Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9138B7F/6CDE8998FF4111EB82B31F5DC4F9AE02/C4578F1E511F11EC9FE85554C4F9AE02.roa
File: C4578F1E511F11EC9FE85554C4F9AE02.roa (raw, json)
Hash identifier: ZfWJVAcPAnJChEl3zuAGnqX4xP0CZ6irdKJx8b3iEnw=
Subject key identifier: 00:17:6F:A8:82:B0:A9:D4:62:BC:FF:6C:5A:CA:1D:12:6B:EA:88:B0
Certificate issuer: /CN=A9138B7F/serialNumber=9BE1FB19438390E5170818EAFAF00BB323A00C48
Certificate serial: 01F3
Authority key identifier: 9B:E1:FB:19:43:83:90:E5:17:08:18:EA:FA:F0:0B:B3:23:A0:0C:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m-H7GUODkOUXCBjq-vALsyOgDEg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9138B7F/6CDE8998FF4111EB82B31F5DC4F9AE02/C4578F1E511F11EC9FE85554C4F9AE02.roa
Signing time: Mon 11 Apr 2022 14:53:27 +0000
ROA not before: Mon 11 Apr 2022 14:53:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136600
IP address blocks: 103.91.219.0/24 maxlen: 24
103.95.207.0/24 maxlen: 24
103.101.153.0/24 maxlen: 24
103.107.8.0/24 maxlen: 24
2401:1740::/32 maxlen: 32
2401:1740::/40 maxlen: 40
2401:1740:100::/40 maxlen: 40
2401:1740:1000::/48 maxlen: 48
2401:1740:2000::/48 maxlen: 48
2401:1740:3000::/48 maxlen: 48
2401:1740:8000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 499 (0x1f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9138B7F/serialNumber=9BE1FB19438390E5170818EAFAF00BB323A00C48
Validity
Not Before: Apr 11 14:53:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=625440e7-eb76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:34:8f:1c:58:e9:a8:4b:dc:44:81:3a:fb:6a:
d8:68:9c:bb:03:49:88:8b:5c:7d:1c:4f:93:e7:4a:
da:68:9b:30:40:57:f6:28:cc:97:8d:9e:07:7c:4b:
9a:1b:32:c9:1a:83:70:b5:b1:d6:91:ed:03:e1:b7:
8c:0c:2d:4e:40:67:1d:2b:3a:9a:f0:e1:2a:41:01:
71:53:76:3e:ba:e3:fd:43:0e:86:cf:af:3d:c0:55:
eb:b9:f7:d5:ae:53:dc:23:64:c3:fd:29:3e:c0:23:
41:3c:65:63:d6:f3:64:1c:28:4d:5a:2a:c5:ac:e1:
f1:a4:69:5c:43:90:4b:8e:43:d7:59:f0:2e:4f:a8:
58:1a:b8:02:83:90:d0:0b:ed:58:b6:20:be:ec:aa:
37:4d:56:72:00:93:2c:8b:bd:e5:cf:6b:c5:e8:d7:
90:3e:da:8f:80:ab:9a:14:10:dc:e7:ac:65:3c:02:
0e:a7:40:ba:8b:83:52:c5:f5:61:d9:45:08:e5:49:
9d:46:ae:95:e7:19:94:8e:1d:cc:1e:04:9e:8e:74:
8e:b7:27:4d:51:dd:2e:ba:0a:41:a9:79:6e:9c:af:
e2:ed:2f:c1:5a:7b:01:c7:a9:05:1d:f9:4a:a2:af:
b8:10:f5:fb:63:b0:da:d0:8d:a6:70:5e:73:58:f0:
65:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:17:6F:A8:82:B0:A9:D4:62:BC:FF:6C:5A:CA:1D:12:6B:EA:88:B0
X509v3 Authority Key Identifier:
keyid:9B:E1:FB:19:43:83:90:E5:17:08:18:EA:FA:F0:0B:B3:23:A0:0C:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9138B7F/6CDE8998FF4111EB82B31F5DC4F9AE02/m-H7GUODkOUXCBjq-vALsyOgDEg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m-H7GUODkOUXCBjq-vALsyOgDEg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138B7F/6CDE8998FF4111EB82B31F5DC4F9AE02/C4578F1E511F11EC9FE85554C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.91.219.0/24
