Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0D39/7F24FFD0C85811EBBE0EF834C4F9AE02/33B3C60425FD11EDA4097785C4F9AE02.roa
File: 33B3C60425FD11EDA4097785C4F9AE02.roa (raw, json)
Hash identifier: Cj1/piPyZE/JuRDwxvwSW+MueXSWf8zlHIF4b8CMXf0=
Subject key identifier: 8A:E2:2E:43:10:A1:2D:D6:FC:28:EB:23:AA:04:8D:FE:30:13:DF:90
Certificate issuer: /CN=A91B0D39/serialNumber=97388EFC45D496EEEEAE94847DA60ACCE5D117F9
Certificate serial: 053F
Authority key identifier: 97:38:8E:FC:45:D4:96:EE:EE:AE:94:84:7D:A6:0A:CC:E5:D1:17:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lziO_EXUlu7urpSEfaYKzOXRF_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0D39/7F24FFD0C85811EBBE0EF834C4F9AE02/33B3C60425FD11EDA4097785C4F9AE02.roa
Signing time: Wed 03 Jul 2024 00:42:35 +0000
ROA not before: Wed 03 Jul 2024 00:42:35 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 38254
IP address blocks: 103.167.250.0/24 maxlen: 24
2001:df6:c480::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1343 (0x53f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0D39/serialNumber=97388EFC45D496EEEEAE94847DA60ACCE5D117F9
Validity
Not Before: Jul 3 00:42:35 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66849e7b-cb14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:41:e6:cd:13:30:f0:a9:aa:0d:e6:56:aa:55:
68:3b:5e:ed:95:19:8c:51:b5:56:ec:85:40:9f:7a:
b7:53:6e:00:85:aa:32:c4:ff:50:4c:65:b4:b4:88:
7c:e9:10:f3:6b:94:c7:56:93:4e:80:02:18:bb:72:
02:a9:65:db:ab:c4:e2:65:6a:a2:27:e4:7b:1d:73:
f0:66:5f:b9:21:2b:9f:7a:ff:88:2d:a3:7b:d5:53:
f4:b5:c8:0e:e4:84:00:6e:17:95:fe:fa:98:36:78:
5e:e1:eb:cc:3b:03:4e:bf:43:fb:94:8a:69:77:48:
1c:f4:e6:42:61:97:68:ed:72:78:62:5c:b4:a2:30:
fa:fb:7d:c9:a6:ae:1c:7e:71:fa:38:d6:46:89:22:
d2:f1:f7:0f:60:64:4e:0a:ff:ad:72:8f:76:08:db:
6a:23:a8:7d:81:7c:51:9e:be:74:aa:21:e3:3b:b1:
57:bd:de:1f:d3:27:51:7b:3c:14:71:23:35:c9:ce:
f5:9a:c4:e7:ef:d4:f8:11:c5:89:a7:39:ab:cd:c5:
1c:c5:d9:95:1f:27:ee:13:5e:a9:0a:bf:4b:5c:f2:
cd:4e:75:fa:15:6d:51:ab:cb:a4:f6:5e:a5:4b:c7:
c6:f1:39:fa:db:2f:2b:1c:45:65:f6:04:fb:e6:e4:
78:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E2:2E:43:10:A1:2D:D6:FC:28:EB:23:AA:04:8D:FE:30:13:DF:90
X509v3 Authority Key Identifier:
keyid:97:38:8E:FC:45:D4:96:EE:EE:AE:94:84:7D:A6:0A:CC:E5:D1:17:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0D39/7F24FFD0C85811EBBE0EF834C4F9AE02/lziO_EXUlu7urpSEfaYKzOXRF_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lziO_EXUlu7urpSEfaYKzOXRF_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0D39/7F24FFD0C85811EBBE0EF834C4F9AE02/33B3C60425FD11EDA4097785C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.250.0/24
