Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186F69/66A0ADA2112911EF80635B27C4F9AE02/B5C7CDFC112911EFBDE1BF3BC4F9AE02.roa
File: B5C7CDFC112911EFBDE1BF3BC4F9AE02.roa (raw, json)
Hash identifier: zjHSWjEAJbElSjtvgLzBTS12ZS/2A0buXGVs+XwBcIo=
Subject key identifier: 38:C1:C2:82:76:6A:D8:DB:5C:B8:F3:67:93:2B:FD:93:06:15:3F:B8
Certificate issuer: /CN=A9186F69/serialNumber=96C62A079D2E7D8E7A995D20F4229D8269398E69
Certificate serial: A1
Authority key identifier: 96:C6:2A:07:9D:2E:7D:8E:7A:99:5D:20:F4:22:9D:82:69:39:8E:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lsYqB50ufY56mV0g9CKdgmk5jmk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186F69/66A0ADA2112911EF80635B27C4F9AE02/B5C7CDFC112911EFBDE1BF3BC4F9AE02.roa
Signing time: Sat 15 Mar 2025 10:35:10 +0000
ROA not before: Sat 15 Mar 2025 10:35:10 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 152736
IP address blocks: 103.145.152.0/24 maxlen: 24
2001:df5:3f40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161 (0xa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186F69
Validity
Not Before: Mar 15 10:35:10 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67d557dd-8e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0d:ee:73:af:eb:9b:50:dc:27:2e:d7:34:3d:
54:02:22:20:1b:d9:30:ff:73:39:a8:72:93:08:ae:
f9:5b:a4:09:55:e0:7e:16:22:ad:63:b4:17:b6:c8:
64:ca:1c:bb:39:e7:cf:11:a1:52:f8:2b:3a:ee:1d:
26:cc:bd:78:4a:d2:a8:63:2e:4b:9f:f5:58:f3:fe:
50:d3:0d:54:0b:a5:cb:3b:1c:cd:39:99:23:da:b2:
c0:19:0f:cd:76:d9:f7:6b:87:59:4e:38:8b:30:3c:
cf:93:b5:f3:f5:5f:90:01:1d:9a:35:c7:17:5b:55:
6c:ce:4d:12:74:0e:8e:d3:5d:b4:54:0f:21:19:7e:
59:f7:50:b4:2c:aa:2d:a0:59:d9:f6:ab:ab:c0:b3:
94:00:e0:5a:04:e8:82:de:92:1d:ff:18:4a:2a:2a:
29:e5:bb:ea:29:ff:08:de:18:9e:d5:8f:03:a2:0e:
d7:48:9e:89:38:26:91:c9:86:f8:c0:20:2d:8e:1a:
b6:18:ea:42:1d:4a:97:b8:48:25:38:23:0d:ce:f4:
64:8f:e4:7c:cf:e7:7d:45:7c:a2:cc:8e:51:e9:19:
c6:9f:88:02:1a:43:74:dd:72:a9:ec:23:a5:f9:ed:
22:54:d7:b1:b0:47:42:2d:c3:8f:36:07:c3:a9:31:
00:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C1:C2:82:76:6A:D8:DB:5C:B8:F3:67:93:2B:FD:93:06:15:3F:B8
X509v3 Authority Key Identifier:
keyid:96:C6:2A:07:9D:2E:7D:8E:7A:99:5D:20:F4:22:9D:82:69:39:8E:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186F69/66A0ADA2112911EF80635B27C4F9AE02/lsYqB50ufY56mV0g9CKdgmk5jmk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lsYqB50ufY56mV0g9CKdgmk5jmk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186F69/66A0ADA2112911EF80635B27C4F9AE02/B5C7CDFC112911EFBDE1BF3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.145.152.0/24
