Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/A46B24207D3811EF8EE86E6BC4F9AE02.roa
File: A46B24207D3811EF8EE86E6BC4F9AE02.roa (raw, json)
Hash identifier: q4NWMO7W6lRpux2uN6ng9OrQyUZmWgx1UYeF7qqy2kQ=
Subject key identifier: A0:62:33:4D:BC:64:20:1B:A3:D2:14:A2:5B:68:BA:63:E3:2F:AD:AE
Certificate issuer: /CN=A9133CD2/serialNumber=9AAC156FA918B4305741DAE9D5DBA2933746CE87
Certificate serial: 018A
Authority key identifier: 9A:AC:15:6F:A9:18:B4:30:57:41:DA:E9:D5:DB:A2:93:37:46:CE:87
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mqwVb6kYtDBXQdrp1duikzdGzoc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/A46B24207D3811EF8EE86E6BC4F9AE02.roa
Signing time: Wed 05 Feb 2025 02:28:02 +0000
ROA not before: Wed 05 Feb 2025 02:28:02 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 135345
IP address blocks: 103.179.144.0/24 maxlen: 24
103.179.145.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 394 (0x18a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9133CD2
Validity
Not Before: Feb 5 02:28:02 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a2ccb1-b351
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1a:c4:00:dc:06:03:fa:7f:8e:c6:1a:8d:e7:
78:7a:d9:5d:23:e9:95:7f:2d:42:d6:e0:66:87:d2:
f0:0b:fd:f8:02:55:7a:a0:5d:df:05:0d:9a:31:6c:
1c:87:80:73:e9:5a:2d:b6:66:d3:d6:80:c7:c7:d7:
7f:5f:ac:6d:86:00:bb:86:56:a5:85:23:8b:e4:14:
50:e2:8e:93:aa:c5:d8:71:2c:72:94:94:c9:cf:f9:
49:72:23:60:ac:b6:31:36:90:f9:7f:f8:56:56:f6:
e4:c6:88:fb:cb:f5:46:a2:39:d8:24:46:b5:41:a7:
ac:f8:3e:30:47:28:02:f7:de:b6:1a:cb:11:31:ab:
0c:f6:40:a8:a8:f7:ed:80:b7:d8:a9:6a:fc:2f:24:
96:8a:8a:55:42:ea:99:ef:df:00:14:a5:34:d4:41:
12:e9:04:25:fa:f0:82:1a:5e:aa:c3:78:c4:71:b7:
79:31:f6:a8:f2:fc:91:e6:e4:01:df:ad:65:66:a4:
e7:ff:e5:2d:41:33:63:72:ad:e9:c6:b2:1a:6e:bf:
10:64:0c:26:e7:3b:45:72:4c:11:ed:48:fb:6a:74:
c3:b8:5e:e5:af:fb:13:ce:22:97:ea:63:04:66:72:
65:18:2c:ea:9f:c6:84:a9:e2:02:47:ab:a0:0d:a4:
f2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:62:33:4D:BC:64:20:1B:A3:D2:14:A2:5B:68:BA:63:E3:2F:AD:AE
X509v3 Authority Key Identifier:
keyid:9A:AC:15:6F:A9:18:B4:30:57:41:DA:E9:D5:DB:A2:93:37:46:CE:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/mqwVb6kYtDBXQdrp1duikzdGzoc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mqwVb6kYtDBXQdrp1duikzdGzoc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/A46B24207D3811EF8EE86E6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.144.0/23
