Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/A3E3640816B711ECBD752D47C4F9AE02.roa
File: A3E3640816B711ECBD752D47C4F9AE02.roa (raw, json)
Hash identifier: c9XW6vjr9ZRxN55xmeXFihDxkfyhr1D0e4wxYGC5e+I=
Subject key identifier: CB:86:93:D9:D4:5C:18:02:46:1C:8B:67:8D:EF:BD:2C:15:23:95:0C
Certificate issuer: /CN=A91D891D/serialNumber=41D268C5113EF3ED7B173B780E017ED3FE8555F7
Certificate serial: 0463
Authority key identifier: 41:D2:68:C5:11:3E:F3:ED:7B:17:3B:78:0E:01:7E:D3:FE:85:55:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QdJoxRE-8-17Fzt4DgF-0_6FVfc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/A3E3640816B711ECBD752D47C4F9AE02.roa
Signing time: Wed 24 Jul 2024 22:41:10 +0000
ROA not before: Wed 24 Jul 2024 22:41:10 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 63916
IP address blocks: 103.113.156.0/22 maxlen: 22
103.113.156.0/24 maxlen: 24
103.113.157.0/24 maxlen: 24
103.113.158.0/24 maxlen: 24
103.113.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1123 (0x463)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D891D/serialNumber=41D268C5113EF3ED7B173B780E017ED3FE8555F7
Validity
Not Before: Jul 24 22:41:10 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66a18305-60ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5a:d0:88:91:be:fd:b5:d9:19:fe:b7:1c:55:
a3:c9:33:00:3b:fe:94:76:cf:b6:40:64:f7:77:9c:
b7:0b:d1:6d:b1:54:57:84:d5:59:3c:84:23:63:34:
87:e0:08:01:cc:c2:f6:c1:a4:0e:79:c9:ae:47:ce:
c1:7b:8e:9e:7d:60:c2:69:f2:34:0f:51:ef:57:ca:
89:9c:4d:8d:cf:e9:69:f9:be:c6:fa:69:d0:64:17:
04:13:de:96:5e:9a:31:f7:18:d8:50:5d:70:68:e9:
57:45:c0:97:c7:2d:48:bc:43:62:c7:90:82:36:1f:
fc:31:c8:18:84:31:69:c4:37:f4:3c:12:ba:7a:73:
71:26:5f:12:f2:a5:17:99:9f:4b:f1:f5:33:96:d4:
9c:11:cc:69:b1:cd:af:3c:d2:06:d3:cc:b2:0f:74:
34:0f:7c:af:c5:de:e7:9b:54:75:ff:39:d5:db:ce:
81:cb:6c:2f:8b:dc:a2:fa:dc:5a:70:5b:c4:ba:4b:
77:98:ca:d0:68:07:e6:5f:37:f3:2b:29:3f:5d:b3:
08:16:40:6f:12:58:8d:86:26:87:5a:91:62:7f:1e:
fa:de:35:ca:0b:c6:08:2d:15:df:6c:1e:8f:98:6c:
dc:21:f1:8b:ce:ce:1c:18:7e:1f:cd:cc:5f:34:1b:
f9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:86:93:D9:D4:5C:18:02:46:1C:8B:67:8D:EF:BD:2C:15:23:95:0C
X509v3 Authority Key Identifier:
keyid:41:D2:68:C5:11:3E:F3:ED:7B:17:3B:78:0E:01:7E:D3:FE:85:55:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/QdJoxRE-8-17Fzt4DgF-0_6FVfc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QdJoxRE-8-17Fzt4DgF-0_6FVfc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/A3E3640816B711ECBD752D47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.113.156.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:ce:cf:6a:70:5c:f2:d2:82:22:fc:f1:89:8c:e3:18:c2:5b:
