Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2456/458009AC2CBF11EC91C4E016C4F9AE02/0180A79E2D3611EC9886BD35C4F9AE02.roa
File: 0180A79E2D3611EC9886BD35C4F9AE02.roa (raw, json)
Hash identifier: 9ReEnOqs9HpSGjRud2ToimqYVlISiL6C0+JWalZeR9g=
Subject key identifier: 16:7F:2B:0A:37:F5:CC:66:FB:AB:0E:84:D1:A0:0B:77:DE:A1:DE:C8
Certificate issuer: /CN=A91B2456/serialNumber=5D92576D45D27F3D15535499D40CC97E4293A968
Certificate serial: 03B3
Authority key identifier: 5D:92:57:6D:45:D2:7F:3D:15:53:54:99:D4:0C:C9:7E:42:93:A9:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XZJXbUXSfz0VU1SZ1AzJfkKTqWg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B2456/458009AC2CBF11EC91C4E016C4F9AE02/0180A79E2D3611EC9886BD35C4F9AE02.roa
Signing time: Mon 01 Jan 2024 02:03:59 +0000
ROA not before: Mon 01 Jan 2024 02:03:59 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 147305
IP address blocks: 103.174.156.0/24 maxlen: 24
103.174.157.0/24 maxlen: 24
2400:1420:1000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 947 (0x3b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B2456/serialNumber=5D92576D45D27F3D15535499D40CC97E4293A968
Validity
Not Before: Jan 1 02:03:59 2024 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=65921d8e-f76e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4c:4d:6b:40:68:86:91:8d:6b:7d:ba:3c:41:
6b:38:2d:5b:da:26:c8:bf:b5:1e:1a:19:6b:bc:9b:
72:66:b3:82:cc:4f:54:6d:80:b9:e6:eb:37:65:04:
18:ed:f0:66:c1:40:66:35:a4:52:32:f1:49:0f:8c:
de:48:18:9b:85:db:b3:11:a3:e6:3c:2d:e9:fc:87:
f5:a5:a4:81:d2:3c:ff:7a:91:37:a6:41:0e:c8:ba:
6f:00:10:97:e5:95:5f:64:86:2f:9c:59:d7:2f:53:
f6:bc:27:3a:7d:68:b2:73:93:81:3a:09:f8:7c:fa:
14:59:19:89:c3:12:42:18:25:e6:3f:de:45:31:ce:
89:da:0e:5b:f3:ae:89:bc:8b:6d:aa:5c:90:6b:49:
17:3b:5d:6f:9a:08:4f:52:6f:b5:bb:c5:44:c6:36:
71:f2:a5:1c:59:64:54:3a:9a:42:88:33:58:69:91:
8f:19:90:48:bb:ed:cb:79:93:36:69:f0:77:a9:56:
ae:4c:3e:53:f8:a6:d3:ce:09:57:55:12:ba:de:58:
8c:fa:89:ed:09:bf:39:ff:b2:81:df:59:2f:72:39:
fb:c9:2e:a8:78:34:e5:75:46:35:b7:8c:ee:49:d9:
eb:4c:f5:7c:6a:eb:94:24:c9:f7:b8:80:22:87:f2:
13:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7F:2B:0A:37:F5:CC:66:FB:AB:0E:84:D1:A0:0B:77:DE:A1:DE:C8
X509v3 Authority Key Identifier:
keyid:5D:92:57:6D:45:D2:7F:3D:15:53:54:99:D4:0C:C9:7E:42:93:A9:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B2456/458009AC2CBF11EC91C4E016C4F9AE02/XZJXbUXSfz0VU1SZ1AzJfkKTqWg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XZJXbUXSfz0VU1SZ1AzJfkKTqWg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2456/458009AC2CBF11EC91C4E016C4F9AE02/0180A79E2D3611EC9886BD35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.156.0/23
