Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/34BB892E449C11EEB60E1441C4F9AE02.roa
File: 34BB892E449C11EEB60E1441C4F9AE02.roa (raw, json)
Hash identifier: XQvlP4Z6PPDTvpFje+rE615QVj8K/dlNzggLZwnPCHY=
Subject key identifier: 27:D7:E7:5B:BA:CB:30:8A:9E:6B:E2:14:CD:B2:A8:D1:B8:65:D4:AC
Certificate issuer: /CN=A91FD64D/serialNumber=B4B18A253FB6293437116635DDDD199428B68D5B
Certificate serial: 0186
Authority key identifier: B4:B1:8A:25:3F:B6:29:34:37:11:66:35:DD:DD:19:94:28:B6:8D:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/34BB892E449C11EEB60E1441C4F9AE02.roa
Signing time: Mon 03 Feb 2025 02:56:10 +0000
ROA not before: Mon 03 Feb 2025 02:56:10 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133148
IP address blocks: 103.66.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 390 (0x186)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FD64D
Validity
Not Before: Feb 3 02:56:10 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a0304a-c3b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4e:71:eb:92:56:d5:72:e5:bc:f7:72:0f:a2:
f8:ec:f0:50:69:0f:e2:a3:35:cc:42:55:04:7b:dc:
a2:93:e5:9c:b2:f5:78:a0:3e:12:5e:c7:80:b3:7d:
26:7b:f6:f1:69:ac:d7:69:9c:c9:63:96:22:58:64:
49:c2:be:d0:72:52:d0:69:e1:c2:26:d9:bd:5d:be:
98:03:b6:54:cc:12:f9:19:77:47:4c:95:e2:22:d3:
b4:2d:9a:2b:7e:11:d2:02:33:9a:46:57:1e:b2:41:
b2:c0:fa:b6:46:a8:c1:a3:67:48:23:6b:f1:02:51:
7d:2a:8c:7b:95:98:35:fa:0a:80:0a:40:98:ce:de:
ca:b3:83:15:dd:fd:ce:a8:ce:1f:af:93:37:0c:21:
53:ea:1d:f5:43:39:f4:ac:dd:62:a5:ad:b9:50:01:
0f:e0:77:89:c0:fc:d3:15:a0:64:e9:a3:99:cc:30:
2d:99:56:3e:a0:bc:c3:c2:76:d9:b6:66:56:4c:b1:
ec:21:01:fe:ad:20:db:24:bd:37:6d:3e:df:5f:fb:
c8:f9:fa:49:1d:91:c5:2b:41:96:85:86:95:8d:cc:
03:c1:9b:be:c8:36:da:48:63:49:98:96:c9:47:58:
d3:2c:6e:fb:3d:68:8a:21:73:67:99:8f:8e:03:44:
cd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:D7:E7:5B:BA:CB:30:8A:9E:6B:E2:14:CD:B2:A8:D1:B8:65:D4:AC
X509v3 Authority Key Identifier:
keyid:B4:B1:8A:25:3F:B6:29:34:37:11:66:35:DD:DD:19:94:28:B6:8D:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/34BB892E449C11EEB60E1441C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.229.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:b2:fe:a7:a7:18:86:39:40:a0:e7:6f:d5:02:9d:71:75:7b:
b0:93:73:05:bd:3b:cd:c5:1e:bf:b3:78:c2:2b:6f:d0:e2:27:
99:eb:a3:fd:78:5c:85:27:a2:68:92:f2:28:49:38:2b:72:ca:
a2:17:75:d3:74:fb:88:53:f5:37:cc:40:8b:f1:6e:3f:91:02:
bf:e4:47:63:3c:d3:94:06:ea:0d:28:47:fa:70:ef:85:98:e4:
13:5e:9b:b2:a2:c2:62:56:ed:31:d1:3b:cd:2a:f2:80:fc:84:
b7:37:66:a0:8e:f3:dc:13:44:71:c5:8c:03:98:74:a3:35:f1:
ba:9a:44:78:20:78:1d:56:26:0f:fa:b1:f8:61:28:f6:05:66:
ad:77:09:af:d7:54:cb:8a:f2:04:7e:be:c5:3c:aa:a5:1a:cd:
41:d2:ab:ad:53:b9:01:d3:e7:10:5f:42:ec:97:f8:6d:d1:82:
59:62:18:4d:21:97:ca:d7:36:80:de:9c:67:77:50:3d:0c:d8:
82:fd:65:f8:b4:75:69:7d:63:ba:9e:86:73:3f:50:8c:35:ca:
c1:a2:4f:0d:34:50:2f:f7:e9:ee:1a:46:71:2a:c9:6a:ef:af:
ea:45:64:3d:5c:da:f3:1d:e4:bf:d9:df:0f:3f:e0:cd:5f:20:
ba:6c:a5:f7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAYYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkQ2NEQxMTAvBgNVBAUTKEI0QjE4QTI1M0ZCNjI5MzQzNzExNjYzNUREREQxOTk0
MjhCNjhENUIwHhcNMjUwMjAzMDI1NjEwWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EwMzA0YS1jM2I2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApU5x65JW1XLlvPdyD6L47PBQaQ/iozXMQlUEe9yik+WcsvV4oD4SXseAs30m
e/bxaazXaZzJY5YiWGRJwr7QclLQaeHCJtm9Xb6YA7ZUzBL5GXdHTJXiItO0LZor
fhHSAjOaRlceskGywPq2RqjBo2dII2vxAlF9Kox7lZg1+gqACkCYzt7Ks4MV3f3O
qM4fr5M3DCFT6h31Qzn0rN1ipa25UAEP4HeJwPzTFaBk6aOZzDAtmVY+oLzDwnbZ
tmZWTLHsIQH+rSDbJL03bT7fX/vI+fpJHZHFK0GWhYaVjcwDwZu+yDbaSGNJmJbJ
R1jTLG77PWiKIXNnmY+OA0TNkQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCfX51u6
yzCKnmviFM2yqNG4ZdSsMB8GA1UdIwQYMBaAFLSxiiU/tik0NxFmNd3dGZQoto1b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRDY0RC8zNzA3ODZDODk5
OTQxMUVEODU2NzMxMUZDNEY5QUUwMi90TEdLSlQtMktUUTNFV1kxM2QwWmxDaTJq
VnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RMR0tKVC0yS1RRM0VXWTEzZDBabENpMmpWcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkQ2NEQvMzcwNzg2Qzg5OTk0MTFFRDg1NjczMTFGQzRGOUFFMDIvMzRCQjg5MkU0
NDlDMTFFRUI2MEUxNDQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnQuUwDQYJKoZIhvcNAQELBQADggEBAMqy/qenGIY5QKDn
b9UCnXF1e7CTcwW9O83FHr+zeMIrb9DiJ5nro/14XIUnomiS8ihJOCtyyqIXddN0
+4hT9TfMQIvxbj+RAr/kR2M805QG6g0oR/pw74WY5BNem7KiwmJW7THRO80q8oD8
hLc3ZqCO89wTRHHFjAOYdKM18bqaRHggeB1WJg/6sfhhKPYFZq13Ca/XVMuK8gR+
vsU8qqUazUHSq61TuQHT5xBfQuyX+G3RglliGE0hl8rXNoDenGd3UD0M2IL9Zfi0
dWl9Y7qehnM/UIw1ysGiTw00UC/36e4aRnEqyWrvr+pFZD1c2vMd5L/Z3w8/4M1f
ILpspfc=
-----END CERTIFICATE-----
Generated at Fri Apr 11 20:47:23 2025 by rpki-client