Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917F0FA/206DFC5034E711EEB0C83616C4F9AE02/160A52A854EF11EFB9156612C4F9AE02.roa
File: 160A52A854EF11EFB9156612C4F9AE02.roa (raw, json)
Hash identifier: foSc151i9Iw1FdFYIvaUCOjJLGeEf5CPJvtL9xEjyMc=
Subject key identifier: 36:D0:AE:FF:E1:76:62:6E:D3:60:15:D5:89:D0:0B:08:8B:1A:44:A4
Certificate issuer: /CN=A917F0FA/serialNumber=50A580F1BD125F0AEDC591FFC8DCDA9C66E12C9F
Certificate serial: D4
Authority key identifier: 50:A5:80:F1:BD:12:5F:0A:ED:C5:91:FF:C8:DC:DA:9C:66:E1:2C:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UKWA8b0SXwrtxZH_yNzanGbhLJ8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917F0FA/206DFC5034E711EEB0C83616C4F9AE02/160A52A854EF11EFB9156612C4F9AE02.roa
Signing time: Tue 03 Sep 2024 05:48:48 +0000
ROA not before: Tue 03 Sep 2024 05:48:48 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 151648
IP address blocks: 103.248.222.0/24 maxlen: 24
103.248.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212 (0xd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917F0FA
Validity
Not Before: Sep 3 05:48:48 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d6a340-6722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:93:13:1d:21:da:52:a9:60:4e:0a:48:7b:36:
72:21:20:5a:db:9f:c7:00:1d:70:b6:39:30:bd:02:
4e:d4:1d:62:c2:56:ae:55:f0:11:52:2e:1e:4b:ff:
21:2b:90:de:81:fc:9c:ba:4b:9c:ec:52:97:50:c8:
14:df:4f:8c:fb:72:77:51:54:4b:97:8b:97:8b:b1:
b1:1d:19:ee:b9:31:78:05:3b:56:c8:4a:0d:53:c5:
5f:66:4c:e2:1b:19:68:95:08:21:74:56:1d:a2:4a:
dd:84:87:61:40:24:20:a4:cf:14:87:1a:d3:eb:9e:
d5:2e:8e:10:fd:86:c5:35:b0:cd:c6:f9:4e:18:fe:
12:84:15:2b:80:b4:fe:4a:3a:33:7f:15:ba:4a:eb:
26:68:49:3e:96:63:7c:04:77:6b:05:78:73:3d:7a:
63:bc:7d:39:2d:8b:a4:59:75:1f:7b:c1:0a:65:cc:
8b:cb:ef:36:75:8e:79:6c:14:97:4b:de:01:34:c3:
a7:0a:c3:ca:aa:84:79:82:5c:10:dd:4b:1c:3c:0e:
81:fb:74:08:27:6f:f7:af:b9:36:7e:94:3a:8b:e7:
72:79:e9:50:35:8e:2c:71:5d:a7:d6:6e:e0:e2:6e:
ce:ff:02:aa:8f:c1:2f:61:d9:15:0b:78:a1:80:9b:
97:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D0:AE:FF:E1:76:62:6E:D3:60:15:D5:89:D0:0B:08:8B:1A:44:A4
X509v3 Authority Key Identifier:
keyid:50:A5:80:F1:BD:12:5F:0A:ED:C5:91:FF:C8:DC:DA:9C:66:E1:2C:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917F0FA/206DFC5034E711EEB0C83616C4F9AE02/UKWA8b0SXwrtxZH_yNzanGbhLJ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UKWA8b0SXwrtxZH_yNzanGbhLJ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F0FA/206DFC5034E711EEB0C83616C4F9AE02/160A52A854EF11EFB9156612C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.248.222.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:fd:29:37:52:3e:2c:73:5f:dd:63:1e:c5:5b:01:f3:69:54:
