Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C651/334F68C8CEEC11EEAE03306CC4F9AE02/E6BD4CAECEEC11EEB0E9E665C4F9AE02.roa
File: E6BD4CAECEEC11EEB0E9E665C4F9AE02.roa (raw, json)
Hash identifier: kxgR+t9G3Yoo6D6Yn73+0inhOBPdrEAQX82yP7J/c8s=
Subject key identifier: 74:AD:7A:46:E5:A4:BC:F6:7F:65:37:DE:F8:E4:C5:27:9C:E3:28:04
Certificate issuer: /CN=A914C651/serialNumber=76D6FA7CF9BF8E415F2F42619B804288763E67A2
Certificate serial: 24
Authority key identifier: 76:D6:FA:7C:F9:BF:8E:41:5F:2F:42:61:9B:80:42:88:76:3E:67:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dtb6fPm_jkFfL0Jhm4BCiHY-Z6I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C651/334F68C8CEEC11EEAE03306CC4F9AE02/E6BD4CAECEEC11EEB0E9E665C4F9AE02.roa
Signing time: Wed 03 Apr 2024 09:10:19 +0000
ROA not before: Wed 03 Apr 2024 09:10:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18013
IP address blocks: 103.149.152.0/24 maxlen: 24
103.149.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36 (0x24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C651
Validity
Not Before: Apr 3 09:10:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660d1cfb-f855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a2:25:9f:48:e6:c5:97:62:f4:fc:fd:88:b1:
2c:a9:d2:51:67:fb:35:89:ab:83:51:c3:b3:17:9f:
94:92:96:85:a3:6c:5e:8c:9c:f6:6b:91:cd:74:0a:
98:05:ab:6f:1f:39:79:39:9f:6f:37:aa:82:de:5d:
b8:0b:eb:17:f5:6d:00:cf:42:99:6f:4e:ad:1b:d0:
91:8c:1d:73:35:ed:e3:75:f1:4f:b9:a0:6d:dc:dd:
6a:62:23:1b:63:d9:ff:3a:7a:5e:2f:4d:f6:82:e9:
8b:39:65:32:37:28:07:a9:e5:2d:9d:bb:27:5e:7f:
2c:fc:2f:03:a0:3f:06:76:0d:74:44:fd:96:bb:d5:
6f:9f:f0:0f:8b:e7:39:8e:87:fc:99:58:22:a9:c9:
8a:ea:87:b8:34:d0:92:38:0b:c2:ac:40:be:01:fd:
40:1f:18:2c:8f:9f:57:44:f1:8d:a0:a0:92:49:73:
b4:54:d7:36:6a:0a:1c:a1:5f:c4:c0:1f:e9:af:fb:
94:25:56:4f:c3:8c:93:6f:2d:48:53:fa:ef:72:89:
9e:66:8f:a2:d0:05:9a:e6:50:df:48:2b:0c:54:91:
fb:69:01:24:ef:b5:a9:27:e2:1a:18:df:f3:92:f1:
2e:41:1f:e5:d6:e8:0c:29:40:32:60:0a:ce:32:04:
01:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:AD:7A:46:E5:A4:BC:F6:7F:65:37:DE:F8:E4:C5:27:9C:E3:28:04
X509v3 Authority Key Identifier:
keyid:76:D6:FA:7C:F9:BF:8E:41:5F:2F:42:61:9B:80:42:88:76:3E:67:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C651/334F68C8CEEC11EEAE03306CC4F9AE02/dtb6fPm_jkFfL0Jhm4BCiHY-Z6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dtb6fPm_jkFfL0Jhm4BCiHY-Z6I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C651/334F68C8CEEC11EEAE03306CC4F9AE02/E6BD4CAECEEC11EEB0E9E665C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.152.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:f3:f9:68:4c:bc:0e:0c:da:ad:41:ab:dd:21:ea:db:76:d9:
34:79:94:d0:b6:ab:56:a0:ef:01:6e:ab:28:7d:24:45:a9:de:
c9:9c:dc:59:be:88:d6:f0:e5:31:29:60:a3:52:9a:7b:56:51:
ca:ad:8b:19:9a:6e:52:ad:f5:f0:e1:c5:48:12:26:40:9b:8e:
6e:02:d7:f1:89:7b:fc:6e:cb:a5:d6:b7:49:8d:91:ff:18:0e:
b1:f8:03:d8:c1:4e:e5:e4:fd:67:c1:17:09:b7:af:30:da:97:
d8:26:85:fc:0c:91:86:89:28:b1:88:37:12:bc:3d:53:7b:c4:
0d:ea:c7:16:88:13:96:cf:07:a2:f7:aa:db:ff:f8:1e:6e:e4:
9f:0f:45:85:03:ee:ff:10:d7:b3:8f:5b:82:8b:6f:ca:2c:a9:
c1:5f:de:78:3f:87:6c:c8:31:65:a3:6d:b8:ba:3d:70:58:08:
46:76:af:d2:27:db:8d:a2:49:f5:86:49:d7:b5:5b:7b:5f:89:
0a:4a:0e:04:03:8d:ba:c0:9c:de:ed:42:85:e7:13:e6:37:9e:
26:f6:df:bf:5a:5c:e8:0b:06:7a:41:8f:78:98:ab:23:8d:c0:
24:4e:d7:50:e6:08:5e:b2:ad:f4:91:a7:51:78:ca:0b:a9:fc:
76:f2:fa:41
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBJDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
QzY1MTExMC8GA1UEBRMoNzZENkZBN0NGOUJGOEU0MTVGMkY0MjYxOUI4MDQyODg3
NjNFNjdBMjAeFw0yNDA0MDMwOTEwMTlaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MGQxY2ZiLWY4NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDVoiWfSObFl2L0/P2IsSyp0lFn+zWJq4NRw7MXn5SSloWjbF6MnPZrkc10CpgF
q28fOXk5n283qoLeXbgL6xf1bQDPQplvTq0b0JGMHXM17eN18U+5oG3c3WpiIxtj
2f86el4vTfaC6Ys5ZTI3KAep5S2duydefyz8LwOgPwZ2DXRE/Za71W+f8A+L5zmO
h/yZWCKpyYrqh7g00JI4C8KsQL4B/UAfGCyPn1dE8Y2goJJJc7RU1zZqChyhX8TA
H+mv+5QlVk/DjJNvLUhT+u9yiZ5mj6LQBZrmUN9IKwxUkftpASTvtakn4hoY3/OS
8S5BH+XW6AwpQDJgCs4yBAGfAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUdK16RuWk
vPZ/ZTfe+OTFJ5zjKAQwHwYDVR0jBBgwFoAUdtb6fPm/jkFfL0Jhm4BCiHY+Z6Iw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRDNjUxLzMzNEY2OEM4Q0VF
QzExRUVBRTAzMzA2Q0M0RjlBRTAyL2R0YjZmUG1famtGZkwwSmhtNEJDaUhZLVo2
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZHRiNmZQbV9qa0ZmTDBKaG00QkNpSFktWjZJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QzY1MS8zMzRGNjhDOENFRUMxMUVFQUUwMzMwNkNDNEY5QUUwMi9FNkJENENBRUNF
RUMxMUVFQjBFOUU2NjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeVmDANBgkqhkiG9w0BAQsFAAOCAQEAL/P5aEy8DgzarUGr
3SHq23bZNHmU0LarVqDvAW6rKH0kRaneyZzcWb6I1vDlMSlgo1Kae1ZRyq2LGZpu
Uq318OHFSBImQJuObgLX8Yl7/G7Lpda3SY2R/xgOsfgD2MFO5eT9Z8EXCbevMNqX
2CaF/AyRhokosYg3Erw9U3vEDerHFogTls8Hoveq2//4Hm7knw9FhQPu/xDXs49b
gotvyiypwV/eeD+HbMgxZaNtuLo9cFgIRnav0ifbjaJJ9YZJ17Vbe1+JCkoOBAON
usCc3u1ChecT5jeeJvbfv1pc6AsGekGPeJirI43AJE7XUOYIXrKt9JGnUXjKC6n8
dvL6QQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:18:07 2025 by rpki-client