Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/251E8EC04C8C11EDAE405312C4F9AE02.roa
File: 251E8EC04C8C11EDAE405312C4F9AE02.roa (raw, json)
Hash identifier: 0lJvp/BTetRza5pPnqi89WltMTdqSqPnuQFo1wq7T4A=
Subject key identifier: A1:46:69:E2:9D:EF:41:FC:ED:63:F6:D2:9B:CA:95:D5:F6:47:3B:02
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 45CE
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/251E8EC04C8C11EDAE405312C4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:34:01 +0000
ROA not before: Thu 05 Sep 2024 03:34:01 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 149130
IP address blocks: 103.234.150.0/23 maxlen: 24
2400:a8e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17870 (0x45ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:34:01 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d926a9-c93f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:63:79:7c:4d:b6:3a:61:d1:0c:20:7d:80:18:
89:62:a7:d0:47:fa:be:51:1c:f4:db:74:b0:8c:b7:
43:33:84:c7:25:b4:c0:a8:61:ce:98:fd:36:c9:fc:
bc:d0:d7:1f:13:f5:0b:08:54:ce:1d:b1:da:9a:cc:
c3:be:91:9f:f4:a4:eb:55:2b:4d:0b:50:e7:27:bd:
f2:90:31:59:f7:13:6c:68:84:1d:70:15:c1:ed:10:
e7:4b:b4:3c:23:71:c7:9f:6e:3f:74:6d:4c:8d:e7:
ec:3a:1d:99:37:27:ce:96:80:4f:2f:02:27:c2:5d:
c5:5a:17:b6:c4:9b:75:27:23:fb:e7:64:d0:8c:0c:
b3:1f:50:27:c2:f5:aa:cc:85:94:01:d1:7b:7c:48:
da:07:82:e3:4a:48:70:f8:2e:15:e2:4b:54:f1:a1:
73:77:df:55:ea:9e:cc:d0:ac:51:6f:40:86:ff:13:
ff:eb:5a:30:ae:76:c7:17:09:8d:90:04:d2:cc:d8:
9f:b9:59:fb:a0:a1:25:79:65:e1:22:ea:a4:7b:8b:
95:3f:41:1a:0d:2f:31:0f:ed:47:04:8a:c7:b2:5b:
dd:01:63:84:51:29:3e:d2:de:81:be:11:2e:52:28:
51:4c:08:3d:c9:e8:16:6f:fe:86:c5:04:61:53:11:
a4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:46:69:E2:9D:EF:41:FC:ED:63:F6:D2:9B:CA:95:D5:F6:47:3B:02
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/251E8EC04C8C11EDAE405312C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.234.150.0/23
IPv6:
2400:a8e0::/48
Signature Algorithm: sha256WithRSAEncryption
1f:d8:57:78:f4:45:86:af:88:1b:bf:c5:5a:0e:6a:71:b7:73:
52:ce:02:3c:1e:45:8a:54:59:30:eb:86:d9:bb:f7:7c:33:b1:
01:d2:3e:4f:4b:9b:45:35:c0:de:c2:5b:eb:de:bb:da:de:c1:
f0:be:42:ad:df:84:e6:04:d7:6a:a9:e2:d3:0f:c9:60:10:f1:
b8:14:3d:20:d8:1e:6c:56:4a:7d:35:d2:87:3c:35:a9:71:4a:
67:db:10:cb:ec:b8:b3:08:fe:3b:d3:cd:73:1a:03:5a:a4:fc:
39:01:d1:72:90:98:ef:b1:16:75:90:4c:80:56:6e:25:0b:66:
66:0e:96:7f:26:8e:20:4d:44:e3:13:b2:51:e7:d6:94:65:d5:
3a:42:80:0e:d0:e1:73:4a:6d:ba:d9:dc:0c:bf:6e:d4:35:25:
0a:9f:ed:56:9b:c9:d9:cb:a9:72:0d:75:25:96:1b:df:69:77:
08:d4:50:02:bc:33:7b:f9:c8:67:b7:6f:12:08:34:db:72:6e:
28:f6:74:0b:e1:e1:72:28:ad:57:e4:41:15:42:5b:a1:d0:c4:
55:bb:99:a6:9a:5f:60:db:2d:ac:b4:20:05:42:66:0e:fa:b1:
ee:3f:18:07:9a:dc:93:81:ed:b9:c2:5b:4d:0b:f1:fc:c9:6c:
3a:fb:80:d3
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICRc4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzNDAxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjZhOS1jOTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp2N5fE22OmHRDCB9gBiJYqfQR/q+URz023SwjLdDM4THJbTAqGHOmP02yfy8
0NcfE/ULCFTOHbHamszDvpGf9KTrVStNC1DnJ73ykDFZ9xNsaIQdcBXB7RDnS7Q8
I3HHn24/dG1MjefsOh2ZNyfOloBPLwInwl3FWhe2xJt1JyP752TQjAyzH1AnwvWq
zIWUAdF7fEjaB4LjSkhw+C4V4ktU8aFzd99V6p7M0KxRb0CG/xP/61owrnbHFwmN
kATSzNifuVn7oKEleWXhIuqke4uVP0EaDS8xD+1HBIrHslvdAWOEUSk+0t6BvhEu
UihRTAg9yegWb/6GxQRhUxGkjwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKFGaeKd
70H87WP20pvKldX2RzsCMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMjUxRThFQzA0
QzhDMTFFREFFNDA1MzEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFn6pYwDwQCAAIwCQMHACQAqOAAADANBgkqhkiG9w0BAQsF
AAOCAQEAH9hXePRFhq+IG7/FWg5qcbdzUs4CPB5FilRZMOuG2bv3fDOxAdI+T0ub
RTXA3sJb69672t7B8L5Crd+E5gTXaqni0w/JYBDxuBQ9INgebFZKfTXShzw1qXFK
Z9sQy+y4swj+O9PNcxoDWqT8OQHRcpCY77EWdZBMgFZuJQtmZg6WfyaOIE1E4xOy
UefWlGXVOkKADtDhc0ptutncDL9u1DUlCp/tVpvJ2cupcg11JZYb32l3CNRQArwz
e/nIZ7dvEgg023JuKPZ0C+HhciitV+RBFUJbodDEVbuZpppfYNstrLQgBUJmDvqx
7j8YB5rck4HtucJbTQvx/MlsOvuA0w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:27:51 2025 by rpki-client