Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9127898/2069F5FCFC0D11EBAE95147BC4F9AE02/BFD5DDF0D95311EF9B045445C4F9AE02.roa
File: BFD5DDF0D95311EF9B045445C4F9AE02.roa (raw, json)
Hash identifier: NuePwUu7Occ0Tde/bvFp6a3gL4F+3HyOZoWD7KVLHGI=
Subject key identifier: 0C:64:18:05:2C:27:EA:8D:41:A8:E7:40:A9:88:25:C9:60:98:BA:08
Certificate issuer: /CN=A9127898/serialNumber=95655EE72E177A02096C0CB60676AA1E669AE7E0
Certificate serial: 011B
Authority key identifier: 95:65:5E:E7:2E:17:7A:02:09:6C:0C:B6:06:76:AA:1E:66:9A:E7:E0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lWVe5y4XegIJbAy2BnaqHmaa5-A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9127898/2069F5FCFC0D11EBAE95147BC4F9AE02/BFD5DDF0D95311EF9B045445C4F9AE02.roa
Signing time: Thu 23 Jan 2025 06:32:52 +0000
ROA not before: Thu 23 Jan 2025 06:32:52 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 137059
IP address blocks: 103.171.142.0/23 maxlen: 23
103.171.142.0/24 maxlen: 24
103.171.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 283 (0x11b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9127898/serialNumber=95655EE72E177A02096C0CB60676AA1E669AE7E0
Validity
Not Before: Jan 23 06:32:52 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6791e293-5b07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7a:dd:1f:a8:4a:af:83:e6:f5:12:da:80:35:
cb:3c:35:8e:1e:3f:b7:03:c6:30:ee:f4:48:e7:d9:
ec:cc:6e:9e:a0:a6:6f:d1:1a:e5:cc:7e:c1:de:e5:
f3:43:f1:82:81:fa:0b:6a:25:f9:59:06:99:ad:a3:
90:ae:61:49:18:b5:8f:91:fc:c0:8c:7d:e2:f8:6e:
a0:bc:6a:b2:a8:35:62:86:3f:c2:75:26:9d:c3:a4:
19:17:e8:6c:c9:d9:11:6d:8f:33:70:dd:db:f7:de:
d4:7b:52:4a:a5:90:ae:d7:89:57:de:f7:f7:f7:79:
c1:27:24:7d:7a:7a:20:d8:e4:55:71:87:11:aa:68:
c2:9c:c9:e3:4c:c5:62:17:78:34:70:a5:2f:06:05:
e6:96:4a:1b:d7:d8:06:e0:ce:34:8b:d6:b3:45:31:
ef:b3:54:a8:c5:2e:79:c5:b9:1e:ad:00:c6:8e:a7:
97:40:4e:42:98:3e:5a:26:69:3b:27:7e:d6:0b:62:
00:82:98:1a:24:08:93:43:8a:17:71:3e:83:34:e2:
3b:1f:3e:80:49:ee:cd:e5:db:2b:6d:6b:0d:ed:e1:
92:fa:a1:4d:84:80:5b:ef:ae:f3:9e:a5:13:23:fb:
1c:cf:cb:94:92:ad:f2:1d:19:25:08:48:d4:59:fc:
22:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:64:18:05:2C:27:EA:8D:41:A8:E7:40:A9:88:25:C9:60:98:BA:08
X509v3 Authority Key Identifier:
keyid:95:65:5E:E7:2E:17:7A:02:09:6C:0C:B6:06:76:AA:1E:66:9A:E7:E0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9127898/2069F5FCFC0D11EBAE95147BC4F9AE02/lWVe5y4XegIJbAy2BnaqHmaa5-A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lWVe5y4XegIJbAy2BnaqHmaa5-A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127898/2069F5FCFC0D11EBAE95147BC4F9AE02/BFD5DDF0D95311EF9B045445C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.142.0/23
