Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91221EF/6F2FEBD6891F11EA89B6277CC4F9AE02/D1A6B6D0738E11ED8283FF53C4F9AE02.roa
File: D1A6B6D0738E11ED8283FF53C4F9AE02.roa (raw, json)
Hash identifier: WgMRh1pD8v+j2OuHDw2wLrJ+bXBsyv6ChtDmNGRF1/k=
Subject key identifier: A7:F9:57:BA:B8:2C:BB:78:C8:32:1F:DA:EA:75:B9:98:93:75:B9:67
Certificate issuer: /CN=A91221EF/serialNumber=FF900F24BF9A8982D95F8447AA7B9BB4F7AC4639
Certificate serial: 0957
Authority key identifier: FF:90:0F:24:BF:9A:89:82:D9:5F:84:47:AA:7B:9B:B4:F7:AC:46:39
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_5APJL-aiYLZX4RHqnubtPesRjk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91221EF/6F2FEBD6891F11EA89B6277CC4F9AE02/D1A6B6D0738E11ED8283FF53C4F9AE02.roa
Signing time: Wed 04 Dec 2024 20:28:40 +0000
ROA not before: Wed 04 Dec 2024 20:28:40 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 139922
IP address blocks: 103.156.97.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2391 (0x957)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91221EF
Validity
Not Before: Dec 4 20:28:40 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6750bb77-8c2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8d:b1:46:00:ba:e3:bb:ea:5d:e4:60:ae:0f:
06:6a:2e:cf:c7:0a:f8:f3:fc:4f:03:27:0f:2f:fb:
f9:c3:d4:f0:6a:87:c2:4b:73:7e:ca:97:df:30:27:
a1:49:97:f5:6c:e0:7f:d7:ca:23:24:72:6f:03:0f:
2a:88:f6:73:bb:03:26:cb:5f:51:db:26:67:0e:6e:
5e:4e:14:76:85:6b:80:87:44:b6:cd:55:49:08:16:
fb:2e:5d:aa:bf:7b:68:e1:5a:26:42:ab:bc:fd:04:
7c:f2:9c:60:f2:1f:98:73:75:70:ae:32:80:db:27:
8f:3c:2e:ce:04:60:a4:0b:75:b9:e8:5a:ec:a4:7e:
69:17:76:9c:25:f4:f4:47:5b:6b:17:cd:91:4c:54:
39:44:43:2d:09:88:c2:30:af:29:12:e2:05:ab:af:
5e:8f:dd:13:43:2a:62:e9:5c:09:51:11:b8:9d:27:
99:84:d2:02:bb:4f:4d:e7:0d:15:45:17:9b:b5:4a:
60:67:3b:66:69:2d:0e:34:ff:6b:13:bf:4d:7f:d5:
a6:ba:8e:0a:38:dd:58:2e:65:ca:94:d1:bd:a1:9e:
9c:80:9b:c0:99:72:c3:f2:6e:ab:81:8f:48:ed:75:
8a:9b:26:34:c8:b7:9d:f8:72:c6:71:be:51:b7:4d:
47:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F9:57:BA:B8:2C:BB:78:C8:32:1F:DA:EA:75:B9:98:93:75:B9:67
X509v3 Authority Key Identifier:
keyid:FF:90:0F:24:BF:9A:89:82:D9:5F:84:47:AA:7B:9B:B4:F7:AC:46:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91221EF/6F2FEBD6891F11EA89B6277CC4F9AE02/_5APJL-aiYLZX4RHqnubtPesRjk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_5APJL-aiYLZX4RHqnubtPesRjk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91221EF/6F2FEBD6891F11EA89B6277CC4F9AE02/D1A6B6D0738E11ED8283FF53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.97.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:aa:20:93:e7:e0:8f:17:3f:11:96:7f:34:b6:6c:50:ea:a8:
70:9c:78:44:a3:9e:54:eb:27:f9:3e:1f:fc:0e:ee:92:ad:e3:
0d:b5:78:de:b9:bf:55:1f:70:5d:73:f9:fa:91:77:c7:b4:c7:
80:d3:96:97:a8:14:2b:ce:85:41:e1:04:d7:88:be:58:fd:1d:
30:20:d6:0c:97:d1:73:24:8d:19:01:bc:42:30:da:7e:17:08:
fe:8e:2d:49:19:0a:b5:a3:5c:72:39:f6:9c:3d:ef:26:e7:66:
d3:8e:44:4b:8b:96:7a:2f:9b:55:59:2d:00:1c:ca:37:6f:93:
1e:ad:35:d4:a3:5a:0f:02:d7:60:71:50:6f:33:c1:e8:fb:22:
be:77:5c:de:3a:1e:39:8e:c2:3e:a4:ec:55:0a:a1:6b:65:c9:
d8:f4:94:b0:b6:86:55:d5:61:a6:03:2a:14:42:38:0f:ec:af:
eb:88:d0:b5:88:04:b9:42:73:ce:fa:d2:68:a7:a3:35:54:c0:
28:c9:65:90:eb:1a:e7:ff:79:ee:55:8d:95:3d:ee:f8:72:00:
33:7e:5d:b8:e0:c0:2f:f0:df:68:ff:89:d2:8c:e3:c3:ed:a5:
69:98:df:b2:de:53:bb:7b:14:47:8b:d6:21:c6:24:ed:a4:e0:
0c:90:f0:2b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCVcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjIxRUYxMTAvBgNVBAUTKEZGOTAwRjI0QkY5QTg5ODJEOTVGODQ0N0FBN0I5QkI0
RjdBQzQ2MzkwHhcNMjQxMjA0MjAyODQwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwYmI3Ny04YzJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtY2xRgC647vqXeRgrg8Gai7Pxwr48/xPAycPL/v5w9TwaofCS3N+ypffMCeh
SZf1bOB/18ojJHJvAw8qiPZzuwMmy19R2yZnDm5eThR2hWuAh0S2zVVJCBb7Ll2q
v3to4VomQqu8/QR88pxg8h+Yc3VwrjKA2yePPC7OBGCkC3W56FrspH5pF3acJfT0
R1trF82RTFQ5REMtCYjCMK8pEuIFq69ej90TQypi6VwJURG4nSeZhNICu09N5w0V
RRebtUpgZztmaS0ONP9rE79Nf9Wmuo4KON1YLmXKlNG9oZ6cgJvAmXLD8m6rgY9I
7XWKmyY0yLed+HLGcb5Rt01H6wIDAQABo4IClTCCApEwHQYDVR0OBBYEFKf5V7q4
LLt4yDIf2up1uZiTdblnMB8GA1UdIwQYMBaAFP+QDyS/momC2V+ER6p7m7T3rEY5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjFFRi82RjJGRUJENjg5
MUYxMUVBODlCNjI3N0NDNEY5QUUwMi9fNUFQSkwtYWlZTFpYNFJIcW51YnRQZXNS
amsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL181QVBKTC1haVlMWlg0UkhxbnVidFBlc1Jqay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjIxRUYvNkYyRkVCRDY4OTFGMTFFQTg5QjYyNzdDQzRGOUFFMDIvRDFBNkI2RDA3
MzhFMTFFRDgyODNGRjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnnGEwDQYJKoZIhvcNAQELBQADggEBAByqIJPn4I8XPxGW
fzS2bFDqqHCceESjnlTrJ/k+H/wO7pKt4w21eN65v1UfcF1z+fqRd8e0x4DTlpeo
FCvOhUHhBNeIvlj9HTAg1gyX0XMkjRkBvEIw2n4XCP6OLUkZCrWjXHI59pw97ybn
ZtOOREuLlnovm1VZLQAcyjdvkx6tNdSjWg8C12BxUG8zwej7Ir53XN46HjmOwj6k
7FUKoWtlydj0lLC2hlXVYaYDKhRCOA/sr+uI0LWIBLlCc8760minozVUwCjJZZDr
Guf/ee5VjZU97vhyADN+XbjgwC/w32j/idKM48PtpWmY37LeU7t7FEeL1iHGJO2k
4AyQ8Cs=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:37:16 2025 by rpki-client