Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139790/BF2CE3F0C0AA11EBBEAFCA2AC4F9AE02/DC3716ACC0AD11EBA91C5655C4F9AE02.roa
File: DC3716ACC0AD11EBA91C5655C4F9AE02.roa (raw, json)
Hash identifier: EBqrEz/i9vK9iq4wm6BDo7gJhb/CJzKXd1UUNUNCbGY=
Subject key identifier: D8:88:2A:6A:BF:E9:8E:B9:AF:F0:73:ED:FC:19:2E:13:E9:46:4F:9C
Certificate issuer: /CN=A9139790/serialNumber=ABACB90C31348501B4B1D5E5A2C7CFF1FD87B55B
Certificate serial: 059E
Authority key identifier: AB:AC:B9:0C:31:34:85:01:B4:B1:D5:E5:A2:C7:CF:F1:FD:87:B5:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q6y5DDE0hQG0sdXlosfP8f2HtVs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139790/BF2CE3F0C0AA11EBBEAFCA2AC4F9AE02/DC3716ACC0AD11EBA91C5655C4F9AE02.roa
Signing time: Sat 01 Mar 2025 00:52:28 +0000
ROA not before: Sat 01 Mar 2025 00:52:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 131167
IP address blocks: 103.160.52.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1438 (0x59e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139790
Validity
Not Before: Mar 1 00:52:28 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c25a4c-700f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:98:a2:54:4a:3a:35:65:8c:e4:d1:9f:2c:eb:
34:0e:b8:b5:57:57:4c:87:40:07:cd:8d:e8:50:24:
78:cf:81:86:b3:df:41:a2:f2:17:6c:99:f2:c7:0a:
cb:79:21:ef:e5:a8:80:81:f4:52:63:af:35:65:04:
17:c5:c7:7a:ae:1c:32:6e:26:90:9f:ee:d6:35:32:
08:2a:b1:14:6d:37:cb:0e:10:d0:5e:cc:68:32:7d:
50:97:70:23:72:99:41:71:1e:c8:fd:e9:90:34:cc:
c0:c8:5f:c1:6d:62:de:d3:86:eb:ce:ad:3f:53:c0:
b6:36:79:44:60:8e:a1:e4:1a:c5:7f:26:20:30:17:
90:94:dc:cd:66:ec:9e:65:a1:57:2c:ce:0c:d8:e9:
cc:53:33:3b:76:45:ab:2a:f4:97:10:ff:1e:88:2a:
7e:e8:f0:f4:bc:50:0a:12:14:8f:d5:33:1e:43:c1:
6b:ec:30:e1:7a:25:af:2e:a8:ea:60:bc:b5:04:e4:
1d:04:20:e1:d6:85:4a:c0:1d:de:7e:c2:d1:ec:51:
31:66:fa:bc:6f:0e:4e:fd:f4:48:56:02:f5:53:ad:
23:97:a2:c8:36:66:aa:d1:e2:4a:a5:b3:e9:fa:68:
2a:55:74:b5:86:d1:ad:5e:a9:10:b2:b0:71:03:e6:
89:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:88:2A:6A:BF:E9:8E:B9:AF:F0:73:ED:FC:19:2E:13:E9:46:4F:9C
X509v3 Authority Key Identifier:
keyid:AB:AC:B9:0C:31:34:85:01:B4:B1:D5:E5:A2:C7:CF:F1:FD:87:B5:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139790/BF2CE3F0C0AA11EBBEAFCA2AC4F9AE02/q6y5DDE0hQG0sdXlosfP8f2HtVs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q6y5DDE0hQG0sdXlosfP8f2HtVs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139790/BF2CE3F0C0AA11EBBEAFCA2AC4F9AE02/DC3716ACC0AD11EBA91C5655C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.52.0/23