103.95.207.0/24
103.101.153.0/24
103.107.8.0/24
IPv6:
2401:1740::/32
Signature Algorithm: sha256WithRSAEncryption
60:be:fc:40:7d:96:05:9d:68:6f:03:8b:6a:2b:b9:94:52:ad:
45:ff:09:ee:de:31:e9:19:3e:da:4f:73:5c:72:4f:8f:06:5d:
14:b7:7b:46:c2:bf:37:71:ef:3e:b8:ff:4c:b8:e3:14:ff:1a:
39:3c:22:cb:dc:2c:4e:78:6f:ae:d7:ed:2d:b0:41:69:f8:63:
e4:bb:fc:9b:c3:53:d8:aa:58:67:c3:56:e6:54:f3:97:53:ae:
e3:fd:52:40:5f:71:58:54:5c:dd:51:c6:1d:7d:39:e3:e5:9a:
60:8f:79:c3:98:b3:eb:d7:2b:7a:ab:38:63:0e:14:97:e1:41:
e3:f7:bb:3b:ba:fd:1c:33:23:75:82:0d:d7:23:48:a4:77:37:
bf:1e:88:50:59:09:10:77:51:a3:c6:22:04:6e:55:1f:d7:33:
76:94:e7:35:16:dd:e3:a0:8a:69:2e:d8:cc:f0:51:8c:0b:9f:
9a:1b:c4:e6:c8:01:5a:87:19:00:df:8b:2f:82:aa:86:b8:8a:
88:02:d5:c2:7c:09:34:93:65:d3:90:0e:31:18:30:4d:24:88:
6d:b0:2f:5a:02:ea:75:fb:14:44:23:66:62:87:a6:7e:97:c4:
e0:b1:cd:6b:c1:2e:cd:9c:ac:ac:a4:29:8b:34:fa:37:dd:5e:
9c:08:07:e8
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAfMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzhCN0YxMTAvBgNVBAUTKDlCRTFGQjE5NDM4MzkwRTUxNzA4MThFQUZBRjAwQkIz
MjNBMDBDNDgwHhcNMjIwNDExMTQ1MzI3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjU0NDBlNy1lYjc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvjSPHFjpqEvcRIE6+2rYaJy7A0mIi1x9HE+T50raaJswQFf2KMyXjZ4HfEua
GzLJGoNwtbHWke0D4beMDC1OQGcdKzqa8OEqQQFxU3Y+uuP9Qw6Gz689wFXruffV
rlPcI2TD/Sk+wCNBPGVj1vNkHChNWirFrOHxpGlcQ5BLjkPXWfAuT6hYGrgCg5DQ
C+1YtiC+7Ko3TVZyAJMsi73lz2vF6NeQPtqPgKuaFBDc56xlPAIOp0C6i4NSxfVh
2UUI5UmdRq6V5xmUjh3MHgSejnSOtydNUd0uugpBqXlunK/i7S/BWnsBx6kFHflK
oq+4EPX7Y7Da0I2mcF5zWPBlFQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFAAXb6iC
sKnUYrz/bFrKHRJr6oiwMB8GA1UdIwQYMBaAFJvh+xlDg5DlFwgY6vrwC7MjoAxI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOEI3Ri82Q0RFODk5OEZG
NDExMUVCODJCMzFGNURDNEY5QUUwMi9tLUg3R1VPRGtPVVhDQmpxLXZBTHN5T2dE
RWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL20tSDdHVU9Ea09VWENCanEtdkFMc3lPZ0RFZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzhCN0YvNkNERTg5OThGRjQxMTFFQjgyQjMxRjVEQzRGOUFFMDIvQzQ1NzhGMUU1
MTFGMTFFQzlGRTg1NTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBABnW9sDBABnX88DBABnZZkDBABnawgwDQQCAAIwBwMFACQB
F0AwDQYJKoZIhvcNAQELBQADggEBAGC+/EB9lgWdaG8Di2oruZRSrUX/Ce7eMekZ
PtpPc1xyT48GXRS3e0bCvzdx7z64/0y44xT/Gjk8IsvcLE54b67X7S2wQWn4Y+S7
/JvDU9iqWGfDVuZU85dTruP9UkBfcVhUXN1Rxh19OePlmmCPecOYs+vXK3qrOGMO
FJfhQeP3uzu6/RwzI3WCDdcjSKR3N78eiFBZCRB3UaPGIgRuVR/XM3aU5zUW3eOg
imku2MzwUYwLn5obxObIAVqHGQDfiy+Cqoa4iogC1cJ8CTSTZdOQDjEYME0kiG2w
L1oC6nX7FEQjZmKHpn6XxOCxzWvBLs2crKykKYs0+jfdXpwIB+g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org