Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1FAC/6819BF4205FE11EA8763C243C4F9AE02/86B7FE9005FF11EAB499A845C4F9AE02.roa
File: 86B7FE9005FF11EAB499A845C4F9AE02.roa (raw, json)
Hash identifier: zdVWhh1fLYpRD960eUnMlAOzWPZg7F1+V76js4O1Hfw=
Subject key identifier: E7:5D:B6:5F:CD:F9:D6:AD:56:5C:E6:64:7E:64:DA:1B:E9:B9:DD:0F
Certificate issuer: /CN=A91C1FAC/serialNumber=54D3A955CC341A841815A8CDEA190AEA5102DFCE
Certificate serial: 0BC6
Authority key identifier: 54:D3:A9:55:CC:34:1A:84:18:15:A8:CD:EA:19:0A:EA:51:02:DF:CE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VNOpVcw0GoQYFajN6hkK6lEC384.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1FAC/6819BF4205FE11EA8763C243C4F9AE02/86B7FE9005FF11EAB499A845C4F9AE02.roa
Signing time: Mon 30 Sep 2024 18:57:10 +0000
ROA not before: Mon 30 Sep 2024 18:57:10 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 136901
IP address blocks: 103.98.64.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3014 (0xbc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1FAC
Validity
Not Before: Sep 30 18:57:10 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66faf486-a023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5d:e3:38:36:72:52:19:47:3c:89:be:05:7f:
5b:c9:d3:f1:31:9c:36:be:1b:70:58:92:7f:a5:a6:
0f:38:91:1d:ff:d9:ef:48:de:c9:42:36:63:2f:17:
92:5f:34:63:7a:8e:f2:51:07:19:4f:24:78:e3:90:
2a:1e:6b:1b:fd:e0:6b:f9:37:e7:2d:bc:d9:91:9c:
6f:df:bb:1c:20:0c:86:30:be:11:12:32:9a:be:f1:
3f:7f:5b:ed:4d:b2:27:46:35:d7:fe:53:43:42:cc:
f9:ca:67:b2:88:06:81:c9:8b:6d:d3:f0:c8:c7:c5:
29:88:75:a8:d2:dc:81:dc:21:b8:f8:38:ec:5c:fe:
7a:8a:15:a5:4b:30:be:8f:36:f7:24:e4:3b:06:17:
4a:9e:3d:ff:80:dc:e6:21:aa:a2:f9:14:99:57:84:
bb:fe:a3:12:db:dd:20:b5:d5:b9:01:3f:17:19:ef:
fd:43:b5:6d:08:00:30:d0:74:ee:e0:56:fe:e1:02:
df:f1:66:69:13:33:43:2b:2c:f9:b4:d5:73:68:12:
3c:75:07:b6:2b:54:43:43:59:43:90:7c:40:24:d7:
6c:bb:6f:77:19:de:b2:c9:2f:58:82:39:49:56:9f:
50:3f:92:c4:1a:0f:88:78:3d:41:7e:cf:77:d8:92:
e0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:5D:B6:5F:CD:F9:D6:AD:56:5C:E6:64:7E:64:DA:1B:E9:B9:DD:0F
X509v3 Authority Key Identifier:
keyid:54:D3:A9:55:CC:34:1A:84:18:15:A8:CD:EA:19:0A:EA:51:02:DF:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1FAC/6819BF4205FE11EA8763C243C4F9AE02/VNOpVcw0GoQYFajN6hkK6lEC384.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VNOpVcw0GoQYFajN6hkK6lEC384.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1FAC/6819BF4205FE11EA8763C243C4F9AE02/86B7FE9005FF11EAB499A845C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.98.64.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:c8:f8:2d:27:98:a1:0c:4e:30:27:9d:d4:ea:93:3e:ac:a9:
db:04:21:36:e3:a5:28:23:79:7d:39:41:6a:bd:fc:76:b4:52:
c5:73:8b:91:a3:5e:5a:69:35:59:90:f1:63:5b:18:65:83:9f:
bd:6e:80:7a:bb:19:3d:8d:ee:00:cd:fe:61:87:c8:13:74:0e:
a9:4a:ba:88:18:8a:ce:c7:92:e2:8b:d6:64:6d:cd:a7:42:3e:
bc:cb:b2:68:83:94:80:62:3c:96:72:91:7f:a5:b1:ca:3c:5b:
8a:94:73:a4:96:2f:c5:d1:16:b3:33:c0:d9:82:36:a5:6a:bf:
64:62:d6:94:66:69:ff:0f:9c:47:92:04:49:72:20:a7:4a:a2:
36:ad:e1:01:99:c1:ce:a3:bd:9e:65:a4:11:c0:74:2b:96:de:
61:ee:5d:1f:98:a1:26:14:7f:7f:b0:8f:7a:d3:bb:fd:cc:45:
97:57:10:01:dc:c5:fc:42:0e:14:e7:49:b3:39:8d:dd:68:21:
9d:2e:ad:08:ee:76:70:be:6d:f7:43:aa:b7:83:c9:d9:be:b5:
45:87:e9:d0:49:77:4c:9f:87:31:52:72:42:b6:25:ce:39:e9:
84:7c:18:e5:9d:d7:4e:67:3a:a9:44:74:97:d4:8e:c4:b2:ac:
39:9e:15:5d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC8YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFGQUMxMTAvBgNVBAUTKDU0RDNBOTU1Q0MzNDFBODQxODE1QThDREVBMTkwQUVB
NTEwMkRGQ0UwHhcNMjQwOTMwMTg1NzEwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZhZjQ4Ni1hMDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyV3jODZyUhlHPIm+BX9bydPxMZw2vhtwWJJ/paYPOJEd/9nvSN7JQjZjLxeS
XzRjeo7yUQcZTyR445AqHmsb/eBr+TfnLbzZkZxv37scIAyGML4REjKavvE/f1vt
TbInRjXX/lNDQsz5ymeyiAaByYtt0/DIx8UpiHWo0tyB3CG4+DjsXP56ihWlSzC+
jzb3JOQ7BhdKnj3/gNzmIaqi+RSZV4S7/qMS290gtdW5AT8XGe/9Q7VtCAAw0HTu
4Fb+4QLf8WZpEzNDKyz5tNVzaBI8dQe2K1RDQ1lDkHxAJNdsu293Gd6yyS9YgjlJ
Vp9QP5LEGg+IeD1Bfs932JLgUwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOddtl/N
+datVlzmZH5k2hvpud0PMB8GA1UdIwQYMBaAFFTTqVXMNBqEGBWozeoZCupRAt/O
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUZBQy82ODE5QkY0MjA1
RkUxMUVBODc2M0MyNDNDNEY5QUUwMi9WTk9wVmN3MEdvUVlGYWpONmhrSzZsRUMz
ODQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZOT3BWY3cwR29RWUZhak42aGtLNmxFQzM4NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzFGQUMvNjgxOUJGNDIwNUZFMTFFQTg3NjNDMjQzQzRGOUFFMDIvODZCN0ZFOTAw
NUZGMTFFQUI0OTlBODQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnYkAwDQYJKoZIhvcNAQELBQADggEBAGzI+C0nmKEMTjAn
ndTqkz6sqdsEITbjpSgjeX05QWq9/Ha0UsVzi5GjXlppNVmQ8WNbGGWDn71ugHq7
GT2N7gDN/mGHyBN0DqlKuogYis7HkuKL1mRtzadCPrzLsmiDlIBiPJZykX+lsco8
W4qUc6SWL8XRFrMzwNmCNqVqv2Ri1pRmaf8PnEeSBElyIKdKojat4QGZwc6jvZ5l
pBHAdCuW3mHuXR+YoSYUf3+wj3rTu/3MRZdXEAHcxfxCDhTnSbM5jd1oIZ0urQju
dnC+bfdDqreDydm+tUWH6dBJd0yfhzFSckK2Jc456YR8GOWd105nOqlEdJfUjsSy
rDmeFV0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:02:15 2025 by rpki-client