Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC726/9C4F530A38AF11EB8913DE41C4F9AE02/A8D1E0DE688811ECBE2C4F49C4F9AE02.roa
File: A8D1E0DE688811ECBE2C4F49C4F9AE02.roa (raw, json)
Hash identifier: kx9nS8Hy/44UXC7d2ifVO4Goy7FXc+e33XmugE3Qfuc=
Subject key identifier: 6E:69:9D:02:60:50:2F:1D:BF:5F:7D:1F:B0:D1:C8:4F:04:E3:94:07
Certificate issuer: /CN=A91AC726/serialNumber=4D847523E5BDD9E3B8969828A04BFEDA2B0C031B
Certificate serial: 0702
Authority key identifier: 4D:84:75:23:E5:BD:D9:E3:B8:96:98:28:A0:4B:FE:DA:2B:0C:03:1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TYR1I-W92eO4lpgooEv-2isMAxs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AC726/9C4F530A38AF11EB8913DE41C4F9AE02/A8D1E0DE688811ECBE2C4F49C4F9AE02.roa
Signing time: Wed 12 Feb 2025 23:00:57 +0000
ROA not before: Wed 12 Feb 2025 23:00:57 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 9498
IP address blocks: 103.159.192.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1794 (0x702)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AC726
Validity
Not Before: Feb 12 23:00:57 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67ad2828-99af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:06:00:68:8f:d9:85:99:ee:f1:70:69:db:b6:
63:dc:07:f6:e4:7a:95:65:b1:9d:23:74:dc:b0:2c:
42:d3:80:35:93:04:3c:08:2f:bd:37:01:e1:20:40:
52:f6:e3:3d:c4:50:0c:cd:67:ad:08:91:dd:db:8f:
56:13:89:2f:a9:26:f0:4d:e4:7d:d7:e8:b5:9d:f9:
ac:28:cf:c2:43:d9:af:66:69:2a:e3:42:21:7c:b1:
70:eb:61:3b:5e:87:3e:d9:f1:0e:f2:56:ee:91:2f:
8c:7a:89:a0:b2:c1:49:04:49:61:9b:44:04:bb:65:
c7:50:05:f0:42:4f:a1:cf:66:d4:3a:2a:ca:55:fc:
74:c2:32:f2:c1:8f:0a:0c:5b:35:fc:61:e3:42:dd:
02:e7:d6:6f:b6:a1:b9:45:8c:c0:a8:ba:5c:a3:98:
64:86:26:e0:63:3f:e2:22:f2:22:b3:bf:5a:49:05:
5e:f9:f1:3e:4d:a0:f6:b6:16:4f:ce:ec:17:cd:ee:
22:39:b4:30:69:6e:fe:28:93:f5:4e:7e:ff:70:52:
37:3e:5b:32:ec:7f:58:56:c9:c4:29:2c:f6:c2:5a:
98:d9:7f:69:bd:38:52:8f:f8:9b:07:d8:06:99:c6:
55:52:56:b5:ec:09:5f:eb:67:53:a6:96:37:54:3e:
e7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:69:9D:02:60:50:2F:1D:BF:5F:7D:1F:B0:D1:C8:4F:04:E3:94:07
X509v3 Authority Key Identifier:
keyid:4D:84:75:23:E5:BD:D9:E3:B8:96:98:28:A0:4B:FE:DA:2B:0C:03:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AC726/9C4F530A38AF11EB8913DE41C4F9AE02/TYR1I-W92eO4lpgooEv-2isMAxs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TYR1I-W92eO4lpgooEv-2isMAxs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC726/9C4F530A38AF11EB8913DE41C4F9AE02/A8D1E0DE688811ECBE2C4F49C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.192.0/23
