Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/A5980E1A08C711F0A36DEF53C4F9AE02.roa
File: A5980E1A08C711F0A36DEF53C4F9AE02.roa (raw, json)
Hash identifier: LEXFRzUj++AYS1bZVpScJtjHFnh8GD6doBgoF1ckC8A=
Subject key identifier: 93:B6:96:7C:86:37:72:65:8B:21:C5:5C:78:F4:2B:99:36:03:2C:E9
Certificate issuer: /CN=A91B98F0/serialNumber=9ED2E1A2405C99EE75E7C3903DF7240CAAABFB25
Certificate serial: 0A4E
Authority key identifier: 9E:D2:E1:A2:40:5C:99:EE:75:E7:C3:90:3D:F7:24:0C:AA:AB:FB:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntLhokBcme5158OQPfckDKqr-yU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/A5980E1A08C711F0A36DEF53C4F9AE02.roa
Signing time: Mon 24 Mar 2025 15:50:02 +0000
ROA not before: Mon 24 Mar 2025 15:50:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151193
IP address blocks: 103.149.144.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2638 (0xa4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B98F0
Validity
Not Before: Mar 24 15:50:02 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67e17f2a-c859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:63:da:32:11:ce:92:4f:c4:38:9f:50:ec:b0:
19:9f:85:f7:5c:f0:87:27:a7:3f:a2:1b:59:18:3f:
ba:f6:85:a5:70:e9:58:f9:4d:96:b3:b6:14:de:18:
1c:e5:69:78:f0:c6:82:0a:eb:e9:9d:08:6b:6e:da:
ca:6f:0e:ac:2a:48:72:95:4f:2c:9a:b5:1a:a1:26:
e9:ba:59:b7:32:4b:2c:2c:9f:27:42:d1:49:67:bf:
17:47:3c:0c:a0:99:d3:67:15:68:23:f3:47:03:30:
89:db:a8:6a:4f:4f:af:bf:4b:d7:74:ae:49:c8:24:
f3:88:6a:05:ac:4a:00:59:03:b4:1c:6f:11:5d:83:
b0:5c:95:62:cf:64:bd:fc:e8:bb:71:d9:48:85:4f:
61:ab:17:53:a8:be:4f:49:3b:57:d0:8d:29:39:36:
20:ba:da:25:cb:29:93:aa:a1:ee:b1:e6:c9:c3:03:
7d:15:6a:dd:f2:64:4e:64:2e:37:8e:f6:72:ac:bb:
e5:ce:7d:a1:15:1f:58:c7:d7:8e:46:12:3d:5e:a6:
77:a3:4d:39:17:a4:c8:de:18:a8:f5:92:ff:b3:9f:
d5:36:ff:89:76:51:69:d4:74:b7:1b:07:a8:9d:b9:
7b:18:28:97:c4:3f:79:c0:d2:56:85:3c:01:d5:3f:
b4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B6:96:7C:86:37:72:65:8B:21:C5:5C:78:F4:2B:99:36:03:2C:E9
X509v3 Authority Key Identifier:
keyid:9E:D2:E1:A2:40:5C:99:EE:75:E7:C3:90:3D:F7:24:0C:AA:AB:FB:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/ntLhokBcme5158OQPfckDKqr-yU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntLhokBcme5158OQPfckDKqr-yU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/A5980E1A08C711F0A36DEF53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.144.0/24
Signature Algorithm: sha256WithRSAEncryption
