Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/861BB654B97111EFADA5A07CC4F9AE02.roa
File: 861BB654B97111EFADA5A07CC4F9AE02.roa (raw, json)
Hash identifier: y7A+SjEccRL+KwAjRfv18eGxFzquaYM5CCv9jh/q2D4=
Subject key identifier: AC:D8:6C:17:94:F9:BD:76:5F:8F:40:50:BF:6F:04:DB:94:16:54:57
Certificate issuer: /CN=A91B5073/serialNumber=17817CB8289231B4707E9D5B406D58AFF79D1E01
Certificate serial: 0874
Authority key identifier: 17:81:7C:B8:28:92:31:B4:70:7E:9D:5B:40:6D:58:AF:F7:9D:1E:01
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F4F8uCiSMbRwfp1bQG1Yr_edHgE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/861BB654B97111EFADA5A07CC4F9AE02.roa
Signing time: Mon 23 Dec 2024 09:52:39 +0000
ROA not before: Mon 23 Dec 2024 09:52:39 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 138619
IP address blocks: 103.134.200.0/24 maxlen: 24
103.134.202.0/24 maxlen: 24
2404:6ac0::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2164 (0x874)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5073
Validity
Not Before: Dec 23 09:52:39 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=676932e7-1e7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fc:39:64:87:5c:ab:63:6d:f4:52:4b:e0:bb:
4c:2b:2b:b3:43:66:33:ec:57:7e:b7:63:67:4b:ec:
81:e9:68:b1:8e:40:f2:4d:46:e0:09:8d:2e:fa:df:
6f:27:60:94:25:c7:36:6a:b6:82:37:9e:21:7a:15:
ae:79:60:e7:89:00:6a:a8:20:6b:6e:aa:25:f9:20:
b8:ea:d6:83:89:5a:57:34:75:0a:56:75:b3:d3:bb:
b7:4b:10:5e:0c:42:02:08:41:a7:34:fa:20:dc:52:
cb:0c:4f:6f:bf:c3:2c:fb:cf:eb:da:3c:0b:19:26:
fc:6d:2d:2d:93:75:13:18:62:4f:9d:de:23:bf:d9:
5c:5b:41:3d:53:8f:92:e4:b3:72:fa:18:ea:d0:dc:
f4:a6:51:8e:36:95:54:e5:35:0d:e4:99:24:a6:60:
cf:94:84:f5:74:f3:b8:c9:e7:e2:b0:fa:e9:f3:04:
0a:5f:8d:e7:cf:08:93:a1:05:fd:09:0b:10:ca:f0:
68:87:6e:c2:59:d3:e9:7d:e8:2b:be:5f:55:d5:97:
d8:63:34:84:bb:08:ac:a6:07:e5:d6:b6:90:ef:c2:
88:e5:a2:c1:ac:8e:db:53:19:12:32:bb:99:36:52:
35:12:25:48:7c:42:67:cb:7a:60:63:67:5f:dc:e9:
33:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D8:6C:17:94:F9:BD:76:5F:8F:40:50:BF:6F:04:DB:94:16:54:57
X509v3 Authority Key Identifier:
keyid:17:81:7C:B8:28:92:31:B4:70:7E:9D:5B:40:6D:58:AF:F7:9D:1E:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/F4F8uCiSMbRwfp1bQG1Yr_edHgE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F4F8uCiSMbRwfp1bQG1Yr_edHgE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/861BB654B97111EFADA5A07CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.200.0/24
103.134.202.0/24
IPv6:
2404:6ac0::/32
