Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91809AD/656DD26AA76811E89333C725C4F9AE02/3DCB68C8699A11ED98B1CA19C4F9AE02.roa
File: 3DCB68C8699A11ED98B1CA19C4F9AE02.roa (raw, json)
Hash identifier: EMxh9mXszS9vUmp8B+kBVGYwqu9eqMP+dVDC6HJelfk=
Subject key identifier: DA:27:AE:FD:79:A8:5D:22:12:CF:11:15:D2:29:35:4A:3F:AE:0F:CF
Certificate issuer: /CN=A91809AD/serialNumber=6D7C226A7DCB85F2F49216B7EBB00D5F03A605C3
Certificate serial: 12B5
Authority key identifier: 6D:7C:22:6A:7D:CB:85:F2:F4:92:16:B7:EB:B0:0D:5F:03:A6:05:C3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bXwian3LhfL0kha367ANXwOmBcM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91809AD/656DD26AA76811E89333C725C4F9AE02/3DCB68C8699A11ED98B1CA19C4F9AE02.roa
Signing time: Thu 04 Jul 2024 17:35:01 +0000
ROA not before: Thu 04 Jul 2024 17:35:01 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 138039
IP address blocks: 103.120.116.0/24 maxlen: 24
103.120.118.0/24 maxlen: 24
103.120.119.0/24 maxlen: 24
2407:1840::/32 maxlen: 32
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4789 (0x12b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91809AD/serialNumber=6D7C226A7DCB85F2F49216B7EBB00D5F03A605C3
Validity
Not Before: Jul 4 17:35:01 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6686dd45-3885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ea:12:6e:82:11:c8:0f:a3:36:46:35:ec:ed:
09:ea:ca:b5:a2:ed:95:e0:46:55:4d:d3:83:1a:03:
e7:1d:14:4e:ab:c9:b6:07:8d:49:9f:fa:84:73:92:
c3:51:48:1c:8e:a6:f4:84:c2:4d:87:48:4d:a8:83:
94:74:39:02:f8:85:fe:6a:57:be:6f:c9:53:9a:d7:
e6:0f:b7:f0:4d:19:c2:b0:13:d4:f4:0e:32:51:29:
d4:d9:bc:90:22:d3:f2:db:d3:dd:6a:32:ad:6d:46:
d2:90:af:66:53:17:1b:25:d0:08:9c:0f:2a:0b:15:
67:3b:b7:d7:67:88:d5:f3:70:70:47:fb:aa:d0:cf:
fb:86:41:0f:6e:97:8b:0d:6c:fb:91:72:c0:b0:a7:
63:34:f4:27:a4:dd:78:8c:cf:4e:a1:d1:0a:a3:b5:
d1:c5:af:1a:63:7f:0b:21:19:87:f0:c6:e4:e3:f1:
9b:12:b8:83:1d:ad:79:0c:3e:d1:77:a8:5c:52:69:
5c:73:1d:9c:76:1d:b7:7b:f4:92:b2:a4:ff:be:b7:
92:6b:b2:30:d4:32:8f:8a:ec:cd:30:60:ac:26:2f:
12:bc:b3:a6:52:1c:1c:aa:c2:bd:58:91:c9:37:02:
7e:33:ca:30:e9:34:c7:a0:dd:a5:04:08:c0:bb:84:
48:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:27:AE:FD:79:A8:5D:22:12:CF:11:15:D2:29:35:4A:3F:AE:0F:CF
X509v3 Authority Key Identifier:
keyid:6D:7C:22:6A:7D:CB:85:F2:F4:92:16:B7:EB:B0:0D:5F:03:A6:05:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91809AD/656DD26AA76811E89333C725C4F9AE02/bXwian3LhfL0kha367ANXwOmBcM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bXwian3LhfL0kha367ANXwOmBcM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91809AD/656DD26AA76811E89333C725C4F9AE02/3DCB68C8699A11ED98B1CA19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.116.0/24
