Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/D121B70001EE11F0A7D9470DC4F9AE02.roa
File: D121B70001EE11F0A7D9470DC4F9AE02.roa (raw, json)
Hash identifier: CEHEvt43ETDPLDp9hKG9cm+Mn22jdV7HHfSJ6J+OsTQ=
Subject key identifier: E6:B4:4A:30:F5:21:07:F9:74:F4:76:89:A6:17:7E:FE:E1:29:D9:C4
Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial: 35AE
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/D121B70001EE11F0A7D9470DC4F9AE02.roa
Signing time: Sat 15 Mar 2025 22:42:47 +0000
ROA not before: Sat 15 Mar 2025 22:42:47 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 151734
IP address blocks: 103.230.69.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13742 (0x35ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8C90
Validity
Not Before: Mar 15 22:42:47 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67d60267-a161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b2:52:3f:cc:61:de:eb:24:4a:af:03:93:b4:
9d:a1:a2:b0:20:e9:a1:50:7d:0f:78:f3:72:7c:ad:
a5:4b:05:11:e3:0b:2d:2d:7b:3e:a4:76:9c:64:31:
ec:f9:b9:d5:80:e1:c6:f2:c9:d1:8e:97:48:24:c0:
53:4b:90:77:7a:33:68:40:6a:f8:a3:ab:ba:33:b2:
da:e1:ea:15:c0:b6:71:74:bd:45:22:54:19:7f:8e:
f6:a9:95:58:07:35:2a:86:36:e6:0c:4f:8a:be:9c:
ab:3c:14:51:e9:11:af:a8:e4:fb:94:e7:32:67:21:
09:24:4b:04:95:e5:a3:07:bd:6c:27:09:e4:54:d1:
c4:ec:74:2f:af:4b:a0:a3:03:0a:b3:8a:55:00:61:
d3:2b:a2:ee:04:d6:fe:b3:e9:0d:8f:eb:37:0b:4d:
b4:64:a6:0f:53:8c:e1:ce:a3:b0:9c:54:bf:cd:37:
90:e3:88:b3:55:d5:6e:5c:6c:7f:aa:3f:c0:15:73:
fb:de:21:ec:49:90:e1:98:ba:dd:54:ed:10:45:03:
c2:e4:f8:22:06:2f:9d:94:a7:83:4c:e6:2b:ad:97:
63:8c:a0:fe:52:73:fd:de:0e:bd:eb:1d:28:e1:4d:
3e:7b:9c:e7:be:10:0d:c3:4b:93:b1:69:b5:33:e4:
41:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:B4:4A:30:F5:21:07:F9:74:F4:76:89:A6:17:7E:FE:E1:29:D9:C4
X509v3 Authority Key Identifier:
keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/D121B70001EE11F0A7D9470DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.230.69.0/24
Signature Algorithm: sha256WithRSAEncryption
28:c3:4e:1f:ea:3d:1c:8a:06:74:b9:c2:33:ac:80:8e:62:a4:
4e:4b:83:75:72:91:e9:dd:e8:cb:4e:74:5b:9f:da:36:6d:99:
4a:a1:c5:ef:78:54:ff:bc:b9:b6:08:4f:5d:6d:8f:55:f7:2f:
72:da:1c:ad:3f:fe:cf:7e:f9:f9:f1:92:83:a2:79:41:f7:64:
fc:de:94:5d:9b:0f:41:cf:ce:4f:d5:1c:78:a0:24:48:69:2d:
ff:1b:f3:3c:89:85:62:6a:2e:bc:6b:ca:fa:1f:2e:45:9c:87:
b6:d2:fc:9f:50:85:e2:59:6b:3d:be:9a:79:c1:48:72:3b:e7:
f0:62:58:6f:9a:0c:09:d0:02:dd:52:89:47:b7:7f:15:f4:af:
b5:aa:c2:9f:12:8d:7d:8f:c9:99:5e:67:60:f2:6c:0e:a6:64:
f4:19:63:03:d5:27:c6:fc:20:9f:a3:3c:be:f2:77:d1:ed:ea:
2a:ee:2a:91:c5:5f:7d:b4:92:71:d4:cd:28:8b:1a:ca:f2:cc:
21:59:13:c0:f1:3e:79:e9:7a:de:f7:0e:b2:65:4f:41:5d:62:
e5:a3:af:36:bf:11:d2:b5:8a:73:b8:d2:1d:39:91:f8:2e:c5:
2f:22:fe:d6:ef:73:ae:2d:0a:63:c4:00:96:a8:7b:6e:d1:df:
b2:7e:34:78
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNa4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjUwMzE1MjI0MjQ3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q2MDI2Ny1hMTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwLJSP8xh3uskSq8Dk7SdoaKwIOmhUH0PePNyfK2lSwUR4wstLXs+pHacZDHs
+bnVgOHG8snRjpdIJMBTS5B3ejNoQGr4o6u6M7La4eoVwLZxdL1FIlQZf472qZVY
BzUqhjbmDE+KvpyrPBRR6RGvqOT7lOcyZyEJJEsEleWjB71sJwnkVNHE7HQvr0ug
owMKs4pVAGHTK6LuBNb+s+kNj+s3C020ZKYPU4zhzqOwnFS/zTeQ44izVdVuXGx/
qj/AFXP73iHsSZDhmLrdVO0QRQPC5PgiBi+dlKeDTOYrrZdjjKD+UnP93g696x0o
4U0+e5znvhANw0uTsWm1M+RB+wIDAQABo4IClTCCApEwHQYDVR0OBBYEFOa0SjD1
IQf5dPR2iaYXfv7hKdnEMB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvRDEyMUI3MDAw
MUVFMTFGMEE3RDk0NzBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn5kUwDQYJKoZIhvcNAQELBQADggEBACjDTh/qPRyKBnS5
wjOsgI5ipE5Lg3Vykend6MtOdFuf2jZtmUqhxe94VP+8ubYIT11tj1X3L3LaHK0/
/s9++fnxkoOieUH3ZPzelF2bD0HPzk/VHHigJEhpLf8b8zyJhWJqLrxryvofLkWc
h7bS/J9QheJZaz2+mnnBSHI75/BiWG+aDAnQAt1SiUe3fxX0r7Wqwp8SjX2PyZle
Z2DybA6mZPQZYwPVJ8b8IJ+jPL7yd9Ht6iruKpHFX320knHUzSiLGsryzCFZE8Dx
Pnnpet73DrJlT0FdYuWjrza/EdK1inO40h05kfguxS8i/tbvc64tCmPEAJaoe27R
37J+NHg=
-----END CERTIFICATE-----
Generated at Fri Apr 11 01:51:11 2025 by rpki-client