Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA53D/07E1AF3EAD7511EBAA47F534C4F9AE02/40CB2F90AD7611EB9E092735C4F9AE02.roa
File: 40CB2F90AD7611EB9E092735C4F9AE02.roa (raw, json)
Hash identifier: IDOhc6YkhSWRIevuCdfqyEg8BdAgUM448YhDNIaTSRY=
Subject key identifier: 0F:48:23:E4:B6:76:6B:08:4E:43:6E:F3:4C:DD:BB:7E:95:51:6C:48
Certificate issuer: /CN=A91EA53D/serialNumber=CBEF64A5B264675ABDFCABB042DA14877FA0191E
Certificate serial: 02
Authority key identifier: CB:EF:64:A5:B2:64:67:5A:BD:FC:AB:B0:42:DA:14:87:7F:A0:19:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-9kpbJkZ1q9_KuwQtoUh3-gGR4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA53D/07E1AF3EAD7511EBAA47F534C4F9AE02/40CB2F90AD7611EB9E092735C4F9AE02.roa
Signing time: Wed 05 May 2021 07:48:17 +0000
ROA not before: Wed 05 May 2021 07:48:17 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 140242
IP address blocks: 103.149.103.0/24 maxlen: 24
103.154.51.0/24 maxlen: 24
2001:df3:2080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA53D/serialNumber=CBEF64A5B264675ABDFCABB042DA14877FA0191E
Validity
Not Before: May 5 07:48:17 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=60924dc1-f218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:35:b3:92:7c:c3:a1:fe:81:b2:a7:81:7f:e4:
cc:70:52:e1:c8:71:f4:60:e2:d4:30:d1:10:f9:81:
cf:4d:98:ed:34:d9:3b:e0:d2:e7:a9:d8:60:6c:97:
ed:86:23:61:bd:b8:c6:8b:f4:1d:4b:56:66:ef:1d:
8e:4b:52:b2:62:58:da:03:4b:82:ec:c1:82:38:16:
7d:f2:37:5d:6f:a1:e8:8e:14:a5:de:5c:1f:3f:9c:
60:70:86:78:75:93:c3:e9:5a:fe:34:4e:ad:34:94:
ab:34:ca:fe:d4:33:f5:c2:23:5f:0e:76:fe:8c:e9:
1d:3e:9c:75:d5:fe:42:de:fa:2a:89:d2:dc:3f:94:
d3:31:75:be:0b:64:74:9a:91:5d:28:7e:07:bf:0a:
ee:66:a7:e0:e6:ba:e5:fe:84:af:29:be:f8:68:56:
02:42:1c:89:42:c4:c7:6a:b8:ba:0c:b6:9c:11:0e:
f1:3c:ff:f0:ed:a7:33:d9:1d:d7:dc:63:5f:c0:35:
78:60:5e:e8:90:30:ef:7e:63:f1:5c:9a:85:16:db:
96:30:9a:97:cf:19:3c:0d:58:eb:b0:cf:cd:fe:99:
56:b0:a1:40:8b:7d:c3:78:c2:30:97:68:64:11:cd:
e9:74:d2:0d:2f:da:bf:10:f2:aa:4b:36:04:81:a3:
91:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:48:23:E4:B6:76:6B:08:4E:43:6E:F3:4C:DD:BB:7E:95:51:6C:48
X509v3 Authority Key Identifier:
keyid:CB:EF:64:A5:B2:64:67:5A:BD:FC:AB:B0:42:DA:14:87:7F:A0:19:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA53D/07E1AF3EAD7511EBAA47F534C4F9AE02/y-9kpbJkZ1q9_KuwQtoUh3-gGR4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-9kpbJkZ1q9_KuwQtoUh3-gGR4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA53D/07E1AF3EAD7511EBAA47F534C4F9AE02/40CB2F90AD7611EB9E092735C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.103.0/24
