Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9127898/2069F5FCFC0D11EBAE95147BC4F9AE02/BFD5DDF0D95311EF9B045445C4F9AE02.roa
File: BFD5DDF0D95311EF9B045445C4F9AE02.roa (raw, json)
Hash identifier: zmENuILHmN18AUGwPcqkBbA0GZjdGWwt2+ySfMUc/Dk=
Subject key identifier: AB:60:FC:48:32:70:E8:47:9D:6F:88:BD:48:0D:BA:7F:00:35:0A:37
Certificate issuer: /CN=A9127898/serialNumber=95655EE72E177A02096C0CB60676AA1E669AE7E0
Certificate serial: 012A
Authority key identifier: 95:65:5E:E7:2E:17:7A:02:09:6C:0C:B6:06:76:AA:1E:66:9A:E7:E0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lWVe5y4XegIJbAy2BnaqHmaa5-A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9127898/2069F5FCFC0D11EBAE95147BC4F9AE02/BFD5DDF0D95311EF9B045445C4F9AE02.roa
Signing time: Thu 13 Feb 2025 07:22:43 +0000
ROA not before: Thu 13 Feb 2025 07:22:43 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 137059
IP address blocks: 103.171.142.0/23 maxlen: 23
103.171.142.0/24 maxlen: 24
103.171.143.0/24 maxlen: 24
2001:df7:4a80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 298 (0x12a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9127898
Validity
Not Before: Feb 13 07:22:43 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67ad9dc3-651e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:79:a4:5d:48:a9:66:af:74:f0:6e:b5:bc:2b:
e8:33:fa:74:cb:c1:b2:b4:ab:b5:ad:28:14:b1:35:
4f:82:24:9f:df:5e:58:c4:57:fb:bf:7e:23:58:e1:
c7:e6:22:7b:21:81:ef:51:d3:01:8f:53:67:02:12:
2e:0d:b9:7b:80:35:93:49:e3:de:5d:1a:5a:ee:84:
41:0f:fb:e3:d9:57:4c:87:1f:77:61:54:f8:40:33:
74:05:b6:d0:ce:5d:54:4c:02:00:d2:27:fa:03:c5:
45:25:08:1c:f7:3f:cf:9a:03:ba:2a:1f:6a:c3:88:
72:c0:7c:9c:41:12:e5:83:fe:2b:05:03:0c:79:44:
d2:e4:17:25:71:db:a0:66:bc:cf:62:6a:9a:be:84:
61:f2:89:ac:cc:f1:57:93:a7:fe:b9:52:89:fc:bc:
49:4d:73:c2:01:cd:46:75:de:de:bf:57:d9:35:05:
72:5a:2e:21:a1:c7:81:de:d7:a7:84:8b:20:75:53:
3c:86:c0:f4:e0:b0:bf:4f:81:8c:4c:99:94:20:36:
9e:93:96:89:69:bb:8b:0a:14:a6:87:28:52:27:15:
85:e9:8a:70:b4:59:70:9c:8c:b7:64:c1:1c:db:bf:
3d:29:a5:c7:e3:98:17:36:c7:24:96:83:9d:41:ff:
72:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:60:FC:48:32:70:E8:47:9D:6F:88:BD:48:0D:BA:7F:00:35:0A:37
X509v3 Authority Key Identifier:
keyid:95:65:5E:E7:2E:17:7A:02:09:6C:0C:B6:06:76:AA:1E:66:9A:E7:E0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9127898/2069F5FCFC0D11EBAE95147BC4F9AE02/lWVe5y4XegIJbAy2BnaqHmaa5-A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lWVe5y4XegIJbAy2BnaqHmaa5-A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127898/2069F5FCFC0D11EBAE95147BC4F9AE02/BFD5DDF0D95311EF9B045445C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.142.0/23
