Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91724A6/18E5D484C3C311EDAA5ACB47C4F9AE02/950A55CCC3C711ED8419AA64C4F9AE02.roa
File: 950A55CCC3C711ED8419AA64C4F9AE02.roa (raw, json)
Hash identifier: GrQm9NlurYpVLIwLedH2/MNa+h8258HeOnrxmNS0v54=
Subject key identifier: 96:0D:D9:3E:34:35:80:08:6B:37:E0:72:54:24:67:E0:E3:6E:57:3D
Certificate issuer: /CN=A91724A6/serialNumber=D2762672D297580E484228C171E5A890730C176F
Certificate serial: 0159
Authority key identifier: D2:76:26:72:D2:97:58:0E:48:42:28:C1:71:E5:A8:90:73:0C:17:6F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0nYmctKXWA5IQijBceWokHMMF28.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91724A6/18E5D484C3C311EDAA5ACB47C4F9AE02/950A55CCC3C711ED8419AA64C4F9AE02.roa
Signing time: Tue 31 Dec 2024 02:56:29 +0000
ROA not before: Tue 31 Dec 2024 02:56:29 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 135518
IP address blocks: 103.73.216.0/23 maxlen: 23
2001:df2:e640::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 345 (0x159)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91724A6/serialNumber=D2762672D297580E484228C171E5A890730C176F
Validity
Not Before: Dec 31 02:56:29 2024 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67735d5c-bb95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:aa:40:b4:92:98:e7:c9:17:99:89:b8:65:95:
b2:ae:ce:33:68:d6:1d:ab:d9:ee:be:8d:27:d1:6c:
31:b6:1c:11:a9:8b:05:3c:27:52:d1:34:74:1f:74:
9b:07:45:11:ec:14:b9:a4:63:56:3a:20:55:fd:49:
bd:fc:47:c0:d1:90:0d:96:a0:0f:b7:74:cc:f1:e5:
43:92:65:fa:33:5c:b0:64:99:8f:71:97:ab:62:a0:
af:56:42:d9:cd:23:14:6c:14:01:3a:2b:5a:18:f7:
6a:73:ff:9f:40:31:d5:e9:b5:f5:de:0d:0b:ea:79:
d7:9a:4d:5c:61:1c:68:d2:f6:3b:bf:22:af:ec:6e:
71:70:35:a4:e5:2f:4d:e1:c3:54:f8:3c:8a:da:3c:
b9:65:eb:5e:c4:d2:a5:d3:7c:32:b6:42:ae:7d:c5:
7a:89:df:a6:0e:61:63:48:27:2c:06:66:11:f0:63:
e5:ae:d4:6e:1e:cb:b5:b2:9d:dd:18:8a:71:fb:ad:
2e:2c:38:1f:88:ea:2c:38:c1:ce:0a:2f:09:bb:32:
24:2c:ff:66:15:49:7b:53:c9:4e:22:c1:db:39:e9:
fc:eb:b7:ed:17:f8:71:eb:7e:3c:00:ab:1d:5f:a3:
27:39:64:2b:97:90:3c:15:66:a3:ad:04:69:ac:88:
d5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:0D:D9:3E:34:35:80:08:6B:37:E0:72:54:24:67:E0:E3:6E:57:3D
X509v3 Authority Key Identifier:
keyid:D2:76:26:72:D2:97:58:0E:48:42:28:C1:71:E5:A8:90:73:0C:17:6F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91724A6/18E5D484C3C311EDAA5ACB47C4F9AE02/0nYmctKXWA5IQijBceWokHMMF28.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0nYmctKXWA5IQijBceWokHMMF28.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91724A6/18E5D484C3C311EDAA5ACB47C4F9AE02/950A55CCC3C711ED8419AA64C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.73.216.0/23
