Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/6B4669CE7B7D11E99F99E776C4F9AE02.roa
File: 6B4669CE7B7D11E99F99E776C4F9AE02.roa (raw, json)
Hash identifier: phbymQiMHWNNzrnLfh17wazzvcgfnjQBs+kEUNXCkRg=
Subject key identifier: 18:EB:1F:AF:FD:46:C6:4E:5B:AB:5E:2B:9C:A6:B8:B9:64:A9:87:5C
Certificate issuer: /CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
Certificate serial: 25B3
Authority key identifier: 42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/6B4669CE7B7D11E99F99E776C4F9AE02.roa
Signing time: Sat 08 Feb 2025 17:55:32 +0000
ROA not before: Sat 08 Feb 2025 17:55:32 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 103.138.210.0/24 maxlen: 24
2001:df0:5580::/48 maxlen: 48
2001:df0:5580:400::/54 maxlen: 54
2001:df0:5580:c00::/54 maxlen: 54
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9651 (0x25b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913B805
Validity
Not Before: Feb 8 17:55:32 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67a79a94-88fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:68:60:ab:dd:a5:23:79:bb:50:ef:49:a0:b5:
f3:22:49:7f:d4:23:d6:7f:64:c0:d5:20:9c:34:18:
54:3d:b6:e7:4c:48:ab:c5:d6:c7:95:c7:c8:c0:c9:
19:b6:6e:9d:39:60:9b:3e:13:26:b5:5d:b9:04:94:
28:29:f2:d3:8a:c4:46:b4:8d:d4:48:c2:ff:4b:34:
53:af:ce:7d:39:1d:12:2b:38:01:fa:b2:33:ea:09:
01:5b:c4:49:2e:f3:76:6c:c5:78:5b:59:46:cd:10:
81:1a:32:f3:aa:08:3b:93:ca:8f:e5:6d:d3:39:40:
b9:49:21:98:58:64:25:aa:e8:c0:fd:9f:44:4b:75:
e5:c6:04:61:97:3f:29:48:30:c2:79:70:79:be:b7:
c0:a2:af:6d:a1:83:7f:8a:c7:f2:5f:7c:54:34:12:
9a:fc:63:66:54:92:42:a4:9f:bd:07:51:c8:67:56:
ef:c2:f5:0a:95:79:ea:93:4c:dd:bb:78:03:6d:9f:
ff:18:b5:92:b0:6b:11:f3:fb:22:3a:97:94:99:c3:
83:02:65:aa:e1:ae:b2:aa:fa:6f:87:5f:11:21:0e:
67:93:91:ed:44:3a:2c:2e:b8:8d:a1:02:5d:08:f9:
1d:30:56:68:7b:90:cf:67:d4:5c:48:6b:f4:c9:8c:
ef:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:EB:1F:AF:FD:46:C6:4E:5B:AB:5E:2B:9C:A6:B8:B9:64:A9:87:5C
X509v3 Authority Key Identifier:
keyid:42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/6B4669CE7B7D11E99F99E776C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.210.0/24
IPv6:
2001:df0:5580::/48
Signature Algorithm: sha256WithRSAEncryption
9f:82:6d:18:5d:a2:f1:c8:6d:9a:82:0a:8f:26:bc:1b:a9:c0:
08:96:5d:73:82:0f:62:11:c6:1e:e7:72:36:51:72:12:97:b9:
b4:84:73:a2:79:0b:85:22:75:e9:8a:af:31:a7:d5:cf:14:d1:
75:ec:4d:f3:1f:a7:d1:38:ac:a1:14:e3:f0:bc:89:c2:62:0c:
34:c1:e4:42:44:8b:21:9f:65:1b:e9:2b:f4:80:11:39:d5:95:
32:b0:cd:08:31:03:2a:24:6d:15:b9:4a:2b:66:5b:22:fe:5e:
3b:0a:e1:99:d9:84:64:b1:ae:dd:83:d3:31:56:70:3d:59:8e:
24:16:ac:d5:a3:32:57:53:e2:94:0c:0b:0b:16:53:3f:a9:9f:
dc:95:29:28:f2:62:e0:71:a5:11:d4:90:f9:1c:04:1f:fd:8b:
00:3d:1a:27:1e:2d:19:f3:01:2d:ad:24:b9:83:d9:bc:f9:f5:
a0:d4:90:be:5f:ad:b5:bd:75:40:50:22:b9:82:92:ae:e0:74:
d7:26:34:42:ad:21:9d:9c:94:b8:c5:79:23:7a:45:96:a4:36:
6c:6f:17:a0:9b:0c:65:df:59:35:b7:2c:0c:0a:e8:52:18:44:
41:d7:65:f5:f6:70:5d:03:5b:03:f8:95:43:71:17:6e:12:58:
ce:38:e0:21
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICJbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I4MDUxMTAvBgNVBAUTKDQyRDNFQ0I5Qzg1NzBBQjA5MEVCNjAxRURCMzM3OUMw
RDNEOEE2RDAwHhcNMjUwMjA4MTc1NTMyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E3OWE5NC04OGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl2hgq92lI3m7UO9JoLXzIkl/1CPWf2TA1SCcNBhUPbbnTEirxdbHlcfIwMkZ
tm6dOWCbPhMmtV25BJQoKfLTisRGtI3USML/SzRTr859OR0SKzgB+rIz6gkBW8RJ
LvN2bMV4W1lGzRCBGjLzqgg7k8qP5W3TOUC5SSGYWGQlqujA/Z9ES3XlxgRhlz8p
SDDCeXB5vrfAoq9toYN/isfyX3xUNBKa/GNmVJJCpJ+9B1HIZ1bvwvUKlXnqk0zd
u3gDbZ//GLWSsGsR8/siOpeUmcODAmWq4a6yqvpvh18RIQ5nk5HtRDosLriNoQJd
CPkdMFZoe5DPZ9RcSGv0yYzv6QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBjrH6/9
RsZOW6teK5ymuLlkqYdcMB8GA1UdIwQYMBaAFELT7LnIVwqwkOtgHtszecDT2KbQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjgwNS9GODA3NkI4QTdC
N0IxMUU5OEI2RUMwNzRDNEY5QUUwMi9RdFBzdWNoWENyQ1E2MkFlMnpONXdOUFlw
dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1F0UHN1Y2hYQ3JDUTYyQWUyek41d05QWXB0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I4MDUvRjgwNzZCOEE3QjdCMTFFOThCNkVDMDc0QzRGOUFFMDIvNkI0NjY5Q0U3
QjdEMTFFOTlGOTlFNzc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnitIwDwQCAAIwCQMHACABDfBVgDANBgkqhkiG9w0BAQsF
AAOCAQEAn4JtGF2i8chtmoIKjya8G6nACJZdc4IPYhHGHudyNlFyEpe5tIRzonkL
hSJ16YqvMafVzxTRdexN8x+n0TisoRTj8LyJwmIMNMHkQkSLIZ9lG+kr9IAROdWV
MrDNCDEDKiRtFblKK2ZbIv5eOwrhmdmEZLGu3YPTMVZwPVmOJBas1aMyV1PilAwL
CxZTP6mf3JUpKPJi4HGlEdSQ+RwEH/2LAD0aJx4tGfMBLa0kuYPZvPn1oNSQvl+t
tb11QFAiuYKSruB01yY0Qq0hnZyUuMV5I3pFlqQ2bG8XoJsMZd9ZNbcsDAroUhhE
Qddl9fZwXQNbA/iVQ3EXbhJYzjjgIQ==
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:40:06 2025 by rpki-client