Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/12B9A5DECBC211EDB6F09516C4F9AE02.roa
File: 12B9A5DECBC211EDB6F09516C4F9AE02.roa (raw, json)
Hash identifier: GC2+Qt2m2cOxU2MSwTfp+OhWSqEwAQ14izm/J1/ZU5o=
Subject key identifier: D4:2B:E1:CF:6B:D4:5D:35:D8:67:66:07:04:C0:93:64:54:BD:E9:E4
Certificate issuer: /CN=A91E0C2B/serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1
Certificate serial: 016C
Authority key identifier: E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/12B9A5DECBC211EDB6F09516C4F9AE02.roa
Signing time: Wed 19 Feb 2025 05:36:01 +0000
ROA not before: Wed 19 Feb 2025 05:36:01 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 150691
IP address blocks: 103.57.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 364 (0x16c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E0C2B
Validity
Not Before: Feb 19 05:36:01 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67b56dc1-5acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c9:73:f9:a1:00:53:3f:e8:86:fb:92:55:b5:
37:74:7a:e9:9d:f7:f1:08:23:79:e7:08:c5:05:09:
88:6b:aa:ad:95:be:af:46:75:a2:87:bb:f5:07:da:
84:04:65:a6:d1:a8:b1:f6:d4:16:4b:6a:b1:ec:3e:
9b:81:43:f4:25:45:83:55:4b:26:03:93:04:03:22:
b4:56:c4:da:17:a7:e4:5d:d1:ee:46:3e:aa:8f:59:
ba:0d:c8:02:5e:ab:1d:64:dd:88:8a:c4:9f:b9:21:
32:3e:b5:e2:fa:e1:2b:f6:96:e0:40:6f:64:99:7e:
06:30:4b:f1:6c:fe:2a:9e:fb:ed:76:35:21:45:95:
c5:b0:53:93:1f:4f:6d:21:0f:05:3b:b5:14:2c:75:
42:b2:2c:e0:01:34:2c:2b:9d:01:ad:b6:3a:57:6b:
d3:90:97:21:42:c9:2a:db:bb:05:b4:47:64:9e:68:
81:10:40:51:7d:fa:28:0c:fe:80:e0:1f:c6:8e:15:
8b:a1:d9:94:d1:4f:a3:c4:23:11:7a:ef:7a:3e:64:
5f:89:d4:79:3e:25:87:f7:e4:59:c5:35:18:ad:ed:
ef:11:d2:13:6e:42:ec:38:2f:b3:23:11:36:b5:09:
27:ce:5b:4b:17:8d:73:13:d2:be:12:21:e0:c2:f4:
78:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:2B:E1:CF:6B:D4:5D:35:D8:67:66:07:04:C0:93:64:54:BD:E9:E4
X509v3 Authority Key Identifier:
keyid:E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/12B9A5DECBC211EDB6F09516C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.57.98.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:8e:2e:b3:d9:b8:e5:5f:ca:9f:89:bf:88:39:fd:90:fe:53:
ef:e1:16:fe:42:18:a5:f1:d1:a8:16:d7:4b:ae:56:7f:4b:b4:
2f:ea:3b:96:49:82:71:5f:06:53:c2:83:9f:ed:5d:d1:57:25:
fa:d6:f7:cd:e9:e8:c3:cc:1d:82:b7:e4:c9:8c:d0:a7:cf:07:
5d:dd:7d:88:42:23:af:ca:a3:7a:c9:f2:b3:38:32:87:58:0e:
cf:b2:3c:70:79:3b:ea:19:a0:47:c0:98:ac:b9:db:d7:fa:f9:
24:24:22:60:16:6d:79:91:aa:08:0a:a5:52:3b:36:c2:8b:cc:
1e:37:27:53:32:8c:91:f5:6d:7e:3f:ce:3a:bd:0d:03:34:e2:
cc:16:dd:bc:ab:3a:f6:2b:a5:91:2b:4f:ca:f3:57:9a:68:9f:
00:19:d4:3b:8b:d5:66:99:d2:fa:2a:48:de:7e:45:09:71:6a:
ce:9d:5d:b0:ad:e7:6b:99:53:49:57:b6:ae:d9:58:bc:b9:48:
49:a4:6e:f9:1e:dc:88:fc:34:68:29:ec:83:06:a6:5e:49:6d:
96:56:cd:94:cd:1e:9a:20:2e:83:55:cb:f8:6e:1a:e1:6e:70:
c2:ca:2c:77:24:3f:e0:54:26:25:02:fc:26:04:58:46:71:8c:
6e:d9:ee:33
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAWwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTBDMkIxMTAvBgNVBAUTKEU1QkIyRDhCOUUxODY5N0MwMTU5RUQ4MTMyRTVGMzRC
ODZCMTM3QjEwHhcNMjUwMjE5MDUzNjAxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I1NmRjMS01YWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArMlz+aEAUz/ohvuSVbU3dHrpnffxCCN55wjFBQmIa6qtlb6vRnWih7v1B9qE
BGWm0aix9tQWS2qx7D6bgUP0JUWDVUsmA5MEAyK0VsTaF6fkXdHuRj6qj1m6DcgC
XqsdZN2IisSfuSEyPrXi+uEr9pbgQG9kmX4GMEvxbP4qnvvtdjUhRZXFsFOTH09t
IQ8FO7UULHVCsizgATQsK50BrbY6V2vTkJchQskq27sFtEdknmiBEEBRffooDP6A
4B/GjhWLodmU0U+jxCMReu96PmRfidR5PiWH9+RZxTUYre3vEdITbkLsOC+zIxE2
tQknzltLF41zE9K+EiHgwvR4UwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNQr4c9r
1F012GdmBwTAk2RUvenkMB8GA1UdIwQYMBaAFOW7LYueGGl8AVntgTLl80uGsTex
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEMyQi9EMjdFNkVEMENC
OTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFYd0JXZTJCTXVYelM0YXhO
N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVic3RpNTRZYVh3QldlMkJNdVh6UzRheE43RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTBDMkIvRDI3RTZFRDBDQjk2MTFFREFDMzQ5Qjc5QzRGOUFFMDIvMTJCOUE1REVD
QkMyMTFFREI2RjA5NTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnOWIwDQYJKoZIhvcNAQELBQADggEBAA+OLrPZuOVfyp+J
v4g5/ZD+U+/hFv5CGKXx0agW10uuVn9LtC/qO5ZJgnFfBlPCg5/tXdFXJfrW983p
6MPMHYK35MmM0KfPB13dfYhCI6/Ko3rJ8rM4ModYDs+yPHB5O+oZoEfAmKy529f6
+SQkImAWbXmRqggKpVI7NsKLzB43J1MyjJH1bX4/zjq9DQM04swW3byrOvYrpZEr
T8rzV5ponwAZ1DuL1WaZ0voqSN5+RQlxas6dXbCt52uZU0lXtq7ZWLy5SEmkbvke
3Ij8NGgp7IMGpl5JbZZWzZTNHpogLoNVy/huGuFucMLKLHckP+BUJiUC/CYEWEZx
jG7Z7jM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:08:20 2025 by rpki-client