IPv6:
2001:df2:e640::/48
Signature Algorithm: sha256WithRSAEncryption
14:db:ce:5b:e8:e9:fc:a6:01:75:d5:13:a1:91:81:88:43:70:
d6:65:db:c6:18:90:4a:e4:0a:1b:65:b5:73:b1:35:58:91:37:
db:46:10:86:1b:b2:85:df:da:5c:cf:bb:da:ae:d4:f9:a2:d9:
fd:da:db:00:61:3d:34:1b:2d:e5:8f:04:d8:0b:27:ab:c1:cb:
8c:1c:e5:e6:d6:f1:fe:de:bb:8c:90:ed:5a:f5:f2:75:ae:96:
ad:a3:eb:ad:c8:36:e8:b6:cb:9c:8a:cd:e3:6f:48:69:77:37:
8f:a7:e3:c3:91:a1:fa:f4:98:21:c8:c0:08:7d:8e:92:34:6e:
7d:ce:64:80:c7:96:c8:13:2f:f3:66:c2:be:9d:53:8b:43:96:
1c:15:4b:9a:64:c3:4d:c7:a0:a0:c6:f4:59:b6:c4:b3:ef:fb:
4d:89:7c:a9:75:14:36:cf:94:67:12:de:9a:e6:d4:9a:9f:d9:
2d:a7:45:68:9c:cc:17:52:70:c7:f9:5e:54:ba:6d:4f:14:14:
70:05:8d:bb:26:48:46:8a:01:35:6e:6d:69:f3:07:0a:25:56:
f6:0a:a7:b8:05:6b:c9:e4:1c:78:c4:e3:3e:3d:f7:51:16:6d:
9a:52:87:bc:36:2f:bc:49:b8:49:b0:9d:77:b1:96:4a:30:b3:
3e:15:f2:b5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAVkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzI0QTYxMTAvBgNVBAUTKEQyNzYyNjcyRDI5NzU4MEU0ODQyMjhDMTcxRTVBODkw
NzMwQzE3NkYwHhcNMjQxMjMxMDI1NjI5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzczNWQ1Yy1iYjk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoqpAtJKY58kXmYm4ZZWyrs4zaNYdq9nuvo0n0WwxthwRqYsFPCdS0TR0H3Sb
B0UR7BS5pGNWOiBV/Um9/EfA0ZANlqAPt3TM8eVDkmX6M1ywZJmPcZerYqCvVkLZ
zSMUbBQBOitaGPdqc/+fQDHV6bX13g0L6nnXmk1cYRxo0vY7vyKv7G5xcDWk5S9N
4cNU+DyK2jy5ZetexNKl03wytkKufcV6id+mDmFjSCcsBmYR8GPlrtRuHsu1sp3d
GIpx+60uLDgfiOosOMHOCi8JuzIkLP9mFUl7U8lOIsHbOen867ftF/hx6348AKsd
X6MnOWQrl5A8FWajrQRprIjV4QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJYN2T40
NYAIazfgclQkZ+Djblc9MB8GA1UdIwQYMBaAFNJ2JnLSl1gOSEIowXHlqJBzDBdv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjRBNi8xOEU1RDQ4NEMz
QzMxMUVEQUE1QUNCNDdDNEY5QUUwMi8wblltY3RLWFdBNUlRaWpCY2VXb2tITU1G
MjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBuWW1jdEtYV0E1SVFpakJjZVdva0hNTUYyOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzI0QTYvMThFNUQ0ODRDM0MzMTFFREFBNUFDQjQ3QzRGOUFFMDIvOTUwQTU1Q0ND
M0M3MTFFRDg0MTlBQTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnSdgwDwQCAAIwCQMHACABDfLmQDANBgkqhkiG9w0BAQsF
AAOCAQEAFNvOW+jp/KYBddUToZGBiENw1mXbxhiQSuQKG2W1c7E1WJE320YQhhuy
hd/aXM+72q7U+aLZ/drbAGE9NBst5Y8E2Asnq8HLjBzl5tbx/t67jJDtWvXyda6W
raPrrcg26LbLnIrN429IaXc3j6fjw5Gh+vSYIcjACH2OkjRufc5kgMeWyBMv82bC
vp1Ti0OWHBVLmmTDTcegoMb0WbbEs+/7TYl8qXUUNs+UZxLemubUmp/ZLadFaJzM
F1Jwx/leVLptTxQUcAWNuyZIRooBNW5tafMHCiVW9gqnuAVryeQceMTjPj33URZt
mlKHvDYvvEm4SbCdd7GWSjCzPhXytQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:46:39 2025 by rpki-client