Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91262BD/D3F11F0E991311EB860DDB3DC4F9AE02/CFD605CC8E6011EC93F6710FC4F9AE02.roa
File: CFD605CC8E6011EC93F6710FC4F9AE02.roa (raw, json)
Hash identifier: s1rfV8r68HE4TuansWzDnqISJzRH7RjJXWNUpk6BVJU=
Subject key identifier: D8:76:F2:FB:8B:56:A8:FB:35:51:56:F8:AA:A0:D8:A7:6C:B7:E5:86
Certificate issuer: /CN=A91262BD/serialNumber=D2E78E52C5DBCBF5E1841DACE527AEAA894A9A76
Certificate serial: 0603
Authority key identifier: D2:E7:8E:52:C5:DB:CB:F5:E1:84:1D:AC:E5:27:AE:AA:89:4A:9A:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0ueOUsXby_XhhB2s5SeuqolKmnY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91262BD/D3F11F0E991311EB860DDB3DC4F9AE02/CFD605CC8E6011EC93F6710FC4F9AE02.roa
Signing time: Sun 16 Feb 2025 23:51:50 +0000
ROA not before: Sun 16 Feb 2025 23:51:50 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 58715
IP address blocks: 103.106.118.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1539 (0x603)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91262BD
Validity
Not Before: Feb 16 23:51:50 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67b27a16-1bfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7f:69:cb:2d:22:65:e5:88:e7:d3:21:c7:8e:
80:69:74:bb:9c:14:bf:8b:33:e1:17:61:2d:a1:c8:
f0:7a:e4:52:62:6b:c4:3b:e9:6d:46:1c:ca:42:3b:
66:71:07:e6:d8:cf:32:0c:fc:a6:2f:1e:62:2d:10:
7f:07:af:71:b9:98:07:ba:5e:9a:d9:73:f1:07:42:
03:02:c4:62:f3:a6:e6:ca:a2:0f:a8:1e:33:35:67:
5c:06:57:7f:6f:c2:73:98:d6:02:63:df:0f:56:93:
24:53:62:86:7b:63:fc:68:0b:21:6f:97:90:f8:15:
e5:50:a8:e3:67:e7:e0:be:3f:26:f6:fe:58:2d:e3:
22:6d:11:0a:13:78:96:63:b4:40:fc:07:9b:ec:d1:
dc:df:6a:74:25:b7:10:d5:88:0d:99:b4:7b:20:2c:
b0:94:67:02:7f:fd:f1:61:93:e4:8c:72:bd:0c:d0:
e7:4c:eb:ef:24:89:ca:26:cf:a7:7f:b7:1d:40:03:
85:e6:35:ec:0c:97:ab:c2:7d:7c:c8:ae:5f:ca:d8:
7c:f8:5d:c2:a8:fe:a9:61:65:44:bf:07:1c:ed:dc:
95:bf:03:26:ca:74:99:38:4c:7d:29:0f:9a:b5:e6:
60:9e:37:71:e8:47:a8:c5:f6:ec:e6:8e:2e:6c:e4:
6f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:76:F2:FB:8B:56:A8:FB:35:51:56:F8:AA:A0:D8:A7:6C:B7:E5:86
X509v3 Authority Key Identifier:
keyid:D2:E7:8E:52:C5:DB:CB:F5:E1:84:1D:AC:E5:27:AE:AA:89:4A:9A:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91262BD/D3F11F0E991311EB860DDB3DC4F9AE02/0ueOUsXby_XhhB2s5SeuqolKmnY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0ueOUsXby_XhhB2s5SeuqolKmnY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262BD/D3F11F0E991311EB860DDB3DC4F9AE02/CFD605CC8E6011EC93F6710FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.118.0/23
