Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9195A1A/C2F4EE2074A611EFAE54783CC4F9AE02/77BC7D3A74F411EF8B9E1067C4F9AE02.roa
File: 77BC7D3A74F411EF8B9E1067C4F9AE02.roa (raw, json)
Hash identifier: TnDDPyuYfLyHK//K+Hn8T0/qN9TuFXBURI4PhKRtzFk=
Subject key identifier: 75:1E:28:78:BD:01:D2:42:5C:FF:F2:C0:47:E1:B5:6B:7A:12:0C:AA
Certificate issuer: /CN=A9195A1A/serialNumber=A7DDF355AB68123701A5BDD15F65BA964B5DE035
Certificate serial: 03
Authority key identifier: A7:DD:F3:55:AB:68:12:37:01:A5:BD:D1:5F:65:BA:96:4B:5D:E0:35
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p93zVatoEjcBpb3RX2W6lktd4DU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9195A1A/C2F4EE2074A611EFAE54783CC4F9AE02/77BC7D3A74F411EF8B9E1067C4F9AE02.roa
Signing time: Tue 17 Sep 2024 12:58:00 +0000
ROA not before: Tue 17 Sep 2024 12:58:00 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 137841
IP address blocks: 103.232.164.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9195A1A
Validity
Not Before: Sep 17 12:58:00 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66e97cd8-c145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:50:94:74:f7:48:41:c8:27:94:1f:49:c3:ad:
0a:a1:30:fd:5c:ce:69:68:99:87:68:37:ee:92:3e:
31:d1:64:f6:fb:62:20:02:c8:3f:ed:fe:90:88:19:
66:7c:54:aa:ad:f4:f9:af:0d:e4:ae:f4:e1:ce:d7:
e0:e8:87:8a:c1:da:f0:0b:25:7b:d2:a6:10:c5:dd:
fd:a0:a9:9b:18:f8:36:51:a0:e7:c3:d5:b1:70:1b:
0f:e2:47:22:6d:1e:8a:5b:b7:24:21:ef:83:a8:5b:
74:ef:8d:dd:ab:90:7f:88:a6:b9:d1:84:13:d1:4c:
60:ec:dd:35:c8:e2:4a:42:d1:66:fa:1b:85:49:72:
f7:6a:95:93:37:c2:5a:8a:ab:33:66:4a:84:72:f1:
e6:5f:11:b0:2b:00:1d:00:e3:1e:dd:fb:3b:44:73:
9e:1f:79:c0:b4:94:37:a4:80:87:ae:29:da:e3:59:
32:da:af:75:74:4f:42:05:fa:bf:db:71:65:14:c2:
f7:28:77:7d:61:32:5f:bc:0b:40:1b:3f:fe:f5:07:
7b:e1:fc:1f:95:d5:de:e5:1d:f9:04:24:73:ca:97:
28:13:c8:0f:81:82:0b:ea:75:fa:5a:ea:fe:58:fe:
37:57:44:4f:7c:6b:0c:37:8d:ba:39:be:87:82:f1:
a3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:1E:28:78:BD:01:D2:42:5C:FF:F2:C0:47:E1:B5:6B:7A:12:0C:AA
X509v3 Authority Key Identifier:
keyid:A7:DD:F3:55:AB:68:12:37:01:A5:BD:D1:5F:65:BA:96:4B:5D:E0:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9195A1A/C2F4EE2074A611EFAE54783CC4F9AE02/p93zVatoEjcBpb3RX2W6lktd4DU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p93zVatoEjcBpb3RX2W6lktd4DU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195A1A/C2F4EE2074A611EFAE54783CC4F9AE02/77BC7D3A74F411EF8B9E1067C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.232.164.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:27:0f:44:7f:db:e4:bd:bb:0c:5a:a3:5c:c3:1a:05:4f:f3:
b0:ea:e2:fa:89:f8:40:26:67:96:c8:47:bf:fd:e7:42:12:17:
c0:38:c0:ac:62:62:29:2e:1d:45:be:b3:4f:ce:bf:62:c8:b3:
95:2f:45:9c:87:56:db:92:72:11:e8:71:52:a4:35:8e:fb:d9:
ce:c1:5d:e4:a1:e0:c0:74:97:0f:db:6d:d3:aa:6b:f8:14:f9:
7d:82:9f:59:24:a4:91:c2:f7:cf:c7:e7:11:46:d6:82:49:d3:
30:de:4d:f8:71:a0:be:9d:13:93:9f:b2:41:7c:1e:65:a7:42:
62:00:c7:09:3e:94:1d:87:07:3d:b9:15:ce:eb:67:0c:45:50:
2a:5f:75:f2:01:f9:ea:31:cd:8b:ec:d6:09:53:6d:1c:0e:ca:
88:78:a5:81:d9:23:d3:b9:c3:d5:9d:ab:46:7e:90:f4:6a:55:
a7:be:73:ee:87:6f:2c:33:67:29:98:d5:91:8c:c7:16:31:bb:
f1:f8:b9:43:9b:90:b3:db:2a:85:68:54:e0:d2:29:07:45:75:
d8:7b:07:cf:4f:56:ca:c5:c2:e4:12:37:fe:c0:b4:c5:66:b6:
2a:74:be:d3:5f:ba:49:eb:3d:36:0a:0d:35:aa:ea:b4:b8:04:
92:28:45:24
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NUExQTExMC8GA1UEBRMoQTdEREYzNTVBQjY4MTIzNzAxQTVCREQxNUY2NUJBOTY0
QjVERTAzNTAeFw0yNDA5MTcxMjU4MDBaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZTk3Y2Q4LWMxNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCZUJR090hByCeUH0nDrQqhMP1czmlomYdoN+6SPjHRZPb7YiACyD/t/pCIGWZ8
VKqt9PmvDeSu9OHO1+Doh4rB2vALJXvSphDF3f2gqZsY+DZRoOfD1bFwGw/iRyJt
HopbtyQh74OoW3Tvjd2rkH+IprnRhBPRTGDs3TXI4kpC0Wb6G4VJcvdqlZM3wlqK
qzNmSoRy8eZfEbArAB0A4x7d+ztEc54fecC0lDekgIeuKdrjWTLar3V0T0IF+r/b
cWUUwvcod31hMl+8C0AbP/71B3vh/B+V1d7lHfkEJHPKlygTyA+Bggvqdfpa6v5Y
/jdXRE98aww3jbo5voeC8aMDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUdR4oeL0B
0kJc//LAR+G1a3oSDKowHwYDVR0jBBgwFoAUp93zVatoEjcBpb3RX2W6lktd4DUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1QTFBL0MyRjRFRTIwNzRB
NjExRUZBRTU0NzgzQ0M0RjlBRTAyL3A5M3pWYXRvRWpjQnBiM1JYMlc2bGt0ZDRE
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcDkzelZhdG9FamNCcGIzUlgyVzZsa3RkNERVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NUExQS9DMkY0RUUyMDc0QTYxMUVGQUU1NDc4M0NDNEY5QUUwMi83N0JDN0QzQTc0
RjQxMUVGOEI5RTEwNjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfopDANBgkqhkiG9w0BAQsFAAOCAQEAfycPRH/b5L27DFqj
XMMaBU/zsOri+on4QCZnlshHv/3nQhIXwDjArGJiKS4dRb6zT86/YsizlS9FnIdW
25JyEehxUqQ1jvvZzsFd5KHgwHSXD9tt06pr+BT5fYKfWSSkkcL3z8fnEUbWgknT
MN5N+HGgvp0Tk5+yQXweZadCYgDHCT6UHYcHPbkVzutnDEVQKl918gH56jHNi+zW
CVNtHA7KiHilgdkj07nD1Z2rRn6Q9GpVp75z7odvLDNnKZjVkYzHFjG78fi5Q5uQ
s9sqhWhU4NIpB0V12HsHz09WysXC5BI3/sC0xWa2KnS+01+6Ses9NgoNNarqtLgE
kihFJA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 17:36:12 2025 by rpki-client