Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1D43/8929DFDEEA2811EDB7DD0118C4F9AE02/8B1BDC14EA3911EDB91E190BC4F9AE02.roa
File: 8B1BDC14EA3911EDB91E190BC4F9AE02.roa (raw, json)
Hash identifier: +iPaNHR0I7CGA19//oU6de8PSF7FBlMHBTXC8ZhTdUo=
Subject key identifier: C1:A0:F3:B2:B6:52:1C:BF:46:FC:6F:7B:16:F5:B7:89:54:42:4C:93
Certificate issuer: /CN=A91A1D43/serialNumber=0BE0286355B5E256988CE454DF93FC0FCA7F6040
Certificate serial: 015E
Authority key identifier: 0B:E0:28:63:55:B5:E2:56:98:8C:E4:54:DF:93:FC:0F:CA:7F:60:40
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C-AoY1W14laYjORU35P8D8p_YEA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1D43/8929DFDEEA2811EDB7DD0118C4F9AE02/8B1BDC14EA3911EDB91E190BC4F9AE02.roa
Signing time: Wed 05 Mar 2025 04:49:44 +0000
ROA not before: Wed 05 Mar 2025 04:49:44 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 10143
IP address blocks: 103.67.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 350 (0x15e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1D43
Validity
Not Before: Mar 5 04:49:44 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c7d7e8-07ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b4:8d:c8:ba:51:be:21:cc:5d:2a:90:0a:1e:
c1:6f:fd:21:ca:ce:37:e4:5f:f2:6b:63:7c:4f:8d:
d8:24:55:2d:d4:bd:97:e8:e1:4c:4b:fc:55:d7:65:
b0:4a:8e:51:40:03:9d:18:04:84:b5:2e:a1:0e:6f:
0f:22:e5:4d:26:bd:92:20:b2:45:2f:06:e0:90:b6:
61:61:01:d6:b4:44:4e:7d:7b:84:39:46:c7:ad:40:
c4:d0:3b:e3:7f:3b:8d:7e:ef:19:46:4f:bb:e2:da:
64:63:88:74:79:99:a2:fc:75:29:ce:1f:1c:94:aa:
8a:ae:6c:4b:20:b5:b6:72:37:83:91:90:4d:1c:e1:
04:b8:19:bc:c5:10:2f:74:42:c2:4d:80:e8:9a:ee:
72:64:fe:5f:b4:ff:37:3c:ce:47:57:97:a3:5b:77:
53:10:15:6b:8f:8f:3d:ef:6c:8a:0a:f3:d3:e5:1f:
4d:7f:2a:78:cf:29:a4:df:5c:e1:cb:9d:47:38:62:
e8:b3:64:2c:e8:84:f1:c9:77:6a:bf:41:52:f6:fb:
79:fe:85:3b:98:03:d4:55:7c:65:52:d6:15:a9:4e:
0c:2b:2c:c9:0b:4a:7b:63:ad:21:65:e4:ad:67:2e:
18:4e:15:6a:75:04:92:1f:33:af:57:f8:b4:fa:55:
ef:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:A0:F3:B2:B6:52:1C:BF:46:FC:6F:7B:16:F5:B7:89:54:42:4C:93
X509v3 Authority Key Identifier:
keyid:0B:E0:28:63:55:B5:E2:56:98:8C:E4:54:DF:93:FC:0F:CA:7F:60:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1D43/8929DFDEEA2811EDB7DD0118C4F9AE02/C-AoY1W14laYjORU35P8D8p_YEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C-AoY1W14laYjORU35P8D8p_YEA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1D43/8929DFDEEA2811EDB7DD0118C4F9AE02/8B1BDC14EA3911EDB91E190BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.67.21.0/24
