Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9197277/4CE0EB36B56011EE911C5D4FC4F9AE02/2EE29686B57211EEBB68526DC4F9AE02.roa
File: 2EE29686B57211EEBB68526DC4F9AE02.roa (raw, json)
Hash identifier: JCKTG/uGuE6bAyhKcdPF71ubLISvfvNNmkpZXq6eh6M=
Subject key identifier: 85:7B:42:2A:44:2E:D9:1C:BB:44:45:EF:C1:5B:38:32:28:DF:88:E6
Certificate issuer: /CN=A9197277/serialNumber=7AE9D5AC5B3D06725951C1DDA544EFD2B8EF6EEB
Certificate serial: 66
Authority key identifier: 7A:E9:D5:AC:5B:3D:06:72:59:51:C1:DD:A5:44:EF:D2:B8:EF:6E:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eunVrFs9BnJZUcHdpUTv0rjvbus.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9197277/4CE0EB36B56011EE911C5D4FC4F9AE02/2EE29686B57211EEBB68526DC4F9AE02.roa
Signing time: Sat 27 Jul 2024 06:56:54 +0000
ROA not before: Sat 27 Jul 2024 06:56:54 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 6461
IP address blocks: 103.139.130.0/23 maxlen: 23
2001:df0:7c80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102 (0x66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9197277
Validity
Not Before: Jul 27 06:56:54 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66a49a35-2d24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:03:0a:e9:b8:cc:8a:7b:70:65:92:da:2a:db:
31:51:12:5f:a5:9b:79:f1:6b:c0:a5:7b:7a:71:ee:
dc:8c:b8:74:1e:c3:7a:63:d3:37:74:be:55:2c:73:
0a:7c:f8:5c:91:77:f9:78:f0:17:da:ac:16:52:a1:
0d:6e:8a:56:d4:05:05:3e:e5:1c:56:c9:ba:3c:ab:
79:8a:08:96:cf:6d:d2:2b:62:72:bd:3f:06:0f:b7:
c5:9e:9c:08:69:fb:9d:b4:e1:ff:d7:1c:66:7a:e5:
51:1d:3a:d6:89:31:b0:1d:9a:3b:e1:cf:85:4e:c3:
27:99:71:cc:de:25:2b:08:3b:f2:ed:82:8a:62:88:
12:eb:37:94:85:d1:2e:88:f3:92:22:66:b0:95:08:
3f:34:34:76:36:c2:a5:5a:6d:7d:30:62:3b:3f:81:
49:0a:7c:08:e5:37:6c:14:e6:b6:74:ec:62:12:40:
04:74:c6:b6:c6:c7:4c:5b:d4:3e:8c:eb:9f:05:7c:
98:0c:76:e3:54:e7:d3:bc:a2:b8:af:ff:21:09:e0:
dd:cb:1f:04:02:e1:2a:0f:2e:77:70:7d:cc:08:3d:
03:80:8c:04:c5:c5:64:a6:6e:46:76:98:a0:a4:93:
28:2b:6a:ea:b7:bb:fa:0e:e4:43:a4:dd:b1:f0:2f:
62:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:7B:42:2A:44:2E:D9:1C:BB:44:45:EF:C1:5B:38:32:28:DF:88:E6
X509v3 Authority Key Identifier:
keyid:7A:E9:D5:AC:5B:3D:06:72:59:51:C1:DD:A5:44:EF:D2:B8:EF:6E:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9197277/4CE0EB36B56011EE911C5D4FC4F9AE02/eunVrFs9BnJZUcHdpUTv0rjvbus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eunVrFs9BnJZUcHdpUTv0rjvbus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197277/4CE0EB36B56011EE911C5D4FC4F9AE02/2EE29686B57211EEBB68526DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.130.0/23