Signature Algorithm: sha256WithRSAEncryption
63:ef:11:0e:e1:1a:a5:91:5b:c4:45:38:37:6b:a8:83:1a:97:
1e:6d:c8:7e:ac:49:9a:cb:f9:46:a0:fe:d1:bb:ba:b3:56:d7:
c5:6a:f0:04:10:31:b9:9a:25:15:9f:77:9a:9e:19:b5:db:6d:
25:aa:53:22:a6:80:13:62:df:89:62:a5:6e:a3:a6:4e:77:0c:
08:a7:4e:3c:54:a1:cb:de:02:07:6d:cd:dc:ff:2c:36:bc:e4:
04:8e:91:85:c9:e7:4c:39:b4:9a:9d:5a:36:25:6e:ef:27:69:
88:81:6e:af:9e:71:84:76:fc:40:78:31:a9:44:57:49:9a:25:
d4:5d:bf:7f:30:36:38:e9:14:99:8e:6d:83:57:df:30:f0:03:
eb:52:9f:9c:6f:85:25:96:6e:0b:74:1e:14:0b:e4:b7:42:b6:
03:fd:f9:de:b9:0d:08:7b:8c:ef:43:22:91:37:66:3e:e9:75:
10:a4:0d:b9:14:20:5b:ae:5b:4e:c5:35:e8:db:4e:27:02:dd:
9a:14:00:92:5a:84:a1:03:e9:32:c0:d1:d9:ab:91:dd:eb:db:
12:c7:c7:ce:c2:6d:f0:88:db:e9:d1:e7:17:41:a1:9e:4d:28:
30:b6:65:0f:bf:52:3d:6a:d7:6b:9d:e4:bf:e4:77:f7:37:80:
84:31:d2:59
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCHQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjUwNzMxMTAvBgNVBAUTKDE3ODE3Q0I4Mjg5MjMxQjQ3MDdFOUQ1QjQwNkQ1OEFG
Rjc5RDFFMDEwHhcNMjQxMjIzMDk1MjM5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY5MzJlNy0xZTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnvw5ZIdcq2Nt9FJL4LtMKyuzQ2Yz7Fd+t2NnS+yB6WixjkDyTUbgCY0u+t9v
J2CUJcc2araCN54hehWueWDniQBqqCBrbqol+SC46taDiVpXNHUKVnWz07u3SxBe
DEICCEGnNPog3FLLDE9vv8Ms+8/r2jwLGSb8bS0tk3UTGGJPnd4jv9lcW0E9U4+S
5LNy+hjq0Nz0plGONpVU5TUN5JkkpmDPlIT1dPO4yefisPrp8wQKX43nzwiToQX9
CQsQyvBoh27CWdPpfegrvl9V1ZfYYzSEuwispgfl1raQ78KI5aLBrI7bUxkSMruZ
NlI1EiVIfEJny3pgY2df3Okz+wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKzYbBeU
+b12X49AUL9vBNuUFlRXMB8GA1UdIwQYMBaAFBeBfLgokjG0cH6dW0BtWK/3nR4B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTA3My80M0YxNjI2NDMz
OTUxMUU5QkZCMUMyMUFDNEY5QUUwMi9GNEY4dUNpU01iUndmcDFiUUcxWXJfZWRI
Z0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Y0Rjh1Q2lTTWJSd2ZwMWJRRzFZcl9lZEhnRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjUwNzMvNDNGMTYyNjQzMzk1MTFFOUJGQjFDMjFBQzRGOUFFMDIvODYxQkI2NTRC
OTcxMTFFRkFEQTVBMDdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABnhsgDBABnhsowDQQCAAIwBwMFACQEasAwDQYJKoZIhvcN
AQELBQADggEBAGPvEQ7hGqWRW8RFODdrqIMalx5tyH6sSZrL+Uag/tG7urNW18Vq
8AQQMbmaJRWfd5qeGbXbbSWqUyKmgBNi34lipW6jpk53DAinTjxUocveAgdtzdz/
LDa85ASOkYXJ50w5tJqdWjYlbu8naYiBbq+ecYR2/EB4MalEV0maJdRdv38wNjjp
FJmObYNX3zDwA+tSn5xvhSWWbgt0HhQL5LdCtgP9+d65DQh7jO9DIpE3Zj7pdRCk
DbkUIFuuW07FNejbTicC3ZoUAJJahKED6TLA0dmrkd3r2xLHx87CbfCI2+nR5xdB
oZ5NKDC2ZQ+/Uj1q12ud5L/kd/c3gIQx0lk=
-----END CERTIFICATE-----
Generated at Sat Apr 12 10:38:51 2025 by rpki-client