Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/0D3FD180C85211EF847F7F40C4F9AE02.roa
File: 0D3FD180C85211EF847F7F40C4F9AE02.roa (raw, json)
Hash identifier: HyU6jzW2jNHEwhSY5tgkE4VyuV1PbOMpbj114sw2J0Y=
Subject key identifier: C9:44:42:90:7E:98:5B:4B:7A:4B:84:19:0D:3C:EF:5A:DA:13:E7:37
Certificate issuer: /CN=A91B74E8/serialNumber=6C080A2BA7DAAC95D4D93488A900151AE3A59DF8
Certificate serial: 0460
Authority key identifier: 6C:08:0A:2B:A7:DA:AC:95:D4:D9:34:88:A9:00:15:1A:E3:A5:9D:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bAgKK6farJXU2TSIqQAVGuOlnfg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/0D3FD180C85211EF847F7F40C4F9AE02.roa
Signing time: Wed 01 Jan 2025 15:07:01 +0000
ROA not before: Wed 01 Jan 2025 15:07:01 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 137967
IP address blocks: 103.176.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1120 (0x460)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B74E8
Validity
Not Before: Jan 1 15:07:01 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67755a14-be6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:35:ef:77:f8:86:03:fa:c2:6d:07:5b:55:07:
0b:0a:75:53:23:96:dc:3c:e1:61:1c:ee:82:d8:a2:
f7:c3:e9:56:82:6d:5b:41:5c:4a:2e:0c:ac:8b:02:
06:c3:ba:33:5d:d0:34:b2:3e:f2:d3:1f:1a:d4:37:
55:d7:d4:13:27:66:aa:27:13:bb:bf:90:92:0c:24:
6e:f4:35:12:ca:0b:ac:01:48:39:d0:e6:62:9d:ca:
50:0f:3a:68:c2:f4:43:1c:3d:cf:a7:44:84:f7:6f:
d6:27:a5:7a:87:52:c5:f1:f6:88:25:13:3c:4d:ff:
0c:3e:52:3d:c4:97:82:74:81:c5:50:e6:11:f8:94:
30:70:7b:ad:0c:aa:fb:9c:7a:fd:e6:8e:2a:1b:95:
2a:dc:a7:5c:ba:44:aa:6e:c6:bb:a6:4b:31:48:59:
29:76:86:ba:06:37:9a:ce:bf:18:d6:6f:2f:73:ed:
a9:40:b9:c0:f7:1c:93:e3:c8:ad:3a:f5:3e:5c:9f:
ed:87:22:7d:3a:f8:9e:05:2f:fb:77:c9:62:ee:70:
76:40:f7:5f:1d:b5:74:29:16:ec:ea:9f:cb:32:91:
ec:6d:0b:c6:3c:da:39:b9:f8:83:08:98:b3:a5:70:
31:ff:fd:7d:ae:25:76:16:58:e6:bb:00:ea:7e:d8:
74:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:44:42:90:7E:98:5B:4B:7A:4B:84:19:0D:3C:EF:5A:DA:13:E7:37
X509v3 Authority Key Identifier:
keyid:6C:08:0A:2B:A7:DA:AC:95:D4:D9:34:88:A9:00:15:1A:E3:A5:9D:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/bAgKK6farJXU2TSIqQAVGuOlnfg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bAgKK6farJXU2TSIqQAVGuOlnfg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/0D3FD180C85211EF847F7F40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.3.0/24
Signature Algorithm: sha256WithRSAEncryption
