Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91112BC/EBCF168204F811E9BA502431C4F9AE02/603AD1D0AB1211EAB4E7101BC4F9AE02.roa
File: 603AD1D0AB1211EAB4E7101BC4F9AE02.roa (raw, json)
Hash identifier: HiYjj0p3JXRse1uC7XLEGyug0M30GyJfvcEMlo7b1CI=
Subject key identifier: CC:37:64:F4:5C:8F:CE:2D:A0:66:6A:00:C8:3F:AA:EF:3F:3E:FF:AD
Certificate issuer: /CN=A91112BC/serialNumber=6FF31B0659A6AE16C7A0A4EE0EE6A22910EC2E00
Certificate serial: 10E6
Authority key identifier: 6F:F3:1B:06:59:A6:AE:16:C7:A0:A4:EE:0E:E6:A2:29:10:EC:2E:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_MbBlmmrhbHoKTuDuaiKRDsLgA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91112BC/EBCF168204F811E9BA502431C4F9AE02/603AD1D0AB1211EAB4E7101BC4F9AE02.roa
Signing time: Mon 24 Jun 2024 17:57:54 +0000
ROA not before: Mon 24 Jun 2024 17:57:54 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 136897
IP address blocks: 103.59.49.0/24 maxlen: 24
103.59.51.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4326 (0x10e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91112BC/serialNumber=6FF31B0659A6AE16C7A0A4EE0EE6A22910EC2E00
Validity
Not Before: Jun 24 17:57:54 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6679b3a2-7060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b2:32:1a:42:3f:ab:b9:85:a1:72:3c:05:8f:
cc:14:3f:b0:9c:e3:45:56:9d:a4:80:65:34:b7:3e:
a1:05:30:48:b0:c8:75:2a:10:bd:3d:28:c3:cc:e6:
cb:65:57:49:b6:ed:dc:64:14:a9:8d:49:8f:df:52:
0a:7a:bc:26:35:32:4e:63:ca:9e:ca:37:a5:5b:9c:
5d:37:8a:47:88:93:a7:0f:d1:f7:3e:8e:77:9a:09:
55:98:14:f4:a5:e9:dc:0e:50:56:82:4e:e7:4f:93:
ec:55:7d:c2:ab:a1:c3:a6:12:13:7f:0c:0c:f5:8b:
32:f0:19:11:46:4f:59:ec:e6:fb:3f:39:0d:d3:30:
6e:e6:6e:7f:2c:ad:df:ad:49:b0:da:38:25:3e:65:
15:87:50:dd:27:c6:28:30:72:3e:ff:cb:76:ff:f6:
26:7a:9c:0e:a5:92:32:07:71:39:87:4c:2e:ba:73:
6c:02:c0:a4:86:b1:0e:5e:e0:e6:89:d3:4e:46:45:
59:19:2e:0a:c6:62:da:9e:cb:90:4a:17:f7:8a:88:
f8:12:ff:fa:f9:c2:42:6f:d6:93:23:68:f3:10:94:
59:93:b3:58:d7:f3:76:5f:c5:77:78:eb:b4:06:92:
21:26:35:83:5d:7e:5b:73:d0:a1:d0:12:31:8a:93:
63:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:37:64:F4:5C:8F:CE:2D:A0:66:6A:00:C8:3F:AA:EF:3F:3E:FF:AD
X509v3 Authority Key Identifier:
keyid:6F:F3:1B:06:59:A6:AE:16:C7:A0:A4:EE:0E:E6:A2:29:10:EC:2E:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91112BC/EBCF168204F811E9BA502431C4F9AE02/b_MbBlmmrhbHoKTuDuaiKRDsLgA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_MbBlmmrhbHoKTuDuaiKRDsLgA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91112BC/EBCF168204F811E9BA502431C4F9AE02/603AD1D0AB1211EAB4E7101BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.59.49.0/24
