Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91275A6/CA86944A9C5D11ED97B3F548C4F9AE02/8FA08DC29C8511EDB3506E5AC4F9AE02.roa
File: 8FA08DC29C8511EDB3506E5AC4F9AE02.roa (raw, json)
Hash identifier: Op5FiTtFCqiSuAmQrIrvzBwaHPhkdRDyeJuZKNddGfc=
Subject key identifier: 6C:CE:BD:AB:D2:A7:3A:7F:14:69:0F:A8:7B:61:33:B6:4D:D1:E0:79
Certificate issuer: /CN=A91275A6/serialNumber=590FA3C67000E96985791E6355AD1F6DAD5C1876
Certificate serial: 0184
Authority key identifier: 59:0F:A3:C6:70:00:E9:69:85:79:1E:63:55:AD:1F:6D:AD:5C:18:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WQ-jxnAA6WmFeR5jVa0fba1cGHY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91275A6/CA86944A9C5D11ED97B3F548C4F9AE02/8FA08DC29C8511EDB3506E5AC4F9AE02.roa
Signing time: Sun 09 Feb 2025 02:45:11 +0000
ROA not before: Sun 09 Feb 2025 02:45:11 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 150732
IP address blocks: 103.75.138.0/23 maxlen: 23
103.75.138.0/24 maxlen: 24
103.75.139.0/24 maxlen: 24
2001:df1:dec0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 388 (0x184)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91275A6
Validity
Not Before: Feb 9 02:45:11 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a816b6-9e12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:17:5a:04:d6:11:a8:9b:56:98:81:25:72:84:
66:c3:7a:50:7b:a5:45:72:b6:19:67:a9:33:dd:5d:
bd:ee:f1:02:91:f7:35:a8:77:05:b3:18:59:db:14:
59:66:4c:3c:9e:d5:15:e6:c3:ca:ab:4c:e6:81:42:
17:c0:b8:9a:0e:38:94:8e:7b:b7:4f:80:ff:20:dc:
ca:25:c9:3f:3c:5d:be:ff:0f:d6:bf:08:ff:f9:9e:
5a:45:18:a8:d3:43:aa:e6:03:9c:bd:87:f9:23:b1:
08:de:ec:75:78:39:fc:70:7b:f9:fb:76:ea:66:6c:
83:2b:42:7f:31:95:ac:14:11:1b:af:c3:01:a4:b4:
01:86:96:3c:a2:d1:fe:84:1c:1e:f6:ef:06:15:29:
a4:b4:21:f4:f9:86:6f:d1:43:a1:fa:7d:2b:10:b7:
19:c2:d9:18:98:44:a5:9f:cf:e3:60:c7:20:96:18:
f1:6b:e0:b0:7d:66:4e:7d:8a:d0:f0:88:bb:ea:73:
af:f3:42:30:8f:ca:59:0c:5b:00:20:c5:06:0e:dd:
ef:f0:b0:cd:55:e3:41:28:17:0b:29:54:58:8c:ec:
2d:7e:35:31:81:37:e8:e0:34:bc:09:de:49:35:51:
22:6d:62:47:79:b8:c4:2c:f3:77:44:4c:f0:7d:e5:
fe:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:CE:BD:AB:D2:A7:3A:7F:14:69:0F:A8:7B:61:33:B6:4D:D1:E0:79
X509v3 Authority Key Identifier:
keyid:59:0F:A3:C6:70:00:E9:69:85:79:1E:63:55:AD:1F:6D:AD:5C:18:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91275A6/CA86944A9C5D11ED97B3F548C4F9AE02/WQ-jxnAA6WmFeR5jVa0fba1cGHY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WQ-jxnAA6WmFeR5jVa0fba1cGHY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91275A6/CA86944A9C5D11ED97B3F548C4F9AE02/8FA08DC29C8511EDB3506E5AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.75.138.0/23
