Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8A85/573792CA562B11EBBD0CE21CC4F9AE02/9F99CFB6C3B811EFB8AF8A31C4F9AE02.roa
File: 9F99CFB6C3B811EFB8AF8A31C4F9AE02.roa (raw, json)
Hash identifier: 6XobdgjEZjWaxcX+bmHjFrx4HuCJhh1PmrGKZGDFUHE=
Subject key identifier: 19:09:62:CE:F0:0E:06:8B:A2:EC:07:F9:AC:0F:73:A8:D2:FD:A4:0F
Certificate issuer: /CN=A91A8A85/serialNumber=2EAF60095334E7F0BAA065A92F653F5C744895C2
Certificate serial: 0696
Authority key identifier: 2E:AF:60:09:53:34:E7:F0:BA:A0:65:A9:2F:65:3F:5C:74:48:95:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lq9gCVM05_C6oGWpL2U_XHRIlcI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A8A85/573792CA562B11EBBD0CE21CC4F9AE02/9F99CFB6C3B811EFB8AF8A31C4F9AE02.roa
Signing time: Thu 26 Dec 2024 18:38:39 +0000
ROA not before: Thu 26 Dec 2024 18:38:39 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 133605
IP address blocks: 103.161.150.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1686 (0x696)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A8A85/serialNumber=2EAF60095334E7F0BAA065A92F653F5C744895C2
Validity
Not Before: Dec 26 18:38:39 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=676da2af-8e13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:71:fb:27:09:f7:00:78:67:36:7e:48:02:82:
47:eb:7b:65:a6:f9:f3:f5:5b:72:7c:93:07:f6:47:
dd:6c:36:0a:17:a5:a4:10:18:48:95:1c:35:c7:91:
37:5f:e5:48:45:f5:c8:4b:f5:3e:53:ce:f4:2f:a9:
69:37:27:b2:d8:ef:e5:2b:9a:1b:7a:ae:da:a5:45:
2d:70:f5:3e:2f:b6:03:fc:b0:36:4e:23:40:ae:b8:
75:67:94:c7:c4:41:cf:27:a9:01:c1:4d:02:e7:04:
a9:23:cf:f2:a1:ce:88:87:e4:40:d4:73:1d:86:10:
9a:e8:f5:a0:86:b1:e8:af:96:22:a7:17:7b:5c:ed:
0f:70:2f:f3:21:d0:48:65:3a:68:77:b2:83:b2:02:
ea:80:50:0d:c5:2d:06:a1:3b:34:44:b0:7f:44:de:
20:a7:4c:4f:d1:04:de:61:fe:a9:df:36:36:cf:4d:
98:46:25:f0:f5:81:3c:ca:0d:29:73:ef:32:6f:22:
cb:0a:01:8d:b2:7c:da:59:84:43:d9:66:57:fe:b7:
33:c7:35:95:0c:c0:6e:cb:2c:bf:ee:d8:a7:d9:ae:
ee:7e:97:fc:8e:61:bf:77:ca:49:84:ab:17:f2:d5:
d5:3d:a9:81:cf:6d:50:f8:20:50:d6:eb:bf:39:1a:
e6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:09:62:CE:F0:0E:06:8B:A2:EC:07:F9:AC:0F:73:A8:D2:FD:A4:0F
X509v3 Authority Key Identifier:
keyid:2E:AF:60:09:53:34:E7:F0:BA:A0:65:A9:2F:65:3F:5C:74:48:95:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A8A85/573792CA562B11EBBD0CE21CC4F9AE02/Lq9gCVM05_C6oGWpL2U_XHRIlcI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lq9gCVM05_C6oGWpL2U_XHRIlcI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8A85/573792CA562B11EBBD0CE21CC4F9AE02/9F99CFB6C3B811EFB8AF8A31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.161.150.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:3e:32:73:3d:cb:bf:81:01:a1:73:4d:5d:75:7b:20:c8:56:
e1:d0:82:07:16:4e:5f:47:36:2a:1c:00:12:a3:fc:f6:07:90:
ad:83:12:9a:58:2c:db:c2:af:80:87:98:52:5a:7c:53:e2:73:
6f:92:bd:14:ce:fe:de:4b:f1:14:2d:76:93:81:77:b7:37:08:
31:cd:e6:c1:d8:52:7c:4d:99:d1:ab:81:66:60:e3:7f:42:85:
f4:91:38:de:6f:0b:ff:ee:c3:89:6e:81:40:27:29:b3:ff:2c:
ff:19:ae:14:b6:9a:1a:3f:33:94:fd:28:57:07:fb:52:a1:34:
84:a0:d9:03:59:26:94:79:ca:d7:4f:d5:ba:f6:7a:a1:46:d1:
00:e5:92:cf:bd:44:17:1c:c0:cc:79:a5:41:3c:3d:a1:d7:91:
5e:8b:5d:03:7e:f4:82:4e:d1:ae:e6:31:4e:bf:f2:92:65:52:
e0:9a:e0:2c:21:ec:f8:de:ed:4c:34:3c:f6:28:65:1b:c9:23:
4d:5a:0a:10:28:48:2d:48:ee:4a:35:b6:98:12:02:02:6c:05:
e0:98:21:5d:a9:aa:92:9a:0a:ff:ad:78:b8:87:31:6f:56:20:
3e:42:29:6d:f6:d9:61:5a:16:31:08:09:00:a5:66:fe:64:10:
cc:e0:f5:33
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBpYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QThBODUxMTAvBgNVBAUTKDJFQUY2MDA5NTMzNEU3RjBCQUEwNjVBOTJGNjUzRjVD
NzQ0ODk1QzIwHhcNMjQxMjI2MTgzODM5WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZkYTJhZi04ZTEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1XH7Jwn3AHhnNn5IAoJH63tlpvnz9VtyfJMH9kfdbDYKF6WkEBhIlRw1x5E3
X+VIRfXIS/U+U870L6lpNyey2O/lK5obeq7apUUtcPU+L7YD/LA2TiNArrh1Z5TH
xEHPJ6kBwU0C5wSpI8/yoc6Ih+RA1HMdhhCa6PWghrHor5Yipxd7XO0PcC/zIdBI
ZTpod7KDsgLqgFANxS0GoTs0RLB/RN4gp0xP0QTeYf6p3zY2z02YRiXw9YE8yg0p
c+8ybyLLCgGNsnzaWYRD2WZX/rczxzWVDMBuyyy/7tin2a7ufpf8jmG/d8pJhKsX
8tXVPamBz21Q+CBQ1uu/ORrm9wIDAQABo4IClTCCApEwHQYDVR0OBBYEFBkJYs7w
DgaLouwH+awPc6jS/aQPMB8GA1UdIwQYMBaAFC6vYAlTNOfwuqBlqS9lP1x0SJXC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOEE4NS81NzM3OTJDQTU2
MkIxMUVCQkQwQ0UyMUNDNEY5QUUwMi9McTlnQ1ZNMDVfQzZvR1dwTDJVX1hIUkls
Y0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xxOWdDVk0wNV9DNm9HV3BMMlVfWEhSSWxjSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QThBODUvNTczNzkyQ0E1NjJCMTFFQkJEMENFMjFDQzRGOUFFMDIvOUY5OUNGQjZD
M0I4MTFFRkI4QUY4QTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnoZYwDQYJKoZIhvcNAQELBQADggEBAJ4+MnM9y7+BAaFz
TV11eyDIVuHQggcWTl9HNiocABKj/PYHkK2DEppYLNvCr4CHmFJafFPic2+SvRTO
/t5L8RQtdpOBd7c3CDHN5sHYUnxNmdGrgWZg439ChfSRON5vC//uw4lugUAnKbP/
LP8ZrhS2mho/M5T9KFcH+1KhNISg2QNZJpR5ytdP1br2eqFG0QDlks+9RBccwMx5
pUE8PaHXkV6LXQN+9IJO0a7mMU6/8pJlUuCa4Cwh7Pje7Uw0PPYoZRvJI01aChAo
SC1I7ko1tpgSAgJsBeCYIV2pqpKaCv+teLiHMW9WID5CKW322WFaFjEICQClZv5k
EMzg9TM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 06:41:57 2025 by rpki-client