Signature Algorithm: sha256WithRSAEncryption
16:a3:06:98:37:3b:29:dc:f2:3f:3e:d5:81:38:10:c2:68:46:
a5:12:da:ba:f1:cc:e7:c0:26:ff:a3:0d:5e:48:a4:6f:bb:1c:
94:f1:cd:0a:a0:e5:90:c5:bd:1b:fc:a4:8a:3e:26:6b:61:f7:
85:3e:72:c6:f8:cb:af:39:88:8b:04:e9:56:0e:96:fe:7b:51:
15:de:1f:40:64:d6:c0:51:03:a8:3d:34:2e:63:f6:fe:11:39:
94:29:a4:78:4a:58:88:fe:67:ff:e5:4f:2d:61:1a:cd:70:1c:
04:33:99:60:62:c5:6f:21:7b:f7:b3:7a:a1:c7:04:3d:d1:9d:
ba:c4:54:71:c0:ff:f8:d5:9d:d6:87:d3:a3:ab:c1:b0:ad:49:
db:65:a0:41:81:0a:5d:c4:9a:e7:96:00:61:97:eb:4f:54:9b:
a9:d6:73:aa:98:83:e3:de:bb:2b:4b:df:a4:78:f3:83:82:d3:
3a:ec:c6:2d:6e:2f:45:3f:50:dc:0a:91:45:ae:5e:4b:36:c3:
a6:6f:2d:0a:f8:98:29:03:65:7b:48:7b:1e:34:3f:fd:26:56:
d5:ab:f2:85:76:8d:d9:70:b9:93:66:37:1a:c0:6a:1b:ff:76:
e5:42:be:fe:f8:95:98:8a:7e:58:a6:c3:d1:26:dc:89:a4:de:
f4:0c:95:bc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAV4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTFENDMxMTAvBgNVBAUTKDBCRTAyODYzNTVCNUUyNTY5ODhDRTQ1NERGOTNGQzBG
Q0E3RjYwNDAwHhcNMjUwMzA1MDQ0OTQ0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3ZDdlOC0wN2FiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr7SNyLpRviHMXSqQCh7Bb/0hys435F/ya2N8T43YJFUt1L2X6OFMS/xV12Ww
So5RQAOdGASEtS6hDm8PIuVNJr2SILJFLwbgkLZhYQHWtEROfXuEOUbHrUDE0Dvj
fzuNfu8ZRk+74tpkY4h0eZmi/HUpzh8clKqKrmxLILW2cjeDkZBNHOEEuBm8xRAv
dELCTYDomu5yZP5ftP83PM5HV5ejW3dTEBVrj48972yKCvPT5R9Nfyp4zymk31zh
y51HOGLos2Qs6ITxyXdqv0FS9vt5/oU7mAPUVXxlUtYVqU4MKyzJC0p7Y60hZeSt
Zy4YThVqdQSSHzOvV/i0+lXvxQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMGg87K2
Uhy/Rvxvexb1t4lUQkyTMB8GA1UdIwQYMBaAFAvgKGNVteJWmIzkVN+T/A/Kf2BA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUQ0My84OTI5REZERUVB
MjgxMUVEQjdERDAxMThDNEY5QUUwMi9DLUFvWTFXMTRsYVlqT1JVMzVQOEQ4cF9Z
RUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0MtQW9ZMVcxNGxhWWpPUlUzNVA4RDhwX1lFQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTFENDMvODkyOURGREVFQTI4MTFFREI3REQwMTE4QzRGOUFFMDIvOEIxQkRDMTRF
QTM5MTFFREI5MUUxOTBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnQxUwDQYJKoZIhvcNAQELBQADggEBABajBpg3Oync8j8+
1YE4EMJoRqUS2rrxzOfAJv+jDV5IpG+7HJTxzQqg5ZDFvRv8pIo+Jmth94U+csb4
y685iIsE6VYOlv57URXeH0Bk1sBRA6g9NC5j9v4ROZQppHhKWIj+Z//lTy1hGs1w
HAQzmWBixW8he/ezeqHHBD3RnbrEVHHA//jVndaH06OrwbCtSdtloEGBCl3EmueW
AGGX609Um6nWc6qYg+PeuytL36R484OC0zrsxi1uL0U/UNwKkUWuXks2w6ZvLQr4
mCkDZXtIex40P/0mVtWr8oV2jdlwuZNmNxrAahv/duVCvv74lZiKflimw9Em3Imk
3vQMlbw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:18:35 2025 by rpki-client