Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC979/ED633E865FD911EBA30EE37BC4F9AE02/956449BEFBF411EDBEAD0A26C4F9AE02.roa
File: 956449BEFBF411EDBEAD0A26C4F9AE02.roa (raw, json)
Hash identifier: DKHDOAj7+AXAvfjvZlh+voUSgeSh4L2VBg+pbuzzE70=
Subject key identifier: 14:F5:FA:72:06:38:47:75:A3:F7:D7:0C:75:6C:DC:25:7B:F5:6A:D4
Certificate issuer: /CN=A91EC979/serialNumber=86B2B1D1E782448B84F69818F16A1F707B54C86C
Certificate serial: 0605
Authority key identifier: 86:B2:B1:D1:E7:82:44:8B:84:F6:98:18:F1:6A:1F:70:7B:54:C8:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hrKx0eeCRIuE9pgY8WofcHtUyGw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EC979/ED633E865FD911EBA30EE37BC4F9AE02/956449BEFBF411EDBEAD0A26C4F9AE02.roa
Signing time: Wed 01 May 2024 00:32:59 +0000
ROA not before: Wed 01 May 2024 00:32:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139282
IP address blocks: 103.136.104.0/22 maxlen: 23
103.136.104.0/23 maxlen: 24
103.136.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1541 (0x605)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EC979/serialNumber=86B2B1D1E782448B84F69818F16A1F707B54C86C
Validity
Not Before: May 1 00:32:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66318dbb-7a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ab:e6:cc:dc:25:c5:cc:cc:6d:1a:ed:b8:e8:
d9:c0:91:c9:93:a5:c1:03:29:29:f4:3e:06:ce:02:
d0:3f:7e:1e:32:49:62:8b:d8:8c:9b:49:8d:3e:55:
9c:ad:63:f3:60:1b:7b:ec:76:d1:db:80:4d:6e:3e:
84:6e:4d:bf:61:0d:18:d7:b2:2a:25:63:aa:62:1e:
2d:04:85:40:1c:67:68:27:61:7b:ac:9b:12:bf:8f:
8d:cf:b3:99:8c:0c:cd:11:54:01:37:14:ce:89:a0:
85:56:72:a7:c3:b1:da:4a:92:49:cf:e9:21:91:65:
d3:41:e6:9b:69:0d:f6:0d:bc:20:04:d6:32:ea:f7:
ee:31:d5:3b:d9:af:a4:a5:a0:c0:f0:fd:7f:d5:29:
ab:6e:d9:89:df:53:69:b8:3a:f7:03:04:12:05:2f:
b0:41:f7:61:76:6e:ff:53:70:52:5d:c6:5a:d8:5f:
2b:59:85:86:65:ee:2c:6c:87:74:62:b8:e2:60:64:
f1:31:fc:fe:7f:3a:b6:35:44:b9:24:d2:c5:f0:7a:
d2:1f:29:e1:80:3a:92:bb:e3:ae:b4:31:cd:15:1e:
79:25:15:4f:20:52:46:9a:5b:f3:2c:1e:77:4a:54:
da:91:d0:95:a8:11:8f:54:9e:84:76:60:e7:7c:73:
b9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:F5:FA:72:06:38:47:75:A3:F7:D7:0C:75:6C:DC:25:7B:F5:6A:D4
X509v3 Authority Key Identifier:
keyid:86:B2:B1:D1:E7:82:44:8B:84:F6:98:18:F1:6A:1F:70:7B:54:C8:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EC979/ED633E865FD911EBA30EE37BC4F9AE02/hrKx0eeCRIuE9pgY8WofcHtUyGw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hrKx0eeCRIuE9pgY8WofcHtUyGw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC979/ED633E865FD911EBA30EE37BC4F9AE02/956449BEFBF411EDBEAD0A26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.104.0/22