01:7a:6b:ef:57:6a:84:b7:0b:57:dd:8f:ab:e7:cf:73:e6:9e:
97:0a:1c:8a:00:a9:5a:ad:7d:ab:be:54:e2:20:0d:4e:f9:d5:
45:bf:bf:cf:57:54:fe:44:b5:2e:27:b3:d1:0f:47:6e:66:3a:
81:e1:c8:3c:44:16:e8:b0:c0:a9:9d:49:27:86:84:38:e8:2b:
36:63:8f:aa:0e:6b:6f:60:5f:ac:97:b3:dc:bf:76:8e:b9:c8:
86:72:33:bd:3b:4d:cc:87:9a:52:57:6b:bc:f7:91:ac:4a:f9:
42:37:46:1e:42:13:f0:66:ec:fb:e8:20:46:30:05:25:59:8c:
2f:ca:4e:52:d4:0a:75:01:0f:ab:cd:f3:a3:1f:ec:e1:64:af:
18:c5:9f:e8:5a:72:18:ab:ab:60:e2:4c:b1:63:51:33:c9:e3:
75:fa:79:5c:65:b4:c6:fe:d5:9d:0a:09:5b:28:0e:8a:97:b9:
17:0b:0c:a8:47:4f:42:69:2b:05:43:df:99:04:d1:d8:44:6d:
90:0d:fe:08:c6:94:3a:b2:be:c7:6f:e4:2f:c7:2b:75:4d:ba:
c1:37:b7:64:76:15:f5:e7:03:f8:95:4e:28:5f:f9:59:d1:9f:
fb:c1:c7:00:27:67:3d:f0:fd:0c:64:15:df:34:ce:4f:2c:a3:
da:33:75:05
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCk4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjk4RjAxMTAvBgNVBAUTKDlFRDJFMUEyNDA1Qzk5RUU3NUU3QzM5MDNERjcyNDBD
QUFBQkZCMjUwHhcNMjUwMzI0MTU1MDAyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UxN2YyYS1jODU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA/mPaMhHOkk/EOJ9Q7LAZn4X3XPCHJ6c/ohtZGD+69oWlcOlY+U2Ws7YU3hgc
5Wl48MaCCuvpnQhrbtrKbw6sKkhylU8smrUaoSbpulm3MkssLJ8nQtFJZ78XRzwM
oJnTZxVoI/NHAzCJ26hqT0+vv0vXdK5JyCTziGoFrEoAWQO0HG8RXYOwXJViz2S9
/Oi7cdlIhU9hqxdTqL5PSTtX0I0pOTYgutolyymTqqHusebJwwN9FWrd8mROZC43
jvZyrLvlzn2hFR9Yx9eORhI9XqZ3o005F6TI3hio9ZL/s5/VNv+JdlFp1HS3Gweo
nbl7GCiXxD95wNJWhTwB1T+0GwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJO2lnyG
N3JliyHFXHj0K5k2AyzpMB8GA1UdIwQYMBaAFJ7S4aJAXJnudefDkD33JAyqq/sl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOThGMC84QTFBRTFGNDY3
MkMxMUVBODM5M0RGMjVDNEY5QUUwMi9udExob2tCY21lNTE1OE9RUGZja0RLcXIt
eVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250TGhva0JjbWU1MTU4T1FQZmNrREtxci15VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjk4RjAvOEExQUUxRjQ2NzJDMTFFQTgzOTNERjI1QzRGOUFFMDIvQTU5ODBFMUEw
OEM3MTFGMEEzNkRFRjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlZAwDQYJKoZIhvcNAQELBQADggEBAAF6a+9XaoS3C1fd
j6vnz3PmnpcKHIoAqVqtfau+VOIgDU751UW/v89XVP5EtS4ns9EPR25mOoHhyDxE
FuiwwKmdSSeGhDjoKzZjj6oOa29gX6yXs9y/do65yIZyM707TcyHmlJXa7z3kaxK
+UI3Rh5CE/Bm7PvoIEYwBSVZjC/KTlLUCnUBD6vN86Mf7OFkrxjFn+hachirq2Di
TLFjUTPJ43X6eVxltMb+1Z0KCVsoDoqXuRcLDKhHT0JpKwVD35kE0dhEbZAN/gjG
lDqyvsdv5C/HK3VNusE3t2R2FfXnA/iVTihf+VnRn/vBxwAnZz3w/QxkFd80zk8s
o9ozdQU=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:56:55 2025 by rpki-client