103.154.51.0/24
IPv6:
2001:df3:2080::/48
Signature Algorithm: sha256WithRSAEncryption
82:87:3b:f1:9a:00:bb:ea:c0:a8:be:02:5a:e6:1f:35:9f:9c:
c0:e1:2f:01:74:b2:1f:5a:ec:f7:4b:90:b6:eb:e0:04:4c:93:
14:8a:93:79:fa:d2:a8:f6:c4:ea:bb:1d:f1:16:88:e1:47:fe:
51:21:a4:61:77:00:21:87:ac:cc:16:0e:0b:53:0b:ca:64:b0:
dc:43:1e:0d:9f:93:d0:c7:ae:2e:88:cd:e3:ef:6e:e8:b8:7c:
56:10:af:b3:7c:19:5e:79:89:59:38:ce:ff:15:55:a6:15:0f:
2b:d7:02:9d:d4:79:c1:4b:ab:84:5a:01:0a:dc:6f:e3:3b:77:
70:d5:af:bc:57:86:94:01:84:50:0c:20:b6:9d:4e:50:36:74:
20:bc:64:75:5d:92:4a:cb:26:11:20:f1:4e:19:f6:c8:57:6d:
f1:06:a5:c7:f1:0e:2d:7c:d5:15:d5:e0:41:74:50:f8:58:79:
c5:bc:7e:5b:71:88:cf:f5:1e:60:f2:03:a7:ba:e3:5f:4a:54:
6c:44:bb:26:84:4e:bf:40:28:91:53:11:88:7c:c4:af:cf:67:
66:f8:cf:e1:64:42:3a:3d:83:e5:97:e8:fe:c5:90:29:5e:eb:
52:2c:3a:60:5d:74:4c:02:91:c2:0f:49:11:31:66:fb:73:76:
f9:8d:cf:a6
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
QTUzRDExMC8GA1UEBRMoQ0JFRjY0QTVCMjY0Njc1QUJERkNBQkIwNDJEQTE0ODc3
RkEwMTkxRTAeFw0yMTA1MDUwNzQ4MTdaFw0yMjA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYwOTI0ZGMxLWYyMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD0NbOSfMOh/oGyp4F/5MxwUuHIcfRg4tQw0RD5gc9NmO002Tvg0uep2GBsl+2G
I2G9uMaL9B1LVmbvHY5LUrJiWNoDS4LswYI4Fn3yN11voeiOFKXeXB8/nGBwhnh1
k8PpWv40Tq00lKs0yv7UM/XCI18Odv6M6R0+nHXV/kLe+iqJ0tw/lNMxdb4LZHSa
kV0ofge/Cu5mp+DmuuX+hK8pvvhoVgJCHIlCxMdquLoMtpwRDvE8//DtpzPZHdfc
Y1/ANXhgXuiQMO9+Y/FcmoUW25YwmpfPGTwNWOuwz83+mVawoUCLfcN4wjCXaGQR
zel00g0v2r8Q8qpLNgSBo5HlAgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUD0gj5LZ2
awhOQ27zTN27fpVRbEgwHwYDVR0jBBgwFoAUy+9kpbJkZ1q9/KuwQtoUh3+gGR4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBNTNELzA3RTFBRjNFQUQ3
NTExRUJBQTQ3RjUzNEM0RjlBRTAyL3ktOWtwYkprWjFxOV9LdXdRdG9VaDMtZ0dS
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveS05a3BiSmtaMXE5X0t1d1F0b1VoMy1nR1I0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QTUzRC8wN0UxQUYzRUFENzUxMUVCQUE0N0Y1MzRDNEY5QUUwMi80MENCMkY5MEFE
NzYxMUVCOUUwOTI3MzVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn
MCUwEgQCAAEwDAMEAGeVZwMEAGeaMzAPBAIAAjAJAwcAIAEN8yCAMA0GCSqGSIb3
DQEBCwUAA4IBAQCChzvxmgC76sCovgJa5h81n5zA4S8BdLIfWuz3S5C26+AETJMU
ipN5+tKo9sTqux3xFojhR/5RIaRhdwAhh6zMFg4LUwvKZLDcQx4Nn5PQx64uiM3j
727ouHxWEK+zfBleeYlZOM7/FVWmFQ8r1wKd1HnBS6uEWgEK3G/jO3dw1a+8V4aU
AYRQDCC2nU5QNnQgvGR1XZJKyyYRIPFOGfbIV23xBqXH8Q4tfNUV1eBBdFD4WHnF
vH5bcYjP9R5g8gOnuuNfSlRsRLsmhE6/QCiRUxGIfMSvz2dm+M/hZEI6PYPll+j+
xZApXutSLDpgXXRMApHCD0kRMWb7c3b5jc+m
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org