16:d8:4d:22:29:18:1f:af:e0:20:ae:d6:f2:9c:62:fb:6d:85:
26:5f:92:4a:1b:e4:09:cc:8a:77:e9:ae:41:fc:c9:87:e0:f5:
ef:dc:43:79:96:a7:2c:6f:87:07:bd:b2:1c:44:bd:20:91:0c:
0f:2e:97:59:76:c9:1f:94:ee:53:00:a6:be:65:46:d0:cd:ee:
85:71:ff:5f:7f:73:18:79:29:a5:2a:04:be:b8:95:df:65:c8:
0b:81:10:09:a3:d9:44:54:75:5a:1c:3c:44:a7:1c:d6:af:9d:
83:8d:9b:55:d4:07:bc:58:3f:4c:89:94:c3:61:66:5c:ff:35:
83:49:41:e2:7a:11:12:f7:6e:6b:c0:e9:3a:2b:51:ef:32:a0:
19:42:f2:c9:5d:e8:e4:f1:b5:c3:74:1d:24:be:12:fc:e5:66:
20:0c:15:e5:49:ce:55:19:dd:4c:c7:9d:4d:eb:d9:df:d8:e9:
e5:30:ad:83:22:f3:9a:db:63:29:4c:a4:04:e4:b1:18:e7:3c:
52:83:91:d3:37:35:31:85:f0:88:1c:c1:1e:bb:20:8f:29:94:
17:44:28:ab:5c:a4:23:a2:03:0d:24:5f:c1:5c:20:83:3b:55:
13:bc:a6:1c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBGMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDg5MUQxMTAvBgNVBAUTKDQxRDI2OEM1MTEzRUYzRUQ3QjE3M0I3ODBFMDE3RUQz
RkU4NTU1RjcwHhcNMjQwNzI0MjI0MTEwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmExODMwNS02MGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxlrQiJG+/bXZGf63HFWjyTMAO/6Uds+2QGT3d5y3C9FtsVRXhNVZPIQjYzSH
4AgBzML2waQOecmuR87Be46efWDCafI0D1HvV8qJnE2Nz+lp+b7G+mnQZBcEE96W
Xpox9xjYUF1waOlXRcCXxy1IvENix5CCNh/8McgYhDFpxDf0PBK6enNxJl8S8qUX
mZ9L8fUzltScEcxpsc2vPNIG08yyD3Q0D3yvxd7nm1R1/znV286By2wvi9yi+txa
cFvEukt3mMrQaAfmXzfzKyk/XbMIFkBvEliNhiaHWpFifx763jXKC8YILRXfbB6P
mGzcIfGLzs4cGH4fzcxfNBv5rwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMuGk9nU
XBgCRhyLZ43vvSwVI5UMMB8GA1UdIwQYMBaAFEHSaMURPvPtexc7eA4BftP+hVX3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODkxRC8zODFBOEYyQTFD
QzIxMUVCODJCNTcxNzhDNEY5QUUwMi9RZEpveFJFLTgtMTdGenQ0RGdGLTBfNkZW
ZmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FkSm94UkUtOC0xN0Z6dDREZ0YtMF82RlZmYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDg5MUQvMzgxQThGMkExQ0MyMTFFQjgyQjU3MTc4QzRGOUFFMDIvQTNFMzY0MDgx
NkI3MTFFQ0JENzUyRDQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJncZwwDQYJKoZIhvcNAQELBQADggEBALLOz2pwXPLSgiL8
8YmM4xjCWxbYTSIpGB+v4CCu1vKcYvtthSZfkkob5AnMinfprkH8yYfg9e/cQ3mW
pyxvhwe9shxEvSCRDA8ul1l2yR+U7lMApr5lRtDN7oVx/19/cxh5KaUqBL64ld9l
yAuBEAmj2URUdVocPESnHNavnYONm1XUB7xYP0yJlMNhZlz/NYNJQeJ6ERL3bmvA
6TorUe8yoBlC8sld6OTxtcN0HSS+EvzlZiAMFeVJzlUZ3UzHnU3r2d/Y6eUwrYMi
85rbYylMpATksRjnPFKDkdM3NTGF8IgcwR67II8plBdEKKtcpCOiAw0kX8FcIIM7
VRO8phw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:40:33 2025 by rpki-client