Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9165226/3C9CF04CB73D11E9A0DEB848C4F9AE02/37EF9AB2B73E11E9BCAF574AC4F9AE02.roa
File: 37EF9AB2B73E11E9BCAF574AC4F9AE02.roa (raw, json)
Hash identifier: NGmhercCoJ9hcEnfypdSk09ukBq8+ACpPHXM0iho7j0=
Subject key identifier: 7E:2A:BB:7F:80:EE:83:32:43:7F:95:FB:7C:E9:1A:45:37:D9:DD:43
Certificate issuer: /CN=A9165226/serialNumber=F536ADD6E17D1CE22CBB893A7FA0CF08BD8E3FC0
Certificate serial: 0DA8
Authority key identifier: F5:36:AD:D6:E1:7D:1C:E2:2C:BB:89:3A:7F:A0:CF:08:BD:8E:3F:C0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9Tat1uF9HOIsu4k6f6DPCL2OP8A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9165226/3C9CF04CB73D11E9A0DEB848C4F9AE02/37EF9AB2B73E11E9BCAF574AC4F9AE02.roa
Signing time: Tue 04 Mar 2025 18:35:59 +0000
ROA not before: Tue 04 Mar 2025 18:35:59 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 133169
IP address blocks: 103.86.130.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3496 (0xda8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9165226
Validity
Not Before: Mar 4 18:35:59 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c7480f-a357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b7:c7:42:60:b6:71:0f:99:20:cd:34:b9:9c:
e8:5b:47:8c:f5:5a:4b:0f:87:a5:d9:81:8e:32:d8:
8a:b1:15:eb:69:d9:c4:fa:b9:59:6d:b8:aa:d6:87:
ba:91:bb:cc:0b:e1:4d:bd:a4:73:35:c2:5b:a0:59:
2c:6a:ee:98:18:ec:8a:ec:c6:6b:4e:88:e6:34:bd:
73:b0:89:6e:f9:e5:ae:fb:62:d7:0f:a2:15:e9:40:
ce:2b:94:e5:8e:a8:dc:39:0e:71:30:1c:56:52:a0:
05:20:af:1b:05:6a:90:ea:d3:f1:da:22:64:af:98:
d4:6a:b1:2d:a1:dd:6a:7b:39:c0:97:40:aa:9c:9f:
5e:40:b1:60:f7:b7:9a:ef:4a:c5:bd:df:ab:d6:60:
42:43:f0:9f:23:67:c3:b6:6e:3a:63:45:66:05:61:
d1:e5:95:de:09:d4:3b:b1:af:d9:2a:b9:06:76:da:
fa:1d:9f:d9:fe:cb:b4:a5:c2:40:90:35:fa:66:75:
fd:3e:b8:5f:8c:63:52:ef:e8:9d:13:47:7c:2f:e9:
71:12:04:03:43:04:49:6f:85:dc:55:c8:21:d8:bb:
18:14:c1:0f:97:e4:00:31:1d:8b:9a:10:4e:b7:be:
79:f6:c8:77:7b:e3:96:f3:5f:17:b3:1b:2a:ca:23:
11:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:2A:BB:7F:80:EE:83:32:43:7F:95:FB:7C:E9:1A:45:37:D9:DD:43
X509v3 Authority Key Identifier:
keyid:F5:36:AD:D6:E1:7D:1C:E2:2C:BB:89:3A:7F:A0:CF:08:BD:8E:3F:C0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9165226/3C9CF04CB73D11E9A0DEB848C4F9AE02/9Tat1uF9HOIsu4k6f6DPCL2OP8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9Tat1uF9HOIsu4k6f6DPCL2OP8A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165226/3C9CF04CB73D11E9A0DEB848C4F9AE02/37EF9AB2B73E11E9BCAF574AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.86.130.0/23
