Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912905D/34BF9908AC3D11EDBD4D135EC4F9AE02/CE9A4D70D6EA11ED8F0C322EC4F9AE02.roa
File: CE9A4D70D6EA11ED8F0C322EC4F9AE02.roa (raw, json)
Hash identifier: 4CwEmTha4EyNRaDNvqVWV7nGS4hmjE7Q73FoaaZV148=
Subject key identifier: D3:F9:DD:EA:E2:2C:1D:3A:DA:F0:D2:1F:BE:88:B9:57:8A:C8:71:46
Certificate issuer: /CN=A912905D/serialNumber=2041A548216FF014894B79CC9FD77311BC7CA317
Certificate serial: 0181
Authority key identifier: 20:41:A5:48:21:6F:F0:14:89:4B:79:CC:9F:D7:73:11:BC:7C:A3:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IEGlSCFv8BSJS3nMn9dzEbx8oxc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912905D/34BF9908AC3D11EDBD4D135EC4F9AE02/CE9A4D70D6EA11ED8F0C322EC4F9AE02.roa
Signing time: Wed 05 Feb 2025 02:28:09 +0000
ROA not before: Wed 05 Feb 2025 02:28:09 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 141421
IP address blocks: 103.84.56.0/24 maxlen: 24
103.84.57.0/24 maxlen: 24
2400:dce0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 385 (0x181)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912905D
Validity
Not Before: Feb 5 02:28:09 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a2ccb9-dd28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:61:74:ff:9f:bd:a6:44:a8:0f:95:0c:19:eb:
3e:49:37:0a:70:65:b2:31:05:9f:ab:5d:b1:19:b1:
35:f5:e4:48:36:82:87:3c:aa:fc:b4:ee:2d:14:3d:
c3:ad:0e:66:4e:4b:be:49:c8:98:4b:87:8c:60:31:
b6:c5:d9:32:b4:4d:fc:3b:e9:9d:61:f4:e4:c7:25:
8b:5f:8c:c3:d3:f0:b0:00:71:c1:bb:8a:11:7d:d5:
a6:3f:87:4c:15:0a:72:99:31:4b:39:d7:70:06:ef:
42:42:1c:84:f3:42:21:08:ef:1f:b5:ed:6f:9b:36:
5c:c7:8e:ef:70:e2:09:7c:41:c6:d8:50:5c:c8:56:
eb:fb:e7:76:e9:d6:76:4e:69:73:be:14:f5:e1:9e:
1e:4e:b4:5d:89:b6:54:16:c2:e3:8f:41:06:b4:6a:
5e:34:4a:5e:04:a6:78:ae:8c:0e:87:ec:75:36:ab:
75:fc:fd:38:e9:bf:5f:1e:fe:23:39:2f:42:04:5d:
03:42:c9:ff:22:30:34:15:21:57:2c:df:ab:07:8c:
5c:2a:9b:73:e2:5d:e1:e4:59:d2:9d:86:c7:b0:08:
6a:c1:0b:0c:dd:77:8f:43:85:ad:56:94:bd:dc:be:
ac:96:1c:8c:60:7d:50:0e:c5:fa:78:a6:fe:16:99:
6f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:F9:DD:EA:E2:2C:1D:3A:DA:F0:D2:1F:BE:88:B9:57:8A:C8:71:46
X509v3 Authority Key Identifier:
keyid:20:41:A5:48:21:6F:F0:14:89:4B:79:CC:9F:D7:73:11:BC:7C:A3:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912905D/34BF9908AC3D11EDBD4D135EC4F9AE02/IEGlSCFv8BSJS3nMn9dzEbx8oxc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IEGlSCFv8BSJS3nMn9dzEbx8oxc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912905D/34BF9908AC3D11EDBD4D135EC4F9AE02/CE9A4D70D6EA11ED8F0C322EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.56.0/23
