Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C11F/9E88AE18ACD211EB98FE6940C4F9AE02/2E7B4D90ACD411EBA8C2F944C4F9AE02.roa
File: 2E7B4D90ACD411EBA8C2F944C4F9AE02.roa (raw, json)
Hash identifier: 8uYkCiymUELl7yje/MrXgP65UB4+pcTju8RUmqC2c10=
Subject key identifier: E6:A0:4C:0C:98:F1:D9:2A:A1:75:FF:21:65:63:97:58:F0:54:82:9C
Certificate issuer: /CN=A917C11F/serialNumber=C05AE9534FD39D648C28443C48D511BBA9A8CAFE
Certificate serial: 0539
Authority key identifier: C0:5A:E9:53:4F:D3:9D:64:8C:28:44:3C:48:D5:11:BB:A9:A8:CA:FE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wFrpU0_TnWSMKEQ8SNURu6moyv4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C11F/9E88AE18ACD211EB98FE6940C4F9AE02/2E7B4D90ACD411EBA8C2F944C4F9AE02.roa
Signing time: Thu 23 May 2024 01:05:00 +0000
ROA not before: Thu 23 May 2024 01:05:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142122
IP address blocks: 103.166.152.0/23 maxlen: 23
103.166.152.0/24 maxlen: 24
103.166.153.0/24 maxlen: 24
2001:df6:9480::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1337 (0x539)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C11F/serialNumber=C05AE9534FD39D648C28443C48D511BBA9A8CAFE
Validity
Not Before: May 23 01:05:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=664e963c-6f4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c0:87:e9:2d:05:76:c2:d3:67:4c:51:0c:10:
24:f5:05:4f:ad:bf:63:40:87:4a:04:ae:eb:3b:42:
14:aa:e5:39:0d:14:aa:c0:db:51:25:a1:67:f2:14:
8a:9c:16:98:a0:e4:be:5f:2b:c2:a4:86:2c:39:5d:
7a:e7:07:4e:06:78:4a:13:1b:2e:e9:04:e7:cd:8e:
15:76:51:6d:f0:73:5d:f9:6c:2e:83:60:c6:b1:00:
a5:d4:e7:92:1b:d5:7f:5d:17:50:77:e6:24:27:3a:
03:75:b5:89:d9:df:70:54:1d:7a:56:67:40:10:b4:
e3:ac:c0:f4:72:f3:c6:91:82:05:98:e3:43:b2:8c:
b4:38:e8:86:ae:53:2b:a0:36:3f:ff:b9:d1:9c:30:
2b:f3:92:71:17:b2:c3:e2:6c:c6:09:2a:6e:52:b9:
23:25:12:b6:01:a0:dd:b4:47:f0:ff:35:98:ba:c5:
a9:28:ff:7e:61:80:00:23:98:ac:a5:31:50:4c:32:
b4:22:0d:5b:78:ee:46:9d:42:c2:65:06:d7:51:38:
23:e5:3e:c7:ce:3a:e7:1a:20:53:ae:6c:17:ca:1f:
3b:83:68:a4:e5:bb:c0:67:70:0c:92:77:84:f0:b1:
a4:3e:00:32:33:a6:58:e8:8f:4b:a3:c5:cc:8a:6f:
45:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:A0:4C:0C:98:F1:D9:2A:A1:75:FF:21:65:63:97:58:F0:54:82:9C
X509v3 Authority Key Identifier:
keyid:C0:5A:E9:53:4F:D3:9D:64:8C:28:44:3C:48:D5:11:BB:A9:A8:CA:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C11F/9E88AE18ACD211EB98FE6940C4F9AE02/wFrpU0_TnWSMKEQ8SNURu6moyv4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wFrpU0_TnWSMKEQ8SNURu6moyv4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C11F/9E88AE18ACD211EB98FE6940C4F9AE02/2E7B4D90ACD411EBA8C2F944C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.166.152.0/23
