Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919610F/0420E6C8EA8B11EB8F82B540C4F9AE02/D6536448EA8D11EBAC8C0747C4F9AE02.roa
File: D6536448EA8D11EBAC8C0747C4F9AE02.roa (raw, json)
Hash identifier: 9NDPQAAJi9F3/fcT5q4pSPI8MTpeGGhpA9fI73K323E=
Subject key identifier: A8:D5:ED:EB:EE:EF:4D:BF:33:63:58:04:40:57:47:3A:17:EF:8D:D2
Certificate issuer: /CN=A919610F/serialNumber=2E03418E5D1EAC814A2DD563E443CDC133AFE8BC
Certificate serial: 0452
Authority key identifier: 2E:03:41:8E:5D:1E:AC:81:4A:2D:D5:63:E4:43:CD:C1:33:AF:E8:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LgNBjl0erIFKLdVj5EPNwTOv6Lw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919610F/0420E6C8EA8B11EB8F82B540C4F9AE02/D6536448EA8D11EBAC8C0747C4F9AE02.roa
Signing time: Fri 29 Dec 2023 01:03:14 +0000
ROA not before: Fri 29 Dec 2023 01:03:14 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 137254
IP address blocks: 103.106.24.0/24 maxlen: 24
103.106.25.0/24 maxlen: 24
103.106.26.0/24 maxlen: 24
103.106.27.0/24 maxlen: 24
2402:3840::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1106 (0x452)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919610F/serialNumber=2E03418E5D1EAC814A2DD563E443CDC133AFE8BC
Validity
Not Before: Dec 29 01:03:14 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=658e1ad2-580f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d5:d9:d9:38:b3:f1:00:9c:e3:3c:62:2f:63:
70:3a:34:a0:58:4e:c8:15:e2:de:91:5f:f4:9b:7f:
42:f8:45:35:e8:91:a0:3c:94:33:85:1f:f2:a2:24:
9d:f5:78:80:47:6f:cc:29:36:71:48:9e:dd:04:d0:
1d:ae:7b:45:32:e7:18:ee:d3:08:6e:07:10:01:5a:
b2:b4:62:11:9a:c2:8a:1b:4e:f7:91:0e:18:3a:3e:
5d:8d:2a:78:3d:f3:5f:29:34:f7:99:fa:4c:13:c9:
01:94:94:e3:59:c9:04:db:12:10:be:43:fa:42:ed:
b3:20:9c:16:a5:bf:73:33:4f:50:bc:89:6e:4a:f1:
d2:c2:f7:ee:39:d9:7d:aa:17:25:dc:ce:7b:48:f8:
ca:d5:76:90:1d:6f:78:b0:18:3a:b0:c2:56:38:4e:
74:02:b8:3b:4f:21:88:23:5e:b0:b1:e8:22:6a:1e:
37:da:93:f0:56:ed:b4:bb:64:40:bb:cf:c4:49:40:
3a:70:8e:bc:3a:14:a3:1c:3f:8c:2f:f7:01:96:ad:
d8:f2:aa:d5:09:4d:a1:53:44:f4:9f:29:2d:d8:39:
3c:a4:42:d8:57:75:a7:32:f3:bc:b8:38:99:88:33:
11:58:21:7e:fa:8b:e4:27:12:7d:19:ff:28:17:96:
1d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:D5:ED:EB:EE:EF:4D:BF:33:63:58:04:40:57:47:3A:17:EF:8D:D2
X509v3 Authority Key Identifier:
keyid:2E:03:41:8E:5D:1E:AC:81:4A:2D:D5:63:E4:43:CD:C1:33:AF:E8:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919610F/0420E6C8EA8B11EB8F82B540C4F9AE02/LgNBjl0erIFKLdVj5EPNwTOv6Lw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LgNBjl0erIFKLdVj5EPNwTOv6Lw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919610F/0420E6C8EA8B11EB8F82B540C4F9AE02/D6536448EA8D11EBAC8C0747C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.24.0/22
