Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914B0D8/07AABCDAFB1111EE9123391BC4F9AE02/66E93DA2FB1111EE81D7643BC4F9AE02.roa
File: 66E93DA2FB1111EE81D7643BC4F9AE02.roa (raw, json)
Hash identifier: I6DRhaPjg94iaLUIAJP5juEv1Um/2EjAWiSx5qBJKPs=
Subject key identifier: 8E:B5:F4:AD:B9:57:BA:F0:D0:CC:EE:51:94:57:AC:40:21:33:12:9E
Certificate issuer: /CN=A914B0D8/serialNumber=008B2351BE9FD66D38B11050679734F44FA5D97D
Certificate serial: 2D
Authority key identifier: 00:8B:23:51:BE:9F:D6:6D:38:B1:10:50:67:97:34:F4:4F:A5:D9:7D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AIsjUb6f1m04sRBQZ5c09E-l2X0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914B0D8/07AABCDAFB1111EE9123391BC4F9AE02/66E93DA2FB1111EE81D7643BC4F9AE02.roa
Signing time: Wed 10 Jul 2024 09:20:31 +0000
ROA not before: Wed 10 Jul 2024 09:20:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152677
IP address blocks: 117.103.118.0/23 maxlen: 23
117.103.118.0/24 maxlen: 24
117.103.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45 (0x2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914B0D8/serialNumber=008B2351BE9FD66D38B11050679734F44FA5D97D
Validity
Not Before: Jul 10 09:20:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=668e525e-6c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3c:69:f3:ca:ad:b3:34:96:52:f5:c5:a0:b2:
27:9e:9e:8b:54:a9:97:c9:ba:11:55:35:56:ce:b3:
66:50:ab:38:55:7f:bd:24:73:61:1c:93:e1:29:f7:
81:5c:07:7f:09:18:be:51:1c:09:1b:43:97:eb:c7:
80:7b:42:95:84:75:2d:e4:4b:29:6d:e9:58:56:0c:
7a:13:a9:1f:fd:47:af:e5:da:e2:ea:65:2f:ad:ee:
77:b0:a7:2c:3e:02:50:69:f3:cc:66:72:fc:77:d6:
2f:f4:72:c3:55:0d:e1:c0:48:15:0a:09:3d:fd:1a:
71:f8:53:17:bf:f8:e6:37:96:cc:86:13:48:9c:40:
b6:7b:fd:74:73:ff:2f:60:bf:ce:15:d5:04:65:4b:
46:95:a7:79:25:58:d4:a4:85:24:12:2e:c8:78:1e:
5c:95:a0:f2:70:57:44:9a:0c:1d:77:7c:2e:e0:eb:
92:ef:49:bf:67:59:4c:8f:7a:fb:7b:e0:20:b8:73:
db:8c:f1:ea:20:d3:08:8f:7b:72:1e:39:5d:30:2c:
6d:a2:21:16:85:d9:20:74:7b:45:ff:b9:b7:e3:da:
dd:0f:a1:fa:9b:86:cd:a6:b7:19:e4:71:f7:dc:37:
6d:c8:3d:ab:5e:18:f8:90:f0:4b:2a:5b:99:26:15:
c5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B5:F4:AD:B9:57:BA:F0:D0:CC:EE:51:94:57:AC:40:21:33:12:9E
X509v3 Authority Key Identifier:
keyid:00:8B:23:51:BE:9F:D6:6D:38:B1:10:50:67:97:34:F4:4F:A5:D9:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914B0D8/07AABCDAFB1111EE9123391BC4F9AE02/AIsjUb6f1m04sRBQZ5c09E-l2X0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AIsjUb6f1m04sRBQZ5c09E-l2X0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914B0D8/07AABCDAFB1111EE9123391BC4F9AE02/66E93DA2FB1111EE81D7643BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.103.118.0/23
