Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8A85/573792CA562B11EBBD0CE21CC4F9AE02/6FBFD196C3B811EF82B40031C4F9AE02.roa
File: 6FBFD196C3B811EF82B40031C4F9AE02.roa (raw, json)
Hash identifier: bv5N0dR3KgPmbP3p5Aa0Bg0QE9UKX9HNK/VrSkjavcE=
Subject key identifier: 06:EE:38:FE:5C:34:51:4A:24:E2:E7:DB:D3:9D:31:30:95:CD:2E:5D
Certificate issuer: /CN=A91A8A85/serialNumber=2EAF60095334E7F0BAA065A92F653F5C744895C2
Certificate serial: 06B8
Authority key identifier: 2E:AF:60:09:53:34:E7:F0:BA:A0:65:A9:2F:65:3F:5C:74:48:95:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lq9gCVM05_C6oGWpL2U_XHRIlcI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A8A85/573792CA562B11EBBD0CE21CC4F9AE02/6FBFD196C3B811EF82B40031C4F9AE02.roa
Signing time: Thu 20 Feb 2025 23:31:42 +0000
ROA not before: Thu 20 Feb 2025 23:31:42 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 137967
IP address blocks: 103.161.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1720 (0x6b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A8A85
Validity
Not Before: Feb 20 23:31:42 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b7bb5e-c2d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:41:f3:7e:67:3e:b7:0d:9b:50:bb:d8:e6:32:
99:eb:64:76:f5:76:b0:14:89:f9:d4:be:6b:f5:45:
71:02:84:6e:bf:f6:5a:37:63:9a:ab:a1:e4:24:36:
9a:b8:87:73:bc:41:d3:48:6a:6a:3d:84:56:a5:43:
87:21:be:c2:9d:7e:17:91:10:83:14:6f:8d:f7:e6:
6e:3a:61:74:4b:e8:d2:38:f2:22:47:40:bd:aa:2a:
12:05:95:93:8f:f3:2f:89:3a:9f:0a:b5:2b:dd:b5:
96:de:27:fe:b4:81:57:d6:85:5d:32:21:0f:d1:ff:
73:a7:da:a2:7b:cd:a5:af:2c:ad:8a:17:73:39:5d:
12:78:3d:74:d3:f8:93:38:c0:e1:b5:c3:93:8c:1c:
a0:b4:65:3f:ec:b5:ba:c5:2f:a4:ff:a9:01:16:6e:
aa:54:07:81:9f:ac:37:9a:9f:ce:95:cc:31:f4:e1:
e1:c4:ea:25:b6:a6:95:c4:2b:4a:4c:8e:0d:bd:96:
2d:ae:76:6e:0c:5f:40:fa:b8:06:91:8d:d8:44:2e:
51:f5:31:91:98:6b:1d:03:12:79:45:2c:8a:b6:89:
6b:87:fb:c0:a4:68:49:3a:48:c7:fa:7a:d4:83:55:
df:37:ce:b6:51:88:7f:34:c4:df:f1:03:a0:c3:84:
4b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:EE:38:FE:5C:34:51:4A:24:E2:E7:DB:D3:9D:31:30:95:CD:2E:5D
X509v3 Authority Key Identifier:
keyid:2E:AF:60:09:53:34:E7:F0:BA:A0:65:A9:2F:65:3F:5C:74:48:95:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A8A85/573792CA562B11EBBD0CE21CC4F9AE02/Lq9gCVM05_C6oGWpL2U_XHRIlcI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lq9gCVM05_C6oGWpL2U_XHRIlcI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8A85/573792CA562B11EBBD0CE21CC4F9AE02/6FBFD196C3B811EF82B40031C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.161.151.0/24
