Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF66D/511A892E71A811EEB437F181C4F9AE02/C2D66F8271A911EEAEEE351CC4F9AE02.roa
File: C2D66F8271A911EEAEEE351CC4F9AE02.roa (raw, json)
Hash identifier: 182Ac4fyaiVrniCYLGV61RP5qpWrfJewUwg3lX5zumg=
Subject key identifier: DB:F8:78:E3:EC:5D:0F:1C:86:9E:5A:E5:BB:E6:F7:D5:93:42:0E:87
Certificate issuer: /CN=A91EF66D/serialNumber=AA9A0DCB5131392D7196A84418A8A84645531F97
Certificate serial: E0
Authority key identifier: AA:9A:0D:CB:51:31:39:2D:71:96:A8:44:18:A8:A8:46:45:53:1F:97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qpoNy1ExOS1xlqhEGKioRkVTH5c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF66D/511A892E71A811EEB437F181C4F9AE02/C2D66F8271A911EEAEEE351CC4F9AE02.roa
Signing time: Fri 13 Dec 2024 04:08:28 +0000
ROA not before: Fri 13 Dec 2024 04:08:28 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 132060
IP address blocks: 103.67.76.0/24 maxlen: 24
103.67.77.0/24 maxlen: 24
2001:df3:ec0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 224 (0xe0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF66D
Validity
Not Before: Dec 13 04:08:28 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=675bb33c-84a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4f:ee:70:af:96:cc:f5:23:32:06:4d:c3:db:
84:56:48:da:cd:bc:12:d9:50:19:4b:38:b9:b9:c7:
52:87:b2:20:5e:00:3d:04:0e:36:ca:4c:2f:06:54:
6a:b4:c8:65:e1:b5:42:74:39:1d:1c:90:93:ba:72:
7d:35:14:67:d2:57:f0:53:a9:f0:c2:1d:55:f6:9d:
6d:12:40:82:6e:8d:aa:46:da:4c:7c:cf:cb:b4:bf:
5c:9a:5b:07:67:d5:b4:1c:97:d2:34:ad:8a:d6:bd:
94:d0:e5:a2:04:f3:aa:e0:af:8c:e8:5c:a1:69:64:
40:f8:7b:42:5f:67:12:e4:2c:67:a7:7f:da:9c:ba:
0e:0b:8a:77:34:29:bd:a5:ff:71:03:3d:6e:bd:06:
71:5d:00:4b:f3:7d:2a:3a:7c:59:23:ca:1d:51:96:
02:e6:b2:d4:fa:d7:ff:42:33:71:46:d2:0d:82:7a:
04:23:10:75:34:8c:fe:9e:b2:a6:17:a8:6e:56:f2:
4a:24:a0:65:d0:0d:5c:0d:17:9a:72:4c:e3:d8:16:
9e:fc:3c:87:ec:c4:11:60:66:25:11:55:18:8b:bf:
06:80:16:93:d1:a7:e6:7b:f5:bd:13:d2:25:d8:26:
01:0f:79:5b:f4:aa:db:e1:f5:84:29:ef:6c:c0:e3:
2d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F8:78:E3:EC:5D:0F:1C:86:9E:5A:E5:BB:E6:F7:D5:93:42:0E:87
X509v3 Authority Key Identifier:
keyid:AA:9A:0D:CB:51:31:39:2D:71:96:A8:44:18:A8:A8:46:45:53:1F:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF66D/511A892E71A811EEB437F181C4F9AE02/qpoNy1ExOS1xlqhEGKioRkVTH5c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qpoNy1ExOS1xlqhEGKioRkVTH5c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF66D/511A892E71A811EEB437F181C4F9AE02/C2D66F8271A911EEAEEE351CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.67.76.0/23