Signature Algorithm: sha256WithRSAEncryption
26:d1:40:30:dc:d3:f7:98:93:e7:93:96:02:58:e3:4e:47:db:
2a:d6:e1:a6:a4:2a:fe:58:4c:66:13:a8:7a:42:08:a1:07:ad:
f5:56:4c:67:db:53:12:5d:ee:1f:c4:5c:78:d5:6b:73:f1:58:
83:bf:17:8a:0d:78:47:a3:bd:6c:35:a0:d1:33:19:b8:d9:2e:
2f:7e:34:35:90:e6:aa:61:84:a5:a1:ec:a2:3d:22:a6:13:6d:
33:0f:75:b0:ac:62:cc:63:ea:fd:57:12:b7:06:28:fa:1c:91:
c2:a1:e0:45:69:2a:1e:66:05:24:f1:a8:2a:d9:88:ba:71:76:
1f:71:73:91:b7:88:1d:ff:d0:85:34:05:da:77:72:4f:de:ca:
98:0b:75:72:92:f1:7c:1b:c0:99:c5:5d:e7:a9:d7:bd:f2:d9:
d1:58:66:54:ee:05:29:bd:ee:91:a7:72:34:dd:b3:c2:0f:a9:
35:5f:9c:99:84:2d:3a:0e:be:fe:7c:c0:63:4e:ea:c7:40:3e:
6f:4d:81:1c:44:0e:17:84:8b:32:70:ce:ff:54:fe:45:57:9a:
22:4f:31:3c:77:23:49:d5:5f:d9:98:0f:ab:68:c1:98:aa:24:
b6:80:98:11:14:41:a2:d4:53:ed:83:e8:ba:f5:5d:16:02:3b:
2c:26:2f:c4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBwIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUM3MjYxMTAvBgNVBAUTKDREODQ3NTIzRTVCREQ5RTNCODk2OTgyOEEwNEJGRURB
MkIwQzAzMUIwHhcNMjUwMjEyMjMwMDU3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FkMjgyOC05OWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArwYAaI/ZhZnu8XBp27Zj3Af25HqVZbGdI3TcsCxC04A1kwQ8CC+9NwHhIEBS
9uM9xFAMzWetCJHd249WE4kvqSbwTeR91+i1nfmsKM/CQ9mvZmkq40IhfLFw62E7
Xoc+2fEO8lbukS+MeomgssFJBElhm0QEu2XHUAXwQk+hz2bUOirKVfx0wjLywY8K
DFs1/GHjQt0C59ZvtqG5RYzAqLpco5hkhibgYz/iIvIis79aSQVe+fE+TaD2thZP
zuwXze4iObQwaW7+KJP1Tn7/cFI3Plsy7H9YVsnEKSz2wlqY2X9pvThSj/ibB9gG
mcZVUla17Alf62dTppY3VD7nCQIDAQABo4IClTCCApEwHQYDVR0OBBYEFG5pnQJg
UC8dv199H7DRyE8E45QHMB8GA1UdIwQYMBaAFE2EdSPlvdnjuJaYKKBL/torDAMb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQzcyNi85QzRGNTMwQTM4
QUYxMUVCODkxM0RFNDFDNEY5QUUwMi9UWVIxSS1XOTJlTzRscGdvb0V2LTJpc01B
eHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RZUjFJLVc5MmVPNGxwZ29vRXYtMmlzTUF4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUM3MjYvOUM0RjUzMEEzOEFGMTFFQjg5MTNERTQxQzRGOUFFMDIvQThEMUUwREU2
ODg4MTFFQ0JFMkM0RjQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnn8AwDQYJKoZIhvcNAQELBQADggEBACbRQDDc0/eYk+eT
lgJY405H2yrW4aakKv5YTGYTqHpCCKEHrfVWTGfbUxJd7h/EXHjVa3PxWIO/F4oN
eEejvWw1oNEzGbjZLi9+NDWQ5qphhKWh7KI9IqYTbTMPdbCsYsxj6v1XErcGKPoc
kcKh4EVpKh5mBSTxqCrZiLpxdh9xc5G3iB3/0IU0Bdp3ck/eypgLdXKS8XwbwJnF
Xeep173y2dFYZlTuBSm97pGncjTds8IPqTVfnJmELToOvv58wGNO6sdAPm9NgRxE
DheEizJwzv9U/kVXmiJPMTx3I0nVX9mYD6towZiqJLaAmBEUQaLUU+2D6Lr1XRYC
OywmL8Q=
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:02:53 2025 by rpki-client