Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/8A6AA178556111EDB7E45424C4F9AE02.roa
File: 8A6AA178556111EDB7E45424C4F9AE02.roa (raw, json)
Hash identifier: Lv3s/tDzwoH6gl7nLzqYDd9D8Hirj2BDnbGE+1t61zg=
Subject key identifier: 5A:BE:CA:02:EA:93:8C:FA:E9:03:BF:AE:0C:16:E9:E9:26:43:EE:72
Certificate issuer: /CN=A917F879/serialNumber=6447E361B1A4496BA0128DF695657448E95E2B95
Certificate serial: 08FA
Authority key identifier: 64:47:E3:61:B1:A4:49:6B:A0:12:8D:F6:95:65:74:48:E9:5E:2B:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZEfjYbGkSWugEo32lWV0SOleK5U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/8A6AA178556111EDB7E45424C4F9AE02.roa
Signing time: Thu 02 May 2024 21:40:20 +0000
ROA not before: Thu 02 May 2024 21:40:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45267
IP address blocks: 103.88.144.0/22 maxlen: 23
103.88.144.0/23 maxlen: 24
103.88.146.0/24 maxlen: 24
203.96.248.0/22 maxlen: 24
2400:e3c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2298 (0x8fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917F879/serialNumber=6447E361B1A4496BA0128DF695657448E95E2B95
Validity
Not Before: May 2 21:40:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66340844-b7fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1d:75:92:c8:8b:b4:42:21:99:2d:84:9c:72:
88:2e:1b:cb:e8:d5:ea:68:8f:38:ab:b1:40:25:60:
2b:08:ec:d7:80:03:47:86:6b:15:cb:e1:92:da:82:
bb:21:f9:fc:37:5c:fc:6b:fa:1d:10:d1:7d:bf:66:
20:55:71:48:bb:8c:a4:18:23:6f:4b:62:8b:4e:cd:
c2:75:48:b2:73:35:5c:f7:2d:56:ce:b5:fc:5e:c1:
14:0b:2e:a9:f1:81:e4:c8:4b:d0:bb:20:aa:46:24:
8c:51:c2:ea:7f:7f:fa:7c:6b:09:20:ae:6e:c0:32:
c2:6f:59:d1:0f:15:a5:d2:d5:57:11:f8:8f:4a:37:
08:78:43:96:aa:bb:a6:47:67:65:20:66:0e:fd:41:
86:14:cc:4c:38:da:ec:95:77:b9:da:b7:e4:cd:b8:
6e:b4:d9:90:44:18:24:bd:50:c8:b9:40:86:42:5a:
92:c0:53:42:d1:74:34:a5:7b:f9:85:64:0c:92:f9:
f9:91:dd:91:68:d2:4b:fc:72:e7:ce:08:ad:51:3b:
a7:a3:f1:c1:37:0b:64:fc:dc:14:cb:df:00:bc:04:
10:29:d6:c7:d5:b9:5a:16:a9:2d:21:0c:76:6a:29:
fc:5f:74:b1:11:3a:84:54:77:a1:70:55:9b:1e:21:
c4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:BE:CA:02:EA:93:8C:FA:E9:03:BF:AE:0C:16:E9:E9:26:43:EE:72
X509v3 Authority Key Identifier:
keyid:64:47:E3:61:B1:A4:49:6B:A0:12:8D:F6:95:65:74:48:E9:5E:2B:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/ZEfjYbGkSWugEo32lWV0SOleK5U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZEfjYbGkSWugEo32lWV0SOleK5U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/8A6AA178556111EDB7E45424C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.144.0/22
