Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/067B1AAA70C611EF8080566DC4F9AE02.roa
File: 067B1AAA70C611EF8080566DC4F9AE02.roa (raw, json)
Hash identifier: ap536R4mDpEQmVBUvi08sdQ4AGgP2k0XYVc0G1WQzN4=
Subject key identifier: 99:E2:67:4B:F5:FB:1B:1F:64:A2:EC:BB:13:00:F4:FD:F8:BF:10:25
Certificate issuer: /CN=A91941E9/serialNumber=05AD3E4AA1961BA7ECBE02935725C25CD26BD6BC
Certificate serial: 0738
Authority key identifier: 05:AD:3E:4A:A1:96:1B:A7:EC:BE:02:93:57:25:C2:5C:D2:6B:D6:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/067B1AAA70C611EF8080566DC4F9AE02.roa
Signing time: Thu 12 Sep 2024 05:15:29 +0000
ROA not before: Thu 12 Sep 2024 05:15:29 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 17408
IP address blocks: 103.154.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1848 (0x738)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91941E9
Validity
Not Before: Sep 12 05:15:29 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66e278f0-c32b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:71:16:6d:8e:93:ac:58:b6:51:04:2f:f8:c1:
d5:34:2a:db:dc:30:1c:36:d9:fd:02:46:4f:c2:13:
54:80:a2:4f:58:64:a8:2d:f4:bf:3f:a7:20:ba:4b:
c4:ea:f7:56:71:30:1a:ec:11:c0:a8:5e:26:d3:f0:
1e:2a:22:f6:9d:8d:43:32:23:cc:8a:9e:1d:34:04:
b1:fe:be:64:50:10:f9:76:94:d4:8c:f9:f7:22:04:
ee:29:ef:6f:23:7a:64:e5:64:15:aa:ca:f6:06:56:
ce:cc:0c:e6:ac:f7:06:a0:9c:60:f0:19:0e:1d:d1:
89:75:5d:aa:f0:d6:15:db:8d:29:71:3f:61:ce:87:
76:7c:0c:ac:d7:aa:50:20:90:f3:07:b2:68:b2:03:
32:b9:0e:3c:b1:b6:c3:b7:d5:4b:f3:10:a8:26:35:
5f:65:64:49:ad:27:28:de:39:60:77:46:34:62:11:
d8:60:42:ee:52:cc:59:28:76:f7:e3:09:11:61:76:
b6:0c:b0:72:98:84:40:1f:cc:3d:e0:db:04:9a:80:
dc:39:d5:54:29:80:19:ec:8a:71:6d:e2:2e:33:cd:
98:f8:ca:a8:33:1c:54:0c:1b:df:16:71:f8:6b:b1:
f0:a8:3a:50:09:cb:97:83:c4:7a:f8:e7:bd:14:5a:
36:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E2:67:4B:F5:FB:1B:1F:64:A2:EC:BB:13:00:F4:FD:F8:BF:10:25
X509v3 Authority Key Identifier:
keyid:05:AD:3E:4A:A1:96:1B:A7:EC:BE:02:93:57:25:C2:5C:D2:6B:D6:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/067B1AAA70C611EF8080566DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.154.21.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:f2:1f:cd:c4:03:f6:22:2a:5c:2a:fe:91:63:f2:1e:3c:64:
b0:de:b3:62:d3:e8:16:5f:8e:ac:19:ea:c9:24:ab:93:e5:01:
1c:93:08:e6:3a:88:60:1e:8b:42:b6:c5:4a:1f:ef:ae:a0:b0:
d9:6d:a6:b0:bc:81:38:e5:e2:25:95:3e:d9:94:a6:59:d8:94:
bc:5c:f8:33:ac:f4:98:15:ad:db:82:44:cc:b2:36:0d:5d:f0:
fe:09:78:20:8e:fb:1a:eb:5f:7c:59:1f:b0:76:6d:72:b1:b0:
de:40:52:71:7f:92:68:86:bf:4e:c1:1e:e6:03:6b:59:da:77:
9f:4c:79:41:5e:7f:14:41:c1:14:66:c0:6d:5e:c9:55:27:37:
74:39:52:57:29:b3:83:d4:59:c0:5a:9b:cc:f9:80:3b:92:89:
80:15:46:2c:c2:81:94:85:a1:51:c7:7c:7f:f9:de:1a:16:4a:
91:8c:d3:b4:59:34:05:27:67:c6:80:c6:74:cf:e0:d7:bc:c3:
c4:44:0e:e0:fc:eb:6e:43:c2:38:fc:5f:d9:da:81:93:2f:3c:
e8:32:19:b6:55:d4:9e:1d:51:a6:e2:9a:fb:00:48:af:b8:59:
74:9b:11:d5:3f:a5:be:ca:fb:93:f7:18:62:98:8d:3f:27:8d:
76:93:f7:26
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBzgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTQxRTkxMTAvBgNVBAUTKDA1QUQzRTRBQTE5NjFCQTdFQ0JFMDI5MzU3MjVDMjVD
RDI2QkQ2QkMwHhcNMjQwOTEyMDUxNTI5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmUyNzhmMC1jMzJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx3EWbY6TrFi2UQQv+MHVNCrb3DAcNtn9AkZPwhNUgKJPWGSoLfS/P6cgukvE
6vdWcTAa7BHAqF4m0/AeKiL2nY1DMiPMip4dNASx/r5kUBD5dpTUjPn3IgTuKe9v
I3pk5WQVqsr2BlbOzAzmrPcGoJxg8BkOHdGJdV2q8NYV240pcT9hzod2fAys16pQ
IJDzB7JosgMyuQ48sbbDt9VL8xCoJjVfZWRJrSco3jlgd0Y0YhHYYELuUsxZKHb3
4wkRYXa2DLBymIRAH8w94NsEmoDcOdVUKYAZ7IpxbeIuM82Y+MqoMxxUDBvfFnH4
a7HwqDpQCcuXg8R6+Oe9FFo2UwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJniZ0v1
+xsfZKLsuxMA9P34vxAlMB8GA1UdIwQYMBaAFAWtPkqhlhun7L4Ck1clwlzSa9a8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDFFOS9EQUQ4RkI4MDA3
OTAxMUVCQkI5OEMwNzZDNEY5QUUwMi9CYTAtU3FHV0c2ZnN2Z0tUVnlYQ1hOSnIx
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JhMC1TcUdXRzZmc3ZnS1RWeVhDWE5KcjFydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTQxRTkvREFEOEZCODAwNzkwMTFFQkJCOThDMDc2QzRGOUFFMDIvMDY3QjFBQUE3
MEM2MTFFRjgwODA1NjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnmhUwDQYJKoZIhvcNAQELBQADggEBAAryH83EA/YiKlwq
/pFj8h48ZLDes2LT6BZfjqwZ6skkq5PlARyTCOY6iGAei0K2xUof766gsNltprC8
gTjl4iWVPtmUplnYlLxc+DOs9JgVrduCRMyyNg1d8P4JeCCO+xrrX3xZH7B2bXKx
sN5AUnF/kmiGv07BHuYDa1nad59MeUFefxRBwRRmwG1eyVUnN3Q5Ulcps4PUWcBa
m8z5gDuSiYAVRizCgZSFoVHHfH/53hoWSpGM07RZNAUnZ8aAxnTP4Ne8w8REDuD8
625Dwjj8X9nagZMvPOgyGbZV1J4dUabimvsASK+4WXSbEdU/pb7K+5P3GGKYjT8n
jXaT9yY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:56:11 2025 by rpki-client