Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/BE9174768DDE11ED97AFDA82C4F9AE02.roa
File: BE9174768DDE11ED97AFDA82C4F9AE02.roa (raw, json)
Hash identifier: fFAFWp3SGDiligAO05H4p9el//2m+rPWPKenlyAVezU=
Subject key identifier: A4:95:83:F4:3C:4B:AA:9D:12:D9:14:AB:0C:32:90:22:E2:52:76:D9
Certificate issuer: /CN=A919960D/serialNumber=42004CF6BCA1FA56424F5EEA24F62A92B25CDECF
Certificate serial: 0168
Authority key identifier: 42:00:4C:F6:BC:A1:FA:56:42:4F:5E:EA:24:F6:2A:92:B2:5C:DE:CF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QgBM9ryh-lZCT17qJPYqkrJc3s8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/BE9174768DDE11ED97AFDA82C4F9AE02.roa
Signing time: Wed 27 Nov 2024 02:26:37 +0000
ROA not before: Wed 27 Nov 2024 02:26:37 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 141342
IP address blocks: 103.157.40.0/24 maxlen: 24
103.157.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 360 (0x168)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919960D
Validity
Not Before: Nov 27 02:26:37 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6746835c-a477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:96:d4:e9:ca:35:b9:0d:14:f0:eb:0d:67:e9:
60:fd:dd:70:e4:61:ef:38:90:4b:60:6a:f9:63:aa:
04:af:bb:14:92:2c:6b:b6:4f:33:b9:e2:7b:a5:c7:
e8:cd:c9:98:0c:f6:3f:e4:e8:de:5c:22:07:f2:f8:
6f:ec:d4:a4:e9:6c:45:92:69:2c:67:b6:76:5b:32:
b7:71:6f:79:78:e8:d1:8e:bf:ed:99:e8:a6:78:1b:
b8:4a:2c:f9:45:eb:07:3c:19:a5:ee:f1:8a:b5:98:
f1:86:0a:7d:a3:be:b8:15:68:aa:81:08:f7:f4:82:
e4:44:85:18:4e:fa:7d:3e:7f:ea:bc:51:4f:35:83:
7f:72:b7:b3:7f:1b:79:86:d2:b0:a1:82:a0:e7:da:
fd:18:e3:a7:f8:9d:e6:07:96:48:dd:91:8f:d1:66:
5f:7e:8c:a3:be:e9:a2:13:64:56:7e:59:3a:2e:fd:
99:77:d2:01:5b:1c:15:32:ac:60:a3:0a:ad:ee:5f:
fa:fa:c6:02:4f:57:83:cd:f9:64:08:81:3c:90:fc:
de:c8:4f:d7:09:91:50:d0:de:af:d6:35:e4:fd:b7:
7a:cd:ad:d1:75:2e:ae:f8:26:b8:8e:57:51:58:a8:
e7:0e:da:49:fe:a9:b1:e7:3d:98:78:a7:df:0d:7f:
d0:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:95:83:F4:3C:4B:AA:9D:12:D9:14:AB:0C:32:90:22:E2:52:76:D9
X509v3 Authority Key Identifier:
keyid:42:00:4C:F6:BC:A1:FA:56:42:4F:5E:EA:24:F6:2A:92:B2:5C:DE:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QgBM9ryh-lZCT17qJPYqkrJc3s8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/BE9174768DDE11ED97AFDA82C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.40.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:8e:1a:0a:ae:2e:d2:a5:a6:6a:ac:9b:f6:68:c0:32:c0:39:
