Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F98D7/8621AE62A87111EFAEA1C831C4F9AE02/D1E8FCF6A87111EF96B74932C4F9AE02.roa
File: D1E8FCF6A87111EF96B74932C4F9AE02.roa (raw, json)
Hash identifier: Xemib6M0bFmPitrdt7WaDoKR6Tv2ExfXIfUVNhoPhD8=
Subject key identifier: 1A:FA:15:C5:13:1C:DA:AF:70:F2:0D:6C:1D:B6:C2:B6:4A:8E:75:2D
Certificate issuer: /CN=A91F98D7/serialNumber=2628E6A894CDFC9373F3DB9CFCFBC5143FFA2A3E
Certificate serial: 08
Authority key identifier: 26:28:E6:A8:94:CD:FC:93:73:F3:DB:9C:FC:FB:C5:14:3F:FA:2A:3E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JijmqJTN_JNz89uc_PvFFD_6Kj4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F98D7/8621AE62A87111EFAEA1C831C4F9AE02/D1E8FCF6A87111EF96B74932C4F9AE02.roa
Signing time: Sun 24 Nov 2024 21:54:54 +0000
ROA not before: Sun 24 Nov 2024 21:54:54 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 140097
IP address blocks: 103.148.126.0/24 maxlen: 24
103.164.82.0/24 maxlen: 24
2001:df2:d480::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F98D7/serialNumber=2628E6A894CDFC9373F3DB9CFCFBC5143FFA2A3E
Validity
Not Before: Nov 24 21:54:54 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6743a0ad-86a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:1e:62:1c:cd:e5:b0:ad:a4:0b:54:17:5c:7f:
64:f3:31:38:04:4b:df:a9:b8:b7:af:f5:db:da:8d:
23:b6:d3:d7:56:42:de:d2:46:31:0b:6c:f0:b0:ce:
43:ff:95:d6:12:48:84:e4:a3:d5:00:3b:88:0a:65:
67:fe:ba:0c:31:0d:7b:c7:14:e8:a1:6e:b5:4e:d3:
f8:6a:c0:da:82:e5:3c:95:42:b2:97:fa:a3:90:1f:
67:06:b8:c2:57:b6:36:4c:90:2c:1e:5d:3c:61:6c:
d1:cc:c9:5e:06:ac:30:c2:7e:63:b1:7e:d7:f5:07:
18:fb:d5:f6:bd:0c:71:2a:1f:c1:5a:13:33:ac:cb:
9f:42:28:aa:48:ec:61:4e:b1:42:b6:f4:77:63:43:
ac:57:2a:ec:88:18:2e:e3:d6:2b:f1:aa:b6:dc:f7:
6b:26:51:4e:3f:f0:5a:81:bf:fa:ac:a0:9f:49:fa:
cd:11:5b:07:bc:1b:12:15:a0:76:98:44:79:e8:7c:
4d:6a:1d:60:df:4b:cf:f6:0e:e2:81:8f:b1:e2:f3:
3a:2e:86:44:72:20:ad:9f:8e:50:a3:a0:99:ed:f5:
8f:2b:7e:33:2d:21:b3:a7:1c:3d:5f:31:98:5a:fc:
3b:af:81:62:ed:7c:79:ca:7f:c5:e5:48:25:ea:77:
30:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FA:15:C5:13:1C:DA:AF:70:F2:0D:6C:1D:B6:C2:B6:4A:8E:75:2D
X509v3 Authority Key Identifier:
keyid:26:28:E6:A8:94:CD:FC:93:73:F3:DB:9C:FC:FB:C5:14:3F:FA:2A:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F98D7/8621AE62A87111EFAEA1C831C4F9AE02/JijmqJTN_JNz89uc_PvFFD_6Kj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JijmqJTN_JNz89uc_PvFFD_6Kj4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F98D7/8621AE62A87111EFAEA1C831C4F9AE02/D1E8FCF6A87111EF96B74932C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.126.0/24
