Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A394B/10ACAB0A61B411EE80CE1846C4F9AE02/6015E82861B411EEBAA6AD59C4F9AE02.roa
File: 6015E82861B411EEBAA6AD59C4F9AE02.roa (raw, json)
Hash identifier: K2l/EtZxWeLVYqj5ycNq5EmQOfjL5aHh+ijS2CAjoJE=
Subject key identifier: 37:96:13:B7:E0:6D:AA:84:F0:42:F5:90:0E:7A:26:2C:29:7D:76:0A
Certificate issuer: /CN=A91A394B/serialNumber=9408E9D7B6CEB834CA90901E45786010C069C32B
Certificate serial: AB
Authority key identifier: 94:08:E9:D7:B6:CE:B8:34:CA:90:90:1E:45:78:60:10:C0:69:C3:2B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lAjp17bOuDTKkJAeRXhgEMBpwys.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A394B/10ACAB0A61B411EE80CE1846C4F9AE02/6015E82861B411EEBAA6AD59C4F9AE02.roa
Signing time: Fri 23 Aug 2024 05:47:50 +0000
ROA not before: Fri 23 Aug 2024 05:47:50 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 133131
IP address blocks: 103.167.252.0/23 maxlen: 23
103.167.252.0/24 maxlen: 24
103.167.253.0/24 maxlen: 24
2001:df2:c340::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171 (0xab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A394B
Validity
Not Before: Aug 23 05:47:50 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66c82285-e215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c4:57:7a:ce:87:a3:3a:bf:f7:f9:a3:5a:63:
07:cf:6d:c9:3a:19:29:90:89:1c:47:4c:55:20:85:
2d:ad:71:f1:99:7c:ec:c5:33:6b:05:1c:48:fa:22:
90:07:0a:7f:8c:da:53:1b:84:1c:bb:b4:07:4e:6c:
41:0c:01:49:2d:4d:a8:a9:82:47:43:50:11:d2:d5:
11:22:48:e1:ee:b9:86:ac:6d:3a:7b:c4:b3:71:d2:
a2:af:cc:66:6f:cb:34:8d:5b:b8:b1:13:01:a3:52:
0e:50:1a:52:cd:82:7a:0f:4f:61:28:97:30:68:1b:
00:d6:49:f6:ba:de:3b:8c:67:52:04:6a:f0:3f:37:
a8:ac:ee:cb:df:ea:73:b6:37:bb:a8:ec:25:8c:39:
4d:6f:b4:16:ef:7f:e0:ac:6a:18:30:40:fd:c8:7c:
2d:27:94:e3:57:89:a9:4c:77:83:dc:d3:dc:04:bd:
a1:73:79:fc:68:01:34:28:f1:44:ac:36:3d:24:46:
70:de:77:45:51:69:ac:fa:d4:65:02:9c:69:2f:aa:
55:d1:17:da:01:95:b0:8b:f3:43:35:08:d9:03:15:
69:cb:41:08:d0:21:94:32:a5:78:49:f8:e6:41:57:
3d:6c:1d:f9:5a:f7:be:f4:e1:7e:38:74:e5:5d:d3:
34:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:96:13:B7:E0:6D:AA:84:F0:42:F5:90:0E:7A:26:2C:29:7D:76:0A
X509v3 Authority Key Identifier:
keyid:94:08:E9:D7:B6:CE:B8:34:CA:90:90:1E:45:78:60:10:C0:69:C3:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A394B/10ACAB0A61B411EE80CE1846C4F9AE02/lAjp17bOuDTKkJAeRXhgEMBpwys.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lAjp17bOuDTKkJAeRXhgEMBpwys.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A394B/10ACAB0A61B411EE80CE1846C4F9AE02/6015E82861B411EEBAA6AD59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.252.0/23