IPv6:
2001:df5:3f40::/48
Signature Algorithm: sha256WithRSAEncryption
8e:88:6c:15:43:b5:d2:ff:17:ff:3f:24:a6:9a:e1:00:8d:6e:
f6:27:9b:46:2a:d6:93:32:d8:cf:df:c7:30:d6:2c:97:c1:ba:
ca:32:15:ea:05:06:0f:3c:09:74:15:f8:09:0f:f3:7d:d6:73:
c1:75:06:99:c3:8d:ab:ac:09:dc:3c:cd:59:dd:e5:4e:9f:5d:
9f:ba:4c:86:38:eb:6b:26:02:69:d0:84:fe:3a:9d:7e:34:ae:
b1:fa:5a:d4:3d:b7:0c:ae:38:66:25:28:df:0b:1d:99:51:4a:
bf:eb:96:d8:e7:1a:0a:9d:92:1e:e1:97:de:ae:3b:27:a0:06:
5c:09:4e:81:ed:03:1e:7d:e6:8c:65:d0:21:3b:23:f4:57:21:
47:62:a7:ed:42:76:ae:34:ce:c3:f5:81:07:57:2d:09:03:e5:
2e:7b:bc:ad:5c:d7:21:17:fd:73:25:81:8d:e1:77:42:57:23:
d2:ce:2c:67:e1:fd:57:ac:62:4b:a2:41:7b:34:40:9d:1f:bf:
8f:6a:4e:0b:b4:e1:88:77:ba:20:4f:6b:6d:10:80:ca:e5:25:
47:a8:52:92:64:aa:bc:94:1b:fc:c6:2a:91:70:b9:c1:86:40:
2b:67:40:5d:04:44:62:bd:a9:a2:11:60:6e:51:d7:04:d1:0d:
61:5f:e7:7f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAKEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZGNjkxMTAvBgNVBAUTKDk2QzYyQTA3OUQyRTdEOEU3QTk5NUQyMEY0MjI5RDgy
NjkzOThFNjkwHhcNMjUwMzE1MTAzNTEwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q1NTdkZC04ZTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuw3uc6/rm1DcJy7XND1UAiIgG9kw/3M5qHKTCK75W6QJVeB+FiKtY7QXtshk
yhy7OefPEaFS+Cs67h0mzL14StKoYy5Ln/VY8/5Q0w1UC6XLOxzNOZkj2rLAGQ/N
dtn3a4dZTjiLMDzPk7Xz9V+QAR2aNccXW1Vszk0SdA6O0120VA8hGX5Z91C0LKot
oFnZ9qurwLOUAOBaBOiC3pId/xhKKiop5bvqKf8I3hie1Y8Dog7XSJ6JOCaRyYb4
wCAtjhq2GOpCHUqXuEglOCMNzvRkj+R8z+d9RXyizI5R6RnGn4gCGkN03XKp7COl
+e0iVNexsEdCLcOPNgfDqTEAvwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDjBwoJ2
atjbXLjzZ5Mr/ZMGFT+4MB8GA1UdIwQYMBaAFJbGKgedLn2OepldIPQinYJpOY5p
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkY2OS82NkEwQURBMjEx
MjkxMUVGODA2MzVCMjdDNEY5QUUwMi9sc1lxQjUwdWZZNTZtVjBnOUNLZGdtazVq
bWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xzWXFCNTB1Zlk1Nm1WMGc5Q0tkZ21rNWptay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZGNjkvNjZBMEFEQTIxMTI5MTFFRjgwNjM1QjI3QzRGOUFFMDIvQjVDN0NERkMx
MTI5MTFFRkJERTFCRjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnkZgwDwQCAAIwCQMHACABDfU/QDANBgkqhkiG9w0BAQsF
AAOCAQEAjohsFUO10v8X/z8kpprhAI1u9iebRirWkzLYz9/HMNYsl8G6yjIV6gUG
DzwJdBX4CQ/zfdZzwXUGmcONq6wJ3DzNWd3lTp9dn7pMhjjrayYCadCE/jqdfjSu
sfpa1D23DK44ZiUo3wsdmVFKv+uW2OcaCp2SHuGX3q47J6AGXAlOge0DHn3mjGXQ
ITsj9FchR2Kn7UJ2rjTOw/WBB1ctCQPlLnu8rVzXIRf9cyWBjeF3Qlcj0s4sZ+H9
V6xiS6JBezRAnR+/j2pOC7ThiHe6IE9rbRCAyuUlR6hSkmSqvJQb/MYqkXC5wYZA
K2dAXQREYr2pohFgblHXBNENYV/nfw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:02:21 2025 by rpki-client