Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91112BC/EBCF168204F811E9BA502431C4F9AE02/F85A5EB6C33911E9A9463781C4F9AE02.roa
File: F85A5EB6C33911E9A9463781C4F9AE02.roa (raw, json)
Hash identifier: eq/Jdt+R7/hZ4YW911X1nuNYUDsfy1mJ/nRJ7y06DWU=
Subject key identifier: C4:87:96:B1:4C:2D:C1:11:02:5A:E7:28:76:64:D3:63:14:04:51:3F
Certificate issuer: /CN=A91112BC/serialNumber=6FF31B0659A6AE16C7A0A4EE0EE6A22910EC2E00
Certificate serial: 10E4
Authority key identifier: 6F:F3:1B:06:59:A6:AE:16:C7:A0:A4:EE:0E:E6:A2:29:10:EC:2E:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_MbBlmmrhbHoKTuDuaiKRDsLgA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91112BC/EBCF168204F811E9BA502431C4F9AE02/F85A5EB6C33911E9A9463781C4F9AE02.roa
Signing time: Mon 24 Jun 2024 17:57:52 +0000
ROA not before: Mon 24 Jun 2024 17:57:52 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 134221
IP address blocks: 103.59.48.0/22 maxlen: 22
103.59.48.0/24 maxlen: 24
103.59.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4324 (0x10e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91112BC
Validity
Not Before: Jun 24 17:57:52 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6679b3a0-3063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c0:fb:66:94:39:c2:31:2f:44:09:c3:b8:3e:
46:86:cc:06:67:d6:51:65:7b:b1:2c:93:a3:33:fc:
08:4a:52:cd:91:d4:b4:65:33:f6:25:7b:57:35:8d:
3e:bd:a3:ac:4e:8b:8b:0b:06:a0:89:27:6f:2c:76:
9b:2d:8b:ec:49:92:ba:47:ac:91:82:3c:18:c8:b5:
15:6f:e4:71:7a:d0:b8:76:94:3b:48:67:52:8a:55:
13:18:17:c4:4b:06:1e:86:27:ca:40:05:a3:02:3f:
f6:eb:e9:e8:66:b5:a3:24:09:55:62:c2:27:84:14:
60:e5:d6:2c:c8:af:b6:f0:f4:3a:16:87:35:d5:86:
f7:20:92:0c:d3:2b:17:72:db:38:0f:0e:da:60:43:
49:b3:5c:5b:e0:78:29:db:63:b9:b9:c8:f1:eb:8c:
67:b9:01:57:c3:9c:be:bb:f5:0c:df:b0:8a:c9:d8:
71:02:80:62:87:57:1e:11:6e:df:96:12:68:0d:28:
5d:7f:69:b3:bb:96:80:87:47:bd:65:29:e0:1f:3e:
4b:76:c6:b3:9a:95:59:8f:77:c3:26:51:3d:a5:b4:
b2:db:e8:91:09:db:de:ff:e1:f5:0c:fe:65:74:1b:
80:cf:80:89:58:6c:3c:a7:a1:41:b6:4d:fa:72:83:
92:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:87:96:B1:4C:2D:C1:11:02:5A:E7:28:76:64:D3:63:14:04:51:3F
X509v3 Authority Key Identifier:
keyid:6F:F3:1B:06:59:A6:AE:16:C7:A0:A4:EE:0E:E6:A2:29:10:EC:2E:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91112BC/EBCF168204F811E9BA502431C4F9AE02/b_MbBlmmrhbHoKTuDuaiKRDsLgA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_MbBlmmrhbHoKTuDuaiKRDsLgA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91112BC/EBCF168204F811E9BA502431C4F9AE02/F85A5EB6C33911E9A9463781C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.59.48.0/22
