Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D61DF/0D0C5F741C6611EE9A132B84C4F9AE02/1D52E8E860D711EEA524AE64C4F9AE02.roa
File: 1D52E8E860D711EEA524AE64C4F9AE02.roa (raw, json)
Hash identifier: GbdpkuqmY37s9wPgW3tN3BtEev3tZBJWQSfg/vR2zzo=
Subject key identifier: DA:E1:F8:C4:04:2B:05:81:C3:37:6C:66:28:64:0C:82:6D:9D:1B:49
Certificate issuer: /CN=A91D61DF/serialNumber=15BF210B73781D5CC0BE99BD39D70B2FEB4EB86C
Certificate serial: 0144
Authority key identifier: 15:BF:21:0B:73:78:1D:5C:C0:BE:99:BD:39:D7:0B:2F:EB:4E:B8:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fb8hC3N4HVzAvpm9OdcLL-tOuGw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D61DF/0D0C5F741C6611EE9A132B84C4F9AE02/1D52E8E860D711EEA524AE64C4F9AE02.roa
Signing time: Sun 09 Mar 2025 03:50:10 +0000
ROA not before: Sun 09 Mar 2025 03:50:10 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 141199
IP address blocks: 103.160.146.0/24 maxlen: 24
2001:df1:ea40::/48 maxlen: 50
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 324 (0x144)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D61DF
Validity
Not Before: Mar 9 03:50:10 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67cd0ff2-c1b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c3:62:b9:3c:8b:85:83:46:2d:65:15:c1:74:
7b:d0:7d:a1:22:b5:17:4a:65:34:eb:bc:81:8e:71:
04:d6:98:d0:40:31:cd:1c:64:70:a3:71:7a:5e:cb:
3c:2d:cb:c7:87:7e:f3:5c:dc:50:d2:87:dd:3a:bc:
3d:f6:30:11:3a:e8:e0:e5:c0:1a:da:4d:3b:5a:00:
d8:ef:23:44:40:86:44:92:8a:56:f9:9f:3b:f5:a1:
36:ee:99:60:9f:30:e3:e9:a1:bc:04:34:20:08:0d:
07:2f:d9:29:c7:a6:94:28:9c:5e:8b:99:aa:af:1d:
47:8d:5f:c5:f4:8e:7b:5d:aa:cf:13:e0:47:5d:bd:
5d:79:d7:d5:4b:6b:d6:1e:5f:d4:1a:5f:76:4c:02:
d4:a0:d3:76:74:20:c0:d0:74:d6:75:46:b6:14:5a:
0e:a9:98:95:5c:d3:a5:6f:f4:43:e1:ab:0f:30:a4:
d2:d9:d1:7c:c0:3c:3c:87:c4:47:14:1c:f8:d0:30:
d2:7e:ce:d1:62:41:cb:99:b2:27:83:9b:dc:45:8d:
b5:80:6b:38:ba:6e:fe:a3:99:68:09:b4:2d:af:1d:
a7:f3:e7:18:22:29:d9:5e:ea:4d:91:4e:c3:a8:12:
1c:66:8c:d0:35:21:bb:eb:57:e2:10:fe:2f:69:8b:
a4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E1:F8:C4:04:2B:05:81:C3:37:6C:66:28:64:0C:82:6D:9D:1B:49
X509v3 Authority Key Identifier:
keyid:15:BF:21:0B:73:78:1D:5C:C0:BE:99:BD:39:D7:0B:2F:EB:4E:B8:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D61DF/0D0C5F741C6611EE9A132B84C4F9AE02/Fb8hC3N4HVzAvpm9OdcLL-tOuGw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fb8hC3N4HVzAvpm9OdcLL-tOuGw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D61DF/0D0C5F741C6611EE9A132B84C4F9AE02/1D52E8E860D711EEA524AE64C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.146.0/24
