Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911DA4A/7257F932BCB011E6998E8256C4F9AE02/8DB2B8E6E27F11EEA6719536C4F9AE02.roa
File: 8DB2B8E6E27F11EEA6719536C4F9AE02.roa (raw, json)
Hash identifier: djG4mlXw26i8Pdv1t32X7f3gUOAe2ux1BErj6m1pRZU=
Subject key identifier: 18:8F:D9:24:99:A1:25:DB:6E:F7:0C:0C:72:36:99:DB:9D:7D:B8:0D
Certificate issuer: /CN=A911DA4A/serialNumber=7892064DD45B97ED09471EB05451EAC098C9CB3D
Certificate serial: 1CB9
Authority key identifier: 78:92:06:4D:D4:5B:97:ED:09:47:1E:B0:54:51:EA:C0:98:C9:CB:3D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eJIGTdRbl-0JRx6wVFHqwJjJyz0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911DA4A/7257F932BCB011E6998E8256C4F9AE02/8DB2B8E6E27F11EEA6719536C4F9AE02.roa
Signing time: Thu 02 Jan 2025 16:13:39 +0000
ROA not before: Thu 02 Jan 2025 16:13:39 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 16509
IP address blocks: 103.81.52.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7353 (0x1cb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911DA4A
Validity
Not Before: Jan 2 16:13:39 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6776bb33-3650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:77:12:2b:90:f1:f5:ac:ca:46:07:64:df:49:
ca:8e:6c:10:f7:6a:44:4b:e2:b8:cb:0a:a3:17:d2:
fc:49:3d:41:eb:cf:8f:5b:db:c1:ea:5a:bf:58:09:
58:32:8d:13:3a:64:c7:86:e0:f8:79:9e:03:31:68:
44:69:85:2a:65:80:c2:60:fc:4b:f0:7f:bb:0d:4b:
70:7d:55:33:28:61:66:32:a7:f2:d0:60:c9:52:4e:
bc:19:24:30:df:f9:d2:c9:e4:7a:7f:a9:5f:80:26:
4d:97:ca:67:9b:ff:9f:a2:21:02:df:f6:83:20:3e:
85:35:ee:ca:c2:30:f6:b7:c1:34:ab:8d:95:08:39:
9f:88:9a:20:78:a4:cb:5e:b6:8f:ee:6c:ab:21:ef:
60:03:4a:b1:ff:36:73:ba:f9:eb:f8:17:f9:35:7e:
41:21:7f:b1:b5:3b:34:c7:3d:9b:d0:67:47:0b:ad:
2f:cb:85:b7:2c:ff:7e:d2:97:06:b7:ef:c7:c6:df:
e3:70:94:53:8b:0e:5a:f8:25:d7:7f:33:4d:bd:bf:
ab:7d:c2:7b:54:f1:40:cf:58:a8:ed:55:68:30:bb:
46:3a:5d:95:86:8b:8f:bc:4b:f5:38:7d:9d:f6:9e:
d5:0e:e4:d7:23:8b:40:04:a6:c6:b8:72:ff:39:ff:
c1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:8F:D9:24:99:A1:25:DB:6E:F7:0C:0C:72:36:99:DB:9D:7D:B8:0D
X509v3 Authority Key Identifier:
keyid:78:92:06:4D:D4:5B:97:ED:09:47:1E:B0:54:51:EA:C0:98:C9:CB:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911DA4A/7257F932BCB011E6998E8256C4F9AE02/eJIGTdRbl-0JRx6wVFHqwJjJyz0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eJIGTdRbl-0JRx6wVFHqwJjJyz0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DA4A/7257F932BCB011E6998E8256C4F9AE02/8DB2B8E6E27F11EEA6719536C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.81.52.0/24