IPv6:
2001:df2:c340::/48
Signature Algorithm: sha256WithRSAEncryption
76:d6:57:95:51:14:ee:a5:a4:ab:24:3e:42:ca:c5:ae:6a:bf:
37:1d:4e:a8:ec:c8:6f:f7:c0:24:05:c6:24:84:7b:e2:60:6e:
85:b9:77:16:60:1e:a7:a8:7c:cc:ae:90:71:bc:89:7e:d8:f2:
cc:6d:33:ed:d8:86:24:2c:82:26:51:41:43:69:da:e1:f2:3a:
bb:d1:12:81:59:37:20:55:7e:d3:5d:61:58:b2:ee:0f:e7:74:
16:e1:72:ec:0a:16:86:28:16:e7:2e:8d:b7:0e:10:4c:c4:f0:
fb:22:1a:16:2a:5b:16:aa:e0:23:bc:7f:a9:d8:9b:bd:82:87:
c7:8a:ba:19:19:33:6f:26:0f:6b:c3:bf:c7:a2:7c:02:34:43:
5d:e7:d4:5d:a5:13:ce:67:57:89:52:d5:1e:9b:67:f6:f0:18:
f3:a9:55:40:d2:98:01:b3:58:35:4f:64:2d:ce:38:3f:af:4f:
c1:c6:7e:85:22:62:2a:8b:ce:ff:8c:45:e1:df:fe:94:6a:ef:
0d:5a:45:6e:cf:e4:0d:8b:6a:8d:da:83:98:68:87:0f:ee:05:
4e:58:68:af:2d:ba:d8:47:4b:b4:d7:f7:2f:1f:67:b4:d5:fe:
61:29:1e:85:26:14:2a:82:74:b7:38:79:c5:d1:e9:85:fc:d6:
cf:9d:3b:ed
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTM5NEIxMTAvBgNVBAUTKDk0MDhFOUQ3QjZDRUI4MzRDQTkwOTAxRTQ1Nzg2MDEw
QzA2OUMzMkIwHhcNMjQwODIzMDU0NzUwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM4MjI4NS1lMjE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxsRXes6Hozq/9/mjWmMHz23JOhkpkIkcR0xVIIUtrXHxmXzsxTNrBRxI+iKQ
Bwp/jNpTG4Qcu7QHTmxBDAFJLU2oqYJHQ1AR0tURIkjh7rmGrG06e8SzcdKir8xm
b8s0jVu4sRMBo1IOUBpSzYJ6D09hKJcwaBsA1kn2ut47jGdSBGrwPzeorO7L3+pz
tje7qOwljDlNb7QW73/grGoYMED9yHwtJ5TjV4mpTHeD3NPcBL2hc3n8aAE0KPFE
rDY9JEZw3ndFUWms+tRlApxpL6pV0RfaAZWwi/NDNQjZAxVpy0EI0CGUMqV4Sfjm
QVc9bB35Wve+9OF+OHTlXdM0nQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDeWE7fg
baqE8EL1kA56JiwpfXYKMB8GA1UdIwQYMBaAFJQI6de2zrg0ypCQHkV4YBDAacMr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMzk0Qi8xMEFDQUIwQTYx
QjQxMUVFODBDRTE4NDZDNEY5QUUwMi9sQWpwMTdiT3VEVEtrSkFlUlhoZ0VNQnB3
eXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xBanAxN2JPdURUS2tKQWVSWGhnRU1CcHd5cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTM5NEIvMTBBQ0FCMEE2MUI0MTFFRTgwQ0UxODQ2QzRGOUFFMDIvNjAxNUU4Mjg2
MUI0MTFFRUJBQTZBRDU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnp/wwDwQCAAIwCQMHACABDfLDQDANBgkqhkiG9w0BAQsF
AAOCAQEAdtZXlVEU7qWkqyQ+QsrFrmq/Nx1OqOzIb/fAJAXGJIR74mBuhbl3FmAe
p6h8zK6QcbyJftjyzG0z7diGJCyCJlFBQ2na4fI6u9ESgVk3IFV+011hWLLuD+d0
FuFy7AoWhigW5y6Ntw4QTMTw+yIaFipbFqrgI7x/qdibvYKHx4q6GRkzbyYPa8O/
x6J8AjRDXefUXaUTzmdXiVLVHptn9vAY86lVQNKYAbNYNU9kLc44P69PwcZ+hSJi
KovO/4xF4d/+lGrvDVpFbs/kDYtqjdqDmGiHD+4FTlhory262EdLtNf3Lx9ntNX+
YSkehSYUKoJ0tzh5xdHphfzWz5077Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:12:34 2025 by rpki-client