Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9168949/3F242AC2E4F311EE99101438C4F9AE02/60DB1468F14111EFBAE4B56EC4F9AE02.roa
File: 60DB1468F14111EFBAE4B56EC4F9AE02.roa (raw, json)
Hash identifier: NREYxWRAJjlz9TdRv2pTjw5YQyLAHJ5ZhQiLb5p1n3M=
Subject key identifier: 6F:35:54:82:D4:2A:E9:D0:FA:D2:76:12:EC:1C:B9:A7:E3:B7:40:01
Certificate issuer: /CN=A9168949/serialNumber=10E0502F3D382E8C1566ECCC2A121B6C439DE977
Certificate serial: C9
Authority key identifier: 10:E0:50:2F:3D:38:2E:8C:15:66:EC:CC:2A:12:1B:6C:43:9D:E9:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EOBQLz04LowVZuzMKhIbbEOd6Xc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9168949/3F242AC2E4F311EE99101438C4F9AE02/60DB1468F14111EFBAE4B56EC4F9AE02.roa
Signing time: Sat 22 Feb 2025 17:20:58 +0000
ROA not before: Sat 22 Feb 2025 17:20:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137444
IP address blocks: 203.20.108.0/24 maxlen: 24
2001:df3:9340::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 201 (0xc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9168949
Validity
Not Before: Feb 22 17:20:57 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67ba0779-ce0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:90:4b:c8:1c:b9:ab:53:d2:07:57:3c:45:54:
3e:cb:2b:74:78:84:4b:2e:04:69:67:e5:49:db:d6:
55:24:6d:80:98:4e:20:9c:3b:9e:08:cf:01:87:e2:
78:4e:d1:d6:f4:fc:e7:31:81:69:1e:53:2c:28:b2:
2c:36:02:8d:6d:08:cb:bb:ea:9f:47:94:4b:de:de:
87:8d:f0:f0:bf:44:f0:12:a7:80:f9:a2:5a:49:23:
f9:b0:93:76:87:34:81:21:d1:cf:58:ea:99:36:f4:
7e:eb:87:2e:c8:75:ee:94:04:50:d3:68:15:fc:03:
c9:cd:bb:bf:28:b6:82:82:90:94:33:d8:10:cb:f9:
c7:bc:87:56:e5:3c:73:d8:a3:40:85:11:f4:39:26:
3e:b8:01:18:2d:63:fe:18:7d:80:5c:9f:25:0f:61:
32:f8:1f:49:8e:f8:53:44:30:84:51:55:0c:e4:56:
ca:ca:20:6e:f3:91:a0:e2:61:ba:f6:4c:b0:e9:39:
25:db:2a:46:0b:ab:45:92:ac:47:55:13:82:48:70:
7d:56:90:38:ee:c8:10:4b:d0:67:74:62:20:d9:ea:
8f:e4:e7:03:34:b4:ea:db:08:ec:c5:b0:56:91:fc:
27:db:90:71:6d:c0:f7:1d:39:c9:71:7e:bf:55:09:
d8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:35:54:82:D4:2A:E9:D0:FA:D2:76:12:EC:1C:B9:A7:E3:B7:40:01
X509v3 Authority Key Identifier:
keyid:10:E0:50:2F:3D:38:2E:8C:15:66:EC:CC:2A:12:1B:6C:43:9D:E9:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9168949/3F242AC2E4F311EE99101438C4F9AE02/EOBQLz04LowVZuzMKhIbbEOd6Xc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EOBQLz04LowVZuzMKhIbbEOd6Xc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9168949/3F242AC2E4F311EE99101438C4F9AE02/60DB1468F14111EFBAE4B56EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.20.108.0/24