IPv6:
2001:df7:4a80::/48
Signature Algorithm: sha256WithRSAEncryption
61:c9:96:23:dd:69:ef:43:ab:01:9c:50:20:8c:37:a2:cd:21:
26:c1:f5:51:5a:86:33:56:6d:63:24:74:7a:d5:2a:a2:33:ba:
bf:66:ba:ae:06:b3:c0:91:03:8f:60:da:d0:58:86:07:c1:9a:
da:56:e9:1c:8f:34:e8:b4:cd:48:37:54:07:15:02:6f:00:07:
54:94:81:5a:86:fc:af:f0:2e:2b:94:3f:d6:dd:35:00:89:91:
a2:c6:59:16:95:03:2f:39:3a:9c:c5:3c:83:98:7c:a5:ad:e1:
67:cd:c2:36:58:ea:41:53:fd:f1:d5:ce:c9:82:14:9a:77:3b:
e8:74:17:fe:01:cc:37:d2:47:4d:b1:cf:dd:c3:f3:73:9a:fd:
cb:5a:90:e2:fb:22:4f:64:04:64:e6:a8:53:1e:b7:95:76:34:
3f:f3:38:ad:1b:1c:e8:1f:7c:4a:2f:0f:36:41:92:2e:b2:91:
75:66:b5:c5:02:32:91:e2:3c:d2:40:b7:3f:8b:19:b4:a1:1d:
7b:42:5d:b7:da:62:b0:4e:4e:cc:1d:47:3e:82:2e:11:a6:5f:
0a:b1:d0:33:5b:e4:94:c2:d3:5e:67:64:87:67:28:77:ab:19:
8c:0f:8c:b5:b6:71:d6:be:f1:af:38:19:0f:ca:4c:62:5b:34:
79:ca:95:11
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICASowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc4OTgxMTAvBgNVBAUTKDk1NjU1RUU3MkUxNzdBMDIwOTZDMENCNjA2NzZBQTFF
NjY5QUU3RTAwHhcNMjUwMjEzMDcyMjQzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FkOWRjMy02NTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1nmkXUipZq908G61vCvoM/p0y8GytKu1rSgUsTVPgiSf315YxFf7v34jWOHH
5iJ7IYHvUdMBj1NnAhIuDbl7gDWTSePeXRpa7oRBD/vj2VdMhx93YVT4QDN0BbbQ
zl1UTAIA0if6A8VFJQgc9z/PmgO6Kh9qw4hywHycQRLlg/4rBQMMeUTS5Bclcdug
ZrzPYmqavoRh8omszPFXk6f+uVKJ/LxJTXPCAc1Gdd7ev1fZNQVyWi4hoceB3ten
hIsgdVM8hsD04LC/T4GMTJmUIDaek5aJabuLChSmhyhSJxWF6YpwtFlwnIy3ZMEc
2789KaXH45gXNsckloOdQf9yqQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKtg/Egy
cOhHnW+IvUgNun8ANQo3MB8GA1UdIwQYMBaAFJVlXucuF3oCCWwMtgZ2qh5mmufg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzg5OC8yMDY5RjVGQ0ZD
MEQxMUVCQUU5NTE0N0JDNEY5QUUwMi9sV1ZlNXk0WGVnSUpiQXkyQm5hcUhtYWE1
LUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xXVmU1eTRYZWdJSmJBeTJCbmFxSG1hYTUtQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc4OTgvMjA2OUY1RkNGQzBEMTFFQkFFOTUxNDdCQzRGOUFFMDIvQkZENURERjBE
OTUzMTFFRjlCMDQ1NDQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq44wDwQCAAIwCQMHACABDfdKgDANBgkqhkiG9w0BAQsF
AAOCAQEAYcmWI91p70OrAZxQIIw3os0hJsH1UVqGM1ZtYyR0etUqojO6v2a6rgaz
wJEDj2Da0FiGB8Ga2lbpHI806LTNSDdUBxUCbwAHVJSBWob8r/AuK5Q/1t01AImR
osZZFpUDLzk6nMU8g5h8pa3hZ83CNljqQVP98dXOyYIUmnc76HQX/gHMN9JHTbHP
3cPzc5r9y1qQ4vsiT2QEZOaoUx63lXY0P/M4rRsc6B98Si8PNkGSLrKRdWa1xQIy
keI80kC3P4sZtKEde0Jdt9pisE5OzB1HPoIuEaZfCrHQM1vklMLTXmdkh2cod6sZ
jA+MtbZx1r7xrzgZD8pMYls0ecqVEQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:13:59 2025 by rpki-client