e9:3f:3e:fa:ef:f5:75:37:d1:34:9d:f2:8d:10:6c:45:af:4d:
ff:23:1a:75:55:de:e9:74:0d:1e:1c:b1:84:92:ed:01:40:51:
37:a7:8e:f9:fd:45:40:31:11:f8:bb:30:7d:0b:ec:20:84:55:
e9:8d:85:d4:d8:ae:91:8f:76:cf:61:63:89:9a:24:20:8f:32:
4b:bc:a7:a2:90:05:4f:fb:9b:30:2e:32:d3:a5:14:3d:29:59:
bd:dc:01:a3:ad:78:7e:07:81:16:50:f6:6a:ce:43:c1:93:51:
cb:bf:c1:7e:ab:0b:9a:63:ea:7c:2f:52:f1:d1:8e:86:c1:87:
c0:a0:70:db:8a:05:c1:11:29:8a:7b:41:f8:44:7d:de:12:ae:
91:70:98:50:1c:b2:36:28:a9:ff:dd:0f:6b:48:cb:16:bb:6c:
9f:dd:cf:ea:1f:fb:63:2c:f5:3c:18:14:45:25:bd:97:6d:f3:
bc:52:cc:a2:8f:72:35:6f:f2:ae:d7:f5:3b:9a:53:e5:5e:ba:
c8:fb:18:b8:db:4b:bf:5d:a8:c3:2a:48:be:a0:e9:58:86:02:
8c:e4:d0:68:3e:2f:64:e5:6c:f1:4a:68:eb:7f:2d:c9:f6:e2:
24:fc:f5:44
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAWgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTk2MEQxMTAvBgNVBAUTKDQyMDA0Q0Y2QkNBMUZBNTY0MjRGNUVFQTI0RjYyQTky
QjI1Q0RFQ0YwHhcNMjQxMTI3MDIyNjM3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ2ODM1Yy1hNDc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz5bU6co1uQ0U8OsNZ+lg/d1w5GHvOJBLYGr5Y6oEr7sUkixrtk8zueJ7pcfo
zcmYDPY/5OjeXCIH8vhv7NSk6WxFkmksZ7Z2WzK3cW95eOjRjr/tmeimeBu4Siz5
ResHPBml7vGKtZjxhgp9o764FWiqgQj39ILkRIUYTvp9Pn/qvFFPNYN/crezfxt5
htKwoYKg59r9GOOn+J3mB5ZI3ZGP0WZffoyjvumiE2RWflk6Lv2Zd9IBWxwVMqxg
owqt7l/6+sYCT1eDzflkCIE8kPzeyE/XCZFQ0N6v1jXk/bd6za3RdS6u+Ca4jldR
WKjnDtpJ/qmx5z2YeKffDX/QkwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKSVg/Q8
S6qdEtkUqwwykCLiUnbZMB8GA1UdIwQYMBaAFEIATPa8ofpWQk9e6iT2KpKyXN7P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTYwRC9CRDBCNjRDNjhE
REExMUVEODczQTc0ODdDNEY5QUUwMi9RZ0JNOXJ5aC1sWkNUMTdxSlBZcWtySmMz
czguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FnQk05cnloLWxaQ1QxN3FKUFlxa3JKYzNzOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTk2MEQvQkQwQjY0QzY4RERBMTFFRDg3M0E3NDg3QzRGOUFFMDIvQkU5MTc0NzY4
RERFMTFFRDk3QUZEQTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnSgwDQYJKoZIhvcNAQELBQADggEBAD6OGgquLtKlpmqs
m/ZowDLAOek/Pvrv9XU30TSd8o0QbEWvTf8jGnVV3ul0DR4csYSS7QFAUTenjvn9
RUAxEfi7MH0L7CCEVemNhdTYrpGPds9hY4maJCCPMku8p6KQBU/7mzAuMtOlFD0p
Wb3cAaOteH4HgRZQ9mrOQ8GTUcu/wX6rC5pj6nwvUvHRjobBh8CgcNuKBcERKYp7
QfhEfd4SrpFwmFAcsjYoqf/dD2tIyxa7bJ/dz+of+2Ms9TwYFEUlvZdt87xSzKKP
cjVv8q7X9TuaU+Veusj7GLjbS79dqMMqSL6g6ViGAozk0Gg+L2TlbPFKaOt/Lcn2
4iT89UQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:35:36 2025 by rpki-client