Signature Algorithm: sha256WithRSAEncryption
06:81:a9:89:83:75:5d:7e:5c:4a:d9:cb:fc:92:07:bc:bc:5d:
ba:d0:4c:6d:bf:8e:75:7f:ad:3b:66:e9:0e:18:d5:12:44:eb:
d8:2b:6c:0a:b2:35:69:c7:61:6f:1c:e9:8a:53:8c:21:7c:bc:
73:65:d1:00:e4:79:4a:6d:a6:6f:1c:b5:5e:d7:ab:ba:8d:33:
74:5c:04:df:ae:24:68:0c:bd:bf:a2:78:c3:d5:36:de:46:f9:
ec:4e:6f:e8:7d:6d:84:6e:54:3b:24:3d:8c:84:d8:77:6b:c9:
d1:4c:1d:5e:19:87:ee:c6:1e:34:49:96:0f:d1:af:83:25:0e:
f2:61:a9:1e:06:1b:7b:21:19:42:b9:3f:c6:8b:3b:42:af:c2:
91:45:1d:79:0c:2a:32:f7:3c:7a:2a:ef:1d:2f:52:51:57:dc:
f7:4d:ca:d6:82:12:ae:c0:a3:63:b5:0c:12:a0:50:f3:e1:f9:
00:cc:17:cc:2d:d5:fd:f6:5c:5d:69:22:e1:00:e7:cf:38:64:
a5:bc:5e:7a:b5:60:0c:fc:67:74:85:8d:32:e7:36:d9:ba:51:
d4:0d:5a:3a:82:69:8c:0c:82:6e:a4:56:ed:96:1f:68:78:b8:
03:2f:ca:68:13:c9:90:59:d1:e7:da:00:c2:a8:94:c7:42:3b:
47:93:0d:aa
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBgUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUM5NzkxMTAvBgNVBAUTKDg2QjJCMUQxRTc4MjQ0OEI4NEY2OTgxOEYxNkExRjcw
N0I1NEM4NkMwHhcNMjQwNTAxMDAzMjU5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxOGRiYi03YTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwKvmzNwlxczMbRrtuOjZwJHJk6XBAykp9D4GzgLQP34eMklii9iMm0mNPlWc
rWPzYBt77HbR24BNbj6Ebk2/YQ0Y17IqJWOqYh4tBIVAHGdoJ2F7rJsSv4+Nz7OZ
jAzNEVQBNxTOiaCFVnKnw7HaSpJJz+khkWXTQeabaQ32DbwgBNYy6vfuMdU72a+k
paDA8P1/1SmrbtmJ31NpuDr3AwQSBS+wQfdhdm7/U3BSXcZa2F8rWYWGZe4sbId0
YrjiYGTxMfz+fzq2NUS5JNLF8HrSHynhgDqSu+OutDHNFR55JRVPIFJGmlvzLB53
SlTakdCVqBGPVJ6EdmDnfHO5wwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBT1+nIG
OEd1o/fXDHVs3CV79WrUMB8GA1UdIwQYMBaAFIaysdHngkSLhPaYGPFqH3B7VMhs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQzk3OS9FRDYzM0U4NjVG
RDkxMUVCQTMwRUUzN0JDNEY5QUUwMi9ockt4MGVlQ1JJdUU5cGdZOFdvZmNIdFV5
R3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hyS3gwZWVDUkl1RTlwZ1k4V29mY0h0VXlHdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUM5NzkvRUQ2MzNFODY1RkQ5MTFFQkEzMEVFMzdCQzRGOUFFMDIvOTU2NDQ5QkVG
QkY0MTFFREJFQUQwQTI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJniGgwDQYJKoZIhvcNAQELBQADggEBAAaBqYmDdV1+XErZ
y/ySB7y8XbrQTG2/jnV/rTtm6Q4Y1RJE69grbAqyNWnHYW8c6YpTjCF8vHNl0QDk
eUptpm8ctV7Xq7qNM3RcBN+uJGgMvb+ieMPVNt5G+exOb+h9bYRuVDskPYyE2Hdr
ydFMHV4Zh+7GHjRJlg/Rr4MlDvJhqR4GG3shGUK5P8aLO0KvwpFFHXkMKjL3PHoq
7x0vUlFX3PdNytaCEq7Ao2O1DBKgUPPh+QDMF8wt1f32XF1pIuEA5884ZKW8Xnq1
YAz8Z3SFjTLnNtm6UdQNWjqCaYwMgm6kVu2WH2h4uAMvymgTyZBZ0efaAMKolMdC
O0eTDao=
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:04:24 2025 by rpki-client