Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91610DD/656324F438EA11EFB0FB217DC4F9AE02/5E9461285DB711EF8AB66F0EC4F9AE02.roa
File: 5E9461285DB711EF8AB66F0EC4F9AE02.roa (raw, json)
Hash identifier: CBgoWvrmHvyFdXC0BLyQHHm9awpAM5FPWyknUbzVkgo=
Subject key identifier: EB:5A:70:45:0A:9F:CC:F3:A4:31:4B:8D:41:F3:99:4A:6D:C5:6F:56
Certificate issuer: /CN=A91610DD/serialNumber=D8BD676518366034B888848B3B5718FA9070E192
Certificate serial: 8C
Authority key identifier: D8:BD:67:65:18:36:60:34:B8:88:84:8B:3B:57:18:FA:90:70:E1:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2L1nZRg2YDS4iISLO1cY-pBw4ZI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91610DD/656324F438EA11EFB0FB217DC4F9AE02/5E9461285DB711EF8AB66F0EC4F9AE02.roa
Signing time: Tue 11 Mar 2025 05:53:40 +0000
ROA not before: Tue 11 Mar 2025 05:53:40 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 9313
IP address blocks: 103.21.144.0/24 maxlen: 24
103.21.145.0/24 maxlen: 24
103.21.146.0/24 maxlen: 24
103.21.147.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140 (0x8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91610DD
Validity
Not Before: Mar 11 05:53:40 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67cfcfe4-4ef0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:76:d3:e9:79:a3:36:87:69:4d:30:5b:f9:0e:
1c:92:42:c5:de:f0:31:91:cd:87:ff:28:c3:09:de:
21:fd:04:da:97:3f:c3:90:f3:81:02:14:ae:67:ea:
4f:09:d0:59:1c:c3:dd:6f:5e:b3:64:90:58:16:5e:
11:f5:d8:23:13:cb:28:d4:0e:4c:9f:6f:c3:40:ae:
d6:9b:10:17:5c:fd:2c:2b:bd:f6:f2:47:7a:58:92:
63:9e:48:35:fd:44:35:72:31:4a:5b:4a:64:9b:e0:
d0:ca:1c:b9:8c:05:b6:b2:21:68:97:8a:e6:36:30:
4f:8d:77:0f:de:11:4f:1c:98:42:64:88:54:8c:66:
8f:8e:96:b7:26:ce:16:bc:c3:47:fc:18:60:34:68:
ee:92:59:71:0d:4d:56:fb:ee:02:71:e9:b2:41:a7:
04:e3:b5:fb:08:5e:3b:96:8e:3e:a5:71:da:da:03:
d3:80:0c:30:90:49:08:50:da:45:bd:88:b5:0e:f8:
70:e1:f2:85:78:47:a9:10:a3:b0:30:ce:9e:92:bc:
99:32:9b:44:ea:08:da:27:9d:16:08:4c:11:c6:c7:
ff:ea:93:15:51:d1:e8:5b:b3:cd:1a:dc:bf:b8:22:
e0:2c:17:1e:ca:58:47:b4:b0:f3:74:d7:1f:3a:3f:
db:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:5A:70:45:0A:9F:CC:F3:A4:31:4B:8D:41:F3:99:4A:6D:C5:6F:56
X509v3 Authority Key Identifier:
keyid:D8:BD:67:65:18:36:60:34:B8:88:84:8B:3B:57:18:FA:90:70:E1:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91610DD/656324F438EA11EFB0FB217DC4F9AE02/2L1nZRg2YDS4iISLO1cY-pBw4ZI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2L1nZRg2YDS4iISLO1cY-pBw4ZI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91610DD/656324F438EA11EFB0FB217DC4F9AE02/5E9461285DB711EF8AB66F0EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.21.144.0/22
