Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137AD6/A2CE6BD8C77611ECB73AD566C4F9AE02/7142AA1A062E11EDA95B3143C4F9AE02.roa
File: 7142AA1A062E11EDA95B3143C4F9AE02.roa (raw, json)
Hash identifier: Pu4w4wkedRnsQN+HZTdNYqSgNqHGpxwniheL32YgYjg=
Subject key identifier: E9:B2:4A:FB:A1:FD:E1:1C:0B:5F:D7:5F:FA:67:4A:ED:88:FB:69:D2
Certificate issuer: /CN=A9137AD6/serialNumber=2578CBCAFCA26B172057E37AB77A61C81032222D
Certificate serial: 02CA
Authority key identifier: 25:78:CB:CA:FC:A2:6B:17:20:57:E3:7A:B7:7A:61:C8:10:32:22:2D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXjLyvyiaxcgV-N6t3phyBAyIi0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137AD6/A2CE6BD8C77611ECB73AD566C4F9AE02/7142AA1A062E11EDA95B3143C4F9AE02.roa
Signing time: Tue 29 Oct 2024 06:34:29 +0000
ROA not before: Tue 29 Oct 2024 06:34:29 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 132309
IP address blocks: 103.9.240.0/22 maxlen: 22
103.9.240.0/24 maxlen: 24
103.9.241.0/24 maxlen: 24
103.9.242.0/24 maxlen: 24
103.9.243.0/24 maxlen: 24
123.253.40.0/24 maxlen: 24
123.253.42.0/24 maxlen: 24
123.253.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 714 (0x2ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137AD6/serialNumber=2578CBCAFCA26B172057E37AB77A61C81032222D
Validity
Not Before: Oct 29 06:34:29 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=672081f5-e544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9a:91:27:5f:10:e9:b6:85:77:ee:f7:fb:f2:
bf:e3:0a:0f:17:7c:79:d9:af:cb:38:cc:c1:78:ae:
6a:0c:1b:0e:fb:b6:b9:c8:9c:a4:9d:f1:69:2c:2a:
ee:65:ac:af:33:7d:31:4d:51:66:6a:65:52:46:86:
aa:d8:c7:bf:86:74:ab:8f:23:39:53:0a:c2:f8:c1:
41:e6:e6:87:4a:06:86:88:d8:82:07:43:4f:4a:7b:
af:01:84:fb:2e:7a:ee:f5:46:1b:d6:7d:55:82:d5:
ed:2c:fa:4e:5b:c5:f5:93:7e:be:41:2d:59:92:d7:
b3:5f:cd:9c:11:46:af:15:b7:6b:7b:d9:c0:84:d0:
61:7f:c7:42:df:e8:eb:62:68:b4:a9:f4:35:9c:55:
64:c8:51:75:9d:3c:4a:6d:a4:71:11:3c:30:c3:eb:
27:f1:f2:cd:d0:b4:e8:38:45:2e:ee:c1:7d:94:07:
9c:75:c0:69:b8:a7:03:5a:2e:4d:2b:c4:ab:e6:90:
ab:ad:7d:15:21:77:a5:bf:73:d2:39:69:80:0b:77:
b8:ce:d6:30:d3:24:bc:00:fd:22:16:e8:84:a1:65:
62:7c:df:18:b9:7e:67:2d:7d:2f:45:d0:9e:a0:87:
9e:0e:ff:50:d8:f1:34:69:75:82:0b:95:3b:87:e4:
45:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:B2:4A:FB:A1:FD:E1:1C:0B:5F:D7:5F:FA:67:4A:ED:88:FB:69:D2
X509v3 Authority Key Identifier:
keyid:25:78:CB:CA:FC:A2:6B:17:20:57:E3:7A:B7:7A:61:C8:10:32:22:2D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137AD6/A2CE6BD8C77611ECB73AD566C4F9AE02/JXjLyvyiaxcgV-N6t3phyBAyIi0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXjLyvyiaxcgV-N6t3phyBAyIi0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137AD6/A2CE6BD8C77611ECB73AD566C4F9AE02/7142AA1A062E11EDA95B3143C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.9.240.0/22