Signature Algorithm: sha256WithRSAEncryption
03:ea:ba:52:be:d5:ee:63:ea:5e:8d:f2:2b:ef:b1:83:84:5a:
1c:a7:57:54:28:19:8d:31:2f:6b:e0:ed:04:2d:ee:b2:73:3e:
3f:c8:f5:e6:8a:f2:cf:95:d7:d5:77:35:71:a4:db:9a:52:d0:
6c:d9:60:56:5c:d1:1f:33:d1:61:4a:8a:4d:66:08:ab:cc:c8:
a0:ee:ec:03:58:23:b2:8c:1e:96:49:c4:c4:59:87:37:6b:5d:
71:27:67:32:97:d1:41:08:43:66:aa:bc:34:e4:db:d0:35:ea:
93:fe:2a:71:0e:d8:5c:93:f8:25:17:65:bd:8d:f4:68:03:08:
6d:92:ed:9a:9f:97:68:69:55:49:59:89:a7:ef:e3:bd:1e:7a:
aa:bc:f1:47:8b:99:15:dc:f4:ee:a9:6f:6a:f8:68:44:0b:7d:
1d:a0:a9:cc:7f:92:9d:ba:8a:78:9b:cb:f1:09:8d:f8:87:88:
85:fb:e5:4a:1d:8f:fc:3f:5d:be:7b:38:02:34:8d:cd:14:10:
03:2e:41:ca:0d:b6:b2:e2:20:fd:bf:1b:ed:bd:c4:3a:1c:65:
74:d7:2d:7f:9a:1f:ba:6b:31:6f:11:03:72:0e:98:1d:ee:93:
fe:ac:ac:5a:35:da:c5:46:09:af:29:60:10:d0:4c:cb:e6:d0:
0c:e3:c2:b5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBLTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
QjBEODExMC8GA1UEBRMoMDA4QjIzNTFCRTlGRDY2RDM4QjExMDUwNjc5NzM0RjQ0
RkE1RDk3RDAeFw0yNDA3MTAwOTIwMzFaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2OGU1MjVlLTZjMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNPGnzyq2zNJZS9cWgsieenotUqZfJuhFVNVbOs2ZQqzhVf70kc2Eck+Ep94Fc
B38JGL5RHAkbQ5frx4B7QpWEdS3kSylt6VhWDHoTqR/9R6/l2uLqZS+t7newpyw+
AlBp88xmcvx31i/0csNVDeHASBUKCT39GnH4Uxe/+OY3lsyGE0icQLZ7/XRz/y9g
v84V1QRlS0aVp3klWNSkhSQSLsh4HlyVoPJwV0SaDB13fC7g65LvSb9nWUyPevt7
4CC4c9uM8eog0wiPe3IeOV0wLG2iIRaF2SB0e0X/ubfj2t0Pofqbhs2mtxnkcffc
N23IPateGPiQ8EsqW5kmFcU3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUjrX0rblX
uvDQzO5RlFesQCEzEp4wHwYDVR0jBBgwFoAUAIsjUb6f1m04sRBQZ5c09E+l2X0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRCMEQ4LzA3QUFCQ0RBRkIx
MTExRUU5MTIzMzkxQkM0RjlBRTAyL0FJc2pVYjZmMW0wNHNSQlFaNWMwOUUtbDJY
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQUlzalViNmYxbTA0c1JCUVo1YzA5RS1sMlgwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QjBEOC8wN0FBQkNEQUZCMTExMUVFOTEyMzM5MUJDNEY5QUUwMi82NkU5M0RBMkZC
MTExMUVFODFENzY0M0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAXVndjANBgkqhkiG9w0BAQsFAAOCAQEAA+q6Ur7V7mPqXo3y
K++xg4RaHKdXVCgZjTEva+DtBC3usnM+P8j15oryz5XX1Xc1caTbmlLQbNlgVlzR
HzPRYUqKTWYIq8zIoO7sA1gjsowelknExFmHN2tdcSdnMpfRQQhDZqq8NOTb0DXq
k/4qcQ7YXJP4JRdlvY30aAMIbZLtmp+XaGlVSVmJp+/jvR56qrzxR4uZFdz07qlv
avhoRAt9HaCpzH+SnbqKeJvL8QmN+IeIhfvlSh2P/D9dvns4AjSNzRQQAy5Byg22
suIg/b8b7b3EOhxldNctf5ofumsxbxEDcg6YHe6T/qysWjXaxUYJrylgENBMy+bQ
DOPCtQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:05:07 2025 by rpki-client