Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91970E2/8101258CF9A811E6A4EFE02EC4F9AE02/ADB6934A9A4911E7857CA62FC4F9AE02.roa
File: ADB6934A9A4911E7857CA62FC4F9AE02.roa (raw, json)
Hash identifier: 7vSMEGE2WKILnDsupDw245nI6InVKo+5RlyNwkMHa0A=
Subject key identifier: 31:8E:2D:9B:A8:51:55:CE:97:1B:28:02:62:FF:9E:18:FA:95:4A:F1
Certificate issuer: /CN=A91970E2/serialNumber=D4D17799EAC9C9962B325FED87F930C2EAC82CAF
Certificate serial: 1BC3
Authority key identifier: D4:D1:77:99:EA:C9:C9:96:2B:32:5F:ED:87:F9:30:C2:EA:C8:2C:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1NF3merJyZYrMl_th_kwwurILK8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91970E2/8101258CF9A811E6A4EFE02EC4F9AE02/ADB6934A9A4911E7857CA62FC4F9AE02.roa
Signing time: Tue 04 Mar 2025 16:53:35 +0000
ROA not before: Tue 04 Mar 2025 16:53:35 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 64077
IP address blocks: 103.205.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7107 (0x1bc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91970E2
Validity
Not Before: Mar 4 16:53:35 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67c7300f-3bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5b:4e:8b:98:50:0d:fc:21:bf:9f:46:90:e2:
47:18:8a:13:4c:2f:94:c3:5a:74:41:5e:08:ee:1a:
be:78:0c:83:86:f7:c8:3d:73:58:97:7e:74:8b:44:
bb:2b:17:c3:4d:d9:f2:60:4c:e0:91:89:cc:85:7c:
5a:fd:ce:f5:99:62:6b:b4:5f:1a:b3:ee:20:b1:21:
f4:15:c9:ce:76:b0:55:bf:8a:bf:4f:95:f3:45:ba:
a0:a7:d1:18:e2:d7:c1:cd:d4:bb:9b:9d:5e:aa:6f:
19:c3:1f:76:8e:03:24:7a:66:62:97:e9:c6:a7:2f:
4e:df:8c:f0:2d:15:63:8e:21:29:ef:61:4d:31:75:
8c:48:8a:38:ad:ed:1d:95:d5:ca:91:4b:73:f9:4e:
0c:7f:39:5a:83:dd:0c:fb:a4:ab:d2:df:e4:94:0a:
e0:a8:c1:de:73:57:9e:bf:91:9f:6a:7c:76:3d:35:
82:62:cb:09:e9:17:52:d4:df:e3:30:38:9c:4f:33:
c4:74:a0:b3:00:d5:60:63:4e:1a:b5:a5:48:72:29:
df:ad:3f:3b:93:3a:5d:5c:29:77:01:bd:5a:e5:ec:
60:2e:cb:83:68:01:cd:f0:e7:ef:e2:cc:ca:c6:45:
43:4f:74:70:77:7f:2a:ee:52:20:85:17:4e:0c:b6:
54:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:8E:2D:9B:A8:51:55:CE:97:1B:28:02:62:FF:9E:18:FA:95:4A:F1
X509v3 Authority Key Identifier:
keyid:D4:D1:77:99:EA:C9:C9:96:2B:32:5F:ED:87:F9:30:C2:EA:C8:2C:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91970E2/8101258CF9A811E6A4EFE02EC4F9AE02/1NF3merJyZYrMl_th_kwwurILK8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1NF3merJyZYrMl_th_kwwurILK8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91970E2/8101258CF9A811E6A4EFE02EC4F9AE02/ADB6934A9A4911E7857CA62FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.205.133.0/24
