Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0FB6/BE4DF222CD1D11EDA266EA39C4F9AE02/1B010960CD2211ED8A66486BC4F9AE02.roa
File: 1B010960CD2211ED8A66486BC4F9AE02.roa (raw, json)
Hash identifier: gexTzIiKhgLcrcI1jyC1eZ1O4wMhCdNKof8sdrmuHDE=
Subject key identifier: 57:5F:4B:74:67:43:34:24:C4:95:B8:16:DB:B9:DA:23:04:7E:7B:7F
Certificate issuer: /CN=A91A0FB6/serialNumber=730C918829B33FA6C8E7C8D0527B26CC50B9352D
Certificate serial: 0145
Authority key identifier: 73:0C:91:88:29:B3:3F:A6:C8:E7:C8:D0:52:7B:26:CC:50:B9:35:2D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cwyRiCmzP6bI58jQUnsmzFC5NS0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0FB6/BE4DF222CD1D11EDA266EA39C4F9AE02/1B010960CD2211ED8A66486BC4F9AE02.roa
Signing time: Thu 05 Dec 2024 03:17:41 +0000
ROA not before: Thu 05 Dec 2024 03:17:41 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 150674
IP address blocks: 103.53.156.0/23 maxlen: 24
2001:df1:aec0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 325 (0x145)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0FB6
Validity
Not Before: Dec 5 03:17:41 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67511b54-d260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5b:a2:25:a8:68:e3:68:4c:dd:74:62:7d:80:
56:a3:9e:a5:d5:3e:f6:91:32:cd:f7:cf:86:66:c8:
76:d6:8f:58:74:6b:b1:b1:5e:16:9e:2a:1e:55:9e:
fe:52:47:90:1d:9e:6a:79:70:aa:da:06:fa:0f:57:
5f:ac:6d:f1:f1:ec:62:47:ad:3d:41:0a:bc:44:13:
f1:b5:63:f1:a0:6a:8e:dd:b9:ef:b5:cb:f0:75:23:
7d:18:38:95:12:9d:e0:78:9d:56:60:c4:96:e1:66:
3e:83:fc:52:d8:f0:e4:87:32:cc:bc:c0:90:da:b6:
ae:4e:dd:a0:16:4f:24:07:5c:b1:06:9f:e8:82:dc:
52:09:e1:72:f8:84:92:b1:a5:55:9c:58:05:b4:df:
47:cc:3a:4b:82:aa:be:48:3f:74:cd:83:7f:3d:c2:
fb:cf:1a:00:49:e0:2f:45:b6:9a:42:eb:e0:91:80:
22:f1:c0:97:48:5b:d9:9c:bb:9e:30:8f:1a:97:5c:
49:f5:cb:7a:a9:27:3a:c7:ce:cf:18:22:65:b4:e8:
6b:5c:d7:e8:5c:d8:f3:ae:bf:74:1a:8a:c6:ce:84:
08:d6:0e:24:9f:74:9c:aa:33:21:03:1b:24:8a:66:
f4:e8:5e:91:61:61:f9:ce:95:0e:07:5f:2e:a3:81:
21:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:5F:4B:74:67:43:34:24:C4:95:B8:16:DB:B9:DA:23:04:7E:7B:7F
X509v3 Authority Key Identifier:
keyid:73:0C:91:88:29:B3:3F:A6:C8:E7:C8:D0:52:7B:26:CC:50:B9:35:2D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0FB6/BE4DF222CD1D11EDA266EA39C4F9AE02/cwyRiCmzP6bI58jQUnsmzFC5NS0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cwyRiCmzP6bI58jQUnsmzFC5NS0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0FB6/BE4DF222CD1D11EDA266EA39C4F9AE02/1B010960CD2211ED8A66486BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.53.156.0/23