Signature Algorithm: sha256WithRSAEncryption
68:ec:27:27:40:9a:ce:b8:11:7b:3a:f5:87:44:a5:6a:3e:a3:
78:53:cf:6a:b3:5d:95:08:96:d2:7d:f3:a9:ac:4e:22:cc:aa:
ea:27:42:98:40:d7:dc:c3:bd:bd:e0:e6:7e:15:ae:20:2e:c8:
57:1c:92:8b:c3:a0:f6:6b:3f:c0:be:f4:c6:5a:46:bc:41:cb:
6a:d8:ab:58:ea:17:8c:e4:d9:f6:07:49:02:d5:5b:dc:86:88:
69:1f:35:c2:d5:31:b0:5a:32:aa:89:7f:83:f7:b0:34:dc:1d:
a9:ab:8c:ad:bf:f1:33:83:17:86:c3:9f:81:74:bf:2e:a6:df:
3a:e7:19:4c:4b:59:e6:49:10:9e:16:f7:c2:6c:cd:78:c8:e4:
af:0a:eb:f8:ce:6b:ea:a0:50:4f:1e:92:d8:6f:95:60:ca:27:
a7:b3:d7:2d:1a:01:bf:13:30:39:9c:25:95:3a:cd:01:08:ec:
a6:c1:0d:03:bf:3a:1e:55:b0:ca:03:ae:4a:9a:e2:e8:cc:6a:
fd:be:cb:40:3b:e9:ab:55:b2:0d:b4:20:48:58:58:b7:a2:53:
c3:d1:90:14:fa:30:dc:cf:24:f8:48:b7:08:97:b7:a2:68:b7:
ed:05:8d:a0:40:e6:25:4d:83:83:60:41:94:e9:68:18:67:19:
df:2a:f8:28
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAIwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjEwREQxMTAvBgNVBAUTKEQ4QkQ2NzY1MTgzNjYwMzRCODg4ODQ4QjNCNTcxOEZB
OTA3MEUxOTIwHhcNMjUwMzExMDU1MzQwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmY2ZlNC00ZWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsHbT6XmjNodpTTBb+Q4ckkLF3vAxkc2H/yjDCd4h/QTalz/DkPOBAhSuZ+pP
CdBZHMPdb16zZJBYFl4R9dgjE8so1A5Mn2/DQK7WmxAXXP0sK7328kd6WJJjnkg1
/UQ1cjFKW0pkm+DQyhy5jAW2siFol4rmNjBPjXcP3hFPHJhCZIhUjGaPjpa3Js4W
vMNH/BhgNGjukllxDU1W++4CcemyQacE47X7CF47lo4+pXHa2gPTgAwwkEkIUNpF
vYi1Dvhw4fKFeEepEKOwMM6ekryZMptE6gjaJ50WCEwRxsf/6pMVUdHoW7PNGty/
uCLgLBceylhHtLDzdNcfOj/bnQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOtacEUK
n8zzpDFLjUHzmUptxW9WMB8GA1UdIwQYMBaAFNi9Z2UYNmA0uIiEiztXGPqQcOGS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MTBERC82NTYzMjRGNDM4
RUExMUVGQjBGQjIxN0RDNEY5QUUwMi8yTDFuWlJnMllEUzRpSVNMTzFjWS1wQnc0
WkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJMMW5aUmcyWURTNGlJU0xPMWNZLXBCdzRaSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjEwREQvNjU2MzI0RjQzOEVBMTFFRkIwRkIyMTdEQzRGOUFFMDIvNUU5NDYxMjg1
REI3MTFFRjhBQjY2RjBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnFZAwDQYJKoZIhvcNAQELBQADggEBAGjsJydAms64EXs6
9YdEpWo+o3hTz2qzXZUIltJ986msTiLMquonQphA19zDvb3g5n4VriAuyFcckovD
oPZrP8C+9MZaRrxBy2rYq1jqF4zk2fYHSQLVW9yGiGkfNcLVMbBaMqqJf4P3sDTc
HamrjK2/8TODF4bDn4F0vy6m3zrnGUxLWeZJEJ4W98JszXjI5K8K6/jOa+qgUE8e
kthvlWDKJ6ez1y0aAb8TMDmcJZU6zQEI7KbBDQO/Oh5VsMoDrkqa4ujMav2+y0A7
6atVsg20IEhYWLeiU8PRkBT6MNzPJPhItwiXt6Jot+0FjaBA5iVNg4NgQZTpaBhn
Gd8q+Cg=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:28:51 2025 by rpki-client