123.253.40.0/24
123.253.42.0/23
Signature Algorithm: sha256WithRSAEncryption
33:20:5a:f7:f6:7d:d5:da:9a:bc:65:00:af:d6:76:47:ce:c9:
d8:25:36:c9:85:0a:07:12:4d:c4:02:6b:a6:05:17:cd:ae:84:
4c:69:40:12:7d:f7:18:cd:5b:c5:c7:ec:2c:fe:ef:3b:77:7c:
47:a2:c0:76:04:2f:9a:27:30:9d:d9:73:35:d7:3a:8f:3c:bd:
59:42:f0:bf:c0:1d:9f:1b:46:2f:1e:4d:92:66:55:ae:82:df:
b0:84:ff:71:e0:00:85:16:a0:b1:ba:f8:9c:23:30:0e:ad:01:
fe:7e:a5:00:90:6c:27:66:ac:c4:fc:91:43:9d:b7:17:0c:91:
c5:85:29:34:f3:03:8d:64:c5:3d:13:43:4d:32:3a:31:81:f8:
88:9f:94:5f:6c:6a:e7:ed:7f:ea:f6:33:4d:87:19:d6:79:ff:
ad:9b:5d:9d:d8:10:75:c4:4f:d1:24:12:9b:39:e6:52:b1:7f:
90:53:cf:9d:45:d8:83:33:12:42:84:19:ec:1c:fa:38:69:ea:
59:d5:8f:06:2d:54:90:4a:21:59:bc:38:46:b7:8a:ed:e8:0e:
77:19:a5:8a:23:3d:13:95:bc:89:85:50:3c:89:b9:1b:26:31:
34:48:b3:e6:e8:7f:01:49:44:0e:b9:54:ce:8e:d7:74:d7:18:
84:81:9f:f0
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAsowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBRDYxMTAvBgNVBAUTKDI1NzhDQkNBRkNBMjZCMTcyMDU3RTM3QUI3N0E2MUM4
MTAzMjIyMkQwHhcNMjQxMDI5MDYzNDI5WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIwODFmNS1lNTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsJqRJ18Q6baFd+73+/K/4woPF3x52a/LOMzBeK5qDBsO+7a5yJyknfFpLCru
ZayvM30xTVFmamVSRoaq2Me/hnSrjyM5UwrC+MFB5uaHSgaGiNiCB0NPSnuvAYT7
Lnru9UYb1n1VgtXtLPpOW8X1k36+QS1ZktezX82cEUavFbdre9nAhNBhf8dC3+jr
Ymi0qfQ1nFVkyFF1nTxKbaRxETwww+sn8fLN0LToOEUu7sF9lAecdcBpuKcDWi5N
K8Sr5pCrrX0VIXelv3PSOWmAC3e4ztYw0yS8AP0iFuiEoWVifN8YuX5nLX0vRdCe
oIeeDv9Q2PE0aXWCC5U7h+RFUQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFOmySvuh
/eEcC1/XX/pnSu2I+2nSMB8GA1UdIwQYMBaAFCV4y8r8omsXIFfjerd6YcgQMiIt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FENi9BMkNFNkJEOEM3
NzYxMUVDQjczQUQ1NjZDNEY5QUUwMi9KWGpMeXZ5aWF4Y2dWLU42dDNwaHlCQXlJ
aTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pYakx5dnlpYXhjZ1YtTjZ0M3BoeUJBeUlpMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBRDYvQTJDRTZCRDhDNzc2MTFFQ0I3M0FENTY2QzRGOUFFMDIvNzE0MkFBMUEw
NjJFMTFFREE5NUIzMTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJnCfADBAB7/SgDBAF7/SowDQYJKoZIhvcNAQELBQADggEB
ADMgWvf2fdXamrxlAK/WdkfOydglNsmFCgcSTcQCa6YFF82uhExpQBJ99xjNW8XH
7Cz+7zt3fEeiwHYEL5onMJ3ZczXXOo88vVlC8L/AHZ8bRi8eTZJmVa6C37CE/3Hg
AIUWoLG6+JwjMA6tAf5+pQCQbCdmrMT8kUOdtxcMkcWFKTTzA41kxT0TQ00yOjGB
+IiflF9sauftf+r2M02HGdZ5/62bXZ3YEHXET9EkEps55lKxf5BTz51F2IMzEkKE
Gewc+jhp6lnVjwYtVJBKIVm8OEa3iu3oDncZpYojPROVvImFUDyJuRsmMTRIs+bo
fwFJRA65VM6O13TXGISBn/A=
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:57:26 2025 by rpki-client