103.120.118.0/23
IPv6:
2407:1840::/32
Signature Algorithm: sha256WithRSAEncryption
39:0f:fe:ac:cb:d3:b2:ed:55:50:cd:9e:16:ef:78:d8:5d:d0:
00:91:f4:02:75:c2:41:6a:80:3a:ae:8c:b6:ed:80:ff:73:45:
3b:24:ce:81:32:18:60:f0:86:11:3b:8c:2f:c3:fd:30:2a:d9:
7a:fb:38:d8:f6:bb:34:2b:ab:33:ac:be:76:8b:b9:7d:52:f5:
4f:12:1a:88:14:bb:52:8a:ad:3c:9d:04:d4:fb:7c:a5:a1:78:
f3:31:17:c3:89:bf:26:48:56:e9:7c:d2:ad:80:49:16:90:e3:
24:60:3b:aa:bf:12:17:33:a5:06:63:5e:ca:06:27:28:9c:40:
af:db:ee:d5:f7:28:21:58:19:d9:9d:de:95:d2:ee:2f:01:c3:
a4:05:d5:5c:93:60:c4:98:d2:78:b1:58:83:3c:6c:0b:84:70:
10:6f:cf:7b:28:3b:b3:d4:f3:e7:1e:36:35:cb:ec:8e:ec:16:
35:a1:a1:41:1d:72:2f:86:12:7c:0a:d9:4f:cb:33:17:ba:78:
42:88:5e:f8:b0:6d:a7:a8:7a:4f:b8:49:84:98:2a:ae:b8:b3:
6f:70:cc:06:f1:61:54:96:ae:7b:d4:39:dc:65:18:d4:df:8d:
1a:57:c4:d6:91:b4:85:99:20:0f:56:5f:06:9b:35:e4:13:fa:
bb:21:9c:23
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICErUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODA5QUQxMTAvBgNVBAUTKDZEN0MyMjZBN0RDQjg1RjJGNDkyMTZCN0VCQjAwRDVG
MDNBNjA1QzMwHhcNMjQwNzA0MTczNTAxWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg2ZGQ0NS0zODg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAleoSboIRyA+jNkY17O0J6sq1ou2V4EZVTdODGgPnHRROq8m2B41Jn/qEc5LD
UUgcjqb0hMJNh0hNqIOUdDkC+IX+ale+b8lTmtfmD7fwTRnCsBPU9A4yUSnU2byQ
ItPy29PdajKtbUbSkK9mUxcbJdAInA8qCxVnO7fXZ4jV83BwR/uq0M/7hkEPbpeL
DWz7kXLAsKdjNPQnpN14jM9OodEKo7XRxa8aY38LIRmH8Mbk4/GbEriDHa15DD7R
d6hcUmlccx2cdh23e/SSsqT/vreSa7Iw1DKPiuzNMGCsJi8SvLOmUhwcqsK9WJHJ
NwJ+M8ow6TTHoN2lBAjAu4RI1QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNonrv15
qF0iEs8RFdIpNUo/rg/PMB8GA1UdIwQYMBaAFG18Imp9y4Xy9JIWt+uwDV8DpgXD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDlBRC82NTZERDI2QUE3
NjgxMUU4OTMzM0M3MjVDNEY5QUUwMi9iWHdpYW4zTGhmTDBraGEzNjdBTlh3T21C
Y00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JYd2lhbjNMaGZMMGtoYTM2N0FOWHdPbUJjTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODA5QUQvNjU2REQyNkFBNzY4MTFFODkzMzNDNzI1QzRGOUFFMDIvM0RDQjY4Qzg2
OTlBMTFFRDk4QjFDQTE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABneHQDBAFneHYwDQQCAAIwBwMFACQHGEAwDQYJKoZIhvcN
AQELBQADggEBADkP/qzL07LtVVDNnhbveNhd0ACR9AJ1wkFqgDqujLbtgP9zRTsk
zoEyGGDwhhE7jC/D/TAq2Xr7ONj2uzQrqzOsvnaLuX1S9U8SGogUu1KKrTydBNT7
fKWhePMxF8OJvyZIVul80q2ASRaQ4yRgO6q/EhczpQZjXsoGJyicQK/b7tX3KCFY
Gdmd3pXS7i8Bw6QF1VyTYMSY0nixWIM8bAuEcBBvz3soO7PU8+ceNjXL7I7sFjWh
oUEdci+GEnwK2U/LMxe6eEKIXviwbaeoek+4SYSYKq64s29wzAbxYVSWrnvUOdxl
GNTfjRpXxNaRtIWZIA9WXwabNeQT+rshnCM=
-----END CERTIFICATE-----
Generated at Fri Nov 8 03:31:32 2024 by rpki-client on console.sobornost.net