Signature Algorithm: sha256WithRSAEncryption
38:43:b2:c2:1e:17:93:6e:49:a0:d4:eb:44:ba:59:d7:a5:61:
73:7a:b9:6c:6c:15:a3:ed:93:54:1c:ef:c3:f9:82:5b:86:b8:
1f:4b:0c:54:dd:27:2a:60:cc:f2:ca:d8:29:fa:fb:62:91:2d:
d1:62:9c:a1:03:34:66:3d:47:f0:6e:7b:c9:12:67:1e:44:1c:
2c:fe:eb:02:f8:35:db:f9:3f:0d:e8:4a:f3:fc:84:2e:18:8c:
8f:49:44:75:0b:95:cb:9d:43:77:8d:5e:05:d5:66:ec:3b:40:
ce:fd:ba:3c:7e:7b:fb:e5:00:fe:42:31:ae:a2:31:3a:3b:51:
4b:49:3a:7c:5e:bb:1c:b8:00:3b:83:00:1f:76:ac:98:27:c5:
ff:e1:bd:0c:60:89:16:4c:24:3d:4c:8a:9f:3e:6d:b4:44:6f:
70:01:0b:0b:a7:b0:2d:97:77:6d:18:23:52:b4:be:c9:03:13:
bc:1d:ec:e0:84:e0:a0:bc:bf:26:7c:2e:55:8c:10:86:18:45:
8f:e3:2c:87:5c:8f:41:85:4e:0c:0c:09:e7:ad:b4:7a:72:c4:
86:b4:78:a6:5f:e9:a3:3f:0f:7f:e7:55:53:a7:a8:eb:c0:de:
85:bf:21:dc:7d:15:35:f2:db:2f:25:8c:35:62:08:12:ad:d4:
b7:e2:ff:e2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHLkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MURBNEExMTAvBgNVBAUTKDc4OTIwNjRERDQ1Qjk3RUQwOTQ3MUVCMDU0NTFFQUMw
OThDOUNCM0QwHhcNMjUwMTAyMTYxMzM5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc2YmIzMy0zNjUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq3cSK5Dx9azKRgdk30nKjmwQ92pES+K4ywqjF9L8ST1B68+PW9vB6lq/WAlY
Mo0TOmTHhuD4eZ4DMWhEaYUqZYDCYPxL8H+7DUtwfVUzKGFmMqfy0GDJUk68GSQw
3/nSyeR6f6lfgCZNl8pnm/+foiEC3/aDID6FNe7KwjD2t8E0q42VCDmfiJogeKTL
XraP7myrIe9gA0qx/zZzuvnr+Bf5NX5BIX+xtTs0xz2b0GdHC60vy4W3LP9+0pcG
t+/Hxt/jcJRTiw5a+CXXfzNNvb+rfcJ7VPFAz1io7VVoMLtGOl2VhouPvEv1OH2d
9p7VDuTXI4tABKbGuHL/Of/BLQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBiP2SSZ
oSXbbvcMDHI2mdudfbgNMB8GA1UdIwQYMBaAFHiSBk3UW5ftCUcesFRR6sCYycs9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExREE0QS83MjU3RjkzMkJD
QjAxMUU2OTk4RTgyNTZDNEY5QUUwMi9lSklHVGRSYmwtMEpSeDZ3VkZIcXdKakp5
ejAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VKSUdUZFJibC0wSlJ4NndWRkhxd0pqSnl6MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MURBNEEvNzI1N0Y5MzJCQ0IwMTFFNjk5OEU4MjU2QzRGOUFFMDIvOERCMkI4RTZF
MjdGMTFFRUE2NzE5NTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnUTQwDQYJKoZIhvcNAQELBQADggEBADhDssIeF5NuSaDU
60S6WdelYXN6uWxsFaPtk1Qc78P5gluGuB9LDFTdJypgzPLK2Cn6+2KRLdFinKED
NGY9R/Bue8kSZx5EHCz+6wL4Ndv5Pw3oSvP8hC4YjI9JRHULlcudQ3eNXgXVZuw7
QM79ujx+e/vlAP5CMa6iMTo7UUtJOnxeuxy4ADuDAB92rJgnxf/hvQxgiRZMJD1M
ip8+bbREb3ABCwunsC2Xd20YI1K0vskDE7wd7OCE4KC8vyZ8LlWMEIYYRY/jLIdc
j0GFTgwMCeettHpyxIa0eKZf6aM/D3/nVVOnqOvA3oW/Idx9FTXy2y8ljDViCBKt
1Lfi/+I=
-----END CERTIFICATE-----
Generated at Fri Apr 11 20:59:45 2025 by rpki-client