Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/6875130A75D011EFAEA8B95DC4F9AE02.roa
File: 6875130A75D011EFAEA8B95DC4F9AE02.roa (raw, json)
Hash identifier: HgZSww0YjaKoV/OpCY1UNM5o/7USPMBbgqLK+V2f6pU=
Subject key identifier: 76:F7:0F:C3:3F:A4:C2:8B:C4:9B:2E:C5:36:A2:F9:5E:2A:84:56:44
Certificate issuer: /CN=A91E4845/serialNumber=01A412EF416C884F6F637F1BDA800EB6EF67B6D6
Certificate serial: 21A0
Authority key identifier: 01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/6875130A75D011EFAEA8B95DC4F9AE02.roa
Signing time: Fri 06 Dec 2024 16:03:36 +0000
ROA not before: Fri 06 Dec 2024 16:03:36 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 39600
IP address blocks: 103.111.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8608 (0x21a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4845
Validity
Not Before: Dec 6 16:03:36 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67532057-3196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:40:af:69:64:6b:52:b7:28:2f:13:cc:6b:73:
0d:e9:aa:e4:a6:51:2f:fd:77:30:cf:70:13:e3:b3:
df:7b:01:b9:ca:5a:c5:97:86:f5:fb:fc:30:fb:e3:
66:74:c1:b7:ec:2f:52:bc:03:89:f5:7a:22:82:65:
7c:c6:97:c3:63:86:47:fe:10:c2:98:6a:99:9e:ed:
f1:34:3e:29:52:98:00:2e:49:56:8c:f2:33:cb:71:
20:45:04:42:ab:a6:7d:0f:43:8d:6e:8f:ac:8f:b9:
b8:e2:11:a6:05:b9:ce:16:c0:d1:7e:9e:56:91:bc:
67:78:fd:1e:22:bd:f3:c5:1d:99:e2:9c:3c:5f:9a:
29:fd:50:d4:a4:3b:b0:9f:8f:08:bb:7c:1a:10:f7:
5c:9a:3a:73:20:cb:1c:75:35:36:42:68:cd:db:81:
a7:10:40:8a:9a:93:3c:d6:a7:80:0d:25:01:83:44:
9a:83:0f:cc:c2:af:ab:6f:0a:79:03:cb:5e:cf:33:
63:60:c9:9d:f6:db:24:48:63:86:d2:2d:44:cb:1f:
c1:80:27:b8:0f:40:80:85:6a:b2:b5:51:6b:aa:eb:
df:6a:f9:7f:dd:b5:d3:f1:85:dc:79:73:6e:bf:52:
3c:53:f9:22:f1:72:ed:13:01:54:43:94:93:76:de:
69:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:F7:0F:C3:3F:A4:C2:8B:C4:9B:2E:C5:36:A2:F9:5E:2A:84:56:44
X509v3 Authority Key Identifier:
keyid:01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/AaQS70FsiE9vY38b2oAOtu9nttY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/6875130A75D011EFAEA8B95DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.89.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:0e:f3:28:db:63:15:aa:72:57:36:b7:33:48:8f:ee:ad:39:
1a:d7:7c:02:12:36:fb:af:64:5f:71:24:8d:db:78:5e:4c:67:
42:c6:33:86:85:d5:fc:b0:01:ce:2a:5f:b0:b2:7d:65:61:54:
63:27:c7:f8:bc:4f:ac:e1:77:b1:7e:4c:1b:a6:00:46:66:b5:
1d:26:92:a7:3f:b1:d2:fe:35:77:4d:11:2b:79:ec:42:2b:81:
22:2e:83:c6:4c:27:f4:af:62:f8:43:c6:ea:cc:fa:59:4d:5b:
32:54:8e:1a:0d:a1:ca:4e:53:de:c1:79:9a:50:ea:cd:eb:cc:
84:7e:38:c2:60:7d:d2:26:76:ab:c3:bd:7c:ca:2f:c4:f0:ca:
72:6c:5e:68:84:7e:63:80:4a:39:59:46:a0:a3:36:22:4d:bc:
98:1d:9b:bd:29:f9:ff:db:6a:90:cf:d1:5a:19:00:de:2f:6e:
79:c6:20:7a:ba:2d:2b:00:82:a8:a5:cb:81:f7:e0:78:b0:81:
24:a1:35:05:f6:4a:88:66:4a:0e:22:db:47:b9:b4:68:1b:61:
6f:16:5d:ff:d4:d1:0d:e2:6e:3e:d7:73:58:89:dd:d6:ab:ec:
84:b3:8e:d4:8c:44:99:01:a3:5e:70:a5:81:9d:fe:ff:0c:ba:
d1:ab:b4:70
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICIaAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQ4NDUxMTAvBgNVBAUTKDAxQTQxMkVGNDE2Qzg4NEY2RjYzN0YxQkRBODAwRUI2
RUY2N0I2RDYwHhcNMjQxMjA2MTYwMzM2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUzMjA1Ny0zMTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu0CvaWRrUrcoLxPMa3MN6arkplEv/Xcwz3AT47PfewG5ylrFl4b1+/ww++Nm
dMG37C9SvAOJ9XoigmV8xpfDY4ZH/hDCmGqZnu3xND4pUpgALklWjPIzy3EgRQRC
q6Z9D0ONbo+sj7m44hGmBbnOFsDRfp5WkbxneP0eIr3zxR2Z4pw8X5op/VDUpDuw
n48Iu3waEPdcmjpzIMscdTU2QmjN24GnEECKmpM81qeADSUBg0Sagw/Mwq+rbwp5
A8tezzNjYMmd9tskSGOG0i1Eyx/BgCe4D0CAhWqytVFrquvfavl/3bXT8YXceXNu
v1I8U/ki8XLtEwFUQ5STdt5p2QIDAQABo4IClTCCApEwHQYDVR0OBBYEFHb3D8M/
pMKLxJsuxTai+V4qhFZEMB8GA1UdIwQYMBaAFAGkEu9BbIhPb2N/G9qADrbvZ7bW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDg0NS80MDAxNTNCNkQy
RUIxMUU1QjREMTVBNEVDNEY5QUUwMi9BYVFTNzBGc2lFOXZZMzhiMm9BT3R1OW50
dFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FhUVM3MEZzaUU5dlkzOGIyb0FPdHU5bnR0WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ4NDUvNDAwMTUzQjZEMkVCMTFFNUI0RDE1QTRFQzRGOUFFMDIvNjg3NTEzMEE3
NUQwMTFFRkFFQThCOTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnb1kwDQYJKoZIhvcNAQELBQADggEBALsO8yjbYxWqclc2
tzNIj+6tORrXfAISNvuvZF9xJI3beF5MZ0LGM4aF1fywAc4qX7CyfWVhVGMnx/i8
T6zhd7F+TBumAEZmtR0mkqc/sdL+NXdNESt57EIrgSIug8ZMJ/SvYvhDxurM+llN
WzJUjhoNocpOU97BeZpQ6s3rzIR+OMJgfdImdqvDvXzKL8TwynJsXmiEfmOASjlZ
RqCjNiJNvJgdm70p+f/bapDP0VoZAN4vbnnGIHq6LSsAgqily4H34HiwgSShNQX2
SohmSg4i20e5tGgbYW8WXf/U0Q3ibj7Xc1iJ3dar7ISzjtSMRJkBo15wpYGd/v8M
utGrtHA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:16:56 2025 by rpki-client