Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91810E3/339314C8717D11EE89EF6236C4F9AE02/A56F3A8A718811EEADDA430AC4F9AE02.roa
File: A56F3A8A718811EEADDA430AC4F9AE02.roa (raw, json)
Hash identifier: q1gVEbmNzPAYit/PZzlFgDk+Tc1AUGMImEJ9QqP60MQ=
Subject key identifier: D5:F1:78:17:06:5C:DB:7C:09:51:36:F9:21:9C:4F:3D:42:B9:DE:FE
Certificate issuer: /CN=A91810E3/serialNumber=9DB7AB93AE33F64616822DF03FFD817768F1E98F
Certificate serial: DC
Authority key identifier: 9D:B7:AB:93:AE:33:F6:46:16:82:2D:F0:3F:FD:81:77:68:F1:E9:8F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nberk64z9kYWgi3wP_2Bd2jx6Y8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91810E3/339314C8717D11EE89EF6236C4F9AE02/A56F3A8A718811EEADDA430AC4F9AE02.roa
Signing time: Tue 03 Dec 2024 04:07:48 +0000
ROA not before: Tue 03 Dec 2024 04:07:48 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 151978
IP address blocks: 103.67.70.0/23 maxlen: 24
2001:df3:dc0::/48 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220 (0xdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91810E3
Validity
Not Before: Dec 3 04:07:48 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674e8413-11ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:96:64:79:14:88:ff:99:9e:53:03:cc:52:4e:
18:e2:a9:cc:97:5a:cb:31:8f:62:35:61:a3:ae:03:
ca:35:b9:be:19:ec:04:e8:84:d8:88:8a:d3:d7:35:
80:16:83:d7:ff:d9:e6:03:9d:ad:a9:dd:c4:9a:17:
15:90:8a:33:f1:d2:dd:61:ee:cd:1c:c0:e4:76:ab:
11:ac:54:48:47:da:0c:f9:65:e4:d6:9b:f8:6c:6d:
3f:12:35:eb:c5:89:e7:d3:4b:45:93:13:ad:b3:29:
ae:e6:ad:88:b5:d3:e4:c5:98:69:80:1a:52:28:44:
8f:3c:4e:01:a4:37:8e:5e:6c:fe:2d:62:af:4c:a4:
4b:a3:e2:49:f1:47:dc:c4:7c:92:f7:26:1e:88:17:
f5:b9:86:91:8e:77:ad:57:38:c3:36:d1:0f:92:b5:
03:b2:fd:19:29:4c:da:5c:2e:b9:07:09:67:b7:e3:
c2:ee:bd:c7:e7:ce:09:48:17:84:f5:8f:a0:fa:8a:
f3:80:ae:e8:de:13:8f:85:8b:dc:f5:40:8a:2d:51:
4d:10:6e:e8:f0:f0:3d:78:a1:4e:e9:e2:3f:61:d8:
ba:d9:df:a4:94:b3:05:2a:8a:0c:ed:f7:dc:09:4d:
67:41:03:29:d7:d9:e5:64:c0:65:d6:a3:43:09:ce:
ce:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:F1:78:17:06:5C:DB:7C:09:51:36:F9:21:9C:4F:3D:42:B9:DE:FE
X509v3 Authority Key Identifier:
keyid:9D:B7:AB:93:AE:33:F6:46:16:82:2D:F0:3F:FD:81:77:68:F1:E9:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91810E3/339314C8717D11EE89EF6236C4F9AE02/nberk64z9kYWgi3wP_2Bd2jx6Y8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nberk64z9kYWgi3wP_2Bd2jx6Y8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91810E3/339314C8717D11EE89EF6236C4F9AE02/A56F3A8A718811EEADDA430AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.67.70.0/23