Signature Algorithm: sha256WithRSAEncryption
46:56:44:de:28:90:73:56:56:a8:54:e8:0d:e3:56:3e:48:4f:
68:3b:ba:29:8a:94:72:06:c9:9f:d0:48:fe:94:ae:69:00:29:
d5:9f:a0:fd:ac:52:21:00:4c:94:36:be:5d:c3:6f:c1:b4:74:
12:6c:9b:96:7b:9f:31:85:a1:0b:2e:1b:c4:ee:00:80:ef:2b:
4f:25:99:f4:fb:b8:e0:5b:ca:47:d2:53:cf:c4:cf:04:2a:98:
f2:a5:c3:55:65:1e:dc:3c:d7:a4:e6:59:c2:c9:9b:1a:af:ea:
4c:9e:9c:57:78:90:0f:9d:fe:65:6e:f0:65:66:5d:41:39:69:
cf:ef:4a:47:3d:93:aa:b8:dd:3c:c4:62:35:e4:ab:dd:22:19:
47:e6:3d:9c:28:e9:70:3c:89:f0:d9:63:95:92:1a:38:3b:f7:
c9:8f:05:c7:cc:d0:78:2b:6e:37:f0:28:c8:28:32:9b:58:ac:
17:5c:15:dd:71:55:05:51:78:28:48:db:8b:03:1e:f3:dc:d7:
16:ed:95:69:ce:86:b9:70:63:93:3e:20:d6:37:a7:30:66:58:
00:dc:bd:9a:27:6a:a8:3b:1d:34:cf:62:dd:ec:be:a6:f9:1b:
7c:e4:62:b9:34:fa:0d:c1:ef:8f:0f:01:71:4a:44:c7:77:87:
85:69:51:fd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBgMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjYyQkQxMTAvBgNVBAUTKEQyRTc4RTUyQzVEQkNCRjVFMTg0MURBQ0U1MjdBRUFB
ODk0QTlBNzYwHhcNMjUwMjE2MjM1MTUwWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2IyN2ExNi0xYmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArX9pyy0iZeWI59Mhx46AaXS7nBS/izPhF2EtocjweuRSYmvEO+ltRhzKQjtm
cQfm2M8yDPymLx5iLRB/B69xuZgHul6a2XPxB0IDAsRi86bmyqIPqB4zNWdcBld/
b8JzmNYCY98PVpMkU2KGe2P8aAshb5eQ+BXlUKjjZ+fgvj8m9v5YLeMibREKE3iW
Y7RA/Aeb7NHc32p0JbcQ1YgNmbR7ICywlGcCf/3xYZPkjHK9DNDnTOvvJInKJs+n
f7cdQAOF5jXsDJerwn18yK5fyth8+F3CqP6pYWVEvwcc7dyVvwMmynSZOEx9KQ+a
teZgnjdx6Eeoxfbs5o4ubORvvQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNh28vuL
Vqj7NVFW+Kqg2Kdst+WGMB8GA1UdIwQYMBaAFNLnjlLF28v14YQdrOUnrqqJSpp2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjJCRC9EM0YxMUYwRTk5
MTMxMUVCODYwRERCM0RDNEY5QUUwMi8wdWVPVXNYYnlfWGhoQjJzNVNldXFvbEtt
blkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzB1ZU9Vc1hieV9YaGhCMnM1U2V1cW9sS21uWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjYyQkQvRDNGMTFGMEU5OTEzMTFFQjg2MEREQjNEQzRGOUFFMDIvQ0ZENjA1Q0M4
RTYwMTFFQzkzRjY3MTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnanYwDQYJKoZIhvcNAQELBQADggEBAEZWRN4okHNWVqhU
6A3jVj5IT2g7uimKlHIGyZ/QSP6UrmkAKdWfoP2sUiEATJQ2vl3Db8G0dBJsm5Z7
nzGFoQsuG8TuAIDvK08lmfT7uOBbykfSU8/EzwQqmPKlw1VlHtw816TmWcLJmxqv
6kyenFd4kA+d/mVu8GVmXUE5ac/vSkc9k6q43TzEYjXkq90iGUfmPZwo6XA8ifDZ
Y5WSGjg798mPBcfM0HgrbjfwKMgoMptYrBdcFd1xVQVReChI24sDHvPc1xbtlWnO
hrlwY5M+INY3pzBmWADcvZonaqg7HTTPYt3svqb5G3zkYrk0+g3B748PAXFKRMd3
h4VpUf0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:44:19 2025 by rpki-client