IPv6:
2001:df3:ec0::/48
Signature Algorithm: sha256WithRSAEncryption
3b:85:3c:11:f1:f9:26:2a:4c:f1:52:75:f9:ff:ef:0b:83:ad:
86:35:f2:03:f3:de:83:36:e8:d5:49:0b:b5:d5:60:97:85:0d:
4d:7c:a0:5a:ff:c7:af:d8:b9:30:26:09:2e:91:97:8e:f7:62:
78:f6:aa:31:65:a7:35:e5:49:39:c5:bd:65:d0:f0:7e:53:90:
06:59:66:64:e4:99:fd:85:c8:69:62:62:e2:2b:46:24:aa:00:
38:59:4a:10:62:96:4e:c6:7d:68:6a:d9:14:5e:7f:a7:90:c1:
29:12:df:4b:e3:ee:64:b8:e4:8d:63:38:23:ec:67:e5:38:21:
5b:ea:e9:f8:c1:13:b6:40:b9:16:8c:fb:45:d1:1d:d9:dd:f6:
90:f3:0e:b1:a1:f0:26:8b:98:f0:88:88:1d:4a:4c:cb:e9:ae:
d5:a1:53:c2:f4:6c:c6:a3:d7:ff:49:a5:ef:14:ba:a7:f1:8a:
c7:5e:85:67:d4:f9:31:90:d5:d8:cd:af:4c:e7:de:6c:8e:dd:
08:76:7f:f1:da:72:4c:aa:5a:b0:7d:f8:0b:d8:c8:91:e9:53:
19:c2:21:b3:5a:04:4c:e3:c4:ae:d5:0c:3f:dc:dd:61:16:6f:
93:ff:37:de:89:86:14:b0:eb:fb:fc:57:71:57:7e:cd:9f:13:
23:82:95:28
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUY2NkQxMTAvBgNVBAUTKEFBOUEwRENCNTEzMTM5MkQ3MTk2QTg0NDE4QThBODQ2
NDU1MzFGOTcwHhcNMjQxMjEzMDQwODI4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzViYjMzYy04NGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoE/ucK+WzPUjMgZNw9uEVkjazbwS2VAZSzi5ucdSh7IgXgA9BA42ykwvBlRq
tMhl4bVCdDkdHJCTunJ9NRRn0lfwU6nwwh1V9p1tEkCCbo2qRtpMfM/LtL9cmlsH
Z9W0HJfSNK2K1r2U0OWiBPOq4K+M6FyhaWRA+HtCX2cS5Cxnp3/anLoOC4p3NCm9
pf9xAz1uvQZxXQBL830qOnxZI8odUZYC5rLU+tf/QjNxRtINgnoEIxB1NIz+nrKm
F6huVvJKJKBl0A1cDReackzj2Bae/DyH7MQRYGYlEVUYi78GgBaT0afme/W9E9Il
2CYBD3lb9Krb4fWEKe9swOMtVQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNv4eOPs
XQ8chp5a5bvm99WTQg6HMB8GA1UdIwQYMBaAFKqaDctRMTktcZaoRBioqEZFUx+X
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjY2RC81MTFBODkyRTcx
QTgxMUVFQjQzN0YxODFDNEY5QUUwMi9xcG9OeTFFeE9TMXhscWhFR0tpb1JrVlRI
NWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Fwb055MUV4T1MxeGxxaEVHS2lvUmtWVEg1Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUY2NkQvNTExQTg5MkU3MUE4MTFFRUI0MzdGMTgxQzRGOUFFMDIvQzJENjZGODI3
MUE5MTFFRUFFRUUzNTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnQ0wwDwQCAAIwCQMHACABDfMOwDANBgkqhkiG9w0BAQsF
AAOCAQEAO4U8EfH5JipM8VJ1+f/vC4OthjXyA/Pegzbo1UkLtdVgl4UNTXygWv/H
r9i5MCYJLpGXjvdiePaqMWWnNeVJOcW9ZdDwflOQBllmZOSZ/YXIaWJi4itGJKoA
OFlKEGKWTsZ9aGrZFF5/p5DBKRLfS+PuZLjkjWM4I+xn5TghW+rp+METtkC5Foz7
RdEd2d32kPMOsaHwJouY8IiIHUpMy+mu1aFTwvRsxqPX/0ml7xS6p/GKx16FZ9T5
MZDV2M2vTOfebI7dCHZ/8dpyTKpasH34C9jIkelTGcIhs1oETOPErtUMP9zdYRZv
k/833omGFLDr+/xXcVd+zZ8TI4KVKA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:17:50 2025 by rpki-client