87:77:18:53:a1:aa:8c:c1:b3:4d:57:d7:26:b1:17:42:92:ef:
d3:dc:91:bd:5f:95:28:f6:86:e8:07:3f:eb:ab:dd:e9:b9:6e:
09:59:48:de:7f:8e:ad:5c:9d:fe:f5:a6:ec:1e:91:12:41:0a:
ca:14:30:31:1d:65:71:08:77:05:2f:69:0d:20:a0:d5:1a:ea:
fa:1f:60:e1:8b:f7:b3:4a:fe:46:cb:43:61:93:23:2a:e7:6d:
c5:ce:11:a0:0b:24:2d:22:58:88:08:36:13:8c:3f:c3:3e:3f:
9b:8c:a6:30:9d:c7:e2:d9:55:d4:8b:28:b4:92:91:cc:e5:61:
24:25:19:f5:1e:e7:28:04:2c:89:3b:01:4c:10:8d:e7:6a:c7:
b9:25:bf:60:65:6c:8f:34:2b:86:b8:71:73:ac:2a:60:2f:a6:
9e:ef:fa:81:dc:30:48:09:f0:4b:64:65:62:37:e1:9b:ca:65:
62:f4:28:4d:94:be:49:13:ee:02:3d:c6:8d:18:87:50:33:4f:
88:6a:40:91:14:37:13:99:d3:dd:90:a7:26:66:be:bd:62:74:
a7:ef:a0:2c:12:8c:98:c5:a5:71:6c:d5:f8:74:c7:66:b7:04:
97:b8:04:4d:0e:b1:a5:45:bb:38:6f:b3:cf:81:bb:7c:1d:2a:
72:b0:bb:07
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBGAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjc0RTgxMTAvBgNVBAUTKDZDMDgwQTJCQTdEQUFDOTVENEQ5MzQ4OEE5MDAxNTFB
RTNBNTlERjgwHhcNMjUwMTAxMTUwNzAxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc1NWExNC1iZTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2DXvd/iGA/rCbQdbVQcLCnVTI5bcPOFhHO6C2KL3w+lWgm1bQVxKLgysiwIG
w7ozXdA0sj7y0x8a1DdV19QTJ2aqJxO7v5CSDCRu9DUSygusAUg50OZincpQDzpo
wvRDHD3Pp0SE92/WJ6V6h1LF8faIJRM8Tf8MPlI9xJeCdIHFUOYR+JQwcHutDKr7
nHr95o4qG5Uq3KdcukSqbsa7pksxSFkpdoa6Bjeazr8Y1m8vc+2pQLnA9xyT48it
OvU+XJ/thyJ9OvieBS/7d8li7nB2QPdfHbV0KRbs6p/LMpHsbQvGPNo5ufiDCJiz
pXAx//19riV2FljmuwDqfth0SwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMlEQpB+
mFtLekuEGQ0871raE+c3MB8GA1UdIwQYMBaAFGwICiun2qyV1Nk0iKkAFRrjpZ34
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzRFOC80N0Y2MjAxMjQz
RUExMUVDODRBQjYzNDdDNEY5QUUwMi9iQWdLSzZmYXJKWFUyVFNJcVFBVkd1T2xu
ZmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JBZ0tLNmZhckpYVTJUU0lxUUFWR3VPbG5mZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc0RTgvNDdGNjIwMTI0M0VBMTFFQzg0QUI2MzQ3QzRGOUFFMDIvMEQzRkQxODBD
ODUyMTFFRjg0N0Y3RjQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnsAMwDQYJKoZIhvcNAQELBQADggEBAId3GFOhqozBs01X
1yaxF0KS79Pckb1flSj2hugHP+ur3em5bglZSN5/jq1cnf71puwekRJBCsoUMDEd
ZXEIdwUvaQ0goNUa6vofYOGL97NK/kbLQ2GTIyrnbcXOEaALJC0iWIgINhOMP8M+
P5uMpjCdx+LZVdSLKLSSkczlYSQlGfUe5ygELIk7AUwQjedqx7klv2BlbI80K4a4
cXOsKmAvpp7v+oHcMEgJ8EtkZWI34ZvKZWL0KE2UvkkT7gI9xo0Yh1AzT4hqQJEU
NxOZ092QpyZmvr1idKfvoCwSjJjFpXFs1fh0x2a3BJe4BE0OsaVFuzhvs8+Bu3wd
KnKwuwc=
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:20:18 2025 by rpki-client