Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9135B44/AD0D61F83A6C11ED9941F55CC4F9AE02/D4B06AAA3A6E11ED8266115DC4F9AE02.roa
File: D4B06AAA3A6E11ED8266115DC4F9AE02.roa (raw, json)
Hash identifier: rXyXJ/J6rVFIkAmCNmdDPvJdD/VKGdNuveHL3e4vBN4=
Subject key identifier: 4B:7F:BD:C9:2C:7C:80:27:AA:8E:F3:CD:A8:7B:10:74:D2:51:CE:70
Certificate issuer: /CN=A9135B44/serialNumber=E46E189DC8E910A1ABBE2E364DD081775CE48460
Certificate serial: 01E0
Authority key identifier: E4:6E:18:9D:C8:E9:10:A1:AB:BE:2E:36:4D:D0:81:77:5C:E4:84:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5G4YncjpEKGrvi42TdCBd1zkhGA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9135B44/AD0D61F83A6C11ED9941F55CC4F9AE02/D4B06AAA3A6E11ED8266115DC4F9AE02.roa
Signing time: Wed 05 Mar 2025 03:48:25 +0000
ROA not before: Wed 05 Mar 2025 03:48:25 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 141686
IP address blocks: 103.161.250.0/23 maxlen: 23
103.161.250.0/24 maxlen: 24
103.161.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 480 (0x1e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9135B44
Validity
Not Before: Mar 5 03:48:25 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c7c988-75c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:48:36:66:12:ef:9b:d4:f4:11:4f:cb:c8:4b:
d5:75:c4:cd:0b:88:50:47:98:ab:dc:60:99:a4:20:
84:72:c4:68:52:01:9b:66:59:57:be:ba:2c:19:16:
e7:93:9c:72:37:ec:52:e3:72:03:c3:e8:ec:7a:27:
36:4c:aa:3b:28:47:d3:dd:63:92:8f:b7:8e:db:ee:
2c:af:15:fc:fb:3e:8e:f6:3a:04:7f:fa:a2:04:80:
25:1d:6c:ad:8e:9b:aa:9f:b3:e3:c8:20:af:58:bf:
06:8d:85:d5:0b:d6:43:6a:2e:81:90:8e:8d:6d:b4:
09:65:4d:0c:6d:04:3c:af:36:e1:d7:4b:ed:7e:e3:
8b:53:6e:c5:b6:57:ce:bc:8e:11:96:cd:16:be:79:
10:9c:01:07:41:1f:7b:12:60:b2:9a:f9:4c:eb:89:
ef:e9:4a:29:d5:f6:27:59:e8:5f:00:d0:1b:11:b7:
1e:48:7f:b9:c2:3f:b4:d5:ab:be:77:f5:fb:25:3e:
38:82:9e:73:cd:81:41:26:33:25:5c:a5:7b:0f:48:
d7:69:20:a1:b6:27:4b:3e:32:57:3b:aa:33:60:8d:
ee:b4:fd:cc:94:fd:a9:2d:ab:a0:e6:b6:28:4d:17:
38:d4:29:02:6d:3a:59:9b:ed:cb:95:dc:71:39:c7:
73:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7F:BD:C9:2C:7C:80:27:AA:8E:F3:CD:A8:7B:10:74:D2:51:CE:70
X509v3 Authority Key Identifier:
keyid:E4:6E:18:9D:C8:E9:10:A1:AB:BE:2E:36:4D:D0:81:77:5C:E4:84:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9135B44/AD0D61F83A6C11ED9941F55CC4F9AE02/5G4YncjpEKGrvi42TdCBd1zkhGA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5G4YncjpEKGrvi42TdCBd1zkhGA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9135B44/AD0D61F83A6C11ED9941F55CC4F9AE02/D4B06AAA3A6E11ED8266115DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.161.250.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:40:52:8b:3d:1f:12:e4:93:c8:05:41:98:86:c4:55:a5:8d:
