36:B8:A6:F3:27:82:C1:E5:50:EF:FA:FA:07:85:90:8C
Certificate issuer: /CN=A911B5BA/serialNumber=CA8CEF5E1D8C3DA5AC9BAEE5B196EF06609A3959
Certificate serial: 0AB1
Authority key identifier: CA:8C:EF:5E:1D:8C:3D:A5:AC:9B:AE:E5:B1:96:EF:06:60:9A:39:59
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/410BAD2095F011EFA9137C67C4F9AE02.roa
Signing time: Tue 29 Oct 2024 12:30:05 +0000
ROA not before: Tue 29 Oct 2024 12:30:05 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 135564
IP address blocks: 103.66.24.0/23 maxlen: 24
103.125.24.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2737 (0xab1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B5BA
Validity
Not Before: Oct 29 12:30:05 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6720d54d-f374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4e:dd:69:95:e9:ae:53:22:f8:a8:51:98:18:
3c:3c:d5:35:d6:35:7e:c1:c8:d2:87:17:bc:2c:e2:
7c:a3:d5:d8:d9:6f:a3:08:26:b1:8e:23:98:e2:c9:
8b:96:66:c0:f9:fc:f1:d7:8a:0f:92:2d:77:68:b9:
ff:6c:fc:7e:c7:f6:23:e3:5c:39:3f:d9:d5:4c:25:
4d:78:e0:57:7e:1b:e4:e1:c8:b7:99:79:54:3a:d5:
f7:c6:13:4a:d9:75:1a:7d:96:c1:2b:9f:69:bf:a2:
de:6c:b3:47:e4:82:de:e3:30:56:d5:6a:37:61:ce:
b4:2f:e1:e6:9a:8b:e1:06:0c:91:9d:7d:d9:ec:bc:
50:34:1c:18:3d:ff:26:5b:4e:5a:5b:b1:86:33:f6:
e7:fc:a6:66:b8:d1:69:4e:85:a2:24:83:4a:d4:d5:
b3:51:8f:2f:ac:8d:2a:90:1c:07:9a:16:97:14:cc:
9d:aa:70:d1:65:b6:fd:9c:79:d9:58:3c:de:ca:32:
11:4c:38:ac:4b:3a:46:0c:f0:51:6c:2e:6d:aa:28:
88:48:51:34:81:8b:8e:8d:25:50:34:11:04:0d:ad:
f3:8b:9a:40:8a:d8:dd:6c:2c:4e:73:61:59:e7:2b:
c1:be:68:be:3e:26:15:42:f0:3a:6b:4e:59:b5:3d:
e2:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:75:67:F8:36:B8:A6:F3:27:82:C1:E5:50:EF:FA:FA:07:85:90:8C
X509v3 Authority Key Identifier:
keyid:CA:8C:EF:5E:1D:8C:3D:A5:AC:9B:AE:E5:B1:96:EF:06:60:9A:39:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/410BAD2095F011EFA9137C67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.24.0/23
103.125.24.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:4d:53:a6:42:28:03:aa:ad:f0:19:4b:6b:e6:97:86:7d:27:
67:37:8c:4b:1c:af:b0:80:e7:4f:60:10:f9:65:ed:74:fa:47:
4d:64:d6:48:91:c5:c6:0d:2b:4f:06:7f:6a:eb:2a:a4:8c:00:
fd:5b:58:e3:f0:38:30:d1:29:56:fe:43:d3:9e:24:47:8b:a8:
b0:30:3e:d7:18:49:cc:f6:89:97:fc:d7:e7:d3:e7:d5:3d:69:
a6:06:29:72:fe:17:1a:81:ca:7f:57:fe:cb:a9:90:ea:04:d4:
dd:d7:6d:e0:de:5e:71:7d:fb:e5:32:ae:8c:f7:13:84:1e:d8:
84:38:10:2e:4d:3c:9b:2e:0d:7a:20:03:c0:26:79:b7:ee:74:
67:bf:74:b5:a0:fc:89:4a:dc:32:b4:15:4d:c3:df:89:ec:64:
36:6f:e3:99:57:31:7c:fa:11:07:f3:08:1d:f3:f2:cf:3f:0f:
77:71:ff:fa:a3:46:27:25:6c:0a:91:5f:41:13:0e:66:b8:f9:
07:9f:53:68:b2:bf:ed:61:97:90:3d:43:70:66:eb:3e:fd:9c:
25:9b:7c:d1:83:a7:57:fa:37:a1:71:9d:07:8d:c3:0b:8d:2c:
e9:96:c9:65:30:c1:4a:01:5b:23:4c:b0:90:d7:7d:8d:19:ac:
81:6b:73:d0
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCrEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI1QkExMTAvBgNVBAUTKENBOENFRjVFMUQ4QzNEQTVBQzlCQUVFNUIxOTZFRjA2
NjA5QTM5NTkwHhcNMjQxMDI5MTIzMDA1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIwZDU0ZC1mMzc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsU7daZXprlMi+KhRmBg8PNU11jV+wcjShxe8LOJ8o9XY2W+jCCaxjiOY4smL
lmbA+fzx14oPki13aLn/bPx+x/Yj41w5P9nVTCVNeOBXfhvk4ci3mXlUOtX3xhNK
2XUafZbBK59pv6LebLNH5ILe4zBW1Wo3Yc60L+HmmovhBgyRnX3Z7LxQNBwYPf8m
W05aW7GGM/bn/KZmuNFpToWiJINK1NWzUY8vrI0qkBwHmhaXFMydqnDRZbb9nHnZ
WDzeyjIRTDisSzpGDPBRbC5tqiiISFE0gYuOjSVQNBEEDa3zi5pAitjdbCxOc2FZ
5yvBvmi+PiYVQvA6a05ZtT3imQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFG51Z/g2
uKbzJ4LB5VDv+voHhZCMMB8GA1UdIwQYMBaAFMqM714djD2lrJuu5bGW7wZgmjlZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVCQS85M0UyRkIwQzNE
QTMxMUVBQTREQzNBNTlDNEY5QUUwMi95b3p2WGgyTVBhV3NtNjdsc1pidkJtQ2FP
VmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lvenZYaDJNUGFXc202N2xzWmJ2Qm1DYU9Way5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI1QkEvOTNFMkZCMEMzREEzMTFFQUE0REMzQTU5QzRGOUFFMDIvNDEwQkFEMjA5
NUYwMTFFRkE5MTM3QzY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnQhgDBABnfRgwDQYJKoZIhvcNAQELBQADggEBAJ1NU6ZC
KAOqrfAZS2vml4Z9J2c3jEscr7CA509gEPll7XT6R01k1kiRxcYNK08Gf2rrKqSM
AP1bWOPwODDRKVb+Q9OeJEeLqLAwPtcYScz2iZf81+fT59U9aaYGKXL+FxqByn9X
/supkOoE1N3XbeDeXnF9++Uyroz3E4Qe2IQ4EC5NPJsuDXogA8AmebfudGe/dLWg
/IlK3DK0FU3D34nsZDZv45lXMXz6EQfzCB3z8s8/D3dx//qjRiclbAqRX0ETDma4
+QefU2iyv+1hl5A9Q3Bm6z79nCWbfNGDp1f6N6FxnQeNwwuNLOmWyWUwwUoBWyNM
sJDXfY0ZrIFrc9A=
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:58:07 2025 by rpki-client