Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912E990/8F43B30260B511ECBB0D5743C4F9AE02/5590E4766AD111EFB8AD551AC4F9AE02.roa
File: 5590E4766AD111EFB8AD551AC4F9AE02.roa (raw, json)
Hash identifier: u4534TN3FipMq5w+c3LILmi2ZS4NbdKmjDpYBOie5OM=
Subject key identifier: A8:75:6A:15:69:35:2A:B1:25:D1:95:0B:97:6D:3E:86:2E:F4:7A:38
Certificate issuer: /CN=A912E990/serialNumber=CEF2DB3F627D72418E9B3EA82A4FC89A41B7B5D1
Certificate serial: 040B
Authority key identifier: CE:F2:DB:3F:62:7D:72:41:8E:9B:3E:A8:2A:4F:C8:9A:41:B7:B5:D1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zvLbP2J9ckGOmz6oKk_ImkG3tdE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912E990/8F43B30260B511ECBB0D5743C4F9AE02/5590E4766AD111EFB8AD551AC4F9AE02.roa
Signing time: Fri 31 Jan 2025 00:45:17 +0000
ROA not before: Fri 31 Jan 2025 00:45:17 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 150740
IP address blocks: 103.161.215.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1035 (0x40b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912E990
Validity
Not Before: Jan 31 00:45:17 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=679c1d1c-22e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:58:b8:fe:fa:aa:ad:f4:2f:75:85:4d:09:f1:
1f:13:53:06:50:b3:0e:62:94:e8:7e:36:82:be:f2:
e0:cf:4c:f9:e0:bc:25:8d:21:12:80:02:a3:ee:67:
5c:d3:b4:e7:3d:cb:dd:3b:be:ff:11:03:c7:0f:7c:
ad:ac:fb:7c:32:c8:51:15:0a:42:5e:15:9f:ff:06:
b7:e3:2d:a9:a8:bd:3f:ff:b4:6f:56:74:f3:e4:32:
d6:82:4a:47:35:e4:fe:3a:3e:8d:db:35:a1:80:54:
57:1f:e7:a3:34:87:e5:5e:0a:d8:64:24:31:d9:5c:
20:92:23:f2:92:9f:45:0e:c2:59:71:6a:71:6f:58:
1d:73:d4:70:33:f8:7c:ea:f6:2d:7e:14:6a:50:b4:
e7:77:03:58:f0:8f:7e:ea:0a:79:30:b3:61:b2:dc:
49:48:9d:41:be:03:9f:26:46:8d:bb:c6:5c:6d:b2:
ca:d5:f0:42:12:c6:4a:6a:bf:c1:e1:0d:41:86:ae:
19:b4:1d:f0:32:b7:bc:7e:ff:f1:bf:fe:5a:35:1f:
18:97:d0:82:3d:75:97:ad:b2:6a:f7:e1:61:b0:2b:
d8:0e:4d:30:9b:e5:49:12:e4:70:a4:54:75:15:df:
e0:55:5c:4f:5f:37:03:1c:b5:05:fe:97:76:36:ca:
2b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:75:6A:15:69:35:2A:B1:25:D1:95:0B:97:6D:3E:86:2E:F4:7A:38
X509v3 Authority Key Identifier:
keyid:CE:F2:DB:3F:62:7D:72:41:8E:9B:3E:A8:2A:4F:C8:9A:41:B7:B5:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912E990/8F43B30260B511ECBB0D5743C4F9AE02/zvLbP2J9ckGOmz6oKk_ImkG3tdE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zvLbP2J9ckGOmz6oKk_ImkG3tdE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E990/8F43B30260B511ECBB0D5743C4F9AE02/5590E4766AD111EFB8AD551AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.161.215.0/24