IPv6:
2001:df3:dc0::/48
Signature Algorithm: sha256WithRSAEncryption
3f:67:d8:20:c9:5e:c8:aa:99:ff:21:5d:8d:5b:fa:46:1b:13:
61:4d:f5:4a:c2:a7:50:70:28:ab:43:0d:ae:05:a7:3c:c7:a3:
3a:b6:ef:01:ea:dc:c9:3b:0b:2d:8e:31:9b:21:48:f0:de:7e:
fa:08:3c:50:d5:2f:1a:12:cd:90:8f:23:e9:dd:2a:ca:d8:94:
dd:43:2d:d8:6c:c5:8a:7e:52:cf:d5:80:2a:61:a1:cf:f9:52:
54:9c:58:ea:ad:1a:d7:fa:4e:af:09:79:d2:3e:5d:d9:a9:02:
13:74:7b:47:9d:26:13:9c:1f:ce:31:02:c7:10:c1:2c:2a:aa:
05:b0:c3:6e:b9:93:24:cc:66:3f:2f:13:0c:c0:ca:70:b1:37:
28:a2:db:d8:c9:8f:2f:c0:75:b5:07:0c:e4:4b:7e:eb:fb:77:
4d:88:5e:5d:20:2c:72:ae:78:66:a9:c3:76:1a:c0:94:6d:e8:
99:f4:f4:92:b6:95:a7:22:25:2d:21:5d:8c:0c:dc:89:d0:45:
14:73:64:2a:68:72:7f:08:63:6f:ce:92:08:ff:0f:57:f4:bf:
fc:16:73:37:18:86:81:1e:fc:cf:2c:aa:5c:7c:94:62:0a:5c:
5f:92:81:de:4c:f0:f0:94:45:88:b1:b8:88:24:b7:15:67:73:
71:c3:f6:4b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICANwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODEwRTMxMTAvBgNVBAUTKDlEQjdBQjkzQUUzM0Y2NDYxNjgyMkRGMDNGRkQ4MTc3
NjhGMUU5OEYwHhcNMjQxMjAzMDQwNzQ4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlODQxMy0xMWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqZZkeRSI/5meUwPMUk4Y4qnMl1rLMY9iNWGjrgPKNbm+GewE6ITYiIrT1zWA
FoPX/9nmA52tqd3EmhcVkIoz8dLdYe7NHMDkdqsRrFRIR9oM+WXk1pv4bG0/EjXr
xYnn00tFkxOtsymu5q2ItdPkxZhpgBpSKESPPE4BpDeOXmz+LWKvTKRLo+JJ8Ufc
xHyS9yYeiBf1uYaRjnetVzjDNtEPkrUDsv0ZKUzaXC65Bwlnt+PC7r3H584JSBeE
9Y+g+orzgK7o3hOPhYvc9UCKLVFNEG7o8PA9eKFO6eI/Ydi62d+klLMFKooM7ffc
CU1nQQMp19nlZMBl1qNDCc7O7QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNXxeBcG
XNt8CVE2+SGcTz1Cud7+MB8GA1UdIwQYMBaAFJ23q5OuM/ZGFoIt8D/9gXdo8emP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MTBFMy8zMzkzMTRDODcx
N0QxMUVFODlFRjYyMzZDNEY5QUUwMi9uYmVyazY0ejlrWVdnaTN3UF8yQmQyang2
WTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25iZXJrNjR6OWtZV2dpM3dQXzJCZDJqeDZZOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODEwRTMvMzM5MzE0Qzg3MTdEMTFFRTg5RUY2MjM2QzRGOUFFMDIvQTU2RjNBOEE3
MTg4MTFFRUFEREE0MzBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnQ0YwDwQCAAIwCQMHACABDfMNwDANBgkqhkiG9w0BAQsF
AAOCAQEAP2fYIMleyKqZ/yFdjVv6RhsTYU31SsKnUHAoq0MNrgWnPMejOrbvAerc
yTsLLY4xmyFI8N5++gg8UNUvGhLNkI8j6d0qytiU3UMt2GzFin5Sz9WAKmGhz/lS
VJxY6q0a1/pOrwl50j5d2akCE3R7R50mE5wfzjECxxDBLCqqBbDDbrmTJMxmPy8T
DMDKcLE3KKLb2MmPL8B1tQcM5Et+6/t3TYheXSAscq54ZqnDdhrAlG3omfT0kraV
pyIlLSFdjAzcidBFFHNkKmhyfwhjb86SCP8PV/S//BZzNxiGgR78zyyqXHyUYgpc
X5KB3kzw8JRFiLG4iCS3FWdzccP2Sw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:14:01 2025 by rpki-client