IPv6:
2001:df3:9340::/48
Signature Algorithm: sha256WithRSAEncryption
64:2f:42:14:7c:5d:7c:37:f6:42:c5:94:c1:6c:de:81:63:04:
31:24:63:e0:32:1d:da:ed:b9:96:81:34:69:b5:3a:7f:1a:35:
87:f9:fe:a0:a0:bf:ad:dc:e8:2e:46:89:f5:77:cb:a9:36:22:
3c:7b:e2:de:33:b0:6d:20:c0:44:84:60:f9:ed:b5:29:91:e9:
84:88:fb:ef:85:46:e9:5e:8e:c2:48:e9:16:43:12:4f:ac:b0:
47:24:0a:72:2c:86:08:bf:df:81:11:5c:c4:2a:1f:42:70:c7:
dd:7e:08:67:15:53:94:c5:6e:40:d3:2f:28:6f:53:50:fd:b7:
62:50:68:78:3b:38:5e:07:5d:3c:0e:96:9c:89:bc:eb:d4:8b:
51:60:83:13:bc:ce:93:28:59:21:b2:d9:9a:20:a4:9e:91:25:
e9:4f:cc:a7:d5:80:93:68:90:45:a0:85:8d:42:28:c3:77:75:
fa:69:98:d7:68:8b:9c:24:b6:4d:98:29:ff:3b:3e:70:5b:95:
0a:f0:19:90:f9:62:3a:c4:73:c7:0d:0d:f5:7c:99:4b:6a:0a:
14:3c:78:45:8f:e8:6c:9b:b6:a6:7b:2b:2d:c0:71:57:d2:b7:
9e:68:13:2c:8c:72:69:a2:68:8d:59:67:79:65:78:c0:11:61:
d5:6e:9e:63
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njg5NDkxMTAvBgNVBAUTKDEwRTA1MDJGM0QzODJFOEMxNTY2RUNDQzJBMTIxQjZD
NDM5REU5NzcwHhcNMjUwMjIyMTcyMDU3WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JhMDc3OS1jZTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwJBLyBy5q1PSB1c8RVQ+yyt0eIRLLgRpZ+VJ29ZVJG2AmE4gnDueCM8Bh+J4
TtHW9PznMYFpHlMsKLIsNgKNbQjLu+qfR5RL3t6HjfDwv0TwEqeA+aJaSSP5sJN2
hzSBIdHPWOqZNvR+64cuyHXulARQ02gV/APJzbu/KLaCgpCUM9gQy/nHvIdW5Txz
2KNAhRH0OSY+uAEYLWP+GH2AXJ8lD2Ey+B9JjvhTRDCEUVUM5FbKyiBu85Gg4mG6
9kyw6Tkl2ypGC6tFkqxHVROCSHB9VpA47sgQS9BndGIg2eqP5OcDNLTq2wjsxbBW
kfwn25BxbcD3HTnJcX6/VQnYnQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFG81VILU
KunQ+tJ2Euwcuafjt0ABMB8GA1UdIwQYMBaAFBDgUC89OC6MFWbszCoSG2xDnel3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODk0OS8zRjI0MkFDMkU0
RjMxMUVFOTkxMDE0MzhDNEY5QUUwMi9FT0JRTHowNExvd1ZadXpNS2hJYmJFT2Q2
WGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VPQlFMejA0TG93Vlp1ek1LaEliYkVPZDZYYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njg5NDkvM0YyNDJBQzJFNEYzMTFFRTk5MTAxNDM4QzRGOUFFMDIvNjBEQjE0NjhG
MTQxMTFFRkJBRTRCNTZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBADLFGwwDwQCAAIwCQMHACABDfOTQDANBgkqhkiG9w0BAQsF
AAOCAQEAZC9CFHxdfDf2QsWUwWzegWMEMSRj4DId2u25loE0abU6fxo1h/n+oKC/
rdzoLkaJ9XfLqTYiPHvi3jOwbSDARIRg+e21KZHphIj774VG6V6OwkjpFkMST6yw
RyQKciyGCL/fgRFcxCofQnDH3X4IZxVTlMVuQNMvKG9TUP23YlBoeDs4XgddPA6W
nIm869SLUWCDE7zOkyhZIbLZmiCknpEl6U/Mp9WAk2iQRaCFjUIow3d1+mmY12iL
nCS2TZgp/zs+cFuVCvAZkPliOsRzxw0N9XyZS2oKFDx4RY/obJu2pnsrLcBxV9K3
nmgTLIxyaaJojVlneWV4wBFh1W6eYw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:21:45 2025 by rpki-client