Signature Algorithm: sha256WithRSAEncryption
75:08:09:f6:e6:2a:89:89:cb:0b:7b:fb:95:bd:12:e1:3f:51:
5b:3b:24:6f:bb:9d:25:b4:ca:3b:75:15:8b:e6:1f:3d:ed:85:
c9:c4:34:e5:f3:f5:a0:f6:7b:00:d2:42:41:94:e1:c5:c0:29:
73:d1:23:6e:a1:4c:b7:68:f4:6f:1c:fb:84:90:be:93:f2:a0:
ad:62:2a:e0:db:4e:38:2a:75:a4:c2:2c:5e:c4:95:e5:4a:5a:
32:fb:ad:e3:66:76:c0:c1:7b:b3:ea:cd:4f:46:9b:05:22:99:
25:90:4c:19:70:0d:39:97:6c:af:14:bc:fa:26:20:91:b9:3e:
e6:b8:b4:21:ec:5e:e4:a8:a6:7f:37:44:31:85:b8:f2:56:85:
9d:9a:58:93:14:d0:61:c0:b0:89:46:5c:56:22:37:65:fd:2a:
2f:fc:e8:34:7e:43:4f:21:a8:21:cc:df:ef:40:d2:da:fe:6a:
e2:f1:27:f8:7b:73:db:93:29:61:5d:58:91:fb:1b:4d:05:80:
5f:26:56:eb:b4:82:24:b5:1e:2a:34:9d:fc:b5:46:97:12:46:
15:99:a3:2f:fb:f4:64:0e:8f:64:d9:80:7e:81:73:f7:4d:c4:
f6:87:12:b8:3c:78:42:10:a8:22:f0:5c:f2:9a:02:66:df:e3:
15:4d:ec:3d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBAswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkU5OTAxMTAvBgNVBAUTKENFRjJEQjNGNjI3RDcyNDE4RTlCM0VBODJBNEZDODlB
NDFCN0I1RDEwHhcNMjUwMTMxMDA0NTE3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljMWQxYy0yMmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnFi4/vqqrfQvdYVNCfEfE1MGULMOYpTofjaCvvLgz0z54LwljSESgAKj7mdc
07TnPcvdO77/EQPHD3ytrPt8MshRFQpCXhWf/wa34y2pqL0//7RvVnTz5DLWgkpH
NeT+Oj6N2zWhgFRXH+ejNIflXgrYZCQx2VwgkiPykp9FDsJZcWpxb1gdc9RwM/h8
6vYtfhRqULTndwNY8I9+6gp5MLNhstxJSJ1BvgOfJkaNu8ZcbbLK1fBCEsZKar/B
4Q1Bhq4ZtB3wMre8fv/xv/5aNR8Yl9CCPXWXrbJq9+FhsCvYDk0wm+VJEuRwpFR1
Fd/gVVxPXzcDHLUF/pd2NsorKQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKh1ahVp
NSqxJdGVC5dtPoYu9Ho4MB8GA1UdIwQYMBaAFM7y2z9ifXJBjps+qCpPyJpBt7XR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTk5MC84RjQzQjMwMjYw
QjUxMUVDQkIwRDU3NDNDNEY5QUUwMi96dkxiUDJKOWNrR09tejZvS2tfSW1rRzN0
ZEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p2TGJQMko5Y2tHT216Nm9La19JbWtHM3RkRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkU5OTAvOEY0M0IzMDI2MEI1MTFFQ0JCMEQ1NzQzQzRGOUFFMDIvNTU5MEU0NzY2
QUQxMTFFRkI4QUQ1NTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnodcwDQYJKoZIhvcNAQELBQADggEBAHUICfbmKomJywt7
+5W9EuE/UVs7JG+7nSW0yjt1FYvmHz3thcnENOXz9aD2ewDSQkGU4cXAKXPRI26h
TLdo9G8c+4SQvpPyoK1iKuDbTjgqdaTCLF7EleVKWjL7reNmdsDBe7PqzU9GmwUi
mSWQTBlwDTmXbK8UvPomIJG5Pua4tCHsXuSopn83RDGFuPJWhZ2aWJMU0GHAsIlG
XFYiN2X9Ki/86DR+Q08hqCHM3+9A0tr+auLxJ/h7c9uTKWFdWJH7G00FgF8mVuu0
giS1Hio0nfy1RpcSRhWZoy/79GQOj2TZgH6Bc/dNxPaHErg8eEIQqCLwXPKaAmbf
4xVN7D0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:04:45 2025 by rpki-client