IPv6:
2001:df1:aec0::/48
Signature Algorithm: sha256WithRSAEncryption
74:52:5b:9c:7c:a3:6c:96:1f:c5:61:89:f1:a6:1d:6d:2e:ba:
bb:b2:f5:58:1a:23:f5:3b:1f:40:4e:77:2e:b0:a5:bb:d1:ec:
66:fe:25:c6:49:d7:ba:bd:51:82:03:22:b0:11:33:ce:8d:96:
b8:85:3e:06:8f:4b:64:fd:10:6b:e7:cf:f8:5d:e8:6c:00:74:
08:1e:72:b2:4f:b4:83:fc:c4:0f:1d:0f:0c:85:57:12:c5:1b:
86:f1:ec:4e:d7:85:7c:dc:d7:e5:4b:43:80:fa:fa:f9:70:27:
f1:bb:6c:14:44:79:dc:61:4e:fd:b4:09:3d:68:05:77:19:30:
b7:28:04:6a:0b:9c:a6:86:35:fb:1e:5e:79:ad:6d:d8:fd:c1:
7a:e2:12:05:b7:4d:fc:46:f5:01:36:72:69:cc:b1:ca:c5:23:
40:27:c9:09:fb:8a:3c:3d:78:36:a8:0b:14:14:02:9f:ea:3c:
38:a8:b8:46:54:28:86:a5:83:2d:4d:93:a7:8b:16:2a:c6:07:
6e:9b:d0:d4:14:ed:6d:c2:78:ac:64:5c:7c:08:46:72:fc:6f:
e9:54:f3:c3:d6:75:cd:fe:55:c0:f9:c1:6c:c4:1d:79:ca:c0:
26:58:1f:5a:6a:02:1e:af:40:d5:66:6a:06:85:3d:4a:56:0c:
aa:5b:21:f9
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTBGQjYxMTAvBgNVBAUTKDczMEM5MTg4MjlCMzNGQTZDOEU3QzhEMDUyN0IyNkND
NTBCOTM1MkQwHhcNMjQxMjA1MDMxNzQxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUxMWI1NC1kMjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArFuiJaho42hM3XRifYBWo56l1T72kTLN98+GZsh21o9YdGuxsV4WnioeVZ7+
UkeQHZ5qeXCq2gb6D1dfrG3x8exiR609QQq8RBPxtWPxoGqO3bnvtcvwdSN9GDiV
Ep3geJ1WYMSW4WY+g/xS2PDkhzLMvMCQ2rauTt2gFk8kB1yxBp/ogtxSCeFy+ISS
saVVnFgFtN9HzDpLgqq+SD90zYN/PcL7zxoASeAvRbaaQuvgkYAi8cCXSFvZnLue
MI8al1xJ9ct6qSc6x87PGCJltOhrXNfoXNjzrr90GorGzoQI1g4kn3ScqjMhAxsk
imb06F6RYWH5zpUOB18uo4EhJQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFFdfS3Rn
QzQkxJW4Ftu52iMEfnt/MB8GA1UdIwQYMBaAFHMMkYgpsz+myOfI0FJ7JsxQuTUt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMEZCNi9CRTRERjIyMkNE
MUQxMUVEQTI2NkVBMzlDNEY5QUUwMi9jd3lSaUNtelA2Ykk1OGpRVW5zbXpGQzVO
UzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2N3eVJpQ216UDZiSTU4alFVbnNtekZDNU5TMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTBGQjYvQkU0REYyMjJDRDFEMTFFREEyNjZFQTM5QzRGOUFFMDIvMUIwMTA5NjBD
RDIyMTFFRDhBNjY0ODZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnNZwwDwQCAAIwCQMHACABDfGuwDANBgkqhkiG9w0BAQsF
AAOCAQEAdFJbnHyjbJYfxWGJ8aYdbS66u7L1WBoj9TsfQE53LrClu9HsZv4lxknX
ur1RggMisBEzzo2WuIU+Bo9LZP0Qa+fP+F3obAB0CB5ysk+0g/zEDx0PDIVXEsUb
hvHsTteFfNzX5UtDgPr6+XAn8btsFER53GFO/bQJPWgFdxkwtygEagucpoY1+x5e
ea1t2P3BeuISBbdN/Eb1ATZyacyxysUjQCfJCfuKPD14NqgLFBQCn+o8OKi4RlQo
hqWDLU2Tp4sWKsYHbpvQ1BTtbcJ4rGRcfAhGcvxv6VTzw9Z1zf5VwPnBbMQdecrA
JlgfWmoCHq9A1WZqBoU9SlYMqlsh+Q==
-----END CERTIFICATE-----
Generated at Fri Apr 11 00:18:44 2025 by rpki-client