Signature Algorithm: sha256WithRSAEncryption
53:0c:da:6c:09:78:9b:4d:ba:4b:b8:64:2d:7b:74:1e:d5:21:
d3:99:bf:eb:cb:b8:84:c3:8e:ff:fc:10:30:84:8b:42:b4:1e:
e7:59:be:e6:0e:88:4f:a1:2e:3b:70:a3:29:a5:70:87:14:89:
36:0f:29:12:ff:93:b8:11:4f:f6:5d:ff:b9:96:1d:f8:c5:3a:
29:c8:03:53:80:af:71:15:c3:fc:15:f3:ad:cc:51:38:c9:84:
b6:fb:d9:05:88:54:37:b6:80:d4:1e:d0:11:d0:09:24:f0:b0:
22:8a:33:ed:31:0d:63:6d:35:a3:63:df:13:28:ce:e1:d0:1b:
ac:14:e2:29:8a:d5:42:60:40:e4:4d:17:a9:c9:c0:db:3c:19:
a3:38:b8:2b:ec:63:47:63:a6:da:86:ed:57:a7:cb:1b:53:64:
1f:3c:f8:d8:7f:b8:58:9a:35:9d:4f:53:44:17:18:38:b2:d3:
85:94:39:d0:a6:73:7a:8c:d9:ca:7f:b2:bc:8c:1b:da:ee:e1:
ae:d2:4d:8f:32:6a:75:c0:5f:ba:13:2c:45:81:b2:b0:eb:05:
c7:c0:8b:9a:18:41:2c:b0:55:27:42:74:22:4b:71:37:8b:9e:
ba:24:01:9b:b0:00:35:31:fc:3e:16:7d:78:af:73:41:64:85:
ff:cc:e1:00
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDagwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjUyMjYxMTAvBgNVBAUTKEY1MzZBREQ2RTE3RDFDRTIyQ0JCODkzQTdGQTBDRjA4
QkQ4RTNGQzAwHhcNMjUwMzA0MTgzNTU5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3NDgwZi1hMzU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsLfHQmC2cQ+ZIM00uZzoW0eM9VpLD4el2YGOMtiKsRXradnE+rlZbbiq1oe6
kbvMC+FNvaRzNcJboFksau6YGOyK7MZrTojmNL1zsIlu+eWu+2LXD6IV6UDOK5Tl
jqjcOQ5xMBxWUqAFIK8bBWqQ6tPx2iJkr5jUarEtod1qeznAl0CqnJ9eQLFg97ea
70rFvd+r1mBCQ/CfI2fDtm46Y0VmBWHR5ZXeCdQ7sa/ZKrkGdtr6HZ/Z/su0pcJA
kDX6ZnX9PrhfjGNS7+idE0d8L+lxEgQDQwRJb4XcVcgh2LsYFMEPl+QAMR2LmhBO
t7559sh3e+OW818XsxsqyiMRWwIDAQABo4IClTCCApEwHQYDVR0OBBYEFH4qu3+A
7oMyQ3+V+3zpGkU32d1DMB8GA1UdIwQYMBaAFPU2rdbhfRziLLuJOn+gzwi9jj/A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTIyNi8zQzlDRjA0Q0I3
M0QxMUU5QTBERUI4NDhDNEY5QUUwMi85VGF0MXVGOUhPSXN1NGs2ZjZEUENMMk9Q
OEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlUYXQxdUY5SE9Jc3U0azZmNkRQQ0wyT1A4QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjUyMjYvM0M5Q0YwNENCNzNEMTFFOUEwREVCODQ4QzRGOUFFMDIvMzdFRjlBQjJC
NzNFMTFFOUJDQUY1NzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnVoIwDQYJKoZIhvcNAQELBQADggEBAFMM2mwJeJtNuku4
ZC17dB7VIdOZv+vLuITDjv/8EDCEi0K0HudZvuYOiE+hLjtwoymlcIcUiTYPKRL/
k7gRT/Zd/7mWHfjFOinIA1OAr3EVw/wV863MUTjJhLb72QWIVDe2gNQe0BHQCSTw
sCKKM+0xDWNtNaNj3xMozuHQG6wU4imK1UJgQORNF6nJwNs8GaM4uCvsY0djptqG
7VenyxtTZB88+Nh/uFiaNZ1PU0QXGDiy04WUOdCmc3qM2cp/sryMG9ru4a7STY8y
anXAX7oTLEWBsrDrBcfAi5oYQSywVSdCdCJLcTeLnrokAZuwADUx/D4WfXivc0Fk
hf/M4QA=
-----END CERTIFICATE-----
Generated at Thu Apr 10 13:57:21 2025 by rpki-client