Signature Algorithm: sha256WithRSAEncryption
08:24:7e:14:bd:9e:e6:2b:f1:91:04:08:da:52:7a:b5:d9:b9:
93:83:8d:4a:8e:e1:cc:ef:a3:b1:4e:a1:38:2e:4a:6b:e9:dc:
7d:58:f4:32:c6:1f:d3:3a:ab:b9:84:36:c2:86:a7:48:d5:87:
a3:2d:3f:46:27:c9:dd:10:d5:dc:f5:b1:aa:ec:a2:b8:d9:fb:
fe:90:c2:4a:7f:7f:fd:c8:bb:24:2e:17:14:96:d6:20:71:c7:
0c:f7:f5:9d:73:64:23:fb:95:33:29:0c:72:15:4e:2f:fb:9c:
bb:8f:e9:13:b8:8e:49:fb:f7:25:a5:f2:01:b6:13:b6:7f:bb:
2c:f0:63:0f:2b:5d:54:5a:74:26:83:9a:3b:2e:ab:d6:62:5d:
69:a0:53:5b:4e:1e:30:33:16:f0:15:cd:52:22:dd:f6:3b:73:
bc:56:a2:c9:0e:b9:3c:2b:e9:9c:0e:b7:01:7a:d4:0e:cf:e7:
9b:37:ab:cf:22:01:c5:8e:01:8f:22:4c:31:45:21:dc:c2:1e:
96:bf:1b:2a:07:89:d6:e8:e9:46:22:20:36:14:bd:a1:65:b4:
15:1f:55:29:62:15:a0:3d:54:7b:cf:96:d4:d6:ea:3e:d7:c4:
24:7e:a5:19:57:dc:4a:1e:d6:54:a4:ac:a1:e3:0b:71:c7:8a:
49:28:67:7b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBZ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mzk3OTAxMTAvBgNVBAUTKEFCQUNCOTBDMzEzNDg1MDFCNEIxRDVFNUEyQzdDRkYx
RkQ4N0I1NUIwHhcNMjUwMzAxMDA1MjI4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MyNWE0Yy03MDBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA25iiVEo6NWWM5NGfLOs0Dri1V1dMh0AHzY3oUCR4z4GGs99BovIXbJnyxwrL
eSHv5aiAgfRSY681ZQQXxcd6rhwybiaQn+7WNTIIKrEUbTfLDhDQXsxoMn1Ql3Aj
cplBcR7I/emQNMzAyF/BbWLe04brzq0/U8C2NnlEYI6h5BrFfyYgMBeQlNzNZuye
ZaFXLM4M2OnMUzM7dkWrKvSXEP8eiCp+6PD0vFAKEhSP1TMeQ8Fr7DDheiWvLqjq
YLy1BOQdBCDh1oVKwB3efsLR7FExZvq8bw5O/fRIVgL1U60jl6LINmaq0eJKpbPp
+mgqVXS1htGtXqkQsrBxA+aJeQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNiIKmq/
6Y65r/Bz7fwZLhPpRk+cMB8GA1UdIwQYMBaAFKusuQwxNIUBtLHV5aLHz/H9h7Vb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTc5MC9CRjJDRTNGMEMw
QUExMUVCQkVBRkNBMkFDNEY5QUUwMi9xNnk1RERFMGhRRzBzZFhsb3NmUDhmMkh0
VnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3E2eTVEREUwaFFHMHNkWGxvc2ZQOGYySHRWcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mzk3OTAvQkYyQ0UzRjBDMEFBMTFFQkJFQUZDQTJBQzRGOUFFMDIvREMzNzE2QUND
MEFEMTFFQkE5MUM1NjU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnoDQwDQYJKoZIhvcNAQELBQADggEBAAgkfhS9nuYr8ZEE
CNpSerXZuZODjUqO4czvo7FOoTguSmvp3H1Y9DLGH9M6q7mENsKGp0jVh6MtP0Yn
yd0Q1dz1sarsorjZ+/6Qwkp/f/3IuyQuFxSW1iBxxwz39Z1zZCP7lTMpDHIVTi/7
nLuP6RO4jkn79yWl8gG2E7Z/uyzwYw8rXVRadCaDmjsuq9ZiXWmgU1tOHjAzFvAV
zVIi3fY7c7xWoskOuTwr6ZwOtwF61A7P55s3q88iAcWOAY8iTDFFIdzCHpa/GyoH
idbo6UYiIDYUvaFltBUfVSliFaA9VHvPltTW6j7XxCR+pRlX3Eoe1lSkrKHjC3HH
ikkoZ3s=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:36:13 2025 by rpki-client