Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9196412/A8D662406F9A11EB8A13DF17C4F9AE02/7568D85E731211EBAFF0B481C4F9AE02.roa
File: 7568D85E731211EBAFF0B481C4F9AE02.roa (raw, json)
Hash identifier: 4hu+Ea1WW3aPEC6/j9KPgOfcmbDhbVy01ftALoJDrTc=
Subject key identifier: A0:D3:B0:16:AE:90:0B:79:59:83:95:48:BA:AA:94:C8:92:7B:B3:EE
Certificate issuer: /CN=A9196412/serialNumber=A4AEF706994EF7DEEC8C8A26834372910484B1B0
Certificate serial: 0681
Authority key identifier: A4:AE:F7:06:99:4E:F7:DE:EC:8C:8A:26:83:43:72:91:04:84:B1:B0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pK73BplO997sjIomg0NykQSEsbA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9196412/A8D662406F9A11EB8A13DF17C4F9AE02/7568D85E731211EBAFF0B481C4F9AE02.roa
Signing time: Sat 08 Mar 2025 22:13:45 +0000
ROA not before: Sat 08 Mar 2025 22:13:45 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 141729
IP address blocks: 103.162.184.0/23 maxlen: 23
103.162.184.0/24 maxlen: 24
103.162.185.0/24 maxlen: 24
2001:df6:80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1665 (0x681)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9196412
Validity
Not Before: Mar 8 22:13:45 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67ccc119-d6f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c5:60:1d:d7:9d:20:85:60:2b:5a:0e:d7:6e:
88:dd:82:4a:db:bf:f6:5b:64:34:22:fe:d5:2f:29:
2c:48:9b:6a:03:0a:ad:a2:04:49:32:a8:1d:d4:16:
b9:96:cc:01:ab:b0:86:1e:1c:02:95:a2:ab:56:65:
1b:84:1b:37:84:0a:92:d6:a5:14:5a:d8:48:85:5b:
47:d5:5c:5e:d6:4f:71:4c:4b:7c:18:79:d9:0c:6c:
e6:d1:a8:d4:e6:47:60:20:27:69:96:23:cb:75:66:
d4:7f:34:a2:b3:3d:56:62:d6:ee:67:08:b2:f5:c4:
21:21:5e:97:99:0d:d1:88:e5:58:49:bc:a8:f5:28:
a8:17:83:70:d7:3a:33:fd:51:32:d3:c3:ce:45:de:
a3:29:92:cf:b4:98:34:03:8f:58:98:9c:51:8d:db:
11:b1:3e:45:91:18:b8:d8:f8:25:69:80:30:f9:34:
e3:15:fa:55:9a:24:bd:b6:4a:06:20:26:0a:cb:ec:
73:ef:c9:01:a0:59:61:6d:9f:79:3a:25:29:dd:66:
99:6e:22:a5:ab:3e:ac:04:7e:b5:9d:5d:c4:5a:9b:
18:06:38:f0:e0:02:62:e8:25:62:79:5f:6f:4d:e3:
b6:b6:36:24:55:03:91:f5:33:86:5a:63:73:99:6e:
30:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D3:B0:16:AE:90:0B:79:59:83:95:48:BA:AA:94:C8:92:7B:B3:EE
X509v3 Authority Key Identifier:
keyid:A4:AE:F7:06:99:4E:F7:DE:EC:8C:8A:26:83:43:72:91:04:84:B1:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9196412/A8D662406F9A11EB8A13DF17C4F9AE02/pK73BplO997sjIomg0NykQSEsbA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pK73BplO997sjIomg0NykQSEsbA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9196412/A8D662406F9A11EB8A13DF17C4F9AE02/7568D85E731211EBAFF0B481C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.162.184.0/23
