Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9140D69/0E177D5A058C11EDADD66011C4F9AE02/BAF6068003FF11F0A4ED2A0FC4F9AE02.roa
File: BAF6068003FF11F0A4ED2A0FC4F9AE02.roa (raw, json)
Hash identifier: NKQmAYZ+qv5DU6J3CM90FVD1uxEn0gkkV4zaOpjr+Ac=
Subject key identifier: C0:A1:96:D3:6D:B6:53:C9:BC:B8:31:18:3D:16:47:03:74:3F:3F:DF
Certificate issuer: /CN=A9140D69/serialNumber=103FA8BDFFFB9F0557072C47332B81A9E80EDD35
Certificate serial: 028F
Authority key identifier: 10:3F:A8:BD:FF:FB:9F:05:57:07:2C:47:33:2B:81:A9:E8:0E:DD:35
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ED-ovf_7nwVXByxHMyuBqegO3TU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9140D69/0E177D5A058C11EDADD66011C4F9AE02/BAF6068003FF11F0A4ED2A0FC4F9AE02.roa
Signing time: Tue 18 Mar 2025 13:48:54 +0000
ROA not before: Tue 18 Mar 2025 13:48:54 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 10103
IP address blocks: 103.237.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 655 (0x28f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9140D69
Validity
Not Before: Mar 18 13:48:54 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67d979c5-185a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c0:45:52:56:7f:b5:83:e9:4c:b4:33:91:4e:
5e:23:de:b8:59:c9:f3:39:74:2d:e7:21:69:f5:57:
19:31:07:8a:6a:16:fd:a9:83:2b:c1:73:40:f1:91:
56:f2:29:5f:a5:56:e0:dd:f4:96:6f:fb:e7:1f:5c:
9d:5d:12:74:11:49:9f:bd:33:fc:48:74:e9:16:95:
25:cc:a5:1e:a0:b3:be:01:a1:b6:a0:d4:d1:5c:4d:
3a:7b:e6:c8:10:93:54:f7:96:52:06:50:c6:b2:a5:
89:b7:75:48:05:37:93:52:a0:a6:80:00:f0:2f:8b:
d9:2c:63:55:c7:e5:80:56:d6:2d:70:7b:3f:f3:bf:
40:1a:2e:0f:b5:a3:46:25:ca:c0:f0:66:9f:5f:33:
a1:4f:65:4f:3f:b7:b4:9e:3b:4c:90:85:57:21:6a:
79:65:4c:7e:1a:e7:be:d1:2a:13:d2:29:61:3f:93:
5b:b2:d0:63:c5:7e:59:34:1d:21:a4:5d:bc:56:9c:
76:98:2d:19:cd:25:89:10:3c:90:be:cd:06:1c:7e:
67:be:75:e3:25:7b:15:5a:59:33:51:f4:d0:8c:dd:
54:ba:eb:8f:49:80:a4:1d:c8:d0:1f:c3:0c:43:a6:
e5:ef:ca:c0:bd:c0:7c:4e:ce:05:55:a1:f4:31:ed:
02:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:A1:96:D3:6D:B6:53:C9:BC:B8:31:18:3D:16:47:03:74:3F:3F:DF
X509v3 Authority Key Identifier:
keyid:10:3F:A8:BD:FF:FB:9F:05:57:07:2C:47:33:2B:81:A9:E8:0E:DD:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9140D69/0E177D5A058C11EDADD66011C4F9AE02/ED-ovf_7nwVXByxHMyuBqegO3TU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ED-ovf_7nwVXByxHMyuBqegO3TU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140D69/0E177D5A058C11EDADD66011C4F9AE02/BAF6068003FF11F0A4ED2A0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.237.101.0/24
