Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE9B1/5BB9E00AB9DB11EB9CF3B86EC4F9AE02/02157718B9DF11EBA8BE9876C4F9AE02.roa
File: 02157718B9DF11EBA8BE9876C4F9AE02.roa (raw, json)
Hash identifier: qJ0j3BEtvoKonhv9iV5ZjKTQCrlGnl70ygABsp5AhIA=
Subject key identifier: 58:63:B4:B4:1A:AC:00:7B:36:BD:88:52:A5:2B:20:68:A4:48:4E:1F
Certificate issuer: /CN=A91FE9B1/serialNumber=EF4965066BDA242BABB0685BC2E6ADD9F75633FD
Certificate serial: 050B
Authority key identifier: EF:49:65:06:6B:DA:24:2B:AB:B0:68:5B:C2:E6:AD:D9:F7:56:33:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70llBmvaJCursGhbwuat2fdWM_0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE9B1/5BB9E00AB9DB11EB9CF3B86EC4F9AE02/02157718B9DF11EBA8BE9876C4F9AE02.roa
Signing time: Sun 21 Apr 2024 01:13:53 +0000
ROA not before: Sun 21 Apr 2024 01:13:53 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 141734
IP address blocks: 103.163.2.0/24 maxlen: 24
103.163.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1291 (0x50b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE9B1/serialNumber=EF4965066BDA242BABB0685BC2E6ADD9F75633FD
Validity
Not Before: Apr 21 01:13:53 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66246850-dd66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9c:23:d9:48:1a:00:43:93:ff:1b:d0:32:7d:
1a:93:01:4d:30:c6:b9:b0:95:cf:c0:98:78:1f:53:
10:dd:02:25:fb:6f:c1:5c:b4:c0:f3:7e:75:55:2a:
60:ec:e2:27:01:98:24:ac:25:ca:d3:18:dc:e5:a6:
f9:f4:04:a3:5c:6e:b8:3a:c5:b7:9c:e4:f2:f9:42:
24:b8:09:64:61:03:9f:60:23:7d:03:1f:3b:c0:fa:
7f:8e:a3:d0:f8:f9:49:cd:7a:29:42:d5:75:2f:63:
d7:19:e5:ea:d2:bd:40:95:a3:bf:f8:63:e0:de:b2:
05:f2:97:ad:52:63:48:f2:68:11:7d:f5:89:c7:7c:
2d:7f:a4:06:96:be:c6:12:3d:f5:34:a8:42:dd:26:
26:5e:70:54:1f:da:27:da:29:02:ab:6f:66:5f:1c:
93:86:6e:59:fc:e8:12:70:17:a5:6f:33:3c:4c:81:
3c:11:1c:ca:5d:f3:11:82:93:03:2f:2e:d1:98:3f:
9d:10:25:0d:31:c3:0c:23:36:2c:07:cd:e8:f0:ad:
1c:27:3f:80:4b:a0:39:8d:cf:52:9b:f2:43:28:de:
09:8b:6b:73:93:24:b8:4d:1b:fa:e8:05:b4:50:dc:
cf:40:98:c1:76:cb:30:7c:27:db:1b:68:93:b0:55:
88:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:63:B4:B4:1A:AC:00:7B:36:BD:88:52:A5:2B:20:68:A4:48:4E:1F
X509v3 Authority Key Identifier:
keyid:EF:49:65:06:6B:DA:24:2B:AB:B0:68:5B:C2:E6:AD:D9:F7:56:33:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE9B1/5BB9E00AB9DB11EB9CF3B86EC4F9AE02/70llBmvaJCursGhbwuat2fdWM_0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70llBmvaJCursGhbwuat2fdWM_0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE9B1/5BB9E00AB9DB11EB9CF3B86EC4F9AE02/02157718B9DF11EBA8BE9876C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.163.2.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:26:c3:22:70:43:f4:5f:09:19:fa:20:34:95:26:f5:ed:32:
65:18:fc:e7:67:33:d5:0c:ce:50:5e:27:02:df:a3:88:de:aa:
c1:d1:77:6c:4f:d4:7a:fb:83:d1:23:f7:28:8b:9f:06:bc:ac:
f2:93:cc:8e:98:f1:f5:42:fb:5f:fd:bd:5e:0a:44:1c:f2:38:
3a:5b:eb:67:b9:7c:8c:60:fe:3e:50:cb:38:5e:87:58:91:db:
c2:6e:3b:da:35:bc:e6:aa:bf:38:cd:ee:08:8d:76:40:51:cc:
ae:ee:ff:4d:b3:61:de:c9:61:3d:51:3a:98:51:65:26:f4:39:
08:bd:3b:78:d9:a5:3f:1d:22:79:ef:5d:a8:e5:32:f3:9f:58:
22:1c:d2:12:27:d1:e3:1c:64:6e:6c:ca:f8:57:39:e8:2d:a9:
cf:3f:82:72:8a:db:69:56:37:43:81:d5:83:35:58:81:0b:85:
47:57:84:c9:d8:79:56:20:a3:d9:68:fb:1a:70:24:b5:65:f1:
c6:75:3f:64:58:26:78:fd:cf:a3:f9:1c:f8:3d:78:33:b0:d8:
f8:4d:47:6d:d6:a1:94:42:68:bd:48:d4:83:3a:fc:37:9e:ac:
ac:b9:67:d6:94:91:d1:40:13:0d:2a:a7:bd:27:8d:ac:e8:21:
cf:e4:c7:f2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBQswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkU5QjExMTAvBgNVBAUTKEVGNDk2NTA2NkJEQTI0MkJBQkIwNjg1QkMyRTZBREQ5
Rjc1NjMzRkQwHhcNMjQwNDIxMDExMzUzWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI0Njg1MC1kZDY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvJwj2UgaAEOT/xvQMn0akwFNMMa5sJXPwJh4H1MQ3QIl+2/BXLTA8351VSpg
7OInAZgkrCXK0xjc5ab59ASjXG64OsW3nOTy+UIkuAlkYQOfYCN9Ax87wPp/jqPQ
+PlJzXopQtV1L2PXGeXq0r1AlaO/+GPg3rIF8petUmNI8mgRffWJx3wtf6QGlr7G
Ej31NKhC3SYmXnBUH9on2ikCq29mXxyThm5Z/OgScBelbzM8TIE8ERzKXfMRgpMD
Ly7RmD+dECUNMcMMIzYsB83o8K0cJz+AS6A5jc9Sm/JDKN4Ji2tzkyS4TRv66AW0
UNzPQJjBdsswfCfbG2iTsFWI2wIDAQABo4IClTCCApEwHQYDVR0OBBYEFFhjtLQa
rAB7Nr2IUqUrIGikSE4fMB8GA1UdIwQYMBaAFO9JZQZr2iQrq7BoW8Lmrdn3VjP9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTlCMS81QkI5RTAwQUI5
REIxMUVCOUNGM0I4NkVDNEY5QUUwMi83MGxsQm12YUpDdXJzR2hid3VhdDJmZFdN
XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzcwbGxCbXZhSkN1cnNHaGJ3dWF0MmZkV01fMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkU5QjEvNUJCOUUwMEFCOURCMTFFQjlDRjNCODZFQzRGOUFFMDIvMDIxNTc3MThC
OURGMTFFQkE4QkU5ODc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnowIwDQYJKoZIhvcNAQELBQADggEBAE4mwyJwQ/RfCRn6
IDSVJvXtMmUY/OdnM9UMzlBeJwLfo4jeqsHRd2xP1Hr7g9Ej9yiLnwa8rPKTzI6Y
8fVC+1/9vV4KRBzyODpb62e5fIxg/j5Qyzheh1iR28JuO9o1vOaqvzjN7giNdkBR
zK7u/02zYd7JYT1ROphRZSb0OQi9O3jZpT8dInnvXajlMvOfWCIc0hIn0eMcZG5s
yvhXOegtqc8/gnKK22lWN0OB1YM1WIELhUdXhMnYeVYgo9lo+xpwJLVl8cZ1P2RY
Jnj9z6P5HPg9eDOw2PhNR23WoZRCaL1I1IM6/DeerKy5Z9aUkdFAEw0qp70njazo
Ic/kx/I=
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:38:34 2025 by rpki-client