IPv6:
2001:df6:80::/48
Signature Algorithm: sha256WithRSAEncryption
60:c1:0f:ea:a1:a2:51:a7:25:69:27:7e:13:92:66:59:99:10:
78:51:e7:ef:98:b4:43:04:4a:2c:b0:02:c7:e9:45:6b:df:d1:
95:6b:bb:fb:f0:03:19:4e:61:43:67:c2:d2:de:ec:64:55:d3:
2d:7b:b0:71:aa:ec:64:f3:3b:1d:d9:e4:c2:62:12:89:fc:84:
1f:db:cc:73:0e:0d:bb:34:51:63:10:b5:79:23:6e:44:6e:78:
60:00:fd:bd:f4:74:7f:2a:ab:66:cb:7e:8e:07:be:1d:bd:c9:
dc:03:14:40:5e:a9:6c:5d:50:49:20:60:e0:10:a5:e7:11:3f:
57:c1:92:9e:f6:1c:7d:a6:28:8c:5d:82:19:6f:86:7c:e1:49:
e8:f0:89:fe:95:a0:d3:0a:f3:ed:87:c5:41:44:4b:67:6b:b9:
4d:07:e3:8a:f8:50:75:ba:31:46:d3:b8:89:56:02:d9:de:7a:
c9:8f:4e:fc:81:ae:ec:f5:29:6a:69:e3:26:c4:6e:72:1e:8d:
a7:44:be:ef:a9:72:d6:f9:74:f3:ff:a0:74:00:31:37:2e:80:
99:3c:38:2d:c0:a0:a2:d7:1c:67:38:fa:fd:75:ce:26:a6:41:
3a:4d:7f:ab:83:13:fd:23:3e:8d:44:21:43:eb:96:cb:11:fb:
d8:d1:f8:29
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBoEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTY0MTIxMTAvBgNVBAUTKEE0QUVGNzA2OTk0RUY3REVFQzhDOEEyNjgzNDM3Mjkx
MDQ4NEIxQjAwHhcNMjUwMzA4MjIxMzQ1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NjYzExOS1kNmY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwcVgHdedIIVgK1oO126I3YJK27/2W2Q0Iv7VLyksSJtqAwqtogRJMqgd1Ba5
lswBq7CGHhwClaKrVmUbhBs3hAqS1qUUWthIhVtH1Vxe1k9xTEt8GHnZDGzm0ajU
5kdgICdpliPLdWbUfzSisz1WYtbuZwiy9cQhIV6XmQ3RiOVYSbyo9SioF4Nw1zoz
/VEy08PORd6jKZLPtJg0A49YmJxRjdsRsT5FkRi42PglaYAw+TTjFfpVmiS9tkoG
ICYKy+xz78kBoFlhbZ95OiUp3WaZbiKlqz6sBH61nV3EWpsYBjjw4AJi6CVieV9v
TeO2tjYkVQOR9TOGWmNzmW4w3wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKDTsBau
kAt5WYOVSLqqlMiSe7PuMB8GA1UdIwQYMBaAFKSu9waZTvfe7IyKJoNDcpEEhLGw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NjQxMi9BOEQ2NjI0MDZG
OUExMUVCOEExM0RGMTdDNEY5QUUwMi9wSzczQnBsTzk5N3NqSW9tZzBOeWtRU0Vz
YkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BLNzNCcGxPOTk3c2pJb21nME55a1FTRXNiQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTY0MTIvQThENjYyNDA2RjlBMTFFQjhBMTNERjE3QzRGOUFFMDIvNzU2OEQ4NUU3
MzEyMTFFQkFGRjBCNDgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnorgwDwQCAAIwCQMHACABDfYAgDANBgkqhkiG9w0BAQsF
AAOCAQEAYMEP6qGiUaclaSd+E5JmWZkQeFHn75i0QwRKLLACx+lFa9/RlWu7+/AD
GU5hQ2fC0t7sZFXTLXuwcarsZPM7HdnkwmISifyEH9vMcw4NuzRRYxC1eSNuRG54
YAD9vfR0fyqrZst+jge+Hb3J3AMUQF6pbF1QSSBg4BCl5xE/V8GSnvYcfaYojF2C
GW+GfOFJ6PCJ/pWg0wrz7YfFQURLZ2u5TQfjivhQdboxRtO4iVYC2d56yY9O/IGu
7PUpamnjJsRuch6Np0S+76ly1vl08/+gdAAxNy6AmTw4LcCgotccZzj6/XXOJqZB
Ok1/q4MT/SM+jUQhQ+uWyxH72NH4KQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:15:31 2025 by rpki-client