Signature Algorithm: sha256WithRSAEncryption
12:65:18:cd:20:11:c4:86:7f:56:1c:e3:6f:91:89:3a:83:8b:
79:1a:c4:31:7e:56:fc:ce:bc:d3:ee:fa:8b:a7:fd:53:21:70:
97:d5:7d:66:8b:a7:ee:34:a9:fb:19:3f:22:80:74:d7:e2:ae:
cb:8b:ad:80:28:eb:c2:50:c1:e1:db:d5:90:ee:f1:da:bb:ea:
db:1a:d2:d8:b4:bb:f0:27:64:66:86:47:8a:d5:af:a2:3e:cf:
71:b9:e8:50:a7:74:8b:ec:f1:92:a5:ff:65:5a:ea:6e:69:4d:
16:d3:e2:d4:90:17:21:d9:bb:b6:d5:6b:6c:e0:61:f5:86:e7:
cf:4c:88:1d:ea:0c:e7:ee:1b:2a:3d:97:68:c3:f1:f5:26:50:
a4:45:aa:1c:6f:8f:ff:9b:b8:76:83:5c:d4:5a:6b:0b:44:a5:
d5:00:0b:5a:2f:b7:97:33:c8:db:49:27:a9:dc:c3:55:05:1b:
40:87:2e:e9:3a:25:94:17:74:f7:c8:07:36:8a:2e:a5:2a:6c:
ca:9c:c1:ec:63:73:cb:ee:af:ac:9f:70:49:ff:ab:d2:6c:6a:
0e:66:18:8d:61:90:59:c5:47:1d:b3:4f:7d:cf:4e:17:70:b3:
78:1d:a8:75:87:3e:f1:7b:4c:1f:45:48:4a:53:d0:59:8a:45:
e1:51:cc:81
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDBENjkxMTAvBgNVBAUTKDEwM0ZBOEJERkZGQjlGMDU1NzA3MkM0NzMzMkI4MUE5
RTgwRUREMzUwHhcNMjUwMzE4MTM0ODU0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q5NzljNS0xODVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz8BFUlZ/tYPpTLQzkU5eI964WcnzOXQt5yFp9VcZMQeKahb9qYMrwXNA8ZFW
8ilfpVbg3fSWb/vnH1ydXRJ0EUmfvTP8SHTpFpUlzKUeoLO+AaG2oNTRXE06e+bI
EJNU95ZSBlDGsqWJt3VIBTeTUqCmgADwL4vZLGNVx+WAVtYtcHs/879AGi4PtaNG
JcrA8GafXzOhT2VPP7e0njtMkIVXIWp5ZUx+Gue+0SoT0ilhP5NbstBjxX5ZNB0h
pF28Vpx2mC0ZzSWJEDyQvs0GHH5nvnXjJXsVWlkzUfTQjN1UuuuPSYCkHcjQH8MM
Q6bl78rAvcB8Ts4FVaH0Me0C6QIDAQABo4IClTCCApEwHQYDVR0OBBYEFMChltNt
tlPJvLgxGD0WRwN0Pz/fMB8GA1UdIwQYMBaAFBA/qL3/+58FVwcsRzMrganoDt01
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MEQ2OS8wRTE3N0Q1QTA1
OEMxMUVEQURENjYwMTFDNEY5QUUwMi9FRC1vdmZfN253VlhCeXhITXl1QnFlZ08z
VFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VELW92Zl83bndWWEJ5eEhNeXVCcWVnTzNUVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDBENjkvMEUxNzdENUEwNThDMTFFREFERDY2MDExQzRGOUFFMDIvQkFGNjA2ODAw
M0ZGMTFGMEE0RUQyQTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn7WUwDQYJKoZIhvcNAQELBQADggEBABJlGM0gEcSGf1Yc
42+RiTqDi3kaxDF+VvzOvNPu+oun/VMhcJfVfWaLp+40qfsZPyKAdNfirsuLrYAo
68JQweHb1ZDu8dq76tsa0ti0u/AnZGaGR4rVr6I+z3G56FCndIvs8ZKl/2Va6m5p
TRbT4tSQFyHZu7bVa2zgYfWG589MiB3qDOfuGyo9l2jD8fUmUKRFqhxvj/+buHaD
XNRaawtEpdUAC1ovt5czyNtJJ6ncw1UFG0CHLuk6JZQXdPfIBzaKLqUqbMqcwexj
c8vur6yfcEn/q9Jsag5mGI1hkFnFRx2zT33PThdws3gdqHWHPvF7TB9FSEpT0FmK
ReFRzIE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:10:02 2025 by rpki-client