Signature Algorithm: sha256WithRSAEncryption
12:b8:1e:2c:f0:1d:ac:d7:a7:2f:d5:e3:13:76:f3:11:a2:cf:
de:df:aa:08:98:53:61:eb:38:c9:fc:c3:11:19:20:5e:54:cc:
d2:e3:0a:c9:e5:93:f6:49:c4:ab:de:26:da:5e:14:29:30:65:
31:2b:4f:b1:24:af:49:80:5b:58:b3:83:03:52:e9:0f:06:f8:
18:54:7d:ae:7e:ee:0f:b7:dc:b0:c7:1d:a2:26:b0:d5:ab:59:
31:b1:8e:fe:89:a0:1a:95:50:cb:40:ee:3b:7c:35:d0:35:7a:
70:f2:46:02:6c:cc:ac:33:4a:de:a8:0c:f0:91:f8:e5:4d:1a:
30:87:09:33:91:ac:1d:bf:d1:00:b3:65:8c:48:f9:0a:c8:b6:
62:63:ea:7a:4d:2d:7a:9d:4d:e8:a6:be:c2:69:1f:a3:6d:45:
c0:de:c7:22:88:c4:9d:63:ce:3c:0b:fa:5f:27:06:45:06:b0:
24:99:22:ad:83:0b:91:cd:5b:61:d3:dd:5d:14:84:5f:3b:ab:
c0:bb:4b:c9:4c:ca:26:87:63:19:12:f3:3f:7f:b9:93:fb:21:
d3:c5:30:6c:9c:35:0c:af:aa:36:89:af:43:f1:a0:85:1d:1e:
18:a7:e1:44:2c:3b:02:3d:7a:ed:fa:fa:24:5d:16:bf:ed:3a:
78:c7:7b:02
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICG8MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTcwRTIxMTAvBgNVBAUTKEQ0RDE3Nzk5RUFDOUM5OTYyQjMyNUZFRDg3RjkzMEMy
RUFDODJDQUYwHhcNMjUwMzA0MTY1MzM1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3MzAwZi0zYmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuFtOi5hQDfwhv59GkOJHGIoTTC+Uw1p0QV4I7hq+eAyDhvfIPXNYl350i0S7
KxfDTdnyYEzgkYnMhXxa/c71mWJrtF8as+4gsSH0FcnOdrBVv4q/T5XzRbqgp9EY
4tfBzdS7m51eqm8Zwx92jgMkemZil+nGpy9O34zwLRVjjiEp72FNMXWMSIo4re0d
ldXKkUtz+U4Mfzlag90M+6Sr0t/klArgqMHec1eev5Gfanx2PTWCYssJ6RdS1N/j
MDicTzPEdKCzANVgY04ataVIcinfrT87kzpdXCl3Ab1a5exgLsuDaAHN8Ofv4szK
xkVDT3Rwd38q7lIghRdODLZUewIDAQABo4IClTCCApEwHQYDVR0OBBYEFDGOLZuo
UVXOlxsoAmL/nhj6lUrxMB8GA1UdIwQYMBaAFNTRd5nqycmWKzJf7Yf5MMLqyCyv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzBFMi84MTAxMjU4Q0Y5
QTgxMUU2QTRFRkUwMkVDNEY5QUUwMi8xTkYzbWVySnlaWXJNbF90aF9rd3d1cklM
SzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFORjNtZXJKeVpZck1sX3RoX2t3d3VySUxLOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTcwRTIvODEwMTI1OENGOUE4MTFFNkE0RUZFMDJFQzRGOUFFMDIvQURCNjkzNEE5
QTQ5MTFFNzg1N0NBNjJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnzYUwDQYJKoZIhvcNAQELBQADggEBABK4HizwHazXpy/V
4xN28xGiz97fqgiYU2HrOMn8wxEZIF5UzNLjCsnlk/ZJxKveJtpeFCkwZTErT7Ek
r0mAW1izgwNS6Q8G+BhUfa5+7g+33LDHHaImsNWrWTGxjv6JoBqVUMtA7jt8NdA1
enDyRgJszKwzSt6oDPCR+OVNGjCHCTORrB2/0QCzZYxI+QrItmJj6npNLXqdTeim
vsJpH6NtRcDexyKIxJ1jzjwL+l8nBkUGsCSZIq2DC5HNW2HT3V0UhF87q8C7S8lM
yiaHYxkS8z9/uZP7IdPFMGycNQyvqjaJr0PxoIUdHhin4UQsOwI9eu36+iRdFr/t
OnjHewI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:04:47 2025 by rpki-client