Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B8D33/59626710477711EEA6BD537EC4F9AE02/E62F8796D1BD11EFBCCC0B68C4F9AE02.roa
File: E62F8796D1BD11EFBCCC0B68C4F9AE02.roa (raw, json)
Hash identifier: fNs1z1deex6fcIdqMxez0n/drhicpYWMQnLuUAo17fo=
Subject key identifier: 52:18:2B:37:03:AA:16:2C:C5:83:02:B5:CF:EC:AA:2E:26:6F:61:69
Certificate issuer: /CN=A91B8D33/serialNumber=08D68CF4500745375FF2CC584BA5FBE577BEE33F
Certificate serial: 0112
Authority key identifier: 08:D6:8C:F4:50:07:45:37:5F:F2:CC:58:4B:A5:FB:E5:77:BE:E3:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CNaM9FAHRTdf8sxYS6X75Xe-4z8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B8D33/59626710477711EEA6BD537EC4F9AE02/E62F8796D1BD11EFBCCC0B68C4F9AE02.roa
Signing time: Mon 13 Jan 2025 15:12:56 +0000
ROA not before: Mon 13 Jan 2025 15:12:56 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 397994
IP address blocks: 103.157.147.0/24 maxlen: 24
103.190.70.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 274 (0x112)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B8D33
Validity
Not Before: Jan 13 15:12:56 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67852d78-9ac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:91:e7:7a:25:78:96:07:6a:17:00:f7:e0:2f:
23:40:c5:e1:83:04:07:48:12:d2:cd:8f:f0:f7:b7:
03:d6:b8:8e:0e:0b:1b:12:17:10:4e:31:91:3f:69:
70:e3:2f:90:35:32:ba:2a:82:73:ee:0d:dc:6f:ae:
5e:61:6c:57:8e:76:81:c3:6d:3b:b7:41:36:8b:42:
ca:68:a0:64:aa:69:09:cc:76:86:29:f2:98:14:2b:
56:b4:e7:e6:e2:9f:a0:ba:69:c3:6e:1e:7d:99:ae:
75:11:98:32:ce:db:b1:2f:0f:de:b1:14:26:0e:df:
56:fd:2b:06:b8:e2:0f:87:47:64:86:69:eb:12:76:
26:6b:b1:6d:a1:dd:a2:88:1e:7a:d3:fe:25:ac:cd:
a8:9d:7f:28:e8:dd:4d:da:37:a7:6f:3d:f7:90:44:
78:0c:c3:65:60:b5:fe:e8:7e:8d:bc:a6:62:eb:50:
ee:d0:03:83:25:d4:b7:f6:88:dc:69:6c:3e:ca:8b:
ad:46:14:1d:96:d1:11:27:fd:d0:7a:86:32:10:78:
d1:fe:33:7b:2e:89:2e:27:76:ba:b6:18:cf:8a:18:
6e:9f:98:7f:71:3a:78:54:9b:3f:1c:02:6c:bc:28:
ae:65:52:61:aa:77:c4:f7:ed:34:8a:76:3b:7e:76:
4e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:18:2B:37:03:AA:16:2C:C5:83:02:B5:CF:EC:AA:2E:26:6F:61:69
X509v3 Authority Key Identifier:
keyid:08:D6:8C:F4:50:07:45:37:5F:F2:CC:58:4B:A5:FB:E5:77:BE:E3:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B8D33/59626710477711EEA6BD537EC4F9AE02/CNaM9FAHRTdf8sxYS6X75Xe-4z8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CNaM9FAHRTdf8sxYS6X75Xe-4z8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B8D33/59626710477711EEA6BD537EC4F9AE02/E62F8796D1BD11EFBCCC0B68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.147.0/24