IPv6:
2400:1420:1000::/36
Signature Algorithm: sha256WithRSAEncryption
80:48:2f:6a:a4:9a:b8:00:fd:6a:ff:88:25:e2:6d:fe:82:08:
eb:dc:5f:1b:ea:b4:00:cf:db:11:a0:bc:55:0f:0e:45:42:86:
88:e1:8e:39:dd:df:20:ff:96:02:37:7a:71:60:ec:58:33:0b:
5c:43:56:e7:66:7e:f0:be:77:aa:30:9d:04:a0:44:20:d2:1a:
b6:12:36:a3:12:4e:cc:99:f2:aa:96:fa:fd:23:cc:5f:e5:eb:
56:52:2d:e0:45:e6:86:a4:5c:73:be:cd:44:1f:fa:fa:85:4a:
c6:fa:fc:10:f6:74:9b:25:f7:8d:83:9f:b2:ce:31:b3:d2:f3:
c6:d5:95:39:ef:1e:af:27:fd:69:6c:27:9b:af:f2:02:a6:cb:
43:40:8e:53:8f:7c:58:39:ef:71:0e:b5:ba:95:b7:a9:ed:ce:
1b:f1:e9:b7:73:82:74:16:77:9f:ff:fd:25:ff:8e:fc:4e:84:
89:a8:c9:fd:0e:ef:85:a5:ba:d7:dd:46:72:63:f9:ff:d5:40:
21:6f:7c:6f:29:d6:ac:3c:0c:ae:2b:87:c0:47:03:60:72:c8:
89:77:1e:53:76:7a:9e:38:5b:44:12:3f:88:6a:94:71:23:63:
90:09:8f:0c:ac:4c:31:67:ff:8f:60:38:8c:48:11:5d:02:5d:
e8:ca:eb:c2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICA7MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjI0NTYxMTAvBgNVBAUTKDVEOTI1NzZENDVEMjdGM0QxNTUzNTQ5OUQ0MENDOTdF
NDI5M0E5NjgwHhcNMjQwMTAxMDIwMzU5WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTkyMWQ4ZS1mNzZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3kxNa0BohpGNa326PEFrOC1b2ibIv7UeGhlrvJtyZrOCzE9UbYC55us3ZQQY
7fBmwUBmNaRSMvFJD4zeSBibhduzEaPmPC3p/If1paSB0jz/epE3pkEOyLpvABCX
5ZVfZIYvnFnXL1P2vCc6fWiyc5OBOgn4fPoUWRmJwxJCGCXmP95FMc6J2g5b866J
vIttqlyQa0kXO11vmghPUm+1u8VExjZx8qUcWWRUOppCiDNYaZGPGZBIu+3LeZM2
afB3qVauTD5T+KbTzglXVRK63liM+ontCb85/7KB31kvcjn7yS6oeDTldUY1t4zu
SdnrTPV8auuUJMn3uIAih/ITGQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBZ/Kwo3
9cxm+6sOhNGgC3feod7IMB8GA1UdIwQYMBaAFF2SV21F0n89FVNUmdQMyX5Ck6lo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjQ1Ni80NTgwMDlBQzJD
QkYxMUVDOTFDNEUwMTZDNEY5QUUwMi9YWkpYYlVYU2Z6MFZVMVNaMUF6SmZrS1Rx
V2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1haSlhiVVhTZnowVlUxU1oxQXpKZmtLVHFXZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjI0NTYvNDU4MDA5QUMyQ0JGMTFFQzkxQzRFMDE2QzRGOUFFMDIvMDE4MEE3OUUy
RDM2MTFFQzk4ODZCRDM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBAFnrpwwDgQCAAIwCAMGBCQAFCAQMA0GCSqGSIb3DQEBCwUA
A4IBAQCASC9qpJq4AP1q/4gl4m3+ggjr3F8b6rQAz9sRoLxVDw5FQoaI4Y453d8g
/5YCN3pxYOxYMwtcQ1bnZn7wvneqMJ0EoEQg0hq2EjajEk7MmfKqlvr9I8xf5etW
Ui3gReaGpFxzvs1EH/r6hUrG+vwQ9nSbJfeNg5+yzjGz0vPG1ZU57x6vJ/1pbCeb
r/ICpstDQI5Tj3xYOe9xDrW6lbep7c4b8em3c4J0Fnef//0l/478ToSJqMn9Du+F
pbrX3UZyY/n/1UAhb3xvKdasPAyuK4fARwNgcsiJdx5TdnqeOFtEEj+IapRxI2OQ
CY8MrEwxZ/+PYDiMSBFdAl3oyuvC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org