IPv6:
2001:df6:c480::/48
Signature Algorithm: sha256WithRSAEncryption
2c:25:63:f6:b2:f0:6a:c0:06:56:61:4f:9a:6f:14:29:d8:4f:
fd:a7:99:09:72:9c:4d:e4:47:c6:3f:29:c7:b5:d5:25:ec:de:
46:7a:e0:d6:19:da:41:b0:1c:9f:5e:81:84:27:59:bd:2c:98:
e9:70:c9:4e:cc:64:c4:d2:dd:35:a2:e4:02:5d:53:25:05:f7:
c5:d7:dc:d9:88:6b:4a:d5:40:ce:e2:78:1d:b0:6d:e9:05:aa:
3e:07:82:2d:d8:46:1b:95:57:25:e4:97:b0:16:a2:78:55:f3:
db:70:60:5f:b3:0a:af:72:0e:d5:7e:ff:c7:56:eb:32:12:40:
cd:16:23:11:4b:92:15:13:83:3e:fb:6f:5d:47:40:ba:a9:e1:
35:0a:2e:55:df:38:b9:22:f3:1e:07:5b:37:43:4e:2b:ae:27:
36:a8:9a:40:9b:51:56:6e:94:4b:fa:28:29:41:f1:b2:3d:14:
03:fc:58:96:17:ef:e4:d3:b4:d8:17:5e:1c:52:ae:2f:de:e3:
37:50:15:1d:1d:ff:78:4c:bd:85:03:e0:b6:bf:2f:5c:21:d6:
7f:ef:b7:82:93:82:f0:fd:d1:a1:19:f6:73:65:6e:b9:58:2b:
a2:bc:3c:49:ae:5a:f7:07:a1:10:1d:1a:79:20:ed:7b:30:a2:
4f:70:22:b5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBT8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjBEMzkxMTAvBgNVBAUTKDk3Mzg4RUZDNDVENDk2RUVFRUFFOTQ4NDdEQTYwQUND
RTVEMTE3RjkwHhcNMjQwNzAzMDA0MjM1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg0OWU3Yi1jYjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArEHmzRMw8KmqDeZWqlVoO17tlRmMUbVW7IVAn3q3U24AhaoyxP9QTGW0tIh8
6RDza5THVpNOgAIYu3ICqWXbq8TiZWqiJ+R7HXPwZl+5ISufev+ILaN71VP0tcgO
5IQAbheV/vqYNnhe4evMOwNOv0P7lIppd0gc9OZCYZdo7XJ4Yly0ojD6+33Jpq4c
fnH6ONZGiSLS8fcPYGROCv+tco92CNtqI6h9gXxRnr50qiHjO7FXvd4f0ydRezwU
cSM1yc71msTn79T4EcWJpzmrzcUcxdmVHyfuE16pCr9LXPLNTnX6FW1Rq8uk9l6l
S8fG8Tn62y8rHEVl9gT75uR4uQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIriLkMQ
oS3W/CjrI6oEjf4wE9+QMB8GA1UdIwQYMBaAFJc4jvxF1Jbu7q6UhH2mCszl0Rf5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMEQzOS83RjI0RkZEMEM4
NTgxMUVCQkUwRUY4MzRDNEY5QUUwMi9semlPX0VYVWx1N3VycFNFZmFZS3pPWFJG
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2x6aU9fRVhVbHU3dXJwU0VmYVlLek9YUkZfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjBEMzkvN0YyNEZGRDBDODU4MTFFQkJFMEVGODM0QzRGOUFFMDIvMzNCM0M2MDQy
NUZEMTFFREE0MDk3Nzg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnp/owDwQCAAIwCQMHACABDfbEgDANBgkqhkiG9w0BAQsF
AAOCAQEALCVj9rLwasAGVmFPmm8UKdhP/aeZCXKcTeRHxj8px7XVJezeRnrg1hna
QbAcn16BhCdZvSyY6XDJTsxkxNLdNaLkAl1TJQX3xdfc2YhrStVAzuJ4HbBt6QWq
PgeCLdhGG5VXJeSXsBaieFXz23BgX7MKr3IO1X7/x1brMhJAzRYjEUuSFRODPvtv
XUdAuqnhNQouVd84uSLzHgdbN0NOK64nNqiaQJtRVm6US/ooKUHxsj0UA/xYlhfv
5NO02BdeHFKuL97jN1AVHR3/eEy9hQPgtr8vXCHWf++3gpOC8P3RoRn2c2VuuVgr
orw8Sa5a9wehEB0aeSDtezCiT3AitQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:53:47 2025 by rpki-client