41:b3:ba:f2:64:73:64:0e:74:7c:40:69:46:26:de:cd:69:95:
11:c0:c3:1f:ae:90:94:47:da:b1:1c:ec:ca:96:79:f1:80:2b:
60:3c:62:98:b0:cf:2d:6e:c7:13:26:a6:fb:e5:95:a3:64:e1:
37:fe:e8:00:c7:b4:b0:10:3e:c5:0d:cd:f2:2e:5f:98:a6:34:
ec:77:b9:72:bb:1c:31:46:d3:e2:9b:52:09:d5:d9:c4:51:78:
9f:4b:a7:11:13:9e:90:32:ae:ba:db:9f:da:62:1c:78:fe:c7:
87:8b:0b:cb:3b:3b:8e:8e:b4:9e:8b:8c:a2:13:30:15:84:7b:
b8:8e:ef:97:6d:8e:22:d3:68:73:46:5c:ed:63:64:4e:05:d9:
48:3c:79:b0:37:a8:06:5d:4d:73:9b:cf:d7:80:45:b0:12:dd:
b9:2f:fe:ed:dd:c5:b0:8d:f9:5e:32:9d:c9:0d:8d:b3:9d:2d:
a4:91:12:c2:95:d5:a4:bf:ca:4b:78:e5:df:68:3c:92:32:a4:
31:0d:9d:70:1a:78:52:b1:a5:bd:c0:2a:d3:41:af:e1:77:47:
70:8a:81:c1:6a:a8:35:29:83:72:45:b9:af:c5:f4:a9:a5:b2:
35:6d:1f:96
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICANQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0YwRkExMTAvBgNVBAUTKDUwQTU4MEYxQkQxMjVGMEFFREM1OTFGRkM4RENEQTlD
NjZFMTJDOUYwHhcNMjQwOTAzMDU0ODQ4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ2YTM0MC02NzIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAupMTHSHaUqlgTgpIezZyISBa25/HAB1wtjkwvQJO1B1iwlauVfARUi4eS/8h
K5Degfycukuc7FKXUMgU30+M+3J3UVRLl4uXi7GxHRnuuTF4BTtWyEoNU8VfZkzi
GxlolQghdFYdokrdhIdhQCQgpM8UhxrT657VLo4Q/YbFNbDNxvlOGP4ShBUrgLT+
SjozfxW6SusmaEk+lmN8BHdrBXhzPXpjvH05LYukWXUfe8EKZcyLy+82dY55bBSX
S94BNMOnCsPKqoR5glwQ3UscPA6B+3QIJ2/3r7k2fpQ6i+dyeelQNY4scV2n1m7g
4m7O/wKqj8EvYdkVC3ihgJuXZwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDbQrv/h
dmJu02AV1YnQCwiLGkSkMB8GA1UdIwQYMBaAFFClgPG9El8K7cWR/8jc2pxm4Syf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjBGQS8yMDZERkM1MDM0
RTcxMUVFQjBDODM2MTZDNEY5QUUwMi9VS1dBOGIwU1h3cnR4WkhfeU56YW5HYmhM
SjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VLV0E4YjBTWHdydHhaSF95TnphbkdiaExKOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0YwRkEvMjA2REZDNTAzNEU3MTFFRUIwQzgzNjE2QzRGOUFFMDIvMTYwQTUyQTg1
NEVGMTFFRkI5MTU2NjEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn+N4wDQYJKoZIhvcNAQELBQADggEBAG39KTdSPixzX91j
HsVbAfNpVEGzuvJkc2QOdHxAaUYm3s1plRHAwx+ukJRH2rEc7MqWefGAK2A8Ypiw
zy1uxxMmpvvllaNk4Tf+6ADHtLAQPsUNzfIuX5imNOx3uXK7HDFG0+KbUgnV2cRR
eJ9LpxETnpAyrrrbn9piHHj+x4eLC8s7O46OtJ6LjKITMBWEe7iO75dtjiLTaHNG
XO1jZE4F2Ug8ebA3qAZdTXObz9eARbAS3bkv/u3dxbCN+V4ynckNjbOdLaSREsKV
1aS/ykt45d9oPJIypDENnXAaeFKxpb3AKtNBr+F3R3CKgcFqqDUpg3JFua/F9Kml
sjVtH5Y=
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:45:50 2025 by rpki-client