Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/6DB3AB6206A611F0B1BDBF81C4F9AE02.roa
File: 6DB3AB6206A611F0B1BDBF81C4F9AE02.roa (raw, json)
Hash identifier: tNC4zp7gYYgBesQgstnSGags37kIwmXJ7Cdwng4MFYA=
Subject key identifier: EC:CD:7F:F7:A0:81:71:42:DE:AA:10:66:F8:1B:AF:8F:6D:27:53:DE
Certificate issuer: /CN=A91EA723/serialNumber=B90422559B58C4DAA89F224D49C71FF44F9BCA34
Certificate serial: 0199
Authority key identifier: B9:04:22:55:9B:58:C4:DA:A8:9F:22:4D:49:C7:1F:F4:4F:9B:CA:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uQQiVZtYxNqonyJNSccf9E-byjQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/6DB3AB6206A611F0B1BDBF81C4F9AE02.roa
Signing time: Fri 21 Mar 2025 22:47:12 +0000
ROA not before: Fri 21 Mar 2025 22:47:12 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 135654
IP address blocks: 103.93.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 409 (0x199)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA723
Validity
Not Before: Mar 21 22:47:12 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67ddec70-1eb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a8:04:c2:b6:5d:fc:86:4b:e8:e5:80:24:d9:
7f:14:ed:eb:98:0f:78:9f:57:c2:88:6c:41:76:94:
be:cb:a3:ad:09:da:0e:6e:45:62:50:24:de:39:12:
43:b7:32:b0:58:02:d7:35:9e:f8:02:2f:84:02:1f:
9e:b8:be:00:26:db:70:bd:e7:d0:61:0f:62:1f:2c:
cc:8a:89:95:89:5e:d9:ac:cb:65:80:9b:69:bd:78:
ed:cf:74:36:e7:37:fd:57:a5:55:8d:2b:cf:7f:0a:
c0:c2:b0:ef:78:bf:dc:7c:26:90:aa:bd:37:c0:b2:
1c:24:47:2d:ae:6a:9c:81:03:8a:bf:d2:58:ac:0f:
37:d0:bb:ce:06:d7:4e:65:68:aa:f0:e2:1f:3e:d7:
1f:b4:e1:04:4c:b9:d4:70:86:e8:47:46:f4:b1:5d:
fe:7c:71:a4:a3:1c:9f:25:d0:a0:ec:86:2a:ca:a3:
38:08:91:4f:94:ae:ba:a5:e4:52:ab:c5:b0:e8:22:
10:0e:c6:12:e7:21:49:8f:de:34:58:af:0b:2b:6c:
03:95:4b:5d:fc:37:fd:58:c9:66:ba:31:ce:dc:4c:
b0:92:a2:d9:1d:5a:87:ce:a4:78:32:49:e6:c5:ca:
37:ea:98:e0:b0:73:e3:62:f7:43:a1:60:42:b2:f7:
3c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:CD:7F:F7:A0:81:71:42:DE:AA:10:66:F8:1B:AF:8F:6D:27:53:DE
X509v3 Authority Key Identifier:
keyid:B9:04:22:55:9B:58:C4:DA:A8:9F:22:4D:49:C7:1F:F4:4F:9B:CA:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/uQQiVZtYxNqonyJNSccf9E-byjQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uQQiVZtYxNqonyJNSccf9E-byjQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/6DB3AB6206A611F0B1BDBF81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.93.33.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:a6:c9:57:0e:95:ea:c6:9b:df:04:17:6d:98:c7:61:50:1f:
0d:86:c8:3b:af:81:e9:b2:50:65:c5:ae:4d:de:fb:3f:72:db:
86:06:4b:2d:a2:2e:2a:c9:3b:53:b9:fb:f8:31:f7:6d:c3:5f:
8f:7d:ac:96:1d:9b:95:02:ad:f0:99:c3:7b:fb:dd:33:06:eb:
4a:6e:9b:b0:02:e6:1e:5b:93:df:02:74:0b:a9:b5:6e:0d:3d:
4f:f8:80:31:8a:c5:03:71:18:83:17:4e:d5:a2:4b:79:db:ff:
86:cd:b6:7f:de:f5:ed:97:19:89:31:00:b1:73:b5:c5:6c:eb:
d4:ca:6c:13:90:34:ae:0a:19:f1:13:36:c7:a4:38:33:07:1d:
c0:bf:18:92:9f:fa:1f:f7:37:cf:b4:23:51:30:9d:36:78:1b:
2f:da:51:57:0e:0f:13:1e:67:90:1f:b5:b7:56:e3:37:47:4c:
a3:cd:50:15:3e:86:e2:63:6f:23:fd:cb:51:f9:05:53:62:ac:
d3:03:c0:1a:e5:e4:dc:6b:b9:d8:ca:6b:a6:ea:11:95:92:df:
c3:13:61:23:5e:88:4d:02:54:68:a8:b4:22:15:a5:a2:d0:37:
ea:2a:8e:d0:8c:35:8e:67:e9:5e:ca:a9:92:60:13:67:76:91:
aa:25:4c:95
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAZkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE3MjMxMTAvBgNVBAUTKEI5MDQyMjU1OUI1OEM0REFBODlGMjI0RDQ5QzcxRkY0
NEY5QkNBMzQwHhcNMjUwMzIxMjI0NzEyWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RkZWM3MC0xZWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3KgEwrZd/IZL6OWAJNl/FO3rmA94n1fCiGxBdpS+y6OtCdoObkViUCTeORJD
tzKwWALXNZ74Ai+EAh+euL4AJttwvefQYQ9iHyzMiomViV7ZrMtlgJtpvXjtz3Q2
5zf9V6VVjSvPfwrAwrDveL/cfCaQqr03wLIcJEctrmqcgQOKv9JYrA830LvOBtdO
ZWiq8OIfPtcftOEETLnUcIboR0b0sV3+fHGkoxyfJdCg7IYqyqM4CJFPlK66peRS
q8Ww6CIQDsYS5yFJj940WK8LK2wDlUtd/Df9WMlmujHO3EywkqLZHVqHzqR4Mknm
xco36pjgsHPjYvdDoWBCsvc8bwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOzNf/eg
gXFC3qoQZvgbr49tJ1PeMB8GA1UdIwQYMBaAFLkEIlWbWMTaqJ8iTUnHH/RPm8o0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTcyMy8yQ0Q3RjVDOEIy
N0QxMUVEODg1NkZBODFDNEY5QUUwMi91UVFpVlp0WXhOcW9ueUpOU2NjZjlFLWJ5
alEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VRUWlWWnRZeE5xb255Sk5TY2NmOUUtYnlqUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE3MjMvMkNEN0Y1QzhCMjdEMTFFRDg4NTZGQTgxQzRGOUFFMDIvNkRCM0FCNjIw
NkE2MTFGMEIxQkRCRjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnXSEwDQYJKoZIhvcNAQELBQADggEBAKumyVcOlerGm98E
F22Yx2FQHw2GyDuvgemyUGXFrk3e+z9y24YGSy2iLirJO1O5+/gx923DX499rJYd
m5UCrfCZw3v73TMG60pum7AC5h5bk98CdAuptW4NPU/4gDGKxQNxGIMXTtWiS3nb
/4bNtn/e9e2XGYkxALFztcVs69TKbBOQNK4KGfETNsekODMHHcC/GJKf+h/3N8+0
I1EwnTZ4Gy/aUVcODxMeZ5AftbdW4zdHTKPNUBU+huJjbyP9y1H5BVNirNMDwBrl
5NxrudjKa6bqEZWS38MTYSNeiE0CVGiotCIVpaLQN+oqjtCMNY5n6V7KqZJgE2d2
kaolTJU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:04:46 2025 by rpki-client