Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA2CC/F26E06CE11F911EA9CB88C35C4F9AE02/D376CA2E63B311EFBEFCDF10C4F9AE02.roa
File: D376CA2E63B311EFBEFCDF10C4F9AE02.roa (raw, json)
Hash identifier: G+U7uQFgAb2U+N/txdaeFUXvdA97Z5VnhrdZ+BD6M4c=
Subject key identifier: B0:27:25:CC:6C:79:31:88:CC:63:2F:5F:B8:73:7A:F7:DE:27:C2:56
Certificate issuer: /CN=A91EA2CC/serialNumber=90A98450B9DA938118A2D5AD534D8828F4B94634
Certificate serial: 0BE1
Authority key identifier: 90:A9:84:50:B9:DA:93:81:18:A2:D5:AD:53:4D:88:28:F4:B9:46:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kKmEULnak4EYotWtU02IKPS5RjQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA2CC/F26E06CE11F911EA9CB88C35C4F9AE02/D376CA2E63B311EFBEFCDF10C4F9AE02.roa
Signing time: Sat 08 Feb 2025 18:56:54 +0000
ROA not before: Sat 08 Feb 2025 18:56:54 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 139722
IP address blocks: 103.134.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3041 (0xbe1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA2CC
Validity
Not Before: Feb 8 18:56:54 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a7a8f6-18d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c1:d6:3d:43:7a:95:c9:47:e8:d5:ad:28:45:
a4:53:15:19:5b:ce:62:05:fa:c4:cf:ba:ac:3d:37:
18:66:05:b4:dc:55:e0:b4:c8:e9:9e:05:17:da:0d:
70:05:e2:92:84:25:b4:ad:fc:ae:8c:c7:2f:62:ef:
8a:f5:3d:bb:ff:62:6d:84:74:07:73:c7:b8:2e:91:
6b:9c:3c:26:08:49:4d:18:f6:20:4d:33:70:2f:8d:
b5:cb:dc:66:57:29:68:e0:0c:d0:98:ff:88:1b:8b:
8e:c7:65:4c:5c:0a:06:1b:ad:eb:8e:49:4c:53:37:
64:3f:b6:26:da:7b:79:5b:48:94:b6:e5:53:ae:ad:
5c:c4:2a:af:27:9f:a6:39:c3:cf:20:f6:c8:53:54:
49:34:6a:f0:cf:eb:8e:f8:69:65:4a:ef:c0:a1:f3:
cf:21:74:b0:4e:36:b6:d5:ad:24:1a:7c:75:3b:10:
de:80:db:8d:1a:aa:55:59:b2:5d:8c:04:c3:4f:85:
8d:2e:0b:11:8c:9d:a0:c4:98:04:4f:52:67:0c:c3:
ab:2a:e2:67:17:6a:0e:55:f6:e5:94:50:92:7c:96:
17:0a:1a:d9:fe:d5:5f:86:1a:b7:ac:af:68:f5:60:
ca:37:f8:11:7d:da:bc:d3:e4:c1:31:a4:05:d7:11:
63:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:27:25:CC:6C:79:31:88:CC:63:2F:5F:B8:73:7A:F7:DE:27:C2:56
X509v3 Authority Key Identifier:
keyid:90:A9:84:50:B9:DA:93:81:18:A2:D5:AD:53:4D:88:28:F4:B9:46:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA2CC/F26E06CE11F911EA9CB88C35C4F9AE02/kKmEULnak4EYotWtU02IKPS5RjQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kKmEULnak4EYotWtU02IKPS5RjQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA2CC/F26E06CE11F911EA9CB88C35C4F9AE02/D376CA2E63B311EFBEFCDF10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.43.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:8b:53:3b:fa:eb:92:6e:6b:34:47:16:a5:e1:88:f0:ca:f3:
f2:b8:f9:ea:5b:12:3b:13:7d:b9:14:4a:85:2a:2f:4e:6f:84:
77:bb:a9:b4:0b:82:9c:d6:7e:cd:09:a3:5b:56:c9:46:32:2a:
25:bb:97:cb:23:31:12:8d:dd:f6:e7:38:d0:23:ff:25:ed:2d:
f1:e5:8a:b3:70:53:c1:67:ae:c3:48:e5:a5:4f:71:07:b7:8f:
cf:c9:12:02:a1:c9:77:f5:4c:42:08:0e:8c:57:49:0a:f2:59:
83:24:ac:c9:3e:cf:6d:97:56:89:f1:65:0d:0a:f3:88:21:10:
cf:95:79:63:04:5b:58:8c:9c:02:b6:db:09:17:91:6a:2c:0f:
60:96:ce:3e:c4:fb:fd:b8:9c:93:cb:cc:87:b5:c5:61:a4:6b:
63:05:7f:b6:8b:10:e9:03:d6:26:63:51:9e:89:fd:db:f3:d0:
4c:c4:90:67:9b:cb:d1:a0:c7:73:c8:d1:a2:00:5f:95:ca:08:
bb:4e:83:00:f6:8d:95:74:0b:ce:0f:05:ca:2e:17:20:48:98:
f2:b5:76:e1:d4:85:59:8a:90:0d:a7:72:c3:3b:ae:01:4f:e0:
48:be:35:87:d7:55:d2:a0:f7:c5:92:9e:72:0c:a8:97:ad:45:
c5:a5:e8:77
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC+EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUEyQ0MxMTAvBgNVBAUTKDkwQTk4NDUwQjlEQTkzODExOEEyRDVBRDUzNEQ4ODI4
RjRCOTQ2MzQwHhcNMjUwMjA4MTg1NjU0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E3YThmNi0xOGQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvcHWPUN6lclH6NWtKEWkUxUZW85iBfrEz7qsPTcYZgW03FXgtMjpngUX2g1w
BeKShCW0rfyujMcvYu+K9T27/2JthHQHc8e4LpFrnDwmCElNGPYgTTNwL421y9xm
Vylo4AzQmP+IG4uOx2VMXAoGG63rjklMUzdkP7Ym2nt5W0iUtuVTrq1cxCqvJ5+m
OcPPIPbIU1RJNGrwz+uO+GllSu/AofPPIXSwTja21a0kGnx1OxDegNuNGqpVWbJd
jATDT4WNLgsRjJ2gxJgET1JnDMOrKuJnF2oOVfbllFCSfJYXChrZ/tVfhhq3rK9o
9WDKN/gRfdq80+TBMaQF1xFj4QIDAQABo4IClTCCApEwHQYDVR0OBBYEFLAnJcxs
eTGIzGMvX7hzevfeJ8JWMB8GA1UdIwQYMBaAFJCphFC52pOBGKLVrVNNiCj0uUY0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTJDQy9GMjZFMDZDRTEx
RjkxMUVBOUNCODhDMzVDNEY5QUUwMi9rS21FVUxuYWs0RVlvdFd0VTAySUtQUzVS
alEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tLbUVVTG5hazRFWW90V3RVMDJJS1BTNVJqUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUEyQ0MvRjI2RTA2Q0UxMUY5MTFFQTlDQjg4QzM1QzRGOUFFMDIvRDM3NkNBMkU2
M0IzMTFFRkJFRkNERjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnhiswDQYJKoZIhvcNAQELBQADggEBAEuLUzv665JuazRH
FqXhiPDK8/K4+epbEjsTfbkUSoUqL05vhHe7qbQLgpzWfs0Jo1tWyUYyKiW7l8sj
MRKN3fbnONAj/yXtLfHlirNwU8FnrsNI5aVPcQe3j8/JEgKhyXf1TEIIDoxXSQry
WYMkrMk+z22XVonxZQ0K84ghEM+VeWMEW1iMnAK22wkXkWosD2CWzj7E+/24nJPL
zIe1xWGka2MFf7aLEOkD1iZjUZ6J/dvz0EzEkGeby9Ggx3PI0aIAX5XKCLtOgwD2
jZV0C84PBcouFyBImPK1duHUhVmKkA2ncsM7rgFP4Ei+NYfXVdKg98WSnnIMqJet
RcWl6Hc=
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:04:21 2025 by rpki-client