IPv6:
2001:df6:9480::/48
Signature Algorithm: sha256WithRSAEncryption
c6:68:32:35:f5:6d:dd:66:49:0f:c6:43:1b:0a:aa:47:30:fe:
8e:ce:6c:7e:45:68:4b:df:22:3c:6f:68:b6:b5:2f:2b:39:71:
c7:46:c2:46:1f:d6:54:f1:41:d1:fb:a2:35:c7:ea:b9:02:ed:
9f:e1:de:a0:75:4c:30:9e:8a:ca:20:f8:80:d2:30:44:66:67:
e0:c3:9a:73:1d:da:7c:7e:13:75:fb:90:1f:fc:53:13:c4:97:
22:e6:c2:0f:0d:e2:19:6c:29:f4:66:b0:24:e2:05:35:64:7a:
1f:d6:52:4f:20:10:85:b2:fb:52:fb:22:98:2e:ca:0a:07:c2:
9d:b1:c8:c4:40:28:7c:ac:01:e8:ed:31:dc:2f:9c:fd:a2:70:
1e:1d:7d:f9:fb:a3:3d:eb:c7:c7:b0:38:f8:fc:91:dd:6a:7c:
10:6c:90:f9:7a:74:a8:68:1a:bd:cc:c6:01:b6:d7:96:2d:6d:
16:6e:52:03:50:e1:b3:2c:32:a9:d5:06:55:07:fc:fd:f6:02:
12:d1:ed:36:00:8a:bb:97:1f:b1:75:fc:c0:fb:2a:9f:6c:88:
64:55:ac:01:dc:f5:ed:38:4a:ef:5c:7c:2a:27:0f:e2:07:42:
12:1a:2a:3c:c3:31:01:60:ef:73:2a:c5:dc:6f:3e:35:4e:2a:
d1:89:1c:0f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBTkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0MxMUYxMTAvBgNVBAUTKEMwNUFFOTUzNEZEMzlENjQ4QzI4NDQzQzQ4RDUxMUJC
QTlBOENBRkUwHhcNMjQwNTIzMDEwNTAwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjRlOTYzYy02ZjRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2sCH6S0FdsLTZ0xRDBAk9QVPrb9jQIdKBK7rO0IUquU5DRSqwNtRJaFn8hSK
nBaYoOS+XyvCpIYsOV165wdOBnhKExsu6QTnzY4VdlFt8HNd+Wwug2DGsQCl1OeS
G9V/XRdQd+YkJzoDdbWJ2d9wVB16VmdAELTjrMD0cvPGkYIFmONDsoy0OOiGrlMr
oDY//7nRnDAr85JxF7LD4mzGCSpuUrkjJRK2AaDdtEfw/zWYusWpKP9+YYAAI5is
pTFQTDK0Ig1beO5GnULCZQbXUTgj5T7HzjrnGiBTrmwXyh87g2ik5bvAZ3AMkneE
8LGkPgAyM6ZY6I9Lo8XMim9F5QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOagTAyY
8dkqoXX/IWVjl1jwVIKcMB8GA1UdIwQYMBaAFMBa6VNP051kjChEPEjVEbupqMr+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzExRi85RTg4QUUxOEFD
RDIxMUVCOThGRTY5NDBDNEY5QUUwMi93RnJwVTBfVG5XU01LRVE4U05VUnU2bW95
djQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dGcnBVMF9UbldTTUtFUThTTlVSdTZtb3l2NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0MxMUYvOUU4OEFFMThBQ0QyMTFFQjk4RkU2OTQwQzRGOUFFMDIvMkU3QjREOTBB
Q0Q0MTFFQkE4QzJGOTQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnppgwDwQCAAIwCQMHACABDfaUgDANBgkqhkiG9w0BAQsF
AAOCAQEAxmgyNfVt3WZJD8ZDGwqqRzD+js5sfkVoS98iPG9otrUvKzlxx0bCRh/W
VPFB0fuiNcfquQLtn+HeoHVMMJ6KyiD4gNIwRGZn4MOacx3afH4TdfuQH/xTE8SX
IubCDw3iGWwp9GawJOIFNWR6H9ZSTyAQhbL7UvsimC7KCgfCnbHIxEAofKwB6O0x
3C+c/aJwHh19+fujPevHx7A4+PyR3Wp8EGyQ+Xp0qGgavczGAbbXli1tFm5SA1Dh
sywyqdUGVQf8/fYCEtHtNgCKu5cfsXX8wPsqn2yIZFWsAdz17ThK71x8KicP4gdC
EhoqPMMxAWDvcyrF3G8+NU4q0YkcDw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 07:33:03 2025 by rpki-client