Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C72E6/E6E6FB32F2EA11ED9099004AC4F9AE02/23EE2B76F2F111ED91F08A4FC4F9AE02.roa
File: 23EE2B76F2F111ED91F08A4FC4F9AE02.roa (raw, json)
Hash identifier: R4MOqPNazPvSSKVGkQoTvV/niZowhUllvkAn/iWShNw=
Subject key identifier: 3F:B4:CF:05:4E:84:BD:36:CA:45:E3:82:CB:E2:39:15:46:70:37:51
Certificate issuer: /CN=A91C72E6/serialNumber=752533B1852F7D2AC6E70DCDEBFD547DDC438F94
Certificate serial: D7
Authority key identifier: 75:25:33:B1:85:2F:7D:2A:C6:E7:0D:CD:EB:FD:54:7D:DC:43:8F:94
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dSUzsYUvfSrG5w3N6_1UfdxDj5Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C72E6/E6E6FB32F2EA11ED9099004AC4F9AE02/23EE2B76F2F111ED91F08A4FC4F9AE02.roa
Signing time: Sat 29 Jun 2024 06:07:22 +0000
ROA not before: Sat 29 Jun 2024 06:07:22 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 148968
IP address blocks: 103.254.231.0/24 maxlen: 24
2001:df2:6d40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 215 (0xd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C72E6
Validity
Not Before: Jun 29 06:07:22 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=667fa49a-1d67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:33:ca:e3:e0:44:b9:3b:29:35:2c:60:0e:04:
b2:1b:19:3b:9d:87:e8:58:d8:3a:e4:0f:ed:26:56:
a6:cc:eb:03:06:d4:e8:5d:9a:d7:27:b1:d1:6a:b5:
33:6d:c6:80:03:a4:36:0c:6f:59:14:56:99:b7:41:
54:fc:23:02:63:f9:c1:39:26:2d:ae:07:9a:5f:ad:
da:fb:29:8d:3b:49:be:e0:31:2f:c8:c0:f4:be:09:
d8:32:69:78:83:c2:15:4a:57:9b:87:d3:fc:54:49:
d8:d4:f9:43:5e:6d:fa:37:be:fb:83:08:72:06:5e:
8e:cd:e2:51:87:c1:89:09:ea:97:79:61:9c:ff:7b:
9c:d2:46:2b:aa:dc:3f:0c:0e:6d:2c:22:62:28:27:
67:11:ec:b7:30:14:45:e9:65:01:5c:1a:af:47:76:
18:fb:c9:97:b2:0d:67:ca:9e:45:10:77:09:1f:b1:
83:a4:7c:26:5d:9b:38:bb:72:44:22:b8:05:ba:cd:
1d:45:8b:2e:df:03:9e:cc:7e:8f:00:88:49:34:bc:
1f:39:b9:dd:cb:ec:5a:0c:37:f0:ec:e8:66:e6:a7:
a7:23:5e:b3:96:7a:a3:fd:a9:60:2a:48:b0:7f:1a:
42:45:c7:d4:4d:13:7c:f9:35:64:29:7c:91:f9:52:
a8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:B4:CF:05:4E:84:BD:36:CA:45:E3:82:CB:E2:39:15:46:70:37:51
X509v3 Authority Key Identifier:
keyid:75:25:33:B1:85:2F:7D:2A:C6:E7:0D:CD:EB:FD:54:7D:DC:43:8F:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C72E6/E6E6FB32F2EA11ED9099004AC4F9AE02/dSUzsYUvfSrG5w3N6_1UfdxDj5Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dSUzsYUvfSrG5w3N6_1UfdxDj5Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C72E6/E6E6FB32F2EA11ED9099004AC4F9AE02/23EE2B76F2F111ED91F08A4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.254.231.0/24
