Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C66B7/66CDA4E8911611EA91C4650CC4F9AE02/023564E6D5BE11ECA8BE4666C4F9AE02.roa
File: 023564E6D5BE11ECA8BE4666C4F9AE02.roa (raw, json)
Hash identifier: wHZWRXwKbEVincv7YJ3e25Slz3Zw4ni306PAKoBPm2o=
Subject key identifier: D9:73:C9:36:A4:37:18:5B:50:32:CC:C8:D1:2C:BE:F1:63:C3:4A:8E
Certificate issuer: /CN=A91C66B7/serialNumber=C343B3BB83A7E23FAD95AF8D232B52052A0FDE72
Certificate serial: 08EA
Authority key identifier: C3:43:B3:BB:83:A7:E2:3F:AD:95:AF:8D:23:2B:52:05:2A:0F:DE:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/w0Ozu4On4j-tla-NIytSBSoP3nI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C66B7/66CDA4E8911611EA91C4650CC4F9AE02/023564E6D5BE11ECA8BE4666C4F9AE02.roa
Signing time: Fri 14 Jun 2024 22:18:32 +0000
ROA not before: Fri 14 Jun 2024 22:18:32 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 142300
IP address blocks: 103.150.208.0/24 maxlen: 24
103.150.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2282 (0x8ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C66B7/serialNumber=C343B3BB83A7E23FAD95AF8D232B52052A0FDE72
Validity
Not Before: Jun 14 22:18:32 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=666cc1b8-df6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:cd:0a:87:1b:39:b3:cb:4a:3e:ef:34:00:50:
08:09:90:ad:6a:00:1d:9b:32:75:2c:25:c8:46:10:
9e:3e:42:30:23:19:46:ff:09:8d:1f:ce:b2:74:9d:
94:14:75:2d:8d:28:cc:21:c1:75:4a:e1:ec:aa:23:
18:ff:91:c1:bd:83:ad:e4:3f:42:a2:71:92:a5:8b:
7a:0f:07:10:62:11:93:02:b1:4d:2c:72:62:b4:a5:
95:4e:2a:5e:58:4e:48:a4:5a:74:b6:ad:55:f7:32:
b5:3c:7b:5d:47:b2:5c:de:0a:3b:7c:b0:dd:1a:08:
8f:ec:ea:39:f5:bd:7f:99:7b:04:d5:75:c8:8a:29:
28:69:bb:73:be:dd:b1:01:fe:0e:43:e4:83:f9:71:
c9:18:39:5a:a6:d0:f2:92:fd:1c:53:76:6f:12:5b:
f4:60:2f:24:53:79:ca:50:39:bf:63:1b:1a:23:53:
84:75:2e:0f:d8:7c:42:3e:10:b5:7e:2f:43:8d:5d:
14:cf:48:87:f0:fa:71:bb:e6:a5:d4:0d:ac:fa:4e:
0d:c5:3d:16:8f:68:a3:7f:7a:b5:b8:08:42:8c:33:
da:16:82:d3:7d:ed:88:3d:f7:b4:10:21:88:19:0a:
00:bd:98:50:66:a0:22:c0:1e:b6:89:ea:3f:f9:87:
7f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:73:C9:36:A4:37:18:5B:50:32:CC:C8:D1:2C:BE:F1:63:C3:4A:8E
X509v3 Authority Key Identifier:
keyid:C3:43:B3:BB:83:A7:E2:3F:AD:95:AF:8D:23:2B:52:05:2A:0F:DE:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C66B7/66CDA4E8911611EA91C4650CC4F9AE02/w0Ozu4On4j-tla-NIytSBSoP3nI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/w0Ozu4On4j-tla-NIytSBSoP3nI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C66B7/66CDA4E8911611EA91C4650CC4F9AE02/023564E6D5BE11ECA8BE4666C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.150.208.0/23