97:46:a9:78:34:3e:1f:4f:96:d8:ef:e1:a1:6e:ee:5e:37:a6:
c4:f4:3f:b0:d4:7d:41:8c:34:d9:05:0d:4a:a0:5d:d0:70:5f:
77:2c:0b:77:84:cd:95:56:18:ab:c0:c8:d2:2c:0b:9a:62:92:
fa:e8:b2:19:b5:06:41:fe:ec:fd:de:4c:ec:05:0c:45:50:32:
18:27:79:7e:d7:15:a0:06:ad:24:12:8a:c1:19:08:33:75:7c:
d9:bb:a1:09:ce:ed:4c:fd:f0:bb:d7:7b:6b:1c:dc:30:8a:0c:
52:e3:70:56:6c:b9:df:90:cf:fe:33:b6:c1:dc:ff:36:c4:c3:
5e:20:df:67:9a:d2:b6:8e:a8:01:78:25:8c:2f:09:79:8a:fe:
02:45:d5:13:df:3e:3f:e2:3a:50:a2:99:6c:41:0c:a1:34:b8:
62:43:17:be:d6:71:1e:f9:93:f0:49:78:72:05:53:e2:ff:7d:
c6:07:cd:2b:63:a5:20:5d:30:db:93:98:51:3d:15:13:e2:1c:
b3:03:af:ef:7f:16:c0:ae:18:16:21:fa:7e:27:2d:32:f7:0f:
12:fa:6f:31:59:d6:55:76:dd:51:61:94:1d:9a:7a:c6:f4:7e:
05:61:79:c7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAeAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzVCNDQxMTAvBgNVBAUTKEU0NkUxODlEQzhFOTEwQTFBQkJFMkUzNjRERDA4MTc3
NUNFNDg0NjAwHhcNMjUwMzA1MDM0ODI1WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3Yzk4OC03NWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArEg2ZhLvm9T0EU/LyEvVdcTNC4hQR5ir3GCZpCCEcsRoUgGbZllXvrosGRbn
k5xyN+xS43IDw+jseic2TKo7KEfT3WOSj7eO2+4srxX8+z6O9joEf/qiBIAlHWyt
jpuqn7PjyCCvWL8GjYXVC9ZDai6BkI6NbbQJZU0MbQQ8rzbh10vtfuOLU27FtlfO
vI4Rls0WvnkQnAEHQR97EmCymvlM64nv6Uop1fYnWehfANAbEbceSH+5wj+01au+
d/X7JT44gp5zzYFBJjMlXKV7D0jXaSChtidLPjJXO6ozYI3utP3MlP2pLaug5rYo
TRc41CkCbTpZm+3LldxxOcdztQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEt/vcks
fIAnqo7zzah7EHTSUc5wMB8GA1UdIwQYMBaAFORuGJ3I6RChq74uNk3QgXdc5IRg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNUI0NC9BRDBENjFGODNB
NkMxMUVEOTk0MUY1NUNDNEY5QUUwMi81RzRZbmNqcEVLR3J2aTQyVGRDQmQxemto
R0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVHNFluY2pwRUtHcnZpNDJUZENCZDF6a2hHQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzVCNDQvQUQwRDYxRjgzQTZDMTFFRDk5NDFGNTVDQzRGOUFFMDIvRDRCMDZBQUEz
QTZFMTFFRDgyNjYxMTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnofowDQYJKoZIhvcNAQELBQADggEBAC9AUos9HxLkk8gF
QZiGxFWljZdGqXg0Ph9Pltjv4aFu7l43psT0P7DUfUGMNNkFDUqgXdBwX3csC3eE
zZVWGKvAyNIsC5pikvroshm1BkH+7P3eTOwFDEVQMhgneX7XFaAGrSQSisEZCDN1
fNm7oQnO7Uz98LvXe2sc3DCKDFLjcFZsud+Qz/4ztsHc/zbEw14g32ea0raOqAF4
JYwvCXmK/gJF1RPfPj/iOlCimWxBDKE0uGJDF77WcR75k/BJeHIFU+L/fcYHzStj
pSBdMNuTmFE9FRPiHLMDr+9/FsCuGBYh+n4nLTL3DxL6bzFZ1lV23VFhlB2aesb0
fgVhecc=
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:27:07 2025 by rpki-client