IPv6:
2001:df2:6d40::/48
Signature Algorithm: sha256WithRSAEncryption
25:99:07:82:60:dd:58:dd:a4:bf:37:cd:5c:70:cd:56:f8:3d:
90:72:c3:22:30:f7:0c:a3:03:b0:46:8f:75:8e:57:f2:a5:16:
9f:4f:13:8c:25:7f:61:0b:7d:de:e6:41:a2:d5:47:1d:f6:37:
3b:b8:e3:79:9e:b3:28:87:2d:1c:11:de:49:f9:84:c5:b4:f3:
2b:d0:31:c9:79:20:4c:40:10:e0:56:b6:0a:81:19:17:f9:d7:
ed:30:26:4b:b3:04:11:9f:ec:d1:44:34:94:a5:f9:aa:b8:d4:
f6:d0:dd:be:69:41:2b:e8:a5:5f:a4:bb:bd:07:49:6d:37:f6:
19:b1:a5:19:de:aa:7c:f9:33:03:5f:bc:e2:9c:0a:11:07:f2:
cc:3f:9c:84:12:c9:a3:66:58:f4:fb:cc:3e:04:25:d1:00:23:
3c:22:bd:77:57:b3:a9:55:12:44:6c:47:4f:b3:05:b1:e7:62:
c0:e1:3e:af:d5:e9:ce:5a:be:f8:bf:70:65:68:75:08:dc:d8:
8b:2c:87:a0:ff:0c:13:31:0b:e2:72:0c:92:1b:fa:27:8e:8c:
32:ff:f2:3c:20:ab:53:22:bd:4e:eb:ab:aa:4b:21:47:de:81:
8d:43:dd:60:18:d7:7a:3b:f1:1f:d1:0d:37:cd:12:3c:9a:25:
1e:e2:84:04
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICANcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzcyRTYxMTAvBgNVBAUTKDc1MjUzM0IxODUyRjdEMkFDNkU3MERDREVCRkQ1NDdE
REM0MzhGOTQwHhcNMjQwNjI5MDYwNzIyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdmYTQ5YS0xZDY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9jPK4+BEuTspNSxgDgSyGxk7nYfoWNg65A/tJlamzOsDBtToXZrXJ7HRarUz
bcaAA6Q2DG9ZFFaZt0FU/CMCY/nBOSYtrgeaX63a+ymNO0m+4DEvyMD0vgnYMml4
g8IVSlebh9P8VEnY1PlDXm36N777gwhyBl6OzeJRh8GJCeqXeWGc/3uc0kYrqtw/
DA5tLCJiKCdnEey3MBRF6WUBXBqvR3YY+8mXsg1nyp5FEHcJH7GDpHwmXZs4u3JE
IrgFus0dRYsu3wOezH6PAIhJNLwfObndy+xaDDfw7Ohm5qenI16zlnqj/algKkiw
fxpCRcfUTRN8+TVkKXyR+VKo3QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFD+0zwVO
hL02ykXjgsviORVGcDdRMB8GA1UdIwQYMBaAFHUlM7GFL30qxucNzev9VH3cQ4+U
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzJFNi9FNkU2RkIzMkYy
RUExMUVEOTA5OTAwNEFDNEY5QUUwMi9kU1V6c1lVdmZTckc1dzNONl8xVWZkeERq
NVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RTVXpzWVV2ZlNyRzV3M042XzFVZmR4RGo1US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzcyRTYvRTZFNkZCMzJGMkVBMTFFRDkwOTkwMDRBQzRGOUFFMDIvMjNFRTJCNzZG
MkYxMTFFRDkxRjA4QTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABn/ucwDwQCAAIwCQMHACABDfJtQDANBgkqhkiG9w0BAQsF
AAOCAQEAJZkHgmDdWN2kvzfNXHDNVvg9kHLDIjD3DKMDsEaPdY5X8qUWn08TjCV/
YQt93uZBotVHHfY3O7jjeZ6zKIctHBHeSfmExbTzK9AxyXkgTEAQ4Fa2CoEZF/nX
7TAmS7MEEZ/s0UQ0lKX5qrjU9tDdvmlBK+ilX6S7vQdJbTf2GbGlGd6qfPkzA1+8
4pwKEQfyzD+chBLJo2ZY9PvMPgQl0QAjPCK9d1ezqVUSRGxHT7MFsediwOE+r9Xp
zlq++L9wZWh1CNzYiyyHoP8MEzEL4nIMkhv6J46MMv/yPCCrUyK9TuurqkshR96B
jUPdYBjXejvxH9ENN80SPJolHuKEBA==
-----END CERTIFICATE-----
Generated at Thu Apr 10 02:14:46 2025 by rpki-client