203.96.248.0/22
IPv6:
2400:e3c0::/32
Signature Algorithm: sha256WithRSAEncryption
50:89:60:f4:22:ff:b0:53:7e:8c:61:61:f2:fc:9b:1f:c8:d9:
df:55:01:56:b7:12:f0:c5:aa:c1:ee:3f:16:d4:d5:e5:8a:a0:
d6:2e:62:ec:c6:d2:e3:4f:f1:96:25:27:7f:ce:a5:89:63:fd:
08:0c:28:87:28:75:80:33:d5:b9:2a:0d:19:70:f3:25:b4:23:
7c:a5:65:97:29:ed:c2:93:26:39:1c:c6:ad:47:48:60:68:e8:
b6:6f:bd:59:b1:ae:b3:db:27:02:ec:3c:cd:88:19:d1:2d:93:
89:5f:37:9c:a2:16:69:2b:da:ed:87:2d:da:c4:90:58:48:24:
f3:df:fa:4f:8a:17:00:4b:54:1d:b0:ad:9e:ca:a2:35:a2:14:
b4:9c:d8:f3:e9:73:58:76:70:76:d4:e0:2a:d7:f7:6f:e5:bc:
c2:e7:2b:2e:bd:ca:f0:3b:ef:d9:de:8f:d5:53:d7:d9:56:bb:
29:7e:64:d9:9a:a2:88:90:52:5b:0b:11:f5:a9:c6:02:e7:1f:
a0:07:1d:fb:47:a3:b5:0b:9f:89:52:fe:24:3d:65:ce:6c:b5:
cb:a8:06:9f:ce:d3:76:e9:66:51:c6:cf:34:ea:9f:02:6f:c1:
f4:13:17:33:b3:70:45:87:93:cb:ff:1f:15:1d:ff:0d:08:08:
38:80:0b:8c
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Y4NzkxMTAvBgNVBAUTKDY0NDdFMzYxQjFBNDQ5NkJBMDEyOERGNjk1NjU3NDQ4
RTk1RTJCOTUwHhcNMjQwNTAyMjE0MDIwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM0MDg0NC1iN2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxR11ksiLtEIhmS2EnHKILhvL6NXqaI84q7FAJWArCOzXgANHhmsVy+GS2oK7
Ifn8N1z8a/odENF9v2YgVXFIu4ykGCNvS2KLTs3CdUiyczVc9y1WzrX8XsEUCy6p
8YHkyEvQuyCqRiSMUcLqf3/6fGsJIK5uwDLCb1nRDxWl0tVXEfiPSjcIeEOWqrum
R2dlIGYO/UGGFMxMONrslXe52rfkzbhutNmQRBgkvVDIuUCGQlqSwFNC0XQ0pXv5
hWQMkvn5kd2RaNJL/HLnzgitUTuno/HBNwtk/NwUy98AvAQQKdbH1blaFqktIQx2
ain8X3SxETqEVHehcFWbHiHEzQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFq+ygLq
k4z66QO/rgwW6ekmQ+5yMB8GA1UdIwQYMBaAFGRH42GxpElroBKN9pVldEjpXiuV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Rjg3OS9BQUZDRUYwQTgz
NDkxMUVBODlERTY5N0JDNEY5QUUwMi9aRWZqWWJHa1NXdWdFbzMybFdWMFNPbGVL
NVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pFZmpZYkdrU1d1Z0VvMzJsV1YwU09sZUs1VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0Y4NzkvQUFGQ0VGMEE4MzQ5MTFFQTg5REU2OTdCQzRGOUFFMDIvOEE2QUExNzg1
NTYxMTFFREI3RTQ1NDI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnWJADBALLYPgwDQQCAAIwBwMFACQA48AwDQYJKoZIhvcN
AQELBQADggEBAFCJYPQi/7BTfoxhYfL8mx/I2d9VAVa3EvDFqsHuPxbU1eWKoNYu
YuzG0uNP8ZYlJ3/OpYlj/QgMKIcodYAz1bkqDRlw8yW0I3ylZZcp7cKTJjkcxq1H
SGBo6LZvvVmxrrPbJwLsPM2IGdEtk4lfN5yiFmkr2u2HLdrEkFhIJPPf+k+KFwBL
VB2wrZ7KojWiFLSc2PPpc1h2cHbU4CrX92/lvMLnKy69yvA779nej9VT19lWuyl+
ZNmaooiQUlsLEfWpxgLnH6AHHftHo7ULn4lS/iQ9Zc5stcuoBp/O03bpZlHGzzTq
nwJvwfQTFzOzcEWHk8v/HxUd/w0ICDiAC4w=
-----END CERTIFICATE-----
Generated at Sun Apr 27 15:38:35 2025 by rpki-client