103.164.82.0/24
IPv6:
2001:df2:d480::/48
Signature Algorithm: sha256WithRSAEncryption
73:bd:9e:87:31:04:e9:e9:1f:9a:58:2f:d1:8c:9a:c4:a1:e9:
45:f5:cf:9a:6b:ee:02:31:2d:a7:19:06:2d:4c:1e:fd:4d:f1:
07:1b:3f:29:24:09:24:d0:56:d8:47:d4:b6:6b:91:f7:40:ff:
8d:6c:22:d6:7e:b4:68:41:d9:01:f5:48:1c:41:b4:41:77:7a:
74:df:f8:4b:02:a9:fa:e1:19:9d:eb:a0:32:f7:12:d2:74:35:
43:7b:41:b6:a9:4f:90:66:8c:4a:70:79:8a:74:74:ba:c8:b0:
c2:2f:04:cd:d3:be:91:62:b9:27:57:54:96:69:24:0f:ca:be:
cb:cd:00:8f:65:77:5d:4f:07:61:c3:c7:65:2b:07:91:3e:7d:
8d:40:f1:63:d8:5b:75:53:2f:58:77:5f:f8:7a:97:5d:cb:e0:
18:cd:12:23:8b:5e:6f:f7:8e:33:8a:0b:da:46:56:7c:2f:26:
96:0c:8d:47:59:6f:8e:c5:13:a0:22:88:64:73:58:fd:9b:fa:
0d:28:42:4c:49:d4:1f:70:3f:67:6d:ea:a6:96:a8:bf:8d:e7:
7e:28:54:35:61:d3:bd:c7:34:f4:cb:79:d7:63:7a:d1:09:75:
4b:18:8f:7f:28:20:5b:34:50:22:3c:59:20:34:11:79:83:ba:
da:f3:99:06
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
OThENzExMC8GA1UEBRMoMjYyOEU2QTg5NENERkM5MzczRjNEQjlDRkNGQkM1MTQz
RkZBMkEzRTAeFw0yNDExMjQyMTU0NTRaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NDNhMGFkLTg2YTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDmHmIczeWwraQLVBdcf2TzMTgES9+puLev9dvajSO209dWQt7SRjELbPCwzkP/
ldYSSITko9UAO4gKZWf+ugwxDXvHFOihbrVO0/hqwNqC5TyVQrKX+qOQH2cGuMJX
tjZMkCweXTxhbNHMyV4GrDDCfmOxftf1Bxj71fa9DHEqH8FaEzOsy59CKKpI7GFO
sUK29HdjQ6xXKuyIGC7j1ivxqrbc92smUU4/8FqBv/qsoJ9J+s0RWwe8GxIVoHaY
RHnofE1qHWDfS8/2DuKBj7Hi8zouhkRyIK2fjlCjoJnt9Y8rfjMtIbOnHD1fMZha
/DuvgWLtfHnKf8XlSCXqdzC7AgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUGvoVxRMc
2q9w8g1sHbbCtkqOdS0wHwYDVR0jBBgwFoAUJijmqJTN/JNz89uc/PvFFD/6Kj4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY5OEQ3Lzg2MjFBRTYyQTg3
MTExRUZBRUExQzgzMUM0RjlBRTAyL0ppam1xSlROX0pOejg5dWNfUHZGRkRfNktq
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSmlqbXFKVE5fSk56ODl1Y19QdkZGRF82S2o0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
OThENy84NjIxQUU2MkE4NzExMUVGQUVBMUM4MzFDNEY5QUUwMi9EMUU4RkNGNkE4
NzExMUVGOTZCNzQ5MzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn
MCUwEgQCAAEwDAMEAGeUfgMEAGekUjAPBAIAAjAJAwcAIAEN8tSAMA0GCSqGSIb3
DQEBCwUAA4IBAQBzvZ6HMQTp6R+aWC/RjJrEoelF9c+aa+4CMS2nGQYtTB79TfEH
Gz8pJAkk0FbYR9S2a5H3QP+NbCLWfrRoQdkB9UgcQbRBd3p03/hLAqn64Rmd66Ay
9xLSdDVDe0G2qU+QZoxKcHmKdHS6yLDCLwTN076RYrknV1SWaSQPyr7LzQCPZXdd
Twdhw8dlKweRPn2NQPFj2Ft1Uy9Yd1/4epddy+AYzRIji15v944zigvaRlZ8LyaW
DI1HWW+OxROgIohkc1j9m/oNKEJMSdQfcD9nbeqmlqi/jed+KFQ1YdO9xzT0y3nX
Y3rRCXVLGI9/KCBbNFAiPFkgNBF5g7ra85kG
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:40:51 2025 by rpki-client