Signature Algorithm: sha256WithRSAEncryption
96:0f:5d:e8:b5:fd:1d:59:d6:ab:00:85:c4:ab:8e:45:b7:af:
7e:7f:5e:bc:32:e1:b6:af:75:24:60:40:7d:46:76:a2:1b:04:
57:18:6c:2f:a4:0b:26:80:9b:a0:07:6c:28:97:ff:cc:57:24:
64:30:ef:d0:5e:17:45:90:d5:e9:19:3d:72:21:5d:e1:d9:e4:
5a:36:90:1a:14:5c:e3:ec:0c:ca:30:85:94:a5:0d:bd:05:f3:
f0:f2:bc:03:c2:6d:69:5b:e2:cb:a2:db:8f:e7:75:ba:19:fb:
b5:c5:ff:68:78:62:15:13:ce:78:e0:54:c3:4b:93:7a:5d:d9:
13:43:8e:23:2e:01:14:59:ec:05:b1:32:17:90:0a:03:f0:01:
93:3d:d1:64:c7:9f:10:01:56:fd:4b:9d:ac:47:14:d2:94:ad:
83:a0:95:52:eb:fc:d9:e9:fe:8a:eb:8b:ef:2c:5b:ba:30:21:
11:fb:2c:78:0e:15:af:47:b8:a5:81:77:f9:e7:6d:3e:46:c4:
b3:5e:d9:f4:08:18:62:c5:09:6a:0c:44:4b:cd:a0:09:75:d1:
c4:dc:54:9a:9b:b9:c0:3d:ad:61:eb:fb:0b:d2:4f:4a:ed:39:
c5:24:2a:71:6f:98:35:a7:3c:41:51:cf:7f:1e:45:07:1b:9f:
2b:3d:2c:d1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEOQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTEyQkMxMTAvBgNVBAUTKDZGRjMxQjA2NTlBNkFFMTZDN0EwQTRFRTBFRTZBMjI5
MTBFQzJFMDAwHhcNMjQwNjI0MTc1NzUyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc5YjNhMC0zMDYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxcD7ZpQ5wjEvRAnDuD5GhswGZ9ZRZXuxLJOjM/wISlLNkdS0ZTP2JXtXNY0+
vaOsTouLCwagiSdvLHabLYvsSZK6R6yRgjwYyLUVb+RxetC4dpQ7SGdSilUTGBfE
SwYehifKQAWjAj/26+noZrWjJAlVYsInhBRg5dYsyK+28PQ6Foc11Yb3IJIM0ysX
cts4Dw7aYENJs1xb4Hgp22O5ucjx64xnuQFXw5y+u/UM37CKydhxAoBih1ceEW7f
lhJoDShdf2mzu5aAh0e9ZSngHz5LdsazmpVZj3fDJlE9pbSy2+iRCdve/+H1DP5l
dBuAz4CJWGw8p6FBtk36coOSCQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMSHlrFM
LcERAlrnKHZk02MUBFE/MB8GA1UdIwQYMBaAFG/zGwZZpq4Wx6Ck7g7moikQ7C4A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTJCQy9FQkNGMTY4MjA0
RjgxMUU5QkE1MDI0MzFDNEY5QUUwMi9iX01iQmxtbXJoYkhvS1R1RHVhaUtSRHNM
Z0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JfTWJCbG1tcmhiSG9LVHVEdWFpS1JEc0xnQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTEyQkMvRUJDRjE2ODIwNEY4MTFFOUJBNTAyNDMxQzRGOUFFMDIvRjg1QTVFQjZD
MzM5MTFFOUE5NDYzNzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnOzAwDQYJKoZIhvcNAQELBQADggEBAJYPXei1/R1Z1qsA
hcSrjkW3r35/Xrwy4bavdSRgQH1GdqIbBFcYbC+kCyaAm6AHbCiX/8xXJGQw79Be
F0WQ1ekZPXIhXeHZ5Fo2kBoUXOPsDMowhZSlDb0F8/DyvAPCbWlb4sui24/ndboZ
+7XF/2h4YhUTznjgVMNLk3pd2RNDjiMuARRZ7AWxMheQCgPwAZM90WTHnxABVv1L
naxHFNKUrYOglVLr/Nnp/orri+8sW7owIRH7LHgOFa9HuKWBd/nnbT5GxLNe2fQI
GGLFCWoMREvNoAl10cTcVJqbucA9rWHr+wvST0rtOcUkKnFvmDWnPEFRz38eRQcb
nys9LNE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:13:58 2025 by rpki-client