Signature Algorithm: sha256WithRSAEncryption
44:c7:02:c1:c9:6b:f3:53:77:2c:2e:9f:e8:ad:fb:78:d4:d8:
2d:ff:91:3f:21:4b:05:e8:06:75:47:88:32:2d:6c:7d:fc:2f:
8b:69:e0:15:dc:8f:6b:47:eb:ee:49:74:46:7a:36:78:37:2f:
3a:8f:4e:b4:84:bf:0c:db:cf:71:61:8b:ae:f6:81:b8:a2:af:
27:f3:a3:2a:ac:fc:e9:8a:0e:3b:f3:bf:8f:3d:6c:10:c9:2d:
6d:f4:32:02:1b:ab:9e:5e:a5:a0:44:57:e6:c0:e5:82:40:a6:
e5:19:3c:77:35:b4:7a:2d:e3:ef:18:e3:7d:1a:6c:f4:7c:19:
f3:38:93:58:31:04:56:23:98:2f:e5:ab:29:e9:0c:69:6f:a8:
2c:71:a2:d5:8f:b4:bb:50:e8:8f:ec:1c:75:5b:84:59:1e:79:
66:8a:fd:43:de:6b:f8:21:69:5b:e1:aa:9c:19:96:80:7e:4d:
32:ec:6c:86:9d:2d:8e:dc:8c:f0:01:67:24:37:7d:33:bc:f5:
ae:cf:62:0d:6b:50:b7:1d:2a:72:a9:73:9d:2c:be:fd:cc:00:
1b:52:f6:62:5f:54:fe:8b:aa:d1:53:b5:2e:2d:69:ed:ea:73:
42:9d:b9:6a:b0:43:32:c3:3f:d0:24:81:1d:99:0e:b8:81:d9:
00:cf:4e:0b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY2QjcxMTAvBgNVBAUTKEMzNDNCM0JCODNBN0UyM0ZBRDk1QUY4RDIzMkI1MjA1
MkEwRkRFNzIwHhcNMjQwNjE0MjIxODMyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZjYzFiOC1kZjZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA780Khxs5s8tKPu80AFAICZCtagAdmzJ1LCXIRhCePkIwIxlG/wmNH86ydJ2U
FHUtjSjMIcF1SuHsqiMY/5HBvYOt5D9ConGSpYt6DwcQYhGTArFNLHJitKWVTipe
WE5IpFp0tq1V9zK1PHtdR7Jc3go7fLDdGgiP7Oo59b1/mXsE1XXIiikoabtzvt2x
Af4OQ+SD+XHJGDlaptDykv0cU3ZvElv0YC8kU3nKUDm/YxsaI1OEdS4P2HxCPhC1
fi9DjV0Uz0iH8Ppxu+al1A2s+k4NxT0Wj2ijf3q1uAhCjDPaFoLTfe2IPfe0ECGI
GQoAvZhQZqAiwB62ieo/+Yd/qwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNlzyTak
NxhbUDLMyNEsvvFjw0qOMB8GA1UdIwQYMBaAFMNDs7uDp+I/rZWvjSMrUgUqD95y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjZCNy82NkNEQTRFODkx
MTYxMUVBOTFDNDY1MENDNEY5QUUwMi93ME96dTRPbjRqLXRsYS1OSXl0U0JTb1Az
bkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3cwT3p1NE9uNGotdGxhLU5JeXRTQlNvUDNuSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY2QjcvNjZDREE0RTg5MTE2MTFFQTkxQzQ2NTBDQzRGOUFFMDIvMDIzNTY0RTZE
NUJFMTFFQ0E4QkU0NjY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnltAwDQYJKoZIhvcNAQELBQADggEBAETHAsHJa/NTdywu
n+it+3jU2C3/kT8hSwXoBnVHiDItbH38L4tp4BXcj2tH6+5JdEZ6Nng3LzqPTrSE
vwzbz3Fhi672gbiiryfzoyqs/OmKDjvzv489bBDJLW30MgIbq55epaBEV+bA5YJA
puUZPHc1tHot4+8Y430abPR8GfM4k1gxBFYjmC/lqynpDGlvqCxxotWPtLtQ6I/s
HHVbhFkeeWaK/UPea/ghaVvhqpwZloB+TTLsbIadLY7cjPABZyQ3fTO89a7PYg1r
ULcdKnKpc50svv3MABtS9mJfVP6LqtFTtS4tae3qc0KduWqwQzLDP9AkgR2ZDriB
2QDPTgs=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:20:13 2025 by rpki-client