Signature Algorithm: sha256WithRSAEncryption
06:f8:f9:2d:e7:d9:0a:50:1e:30:78:be:ac:54:46:6a:23:fd:
ce:52:2c:c0:81:a9:b1:8d:5a:18:a9:7f:b0:b7:62:4d:a7:b5:
d1:25:cf:9f:01:cf:9d:6e:36:4d:14:05:5d:76:d0:89:48:d7:
4d:99:6a:aa:06:75:61:37:fe:9d:40:28:89:ea:f1:6c:2c:e4:
35:c0:f4:66:d8:de:72:64:11:da:84:f8:90:75:6f:66:77:73:
eb:7e:33:57:9d:d9:a6:ba:15:89:cb:90:a3:a7:51:39:b2:4a:
a0:65:00:7c:79:dc:3b:bc:71:aa:72:6c:a6:9d:6e:51:b5:14:
3d:b0:5e:f7:70:5e:6a:e7:f8:e8:18:51:41:fa:ca:2f:64:54:
2d:86:da:6c:3a:70:47:f5:f3:73:8d:3a:7a:70:6c:94:e7:18:
bf:b4:1d:9d:6d:6d:16:2c:da:a3:8a:e3:26:5c:24:c3:36:10:
18:56:ac:02:4a:36:a3:72:76:38:54:42:3c:96:b8:6c:93:f1:
c3:2f:92:80:c3:69:5a:a0:6e:c2:c6:5c:f4:b7:fc:f7:ca:34:
b3:11:f3:96:d2:ed:14:86:c6:dc:d2:a6:32:ef:c6:59:5d:0f:
cf:0e:2f:1b:9d:aa:78:60:42:34:30:a5:34:60:c3:32:bc:5c:
01:ab:87:4f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzNDRDIxMTAvBgNVBAUTKDlBQUMxNTZGQTkxOEI0MzA1NzQxREFFOUQ1REJBMjkz
Mzc0NkNFODcwHhcNMjUwMjA1MDIyODAyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyY2NiMS1iMzUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApBrEANwGA/p/jsYajed4etldI+mVfy1C1uBmh9LwC/34AlV6oF3fBQ2aMWwc
h4Bz6VottmbT1oDHx9d/X6xthgC7hlalhSOL5BRQ4o6TqsXYcSxylJTJz/lJciNg
rLYxNpD5f/hWVvbkxoj7y/VGojnYJEa1Qaes+D4wRygC9962GssRMasM9kCoqPft
gLfYqWr8LySWiopVQuqZ798AFKU01EES6QQl+vCCGl6qw3jEcbd5Mfao8vyR5uQB
361lZqTn/+UtQTNjcq3pxrIabr8QZAwm5ztFckwR7Uj7anTDuF7lr/sTziKX6mME
ZnJlGCzqn8aEqeICR6ugDaTynwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKBiM028
ZCAbo9IUoltoumPjL62uMB8GA1UdIwQYMBaAFJqsFW+pGLQwV0Ha6dXbopM3Rs6H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzM0NEMi80NUYzQUE3RUFD
MTYxMUVEQjk0N0I4NjBDNEY5QUUwMi9tcXdWYjZrWXREQlhRZHJwMWR1aWt6ZEd6
b2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21xd1ZiNmtZdERCWFFkcnAxZHVpa3pkR3pvYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzNDRDIvNDVGM0FBN0VBQzE2MTFFREI5NDdCODYwQzRGOUFFMDIvQTQ2QjI0MjA3
RDM4MTFFRjhFRTg2RTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFns5AwDQYJKoZIhvcNAQELBQADggEBAAb4+S3n2QpQHjB4
vqxURmoj/c5SLMCBqbGNWhipf7C3Yk2ntdElz58Bz51uNk0UBV120IlI102ZaqoG
dWE3/p1AKInq8Wws5DXA9GbY3nJkEdqE+JB1b2Z3c+t+M1ed2aa6FYnLkKOnUTmy
SqBlAHx53Du8capybKadblG1FD2wXvdwXmrn+OgYUUH6yi9kVC2G2mw6cEf183ON
OnpwbJTnGL+0HZ1tbRYs2qOK4yZcJMM2EBhWrAJKNqNydjhUQjyWuGyT8cMvkoDD
aVqgbsLGXPS3/PfKNLMR85bS7RSGxtzSpjLvxlldD88OLxudqnhgQjQwpTRgwzK8
XAGrh08=
-----END CERTIFICATE-----
Generated at Fri Apr 11 14:52:14 2025 by rpki-client