Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/970894AE3C0F11EEB8F0554FC4F9AE02.roa
File: 970894AE3C0F11EEB8F0554FC4F9AE02.roa (raw, json)
Hash identifier: sXFEm94eqzgdZxi5A/CKuFp0gIh3R5v0gnmEPEJlBzM=
Subject key identifier: DE:25:45:02:AF:F7:EF:31:D6:5A:E2:A3:81:89:D3:BC:40:E9:2A:E0
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 45FD
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/970894AE3C0F11EEB8F0554FC4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:34:43 +0000
ROA not before: Thu 05 Sep 2024 03:34:43 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 150866
IP address blocks: 103.243.168.0/24 maxlen: 24
103.243.169.0/24 maxlen: 24
2401:1d60::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17917 (0x45fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:34:43 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d926d2-a7bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bd:56:bc:33:b5:d7:62:26:02:00:19:53:4c:
74:a2:83:aa:ec:9d:65:60:62:b5:89:c0:fe:25:73:
45:91:f3:c8:18:5a:25:ea:5d:e8:7b:fd:27:03:5e:
38:50:ef:1b:2c:b9:b9:a9:a2:02:95:71:2a:8c:35:
9b:1f:82:c0:5d:18:d1:76:99:50:7f:9f:a5:53:78:
8c:e4:ef:79:49:66:bf:28:42:f0:26:d8:a4:c0:93:
9b:c4:23:ab:7f:da:c2:49:56:73:a4:e0:78:c7:43:
66:61:17:ee:49:d4:0b:ba:15:a2:ac:0e:d2:94:6b:
eb:22:01:10:87:01:fa:cc:19:eb:fa:e2:67:7d:a4:
92:09:80:66:ee:ea:36:4e:45:ec:78:ed:e4:ac:fc:
44:21:d4:30:16:f4:6e:17:6c:c5:31:a1:9b:a1:05:
b7:4b:be:82:6b:c1:17:fb:5d:85:c1:82:bb:92:45:
ad:48:af:8d:db:bf:9e:4b:66:34:3d:20:d1:ef:81:
08:ef:d0:6c:f2:87:a6:c2:3b:45:8a:ee:5f:87:2f:
95:dc:8e:03:5c:b4:ac:f5:f3:39:b1:3a:64:a2:f5:
c0:2d:b4:d4:4f:90:5f:64:f8:d3:56:30:36:43:d9:
0c:05:96:04:a7:36:4e:fb:9b:f5:54:e1:14:26:a7:
46:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:25:45:02:AF:F7:EF:31:D6:5A:E2:A3:81:89:D3:BC:40:E9:2A:E0
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/970894AE3C0F11EEB8F0554FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.243.168.0/23
IPv6:
2401:1d60::/48
Signature Algorithm: sha256WithRSAEncryption
05:93:60:fb:79:e2:9e:bf:ab:eb:c6:e7:f6:81:0e:c4:0a:06:
88:db:7e:b6:0f:fb:a1:bd:44:d5:56:e7:ac:04:9c:98:3b:f4:
e3:6a:9e:e5:e9:a2:ce:9f:b8:39:57:50:5d:d0:44:b0:44:2d:
65:30:85:96:33:10:74:f0:a0:10:27:08:26:d1:24:f8:75:51:
21:1e:cb:e4:2d:99:1f:fe:78:5f:a2:0d:2f:dc:c1:a2:38:5f:
df:e3:b8:62:b9:31:1c:e9:ae:24:ac:29:72:29:20:dc:cb:7e:
7c:56:8e:e2:6a:01:e9:8b:1a:28:ac:13:4c:0c:7a:71:de:d7:
37:73:65:3b:7c:eb:77:c4:17:c6:09:1d:4b:64:e8:b2:a8:a7:
c7:90:11:ea:28:d5:29:d7:65:8a:cf:0e:ad:89:96:b9:e5:3b:
a9:a4:51:a8:58:e0:c5:aa:bb:3b:6c:57:ee:73:97:a8:63:44:
b4:a3:e7:84:de:2f:90:5c:88:9c:70:19:3c:35:41:20:2a:f7:
89:26:a9:38:a8:a0:b5:1e:50:7a:7a:c7:1b:77:43:0b:6d:ab:
e5:5d:71:96:59:37:91:f3:8c:b7:fc:ac:6f:08:5e:28:d3:3f:
33:9e:63:72:0e:e1:12:03:b0:47:ce:1a:28:d7:13:69:56:25:
91:78:b7:f3
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICRf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzNDQzWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjZkMi1hN2JkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArL1WvDO112ImAgAZU0x0ooOq7J1lYGK1icD+JXNFkfPIGFol6l3oe/0nA144
UO8bLLm5qaIClXEqjDWbH4LAXRjRdplQf5+lU3iM5O95SWa/KELwJtikwJObxCOr
f9rCSVZzpOB4x0NmYRfuSdQLuhWirA7SlGvrIgEQhwH6zBnr+uJnfaSSCYBm7uo2
TkXseO3krPxEIdQwFvRuF2zFMaGboQW3S76Ca8EX+12FwYK7kkWtSK+N27+eS2Y0
PSDR74EI79Bs8oemwjtFiu5fhy+V3I4DXLSs9fM5sTpkovXALbTUT5BfZPjTVjA2
Q9kMBZYEpzZO+5v1VOEUJqdGvwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFN4lRQKv
9+8x1lrio4GJ07xA6SrgMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvOTcwODk0QUUz
QzBGMTFFRUI4RjA1NTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFn86gwDwQCAAIwCQMHACQBHWAAADANBgkqhkiG9w0BAQsF
AAOCAQEABZNg+3ninr+r68bn9oEOxAoGiNt+tg/7ob1E1VbnrAScmDv042qe5emi
zp+4OVdQXdBEsEQtZTCFljMQdPCgECcIJtEk+HVRIR7L5C2ZH/54X6INL9zBojhf
3+O4YrkxHOmuJKwpcikg3Mt+fFaO4moB6YsaKKwTTAx6cd7XN3NlO3zrd8QXxgkd
S2Tosqinx5AR6ijVKddlis8OrYmWueU7qaRRqFjgxaq7O2xX7nOXqGNEtKPnhN4v
kFyInHAZPDVBICr3iSapOKigtR5QenrHG3dDC22r5V1xllk3kfOMt/ysbwheKNM/
M55jcg7hEgOwR84aKNcTaVYlkXi38w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:19:27 2025 by rpki-client