103.59.51.0/24
Signature Algorithm: sha256WithRSAEncryption
02:2f:12:61:4e:2a:7f:9c:bd:25:c8:f1:16:80:3b:9d:16:e7:
52:d1:c1:04:11:76:6b:67:13:67:dc:87:83:4d:4b:25:71:91:
ae:ed:b3:03:dc:62:f4:67:bf:2b:06:5b:e2:d3:13:c3:78:b4:
fc:fb:36:28:15:9f:50:6a:bf:c6:56:2c:ab:d9:36:ed:68:fa:
b2:11:a5:fd:91:69:19:59:6c:71:6f:cb:a0:08:b2:36:16:5f:
d5:b5:a6:5b:5b:96:3a:3d:43:63:eb:df:f9:20:d1:7d:59:6c:
25:7b:f8:9b:bd:2c:34:e3:95:3b:95:4f:02:77:9e:a3:3b:64:
2a:bc:3e:14:b1:f4:a8:a5:f9:72:59:55:dc:83:79:ce:a9:b3:
51:fd:06:85:d6:73:02:6b:49:eb:c6:3f:31:22:81:ee:a9:38:
60:d8:5a:ff:65:55:3e:4f:8b:ae:33:24:1a:a7:94:eb:1f:1f:
56:bc:63:b3:7b:7f:70:22:2d:61:81:f8:64:d3:2f:eb:40:57:
20:63:70:81:65:d9:5c:b0:49:fb:e4:e4:f6:ee:1d:db:76:45:
ca:27:5f:18:4c:3a:75:35:63:68:5b:e8:f2:45:50:f6:a9:9b:
49:cc:39:bc:8c:73:99:5e:eb:70:43:95:a1:58:48:af:bc:95:
a9:76:29:40
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICEOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTEyQkMxMTAvBgNVBAUTKDZGRjMxQjA2NTlBNkFFMTZDN0EwQTRFRTBFRTZBMjI5
MTBFQzJFMDAwHhcNMjQwNjI0MTc1NzU0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc5YjNhMi03MDYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwrIyGkI/q7mFoXI8BY/MFD+wnONFVp2kgGU0tz6hBTBIsMh1KhC9PSjDzObL
ZVdJtu3cZBSpjUmP31IKerwmNTJOY8qeyjelW5xdN4pHiJOnD9H3Po53mglVmBT0
pencDlBWgk7nT5PsVX3Cq6HDphITfwwM9Ysy8BkRRk9Z7Ob7PzkN0zBu5m5/LK3f
rUmw2jglPmUVh1DdJ8YoMHI+/8t2//YmepwOpZIyB3E5h0wuunNsAsCkhrEOXuDm
idNORkVZGS4KxmLansuQShf3ioj4Ev/6+cJCb9aTI2jzEJRZk7NY1/N2X8V3eOu0
BpIhJjWDXX5bc9Ch0BIxipNjEQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMw3ZPRc
j84toGZqAMg/qu8/Pv+tMB8GA1UdIwQYMBaAFG/zGwZZpq4Wx6Ck7g7moikQ7C4A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTJCQy9FQkNGMTY4MjA0
RjgxMUU5QkE1MDI0MzFDNEY5QUUwMi9iX01iQmxtbXJoYkhvS1R1RHVhaUtSRHNM
Z0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JfTWJCbG1tcmhiSG9LVHVEdWFpS1JEc0xnQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTEyQkMvRUJDRjE2ODIwNEY4MTFFOUJBNTAyNDMxQzRGOUFFMDIvNjAzQUQxRDBB
QjEyMTFFQUI0RTcxMDFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnOzEDBABnOzMwDQYJKoZIhvcNAQELBQADggEBAAIvEmFO
Kn+cvSXI8RaAO50W51LRwQQRdmtnE2fch4NNSyVxka7tswPcYvRnvysGW+LTE8N4
tPz7NigVn1Bqv8ZWLKvZNu1o+rIRpf2RaRlZbHFvy6AIsjYWX9W1pltbljo9Q2Pr
3/kg0X1ZbCV7+Ju9LDTjlTuVTwJ3nqM7ZCq8PhSx9Kil+XJZVdyDec6ps1H9BoXW
cwJrSevGPzEige6pOGDYWv9lVT5Pi64zJBqnlOsfH1a8Y7N7f3AiLWGB+GTTL+tA
VyBjcIFl2VywSfvk5PbuHdt2RconXxhMOnU1Y2hb6PJFUPapm0nMObyMc5le63BD
laFYSK+8lal2KUA=
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:54:37 2025 by rpki-client