IPv6:
2400:dce0::/48
Signature Algorithm: sha256WithRSAEncryption
a2:d7:98:a7:af:be:0b:50:8d:2d:30:47:b5:be:82:3d:f1:ce:
ca:47:00:13:42:04:92:94:40:c5:d0:8a:c6:f1:86:0e:2b:37:
cf:cd:dd:e2:dc:c6:79:92:4c:8b:4c:53:db:d8:13:6b:cc:5c:
a2:b1:f0:0f:a3:80:25:d8:4d:d6:ca:2b:ba:7e:69:3a:49:9b:
d6:a1:90:9f:46:0d:0c:74:8b:c2:71:33:e6:78:ef:f4:dd:7b:
57:83:3a:57:6a:d8:64:03:6c:ee:d0:32:09:bf:d4:f7:f2:f4:
4a:9a:4c:83:4b:4a:16:88:78:b8:2b:73:7d:81:5f:e5:03:fa:
f2:9c:fa:84:b1:a9:fa:a1:40:29:0c:45:23:34:ee:3a:19:29:
91:8c:91:be:b2:ce:27:e0:c4:a9:9d:2c:28:10:5a:27:30:96:
d1:97:33:ac:16:d9:12:dd:cc:39:32:40:90:ae:34:91:29:43:
e2:88:4a:62:eb:77:23:da:7d:0d:2d:17:c2:ff:ef:9e:9a:05:
0e:50:5d:e0:6d:46:7e:8a:8f:36:4c:b0:26:c6:c2:ad:bc:5d:
a9:ea:49:1f:d6:67:f3:c0:73:b2:a3:6c:ef:87:da:42:1e:d2:
af:20:fb:71:ad:b3:56:81:4c:f9:6e:ad:2a:d0:e8:51:e4:d6:
7c:54:67:c7
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAYEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjkwNUQxMTAvBgNVBAUTKDIwNDFBNTQ4MjE2RkYwMTQ4OTRCNzlDQzlGRDc3MzEx
QkM3Q0EzMTcwHhcNMjUwMjA1MDIyODA5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyY2NiOS1kZDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr2F0/5+9pkSoD5UMGes+STcKcGWyMQWfq12xGbE19eRINoKHPKr8tO4tFD3D
rQ5mTku+SciYS4eMYDG2xdkytE38O+mdYfTkxyWLX4zD0/CwAHHBu4oRfdWmP4dM
FQpymTFLOddwBu9CQhyE80IhCO8fte1vmzZcx47vcOIJfEHG2FBcyFbr++d26dZ2
TmlzvhT14Z4eTrRdibZUFsLjj0EGtGpeNEpeBKZ4rowOh+x1Nqt1/P046b9fHv4j
OS9CBF0DQsn/IjA0FSFXLN+rB4xcKptz4l3h5FnSnYbHsAhqwQsM3XePQ4WtVpS9
3L6slhyMYH1QDsX6eKb+FplvvQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNP53eri
LB062vDSH76IuVeKyHFGMB8GA1UdIwQYMBaAFCBBpUghb/AUiUt5zJ/XcxG8fKMX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOTA1RC8zNEJGOTkwOEFD
M0QxMUVEQkQ0RDEzNUVDNEY5QUUwMi9JRUdsU0NGdjhCU0pTM25NbjlkekVieDhv
eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lFR2xTQ0Z2OEJTSlMzbk1uOWR6RWJ4OG94Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjkwNUQvMzRCRjk5MDhBQzNEMTFFREJENEQxMzVFQzRGOUFFMDIvQ0U5QTRENzBE
NkVBMTFFRDhGMEMzMjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnVDgwDwQCAAIwCQMHACQA3OAAADANBgkqhkiG9w0BAQsF
AAOCAQEAoteYp6++C1CNLTBHtb6CPfHOykcAE0IEkpRAxdCKxvGGDis3z83d4tzG
eZJMi0xT29gTa8xcorHwD6OAJdhN1sorun5pOkmb1qGQn0YNDHSLwnEz5njv9N17
V4M6V2rYZANs7tAyCb/U9/L0SppMg0tKFoh4uCtzfYFf5QP68pz6hLGp+qFAKQxF
IzTuOhkpkYyRvrLOJ+DEqZ0sKBBaJzCW0ZczrBbZEt3MOTJAkK40kSlD4ohKYut3
I9p9DS0Xwv/vnpoFDlBd4G1GfoqPNkywJsbCrbxdqepJH9Zn88BzsqNs74faQh7S
ryD7ca2zVoFM+W6tKtDoUeTWfFRnxw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:39:07 2025 by rpki-client