Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D560D/68C3F49A41EE11EA9CEA1F75C4F9AE02/4445E492F38311EFB9CFE778C4F9AE02.roa
File: 4445E492F38311EFB9CFE778C4F9AE02.roa (raw, json)
Hash identifier: uvPQ2fp4ZTxv3siwTUo6cZQdguj/a94WO/NhdFvFn6M=
Subject key identifier: 2A:E5:0D:65:D9:51:1C:76:94:6F:1B:81:18:03:BF:19:E5:30:4B:DB
Certificate issuer: /CN=A91D560D/serialNumber=D7146DA9DE28F5BB5E3DE2FF00C59FC85C9938DA
Certificate serial: 085B
Authority key identifier: D7:14:6D:A9:DE:28:F5:BB:5E:3D:E2:FF:00:C5:9F:C8:5C:99:38:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xRtqd4o9btePeL_AMWfyFyZONo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D560D/68C3F49A41EE11EA9CEA1F75C4F9AE02/4445E492F38311EFB9CFE778C4F9AE02.roa
Signing time: Tue 25 Feb 2025 14:17:38 +0000
ROA not before: Tue 25 Feb 2025 14:17:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151106
IP address blocks: 103.111.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2139 (0x85b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D560D
Validity
Not Before: Feb 25 14:17:38 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67bdd102-d3c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:12:55:11:48:a9:3f:fc:31:fc:ef:e1:a7:ea:
a1:4c:59:e8:92:0e:dc:31:01:14:7b:b6:de:8c:ba:
15:76:1c:66:4f:6a:7d:3c:43:76:4a:4c:d8:4c:0c:
b6:f6:42:8b:44:87:4e:60:71:9a:3a:6b:c9:96:1b:
aa:bd:e8:ca:d4:d1:13:88:ec:a4:18:b9:63:29:86:
f0:47:52:56:32:18:22:23:e3:4a:26:12:81:45:f8:
c0:3b:8f:75:3a:1a:1a:99:3a:98:fe:5a:b3:8c:6a:
bc:27:52:9e:27:4a:fb:a2:5e:8b:92:7e:ca:35:3f:
5c:87:9b:0e:05:54:23:35:6d:8d:06:30:fb:d0:5c:
00:95:84:ee:bd:83:bb:84:36:58:a0:9b:01:a7:cf:
9c:88:73:04:1e:e0:cb:a3:c5:eb:ed:5f:47:db:b6:
9b:57:22:63:92:31:47:64:5c:66:f6:a2:06:7f:a3:
37:46:58:3d:ab:46:e2:e7:32:dc:55:e8:e3:e4:4b:
5f:6b:32:2c:5a:f7:a6:ca:c1:6c:67:62:0b:27:cc:
2e:b5:8a:93:36:d5:4f:05:08:3d:58:a2:49:a1:0d:
72:a6:93:ec:fc:ae:eb:45:e1:f8:0c:de:48:9b:f5:
ad:06:c9:d5:31:61:d8:7f:a4:40:b0:7c:f3:74:c0:
51:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E5:0D:65:D9:51:1C:76:94:6F:1B:81:18:03:BF:19:E5:30:4B:DB
X509v3 Authority Key Identifier:
keyid:D7:14:6D:A9:DE:28:F5:BB:5E:3D:E2:FF:00:C5:9F:C8:5C:99:38:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D560D/68C3F49A41EE11EA9CEA1F75C4F9AE02/1xRtqd4o9btePeL_AMWfyFyZONo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xRtqd4o9btePeL_AMWfyFyZONo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D560D/68C3F49A41EE11EA9CEA1F75C4F9AE02/4445E492F38311EFB9CFE778C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.167.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:72:d9:65:30:f5:3b:ca:33:bb:db:23:ee:49:bf:60:bb:c3:
84:91:4e:3b:29:ac:4b:28:05:62:f5:1d:47:79:b6:07:f6:1b:
c6:30:b3:ff:48:a7:8b:5c:48:74:b0:0f:78:e8:fa:cb:6d:1a:
18:a3:36:54:10:68:e5:6f:19:a9:f5:2f:ec:96:c4:5c:5b:3b:
15:0d:dc:3d:4b:04:b0:ce:27:71:26:3f:bd:0a:ec:7b:ca:19:
8d:80:a3:a8:d4:87:2e:a3:4b:8d:fd:ed:f2:aa:d2:7a:54:a3:
84:56:92:61:46:32:95:1d:cc:13:cd:1e:0f:6f:89:a1:ea:c0:
69:dc:f9:86:6d:5a:fc:cb:c8:0e:77:8d:09:cd:ba:98:be:60:
a8:90:25:ec:ab:c6:80:b2:46:a0:c6:b1:73:56:ad:5c:5c:8c:
15:35:4a:5b:95:62:63:f7:42:3a:02:4b:f3:0a:33:e8:26:09:
db:c5:da:f7:63:3e:72:b7:4f:0d:3b:1e:bd:49:65:f6:df:30:
04:ee:a7:e0:c5:41:36:82:9f:c5:24:53:64:9d:49:09:f0:07:
63:89:22:b4:4e:fa:13:17:ab:05:be:73:9c:d6:0e:28:27:58:
12:1e:c7:72:b3:c4:1c:e4:1a:b3:96:33:d9:4c:35:2b:b5:15:
67:5f:db:c2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCFswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDU2MEQxMTAvBgNVBAUTKEQ3MTQ2REE5REUyOEY1QkI1RTNERTJGRjAwQzU5RkM4
NUM5OTM4REEwHhcNMjUwMjI1MTQxNzM4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JkZDEwMi1kM2M3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3xJVEUipP/wx/O/hp+qhTFnokg7cMQEUe7bejLoVdhxmT2p9PEN2SkzYTAy2
9kKLRIdOYHGaOmvJlhuqvejK1NETiOykGLljKYbwR1JWMhgiI+NKJhKBRfjAO491
OhoamTqY/lqzjGq8J1KeJ0r7ol6Lkn7KNT9ch5sOBVQjNW2NBjD70FwAlYTuvYO7
hDZYoJsBp8+ciHMEHuDLo8Xr7V9H27abVyJjkjFHZFxm9qIGf6M3Rlg9q0bi5zLc
Vejj5EtfazIsWvemysFsZ2ILJ8wutYqTNtVPBQg9WKJJoQ1yppPs/K7rReH4DN5I
m/WtBsnVMWHYf6RAsHzzdMBRcwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCrlDWXZ
URx2lG8bgRgDvxnlMEvbMB8GA1UdIwQYMBaAFNcUbaneKPW7Xj3i/wDFn8hcmTja
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTYwRC82OEMzRjQ5QTQx
RUUxMUVBOUNFQTFGNzVDNEY5QUUwMi8xeFJ0cWQ0bzlidGVQZUxfQU1XZnlGeVpP
Tm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzF4UnRxZDRvOWJ0ZVBlTF9BTVdmeUZ5Wk9Oby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDU2MEQvNjhDM0Y0OUE0MUVFMTFFQTlDRUExRjc1QzRGOUFFMDIvNDQ0NUU0OTJG
MzgzMTFFRkI5Q0ZFNzc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnb6cwDQYJKoZIhvcNAQELBQADggEBAK5y2WUw9TvKM7vb
I+5Jv2C7w4SRTjsprEsoBWL1HUd5tgf2G8Yws/9Ip4tcSHSwD3jo+sttGhijNlQQ
aOVvGan1L+yWxFxbOxUN3D1LBLDOJ3EmP70K7HvKGY2Ao6jUhy6jS4397fKq0npU
o4RWkmFGMpUdzBPNHg9viaHqwGnc+YZtWvzLyA53jQnNupi+YKiQJeyrxoCyRqDG
sXNWrVxcjBU1SluVYmP3QjoCS/MKM+gmCdvF2vdjPnK3Tw07Hr1JZfbfMATup+DF
QTaCn8UkU2SdSQnwB2OJIrRO+hMXqwW+c5zWDignWBIex3KzxBzkGrOWM9lMNSu1
FWdf28I=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:47:25 2025 by rpki-client