Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9122010/EA021A94D53F11EEA8D6240FC4F9AE02/2FA91770D61A11EE9BDDD627C4F9AE02.roa
File: 2FA91770D61A11EE9BDDD627C4F9AE02.roa (raw, json)
Hash identifier: Y2k2zpzO5L2UX1/syfcTHwfwkADI2HQTu1qn6JdDuuE=
Subject key identifier: 40:C0:02:C1:FE:BA:C7:93:E2:B4:D5:99:82:B7:52:0B:5C:A5:A0:2B
Certificate issuer: /CN=A9122010/serialNumber=A609A94E6A2101BAF95C8C2F55CEC417925BEFCF
Certificate serial: 97
Authority key identifier: A6:09:A9:4E:6A:21:01:BA:F9:5C:8C:2F:55:CE:C4:17:92:5B:EF:CF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pgmpTmohAbr5XIwvVc7EF5Jb788.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9122010/EA021A94D53F11EEA8D6240FC4F9AE02/2FA91770D61A11EE9BDDD627C4F9AE02.roa
Signing time: Wed 11 Dec 2024 05:19:07 +0000
ROA not before: Wed 11 Dec 2024 05:19:07 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 13335
IP address blocks: 103.160.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151 (0x97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9122010
Validity
Not Before: Dec 11 05:19:07 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675920cb-64b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:46:0c:6a:e0:6c:5b:2e:91:88:b6:d5:12:6d:
d0:8b:56:69:37:e7:cd:c3:b8:1d:7a:e1:e3:c8:84:
f4:a5:70:bd:b6:1d:b3:2b:ba:50:c5:7d:c7:f4:5a:
50:73:1c:1f:4d:07:09:dd:8f:2a:af:9d:b6:90:aa:
14:67:36:3f:b1:d9:20:9c:51:94:02:40:33:1c:92:
f6:74:3c:ac:01:05:9d:c3:10:66:3d:21:36:84:b4:
80:27:27:7c:4d:3b:8b:ef:f2:45:c4:3b:d3:cb:67:
60:8a:5b:80:05:91:3e:d8:83:4e:17:cf:80:98:cd:
ac:ca:d0:48:87:9c:56:cb:59:18:01:54:6f:51:6a:
40:ff:52:15:47:16:60:7e:12:70:59:51:78:73:d4:
ab:c5:5f:c6:34:67:77:89:fe:d9:5d:0c:da:6a:cb:
c7:46:e3:36:e7:14:34:cd:29:8a:43:b1:73:ec:fb:
2c:0e:91:95:2d:e8:e5:c6:39:8d:06:3d:a3:de:3c:
0b:b2:71:60:68:6a:61:50:a4:a4:d0:76:5d:5f:0f:
8d:dd:f5:85:87:9b:98:12:0f:01:ec:c4:dc:cc:17:
6a:3d:ff:b6:94:70:e6:59:8b:c8:09:c5:2c:42:8e:
5e:f4:42:07:8b:39:7e:3c:44:ff:bb:9e:62:de:c4:
1d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C0:02:C1:FE:BA:C7:93:E2:B4:D5:99:82:B7:52:0B:5C:A5:A0:2B
X509v3 Authority Key Identifier:
keyid:A6:09:A9:4E:6A:21:01:BA:F9:5C:8C:2F:55:CE:C4:17:92:5B:EF:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9122010/EA021A94D53F11EEA8D6240FC4F9AE02/pgmpTmohAbr5XIwvVc7EF5Jb788.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pgmpTmohAbr5XIwvVc7EF5Jb788.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122010/EA021A94D53F11EEA8D6240FC4F9AE02/2FA91770D61A11EE9BDDD627C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.141.0/24