IPv6:
2001:df0:7c80::/48
Signature Algorithm: sha256WithRSAEncryption
a0:a4:ae:2b:05:52:72:e0:3c:c5:15:b0:33:0b:f1:2f:5f:81:
19:01:27:f3:7e:10:8b:c9:f9:f8:91:f4:06:ac:07:87:86:5a:
45:50:a5:69:8a:4f:ea:59:e4:c9:6f:12:95:10:1a:61:50:28:
c0:44:cd:e2:00:77:b4:0a:f5:d7:db:b9:3a:18:93:40:1b:9c:
b7:53:c6:ca:bd:bc:ee:29:b6:61:0d:c0:ec:8c:86:e5:39:a1:
01:89:ee:81:bc:8a:d8:0c:4c:11:fb:74:28:fe:b2:a4:25:ce:
f5:81:24:07:2d:5c:a1:ef:5c:f3:14:3e:df:91:34:6d:81:23:
f4:8d:dc:df:91:12:69:52:50:3c:bc:33:b2:65:e5:56:1e:0d:
dc:72:ec:9f:e4:06:55:43:f9:05:0a:ec:1d:1f:16:f6:87:1e:
bc:5a:06:f3:d1:6b:b9:c9:8b:49:4c:4a:8c:fb:cd:21:3a:56:
a6:75:36:61:a8:32:37:e4:0c:bd:08:f3:7d:d1:32:4c:e8:1a:
bb:68:6a:30:b7:99:24:96:ed:a3:14:7a:c4:06:2f:48:b7:94:
f6:f8:c4:1d:fe:d9:01:83:92:b3:50:43:f0:59:21:c7:ed:86:
fd:9f:73:2d:5f:b9:32:9f:cf:13:a6:de:0c:e5:98:a2:ae:16:
2f:71:cc:f1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBZjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NzI3NzExMC8GA1UEBRMoN0FFOUQ1QUM1QjNEMDY3MjU5NTFDMUREQTU0NEVGRDJC
OEVGNkVFQjAeFw0yNDA3MjcwNjU2NTRaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YTQ5YTM1LTJkMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDmAwrpuMyKe3Blktoq2zFREl+lm3nxa8Cle3px7tyMuHQew3pj0zd0vlUscwp8
+FyRd/l48BfarBZSoQ1uilbUBQU+5RxWybo8q3mKCJbPbdIrYnK9PwYPt8WenAhp
+5204f/XHGZ65VEdOtaJMbAdmjvhz4VOwyeZcczeJSsIO/LtgopiiBLrN5SF0S6I
85IiZrCVCD80NHY2wqVabX0wYjs/gUkKfAjlN2wU5rZ07GISQAR0xrbGx0xb1D6M
658FfJgMduNU59O8oriv/yEJ4N3LHwQC4SoPLndwfcwIPQOAjATFxWSmbkZ2mKCk
kygrauq3u/oO5EOk3bHwL2KxAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUhXtCKkQu
2Ry7REXvwVs4MijfiOYwHwYDVR0jBBgwFoAUeunVrFs9BnJZUcHdpUTv0rjvbusw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk3Mjc3LzRDRTBFQjM2QjU2
MDExRUU5MTFDNUQ0RkM0RjlBRTAyL2V1blZyRnM5Qm5KWlVjSGRwVVR2MHJqdmJ1
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZXVuVnJGczlCbkpaVWNIZHBVVHYwcmp2YnVzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NzI3Ny80Q0UwRUIzNkI1NjAxMUVFOTExQzVENEZDNEY5QUUwMi8yRUUyOTY4NkI1
NzIxMUVFQkI2ODUyNkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWeLgjAPBAIAAjAJAwcAIAEN8HyAMA0GCSqGSIb3DQEBCwUA
A4IBAQCgpK4rBVJy4DzFFbAzC/EvX4EZASfzfhCLyfn4kfQGrAeHhlpFUKVpik/q
WeTJbxKVEBphUCjARM3iAHe0CvXX27k6GJNAG5y3U8bKvbzuKbZhDcDsjIblOaEB
ie6BvIrYDEwR+3Qo/rKkJc71gSQHLVyh71zzFD7fkTRtgSP0jdzfkRJpUlA8vDOy
ZeVWHg3ccuyf5AZVQ/kFCuwdHxb2hx68Wgbz0Wu5yYtJTEqM+80hOlamdTZhqDI3
5Ay9CPN90TJM6Bq7aGowt5kklu2jFHrEBi9It5T2+MQd/tkBg5KzUEPwWSHH7Yb9
n3MtX7kyn88Tpt4M5ZiirhYvcczx
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:39:55 2025 by rpki-client