IPv6:
2001:df1:dec0::/48
Signature Algorithm: sha256WithRSAEncryption
6f:8a:12:f4:5a:01:85:28:20:1a:15:c9:d3:04:fd:06:26:24:
ca:61:f0:80:3c:43:23:24:1f:35:af:b9:af:26:f3:b8:cc:f0:
5d:02:6c:a6:18:85:a4:6d:1a:1d:52:b1:27:88:f7:93:65:86:
b9:f2:34:57:0a:5f:3a:e9:22:48:59:cf:26:b7:72:bd:a7:f3:
38:79:27:ce:86:4a:ef:78:22:d6:cb:da:c6:72:08:d1:86:6e:
99:ff:69:1e:19:cf:9f:1c:72:e8:db:6d:04:a6:09:01:83:85:
17:83:ac:50:98:6b:a6:ac:af:ce:92:39:c4:0a:94:fa:39:c6:
3a:2a:7f:03:0a:a3:fd:16:0f:a6:f7:38:4a:d0:2b:fb:6c:20:
55:6c:9f:6a:3b:64:d2:49:a5:83:8c:dd:1e:e8:95:db:28:39:
d8:30:7d:6c:b5:c5:c9:9c:51:5c:e5:2d:58:bc:09:96:f2:4e:
dd:a7:93:71:98:ff:b0:d9:08:90:b7:f8:75:c6:7b:5c:4b:df:
a7:ac:02:28:0b:9f:23:66:93:ec:5d:9e:4a:23:ef:2e:50:fe:
a5:8f:2e:0c:29:c6:2a:26:32:02:04:27:1e:db:fb:ea:ec:6b:
cf:57:a1:55:70:c8:ac:8f:55:a0:ca:e5:39:16:09:2d:28:1c:
22:f6:1c:64
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAYQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc1QTYxMTAvBgNVBAUTKDU5MEZBM0M2NzAwMEU5Njk4NTc5MUU2MzU1QUQxRjZE
QUQ1QzE4NzYwHhcNMjUwMjA5MDI0NTExWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E4MTZiNi05ZTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwRdaBNYRqJtWmIElcoRmw3pQe6VFcrYZZ6kz3V297vECkfc1qHcFsxhZ2xRZ
Zkw8ntUV5sPKq0zmgUIXwLiaDjiUjnu3T4D/INzKJck/PF2+/w/Wvwj/+Z5aRRio
00Oq5gOcvYf5I7EI3ux1eDn8cHv5+3bqZmyDK0J/MZWsFBEbr8MBpLQBhpY8otH+
hBwe9u8GFSmktCH0+YZv0UOh+n0rELcZwtkYmESln8/jYMcglhjxa+CwfWZOfYrQ
8Ii76nOv80Iwj8pZDFsAIMUGDt3v8LDNVeNBKBcLKVRYjOwtfjUxgTfo4DS8Cd5J
NVEibWJHebjELPN3REzwfeX+1QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGzOvavS
pzp/FGkPqHthM7ZN0eB5MB8GA1UdIwQYMBaAFFkPo8ZwAOlphXkeY1WtH22tXBh2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzVBNi9DQTg2OTQ0QTlD
NUQxMUVEOTdCM0Y1NDhDNEY5QUUwMi9XUS1qeG5BQTZXbUZlUjVqVmEwZmJhMWNH
SFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dRLWp4bkFBNldtRmVSNWpWYTBmYmExY0dIWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc1QTYvQ0E4Njk0NEE5QzVEMTFFRDk3QjNGNTQ4QzRGOUFFMDIvOEZBMDhEQzI5
Qzg1MTFFREIzNTA2RTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnS4owDwQCAAIwCQMHACABDfHewDANBgkqhkiG9w0BAQsF
AAOCAQEAb4oS9FoBhSggGhXJ0wT9BiYkymHwgDxDIyQfNa+5rybzuMzwXQJsphiF
pG0aHVKxJ4j3k2WGufI0VwpfOukiSFnPJrdyvafzOHknzoZK73gi1svaxnII0YZu
mf9pHhnPnxxy6NttBKYJAYOFF4OsUJhrpqyvzpI5xAqU+jnGOip/Awqj/RYPpvc4
StAr+2wgVWyfajtk0kmlg4zdHuiV2yg52DB9bLXFyZxRXOUtWLwJlvJO3aeTcZj/
sNkIkLf4dcZ7XEvfp6wCKAufI2aT7F2eSiPvLlD+pY8uDCnGKiYyAgQnHtv76uxr
z1ehVXDIrI9VoMrlORYJLSgcIvYcZA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:12:32 2025 by rpki-client