Signature Algorithm: sha256WithRSAEncryption
96:5a:43:a4:80:fc:90:9f:98:0f:0c:50:57:50:6b:bc:33:e5:
17:c2:df:bb:5d:93:47:a0:31:69:12:31:bb:af:80:61:95:33:
ad:35:ba:73:95:e8:63:c8:ab:85:11:38:c8:38:3c:1e:ee:2b:
a0:a8:de:53:fb:3e:d1:e7:c5:d5:af:ce:6e:4c:76:1a:a2:70:
c7:23:8a:96:f6:2d:35:26:3a:2c:f1:84:c9:4b:16:62:d7:63:
89:4e:6e:9a:c1:32:43:2b:24:92:2e:c9:0e:75:7f:35:a2:e9:
0b:98:3e:cd:0d:43:b0:9f:06:a5:50:4a:8e:15:cf:d5:29:c0:
2f:bc:bf:45:4c:21:88:64:ad:dd:12:f2:ad:6c:4a:78:b7:e3:
38:84:90:d6:3d:1d:f7:da:f6:42:41:26:0f:80:dd:f8:6a:08:
3a:0b:28:4c:04:52:49:f3:1f:24:b7:1b:81:a1:9f:cf:46:84:
99:68:35:9f:5f:23:ae:e9:2d:24:48:57:56:3d:27:77:30:3c:
5e:27:a9:f1:1f:af:94:84:1d:f1:05:48:86:2e:04:4f:95:8f:
0a:98:47:8c:87:28:5b:6f:68:92:ce:aa:5e:f6:ad:43:c9:23:
04:ba:d6:09:62:9d:83:7c:10:30:02:ee:a0:0f:ba:2b:11:07:
f5:4a:61:1a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjIwMTAxMTAvBgNVBAUTKEE2MDlBOTRFNkEyMTAxQkFGOTVDOEMyRjU1Q0VDNDE3
OTI1QkVGQ0YwHhcNMjQxMjExMDUxOTA3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU5MjBjYi02NGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxkYMauBsWy6RiLbVEm3Qi1ZpN+fNw7gdeuHjyIT0pXC9th2zK7pQxX3H9FpQ
cxwfTQcJ3Y8qr522kKoUZzY/sdkgnFGUAkAzHJL2dDysAQWdwxBmPSE2hLSAJyd8
TTuL7/JFxDvTy2dgiluABZE+2INOF8+AmM2sytBIh5xWy1kYAVRvUWpA/1IVRxZg
fhJwWVF4c9SrxV/GNGd3if7ZXQzaasvHRuM25xQ0zSmKQ7Fz7PssDpGVLejlxjmN
Bj2j3jwLsnFgaGphUKSk0HZdXw+N3fWFh5uYEg8B7MTczBdqPf+2lHDmWYvICcUs
Qo5e9EIHizl+PET/u55i3sQdLQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEDAAsH+
useT4rTVmYK3UgtcpaArMB8GA1UdIwQYMBaAFKYJqU5qIQG6+VyML1XOxBeSW+/P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjAxMC9FQTAyMUE5NEQ1
M0YxMUVFQThENjI0MEZDNEY5QUUwMi9wZ21wVG1vaEFicjVYSXd2VmM3RUY1SmI3
ODguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BnbXBUbW9oQWJyNVhJd3ZWYzdFRjVKYjc4OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjIwMTAvRUEwMjFBOTRENTNGMTFFRUE4RDYyNDBGQzRGOUFFMDIvMkZBOTE3NzBE
NjFBMTFFRTlCRERENjI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnoI0wDQYJKoZIhvcNAQELBQADggEBAJZaQ6SA/JCfmA8M
UFdQa7wz5RfC37tdk0egMWkSMbuvgGGVM601unOV6GPIq4UROMg4PB7uK6Co3lP7
PtHnxdWvzm5MdhqicMcjipb2LTUmOizxhMlLFmLXY4lObprBMkMrJJIuyQ51fzWi
6QuYPs0NQ7CfBqVQSo4Vz9UpwC+8v0VMIYhkrd0S8q1sSni34ziEkNY9Hffa9kJB
Jg+A3fhqCDoLKEwEUknzHyS3G4Ghn89GhJloNZ9fI67pLSRIV1Y9J3cwPF4nqfEf
r5SEHfEFSIYuBE+VjwqYR4yHKFtvaJLOql72rUPJIwS61glinYN8EDAC7qAPuisR
B/VKYRo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:38:28 2025 by rpki-client