Signature Algorithm: sha256WithRSAEncryption
69:79:fd:fc:86:e2:68:2c:bd:e6:80:ab:9f:85:85:bf:6d:ee:
50:17:c3:5f:32:88:e0:c9:54:72:0e:1c:96:3e:45:61:d4:87:
af:3d:ae:0f:0f:d5:80:75:a4:58:52:78:75:45:90:c8:e6:37:
f4:f8:72:06:f0:7e:59:d9:bd:49:6e:cd:a8:a3:c6:bd:0c:fe:
7e:91:88:1e:fb:fa:aa:89:cf:a0:73:0a:24:f0:0c:41:7b:6f:
39:01:bd:a8:f7:0d:ca:c2:9a:00:ee:da:f3:99:ad:6b:3a:68:
a0:02:5a:fa:16:da:00:31:c4:2a:46:82:d9:49:1c:4f:ef:a1:
db:86:31:ec:04:19:74:66:e2:12:1f:f0:42:e0:f3:11:ca:9f:
98:7e:d8:5f:fe:e7:3b:ee:42:74:6d:c2:a1:15:0e:26:b5:36:
70:43:00:65:af:36:f1:d4:cf:45:b8:10:c1:90:57:a3:4e:a8:
de:5c:0b:ea:24:2e:50:11:13:82:1b:86:e1:19:2b:b8:b7:4d:
9f:64:14:79:d6:2a:90:6a:03:06:d2:f3:8b:ae:96:93:fe:3a:
7b:0c:c2:95:73:e7:a5:81:31:07:2a:06:d4:ec:78:3b:72:ff:
1e:b1:b1:36:fd:92:db:91:60:b1:f4:04:ea:c5:a5:fd:dd:b1:
9a:19:56:80
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICARswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc4OTgxMTAvBgNVBAUTKDk1NjU1RUU3MkUxNzdBMDIwOTZDMENCNjA2NzZBQTFF
NjY5QUU3RTAwHhcNMjUwMTIzMDYzMjUyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxZTI5My01YjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0XrdH6hKr4Pm9RLagDXLPDWOHj+3A8Yw7vRI59nszG6eoKZv0RrlzH7B3uXz
Q/GCgfoLaiX5WQaZraOQrmFJGLWPkfzAjH3i+G6gvGqyqDVihj/CdSadw6QZF+hs
ydkRbY8zcN3b997Ue1JKpZCu14lX3vf393nBJyR9enog2ORVcYcRqmjCnMnjTMVi
F3g0cKUvBgXmlkob19gG4M40i9azRTHvs1SoxS55xbkerQDGjqeXQE5CmD5aJmk7
J37WC2IAgpgaJAiTQ4oXcT6DNOI7Hz6ASe7N5dsrbWsN7eGS+qFNhIBb767znqUT
I/scz8uUkq3yHRklCEjUWfwiawIDAQABo4IClTCCApEwHQYDVR0OBBYEFAxkGAUs
J+qNQajnQKmIJclgmLoIMB8GA1UdIwQYMBaAFJVlXucuF3oCCWwMtgZ2qh5mmufg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzg5OC8yMDY5RjVGQ0ZD
MEQxMUVCQUU5NTE0N0JDNEY5QUUwMi9sV1ZlNXk0WGVnSUpiQXkyQm5hcUhtYWE1
LUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xXVmU1eTRYZWdJSmJBeTJCbmFxSG1hYTUtQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc4OTgvMjA2OUY1RkNGQzBEMTFFQkFFOTUxNDdCQzRGOUFFMDIvQkZENURERjBE
OTUzMTFFRjlCMDQ1NDQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnq44wDQYJKoZIhvcNAQELBQADggEBAGl5/fyG4mgsveaA
q5+Fhb9t7lAXw18yiODJVHIOHJY+RWHUh689rg8P1YB1pFhSeHVFkMjmN/T4cgbw
flnZvUluzaijxr0M/n6RiB77+qqJz6BzCiTwDEF7bzkBvaj3DcrCmgDu2vOZrWs6
aKACWvoW2gAxxCpGgtlJHE/voduGMewEGXRm4hIf8ELg8xHKn5h+2F/+5zvuQnRt
wqEVDia1NnBDAGWvNvHUz0W4EMGQV6NOqN5cC+okLlARE4IbhuEZK7i3TZ9kFHnW
KpBqAwbS84uulpP+OnsMwpVz56WBMQcqBtTseDty/x6xsTb9ktuRYLH0BOrFpf3d
sZoZVoA=
-----END CERTIFICATE-----
Generated at Tue Apr 29 14:26:58 2025 by rpki-client