IPv6:
2402:3840::/32
Signature Algorithm: sha256WithRSAEncryption
9f:fd:8c:1f:ae:18:79:f8:45:fb:d9:f2:d3:9a:77:9f:d3:0c:
22:ea:07:3e:ee:3f:78:6f:29:9b:f3:6c:97:7b:ef:d2:fb:1f:
6e:0a:43:74:ca:09:74:2c:c1:1b:8b:b0:91:88:b9:3a:3d:8c:
22:87:5d:9a:17:8f:2e:cf:7f:09:1a:53:01:3d:9b:c9:b1:67:
9a:8b:5d:ac:0c:54:64:5b:24:66:e2:4f:3e:04:5e:47:cd:39:
2c:bf:07:d3:25:7e:ca:e9:7b:fe:4d:8c:5c:41:67:a2:00:52:
2b:cf:7d:4c:72:54:5c:e2:77:79:ac:ce:f4:44:09:b6:17:0e:
94:27:71:5e:51:70:14:38:98:ce:cf:52:68:65:a8:26:01:d2:
aa:7f:da:85:fd:6b:03:19:41:ca:2d:79:18:2a:fb:e2:b3:ea:
02:ba:63:5c:cf:04:ab:ee:0c:15:9a:d2:c6:4a:9a:d5:81:bc:
66:9d:18:0a:08:69:72:9c:66:6f:5c:83:d2:9a:fd:de:bd:d1:
cd:d3:bd:ba:25:11:67:b1:1f:b1:64:41:db:92:0b:d4:c5:a3:
43:94:4b:7a:4d:3e:22:6f:56:5d:f9:8d:af:7e:01:1d:89:e0:
12:c7:61:cf:7d:53:4a:08:9f:c3:d0:80:f7:c6:e4:f8:20:77:
42:45:ad:16
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTYxMEYxMTAvBgNVBAUTKDJFMDM0MThFNUQxRUFDODE0QTJERDU2M0U0NDNDREMx
MzNBRkU4QkMwHhcNMjMxMjI5MDEwMzE0WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThlMWFkMi01ODBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAudXZ2Tiz8QCc4zxiL2NwOjSgWE7IFeLekV/0m39C+EU16JGgPJQzhR/yoiSd
9XiAR2/MKTZxSJ7dBNAdrntFMucY7tMIbgcQAVqytGIRmsKKG073kQ4YOj5djSp4
PfNfKTT3mfpME8kBlJTjWckE2xIQvkP6Qu2zIJwWpb9zM09QvIluSvHSwvfuOdl9
qhcl3M57SPjK1XaQHW94sBg6sMJWOE50Arg7TyGII16wsegiah432pPwVu20u2RA
u8/ESUA6cI68OhSjHD+ML/cBlq3Y8qrVCU2hU0T0nykt2Dk8pELYV3WnMvO8uDiZ
iDMRWCF++ovkJxJ9Gf8oF5YduQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFKjV7evu
702/M2NYBEBXRzoX743SMB8GA1UdIwQYMBaAFC4DQY5dHqyBSi3VY+RDzcEzr+i8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NjEwRi8wNDIwRTZDOEVB
OEIxMUVCOEY4MkI1NDBDNEY5QUUwMi9MZ05CamwwZXJJRktMZFZqNUVQTndUT3Y2
THcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xnTkJqbDBlcklGS0xkVmo1RVBOd1RPdjZMdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTYxMEYvMDQyMEU2QzhFQThCMTFFQjhGODJCNTQwQzRGOUFFMDIvRDY1MzY0NDhF
QThEMTFFQkFDOEMwNzQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnahgwDQQCAAIwBwMFACQCOEAwDQYJKoZIhvcNAQELBQAD
ggEBAJ/9jB+uGHn4RfvZ8tOad5/TDCLqBz7uP3hvKZvzbJd779L7H24KQ3TKCXQs
wRuLsJGIuTo9jCKHXZoXjy7PfwkaUwE9m8mxZ5qLXawMVGRbJGbiTz4EXkfNOSy/
B9Mlfsrpe/5NjFxBZ6IAUivPfUxyVFzid3mszvRECbYXDpQncV5RcBQ4mM7PUmhl
qCYB0qp/2oX9awMZQcoteRgq++Kz6gK6Y1zPBKvuDBWa0sZKmtWBvGadGAoIaXKc
Zm9cg9Ka/d690c3TvbolEWexH7FkQduSC9TFo0OUS3pNPiJvVl35ja9+AR2J4BLH
Yc99U0oIn8PQgPfG5Pggd0JFrRY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:35:10 2024 by rpki-client on console-ams.rpki-client.org