103.190.70.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:ec:a2:87:74:e9:a8:9f:70:04:d0:74:03:80:89:52:01:38:
9e:e5:e5:7c:58:1e:f7:1f:c5:3e:35:de:a9:9d:9e:c5:1f:75:
ad:86:43:52:f8:5d:9f:2d:a9:0b:f0:ad:46:68:c5:16:06:3a:
60:bb:d3:80:1b:2d:a6:90:b2:22:88:b0:7d:5d:49:e3:3b:b4:
ed:c5:f3:08:ec:0f:75:ce:60:43:ce:54:1a:74:a8:22:3a:e2:
7c:34:85:72:3d:f8:79:ec:e5:1c:08:ce:5b:fd:aa:94:2f:7e:
2a:fb:46:e2:64:da:ed:64:c0:dd:73:73:9d:9d:6b:b7:de:ba:
63:82:4d:87:f7:c7:3e:82:b9:49:5a:b7:61:45:3f:a4:d3:1a:
c8:6f:45:df:aa:a3:73:26:0b:39:7f:f2:51:d6:f1:e3:40:90:
49:f0:d5:8c:98:8c:d3:71:b6:1e:35:b1:79:9e:db:60:0f:7f:
3f:f6:d9:4e:aa:b5:8a:4b:cd:73:bb:74:ba:ed:52:3d:97:31:
1c:a9:7f:c1:68:17:70:00:27:73:d4:2f:ed:3a:79:23:6f:2e:
f8:24:7f:9b:77:ee:16:87:8b:1b:62:78:82:84:8f:94:fe:54:
27:e1:f6:ba:5e:89:43:5d:d8:d0:6d:4a:1d:2f:d7:e9:82:a3:
f3:2f:28:58
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICARIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjhEMzMxMTAvBgNVBAUTKDA4RDY4Q0Y0NTAwNzQ1Mzc1RkYyQ0M1ODRCQTVGQkU1
NzdCRUUzM0YwHhcNMjUwMTEzMTUxMjU2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg1MmQ3OC05YWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA35HneiV4lgdqFwD34C8jQMXhgwQHSBLSzY/w97cD1riODgsbEhcQTjGRP2lw
4y+QNTK6KoJz7g3cb65eYWxXjnaBw207t0E2i0LKaKBkqmkJzHaGKfKYFCtWtOfm
4p+gumnDbh59ma51EZgyztuxLw/esRQmDt9W/SsGuOIPh0dkhmnrEnYma7Ftod2i
iB560/4lrM2onX8o6N1N2jenbz33kER4DMNlYLX+6H6NvKZi61Du0AODJdS39ojc
aWw+youtRhQdltERJ/3QeoYyEHjR/jN7LokuJ3a6thjPihhun5h/cTp4VJs/HAJs
vCiuZVJhqnfE9+00inY7fnZOtQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFIYKzcD
qhYsxYMCtc/sqi4mb2FpMB8GA1UdIwQYMBaAFAjWjPRQB0U3X/LMWEul++V3vuM/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOEQzMy81OTYyNjcxMDQ3
NzcxMUVFQTZCRDUzN0VDNEY5QUUwMi9DTmFNOUZBSFJUZGY4c3hZUzZYNzVYZS00
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NOYU05RkFIUlRkZjhzeFlTNlg3NVhlLTR6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjhEMzMvNTk2MjY3MTA0Nzc3MTFFRUE2QkQ1MzdFQzRGOUFFMDIvRTYyRjg3OTZE
MUJEMTFFRkJDQ0MwQjY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnnZMDBABnvkYwDQYJKoZIhvcNAQELBQADggEBAKzsood0
6aifcATQdAOAiVIBOJ7l5XxYHvcfxT413qmdnsUfda2GQ1L4XZ8tqQvwrUZoxRYG
OmC704AbLaaQsiKIsH1dSeM7tO3F8wjsD3XOYEPOVBp0qCI64nw0hXI9+Hns5RwI
zlv9qpQvfir7RuJk2u1kwN1zc52da7feumOCTYf3xz6CuUlat2FFP6TTGshvRd+q
o3MmCzl/8lHW8eNAkEnw1YyYjNNxth41sXme22APfz/22U6qtYpLzXO7dLrtUj2X
MRypf8FoF3AAJ3PUL+06eSNvLvgkf5t37haHixtieIKEj5T+VCfh9rpeiUNd2NBt
Sh0v1+mCo/MvKFg=
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:29:06 2025 by rpki-client