IPv6:
2001:df1:ea40::/48
Signature Algorithm: sha256WithRSAEncryption
88:51:90:91:54:e4:14:a4:9c:39:49:7e:5d:89:d2:03:19:0e:
f8:11:04:77:71:67:68:dd:3b:f6:c6:62:25:a9:35:3e:13:34:
97:29:7f:60:00:18:72:05:0d:ac:62:95:46:a8:bc:fc:60:e7:
55:a2:bf:d4:b1:34:b6:96:fe:d0:69:ad:6a:80:8c:35:0c:12:
64:74:47:0b:96:e0:64:42:2d:18:dc:20:1b:f7:93:18:eb:a1:
b2:d0:39:2e:08:e4:6b:aa:de:d5:00:4c:23:51:42:b0:50:af:
86:82:cc:a0:ac:5b:c5:c3:22:ad:1b:fc:6c:0e:e0:a8:58:d8:
c5:70:22:3c:a5:f9:d2:f4:0a:81:f4:e7:a5:bd:b4:82:e7:13:
1d:0a:dc:69:d1:50:5d:57:dd:e3:2d:94:ff:7e:87:ea:b8:46:
94:56:fe:c1:ce:aa:f0:2d:c9:23:54:be:de:c4:d0:5c:1e:47:
d6:34:ff:ed:4a:a4:33:24:ba:6a:39:cf:91:3a:41:03:22:e6:
2d:a2:ae:e5:a8:b6:bf:a1:0e:26:ef:8e:67:6f:93:2f:de:f4:
88:28:d5:70:09:a2:31:8b:9f:04:ca:08:4a:0c:88:22:00:39:
75:11:9a:1b:8a:17:59:75:5d:c5:1c:c2:e7:36:20:81:8c:59:
5e:ca:8a:79
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAUQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDYxREYxMTAvBgNVBAUTKDE1QkYyMTBCNzM3ODFENUNDMEJFOTlCRDM5RDcwQjJG
RUI0RUI4NkMwHhcNMjUwMzA5MDM1MDEwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NkMGZmMi1jMWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtsNiuTyLhYNGLWUVwXR70H2hIrUXSmU067yBjnEE1pjQQDHNHGRwo3F6Xss8
LcvHh37zXNxQ0ofdOrw99jAROujg5cAa2k07WgDY7yNEQIZEkopW+Z879aE27plg
nzDj6aG8BDQgCA0HL9kpx6aUKJxei5mqrx1HjV/F9I57XarPE+BHXb1dedfVS2vW
Hl/UGl92TALUoNN2dCDA0HTWdUa2FFoOqZiVXNOlb/RD4asPMKTS2dF8wDw8h8RH
FBz40DDSfs7RYkHLmbIng5vcRY21gGs4um7+o5loCbQtrx2n8+cYIinZXupNkU7D
qBIcZozQNSG761fiEP4vaYukwQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNrh+MQE
KwWBwzdsZihkDIJtnRtJMB8GA1UdIwQYMBaAFBW/IQtzeB1cwL6ZvTnXCy/rTrhs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENjFERi8wRDBDNUY3NDFD
NjYxMUVFOUExMzJCODRDNEY5QUUwMi9GYjhoQzNONEhWekF2cG05T2RjTEwtdE91
R3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZiOGhDM040SFZ6QXZwbTlPZGNMTC10T3VHdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDYxREYvMEQwQzVGNzQxQzY2MTFFRTlBMTMyQjg0QzRGOUFFMDIvMUQ1MkU4RTg2
MEQ3MTFFRUE1MjRBRTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnoJIwDwQCAAIwCQMHACABDfHqQDANBgkqhkiG9w0BAQsF
AAOCAQEAiFGQkVTkFKScOUl+XYnSAxkO+BEEd3FnaN079sZiJak1PhM0lyl/YAAY
cgUNrGKVRqi8/GDnVaK/1LE0tpb+0GmtaoCMNQwSZHRHC5bgZEItGNwgG/eTGOuh
stA5Lgjka6re1QBMI1FCsFCvhoLMoKxbxcMirRv8bA7gqFjYxXAiPKX50vQKgfTn
pb20gucTHQrcadFQXVfd4y2U/36H6rhGlFb+wc6q8C3JI1S+3sTQXB5H1jT/7Uqk
MyS6ajnPkTpBAyLmLaKu5ai2v6EOJu+OZ2+TL970iCjVcAmiMYufBMoISgyIIgA5
dRGaG4oXWXVdxRzC5zYggYxZXsqKeQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:00:13 2025 by rpki-client