Signature Algorithm: sha256WithRSAEncryption
12:1f:bd:77:52:c8:5e:43:2f:c2:da:86:e7:e3:fe:d2:3c:22:
41:82:47:09:78:da:37:4d:ad:69:3d:f6:7d:47:4f:78:20:d2:
29:ed:ac:9f:88:45:0a:25:88:4e:b5:d0:17:99:73:c9:4a:56:
34:4f:cb:70:1f:98:66:1e:53:04:da:de:fb:77:cc:5f:db:55:
7f:5f:2a:30:55:d8:e3:03:bc:91:97:fa:d2:a5:fd:74:c8:8e:
04:af:94:85:0d:d9:d3:ab:c6:89:88:f2:bb:ef:56:72:db:c4:
f0:58:d9:9b:b0:26:48:e1:06:82:ba:16:72:b6:74:7e:2d:f6:
01:4c:b0:00:bd:d2:42:73:02:f4:5c:ec:48:bd:7c:46:bf:62:
8e:a9:0b:f2:3f:be:b2:1b:3f:92:22:ce:75:0c:ec:67:a6:4b:
d0:1d:1d:a2:24:02:f4:10:45:f7:3b:45:c5:9e:99:7e:42:6e:
a1:a2:0d:62:b4:de:ac:ff:33:75:b3:45:37:e0:26:26:05:e3:
db:90:82:e8:83:96:4e:9e:59:5e:dc:73:bf:55:ce:a3:03:ca:
05:f0:71:ec:87:eb:fb:a7:d4:ad:43:d7:a6:eb:bb:3d:e6:2a:
04:10:12:9a:39:11:b2:9a:35:bd:52:96:ef:18:13:62:11:48:
33:4a:75:1b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBrgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QThBODUxMTAvBgNVBAUTKDJFQUY2MDA5NTMzNEU3RjBCQUEwNjVBOTJGNjUzRjVD
NzQ0ODk1QzIwHhcNMjUwMjIwMjMzMTQyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I3YmI1ZS1jMmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyUHzfmc+tw2bULvY5jKZ62R29XawFIn51L5r9UVxAoRuv/ZaN2Oaq6HkJDaa
uIdzvEHTSGpqPYRWpUOHIb7CnX4XkRCDFG+N9+ZuOmF0S+jSOPIiR0C9qioSBZWT
j/MviTqfCrUr3bWW3if+tIFX1oVdMiEP0f9zp9qie82lryytihdzOV0SeD100/iT
OMDhtcOTjBygtGU/7LW6xS+k/6kBFm6qVAeBn6w3mp/Olcwx9OHhxOoltqaVxCtK
TI4NvZYtrnZuDF9A+rgGkY3YRC5R9TGRmGsdAxJ5RSyKtolrh/vApGhJOkjH+nrU
g1XfN862UYh/NMTf8QOgw4RLOQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAbuOP5c
NFFKJOLn29OdMTCVzS5dMB8GA1UdIwQYMBaAFC6vYAlTNOfwuqBlqS9lP1x0SJXC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOEE4NS81NzM3OTJDQTU2
MkIxMUVCQkQwQ0UyMUNDNEY5QUUwMi9McTlnQ1ZNMDVfQzZvR1dwTDJVX1hIUkls
Y0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xxOWdDVk0wNV9DNm9HV3BMMlVfWEhSSWxjSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QThBODUvNTczNzkyQ0E1NjJCMTFFQkJEMENFMjFDQzRGOUFFMDIvNkZCRkQxOTZD
M0I4MTFFRjgyQjQwMDMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnoZcwDQYJKoZIhvcNAQELBQADggEBABIfvXdSyF5DL8La
hufj/tI8IkGCRwl42jdNrWk99n1HT3gg0intrJ+IRQoliE610BeZc8lKVjRPy3Af
mGYeUwTa3vt3zF/bVX9fKjBV2OMDvJGX+tKl/XTIjgSvlIUN2dOrxomI8rvvVnLb
xPBY2ZuwJkjhBoK6FnK2dH4t9gFMsAC90kJzAvRc7Ei9fEa/Yo6pC/I/vrIbP5Ii
znUM7GemS9AdHaIkAvQQRfc7RcWemX5CbqGiDWK03qz/M3WzRTfgJiYF49uQguiD
lk6eWV7cc79VzqMDygXwceyH6/un1K1D16bruz3mKgQQEpo5EbKaNb1Slu8YE2IR
SDNKdRs=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:17:24 2025 by rpki-client