Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4D37/8AE0F4ECC2B211EBB7E7AD66C4F9AE02/008B17CEC2B611EB80F1B27EC4F9AE02.roa
File: 008B17CEC2B611EB80F1B27EC4F9AE02.roa (raw, json)
Hash identifier: OtQrF2ELmU+GbG6fbMpToUTy3D5OXRRs3Yb8jPpEVe0=
Subject key identifier: DE:E3:96:0B:1B:4E:CD:1E:B3:D2:CA:C8:06:D8:41:36:84:93:99:15
Certificate issuer: /CN=A91C4D37/serialNumber=BD232D98BA0A32FD7B7B8B21834C051976F8646C
Certificate serial: 058F
Authority key identifier: BD:23:2D:98:BA:0A:32:FD:7B:7B:8B:21:83:4C:05:19:76:F8:64:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vSMtmLoKMv17e4shg0wFGXb4ZGw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C4D37/8AE0F4ECC2B211EBB7E7AD66C4F9AE02/008B17CEC2B611EB80F1B27EC4F9AE02.roa
Signing time: Sat 15 Feb 2025 00:42:00 +0000
ROA not before: Sat 15 Feb 2025 00:42:00 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 133929
IP address blocks: 103.162.172.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1423 (0x58f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C4D37
Validity
Not Before: Feb 15 00:42:00 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67afe2d8-f4ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:25:5d:56:c1:2a:bb:d8:d9:d2:a6:a3:40:e0:
57:8f:e3:33:b1:ca:5e:e6:5e:f2:55:57:ce:6e:bd:
41:99:79:27:6a:3a:ea:0c:3f:ff:ea:66:f3:cf:78:
3c:2e:f0:ac:52:eb:47:8e:30:18:1b:87:2f:25:76:
3d:db:a5:46:b9:ec:82:17:29:65:03:e4:03:fe:85:
40:b4:f0:6f:d9:82:9b:97:fc:28:d1:47:05:73:d1:
0c:ce:c6:aa:6b:b2:c6:d7:56:84:bd:5d:8f:e1:db:
84:f3:b7:80:99:72:f9:62:e9:c7:73:81:1c:0e:15:
70:98:f5:ee:7b:56:ce:19:70:2e:c3:16:f7:29:29:
49:c6:7e:cc:11:54:f4:e1:fd:c1:cd:e6:12:93:ad:
6f:27:9f:c2:1f:19:69:0d:5d:94:d8:a9:e3:22:bf:
03:05:7c:d5:96:07:87:d5:5a:37:ca:bf:ab:21:df:
57:6b:fd:4e:72:ca:d2:08:d1:08:e4:b5:7d:f7:78:
2b:33:02:4d:cb:75:7c:8c:96:a4:d9:0c:72:23:68:
de:79:47:7b:51:3d:81:6c:0d:6e:d5:25:e3:f0:d1:
d6:6c:0f:25:d9:90:a1:24:ad:a6:4f:0d:ee:36:8b:
d8:82:33:75:da:4a:d8:a9:2c:3c:93:60:ef:b4:61:
9e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E3:96:0B:1B:4E:CD:1E:B3:D2:CA:C8:06:D8:41:36:84:93:99:15
X509v3 Authority Key Identifier:
keyid:BD:23:2D:98:BA:0A:32:FD:7B:7B:8B:21:83:4C:05:19:76:F8:64:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C4D37/8AE0F4ECC2B211EBB7E7AD66C4F9AE02/vSMtmLoKMv17e4shg0wFGXb4ZGw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vSMtmLoKMv17e4shg0wFGXb4ZGw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4D37/8AE0F4ECC2B211EBB7E7AD66C4F9AE02/008B17CEC2B611EB80F1B27EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.162.172.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:c2:a2:6f:ad:f8:2f:88:88:a7:eb:a2:a8:4f:fc:8b:8b:8b:
3a:a8:52:f7:40:d9:27:3e:d0:1b:22:03:03:ae:0f:ee:37:e3:
42:1f:a2:08:ac:2f:c1:c5:7c:79:fb:4f:f3:cf:a1:8a:2b:72:
72:56:8b:67:06:f9:a0:8c:bc:56:16:55:6f:c8:14:b1:0a:d3:
0c:82:a3:fc:53:a5:49:d2:eb:50:4e:8a:d2:54:8b:3a:69:3b:
95:1e:ae:24:dd:04:0f:8a:3f:56:f2:08:e4:c7:06:58:7d:30:
6e:fa:d7:08:10:35:dc:17:59:b9:d2:57:f5:87:63:93:99:04:
67:4e:f5:a6:51:be:71:79:3c:ce:b4:9c:47:3a:23:1b:eb:f0:
8b:47:30:07:f5:dc:15:82:a5:f5:ab:c0:1b:ac:a6:7a:dd:ec:
22:a8:d5:b5:63:fa:45:a2:3a:d9:2d:a2:da:48:09:a0:69:96:
ba:54:21:2c:6b:77:f7:f3:d9:3f:63:5e:3a:ba:96:b9:19:7f:
2d:06:2d:cd:da:f8:fb:be:bb:a4:a2:c8:aa:d0:a6:d6:c6:34:
26:57:88:3e:24:62:24:37:1a:27:a6:b7:18:8d:17:55:ff:9e:
d5:38:43:ab:f5:25:b2:af:78:d1:88:c1:10:db:10:ed:94:3f:
21:3f:cb:a2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBY8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzREMzcxMTAvBgNVBAUTKEJEMjMyRDk4QkEwQTMyRkQ3QjdCOEIyMTgzNEMwNTE5
NzZGODY0NkMwHhcNMjUwMjE1MDA0MjAwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FmZTJkOC1mNGFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsiVdVsEqu9jZ0qajQOBXj+Mzscpe5l7yVVfObr1BmXknajrqDD//6mbzz3g8
LvCsUutHjjAYG4cvJXY926VGueyCFyllA+QD/oVAtPBv2YKbl/wo0UcFc9EMzsaq
a7LG11aEvV2P4duE87eAmXL5YunHc4EcDhVwmPXue1bOGXAuwxb3KSlJxn7MEVT0
4f3BzeYSk61vJ5/CHxlpDV2U2KnjIr8DBXzVlgeH1Vo3yr+rId9Xa/1OcsrSCNEI
5LV993grMwJNy3V8jJak2QxyI2jeeUd7UT2BbA1u1SXj8NHWbA8l2ZChJK2mTw3u
NovYgjN12krYqSw8k2DvtGGeowIDAQABo4IClTCCApEwHQYDVR0OBBYEFN7jlgsb
Ts0es9LKyAbYQTaEk5kVMB8GA1UdIwQYMBaAFL0jLZi6CjL9e3uLIYNMBRl2+GRs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEQzNy84QUUwRjRFQ0My
QjIxMUVCQjdFN0FENjZDNEY5QUUwMi92U010bUxvS012MTdlNHNoZzB3RkdYYjRa
R3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZTTXRtTG9LTXYxN2U0c2hnMHdGR1hiNFpHdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzREMzcvOEFFMEY0RUNDMkIyMTFFQkI3RTdBRDY2QzRGOUFFMDIvMDA4QjE3Q0VD
MkI2MTFFQjgwRjFCMjdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnoqwwDQYJKoZIhvcNAQELBQADggEBADzCom+t+C+IiKfr
oqhP/IuLizqoUvdA2Sc+0BsiAwOuD+4340IfogisL8HFfHn7T/PPoYorcnJWi2cG
+aCMvFYWVW/IFLEK0wyCo/xTpUnS61BOitJUizppO5UeriTdBA+KP1byCOTHBlh9
MG761wgQNdwXWbnSV/WHY5OZBGdO9aZRvnF5PM60nEc6Ixvr8ItHMAf13BWCpfWr
wBuspnrd7CKo1bVj+kWiOtktotpICaBplrpUISxrd/fz2T9jXjq6lrkZfy0GLc3a
+Pu+u6SiyKrQptbGNCZXiD4kYiQ3GiemtxiNF1X/ntU4Q6v1JbKveNGIwRDbEO2U
PyE/y6I=
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:41:44 2025 by rpki-client