Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913EBFD/F7CE629A3A8E11EA80AF0E31C4F9AE02/B6EF8F5E3A9011EA957A6A34C4F9AE02.roa
File: B6EF8F5E3A9011EA957A6A34C4F9AE02.roa (raw, json)
Hash identifier: MMg6miblGYwiWs8actEKJcMi2SqNBUoJuKwgQQDzl38=
Subject key identifier: 56:FD:A5:06:25:CA:4F:30:0A:E0:0A:52:F4:8B:93:55:37:6F:64:CB
Certificate issuer: /CN=A913EBFD/serialNumber=B140AF04919B4513825A6EA57E1AB9E54379E3C8
Certificate serial: 0AF4
Authority key identifier: B1:40:AF:04:91:9B:45:13:82:5A:6E:A5:7E:1A:B9:E5:43:79:E3:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sUCvBJGbRROCWm6lfhq55UN548g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913EBFD/F7CE629A3A8E11EA80AF0E31C4F9AE02/B6EF8F5E3A9011EA957A6A34C4F9AE02.roa
Signing time: Mon 20 Jan 2025 19:18:29 +0000
ROA not before: Mon 20 Jan 2025 19:18:29 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 138550
IP address blocks: 103.132.184.0/24 maxlen: 24
103.148.250.0/24 maxlen: 24
2001:df7:8300::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2804 (0xaf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913EBFD
Validity
Not Before: Jan 20 19:18:29 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=678ea185-68e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d0:4c:10:1b:8c:6a:a5:3f:30:7b:4d:02:56:
5a:a2:8a:47:38:73:9f:9f:d1:b9:f5:4a:e7:20:ac:
5c:2f:e6:fb:dc:4b:f6:1a:7c:39:d7:74:b9:57:07:
11:5e:32:7e:7d:31:82:a5:d5:bc:a0:3a:f5:e3:11:
81:82:08:8b:8f:b9:26:13:b0:84:39:47:6c:6f:6c:
49:0e:91:4a:7f:1e:af:b6:5d:53:35:f3:eb:db:77:
53:c4:ea:2c:10:51:85:47:59:8a:93:8e:c7:3d:47:
3f:81:72:a5:cc:d0:03:ae:d4:50:47:19:33:a7:27:
20:3f:d6:9f:4e:22:a6:37:ae:c1:b3:71:dd:b4:69:
21:29:98:45:75:c8:91:bf:7f:6c:c5:64:9f:b2:e1:
a5:84:70:85:a2:ed:4f:46:24:7e:9a:d1:f0:bd:d1:
cc:47:f9:6d:ca:e1:77:ec:0d:ba:7a:22:62:4d:95:
12:81:a6:2a:2f:1f:cb:0c:75:97:58:1e:5d:af:55:
32:8d:0c:b1:89:10:65:8f:06:1f:2f:f5:46:35:98:
5f:84:b4:c0:df:6b:22:42:19:ec:9d:1a:cf:c0:65:
c3:83:42:ce:a0:f8:24:a5:5b:87:d3:c4:66:d0:e4:
4d:a2:85:be:ff:4c:cb:df:bb:b5:0c:ac:37:23:ca:
d0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:FD:A5:06:25:CA:4F:30:0A:E0:0A:52:F4:8B:93:55:37:6F:64:CB
X509v3 Authority Key Identifier:
keyid:B1:40:AF:04:91:9B:45:13:82:5A:6E:A5:7E:1A:B9:E5:43:79:E3:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913EBFD/F7CE629A3A8E11EA80AF0E31C4F9AE02/sUCvBJGbRROCWm6lfhq55UN548g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sUCvBJGbRROCWm6lfhq55UN548g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913EBFD/F7CE629A3A8E11EA80AF0E31C4F9AE02/B6EF8F5E3A9011EA957A6A34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.132.184.0/24
103.148.250.0/24
IPv6:
2001:df7:8300::/48
Signature Algorithm: sha256WithRSAEncryption
9e:bd:80:46:fa:62:3a:ef:c6:ed:3d:77:ea:cf:47:15:63:6b:
c7:4d:4f:72:05:d3:3f:68:86:ee:29:18:82:9d:01:25:a5:c7:
1b:22:95:23:a9:e7:80:41:a4:48:f6:9f:67:6a:67:33:a7:32:
61:86:dd:0d:29:c1:b8:91:cd:7d:33:9b:c6:dd:1b:0b:71:18:
71:55:d4:1a:72:e0:2e:4d:19:88:3c:b7:10:46:b2:d2:8a:a6:
0f:d3:22:3d:be:c2:d5:b6:e1:1f:c7:ee:05:25:35:25:3e:da:
e8:b7:27:8b:4d:c7:79:b6:f3:81:58:a6:56:7f:53:ca:d7:f2:
6e:83:0c:8d:cf:41:87:05:f6:d5:45:03:bb:35:31:60:06:9f:
f2:2e:cb:f4:d9:f3:3b:55:4a:1d:36:70:2f:03:da:22:9c:22:
2b:37:28:56:07:e7:3b:f0:61:21:cf:c4:ee:96:5a:82:71:05:
a6:ef:c6:a6:ba:29:0b:87:b9:e2:63:35:41:b0:f1:38:32:d0:
c3:99:9b:53:7e:7f:47:f3:1d:70:58:33:0a:7c:a5:b7:99:3f:
da:8d:bf:9e:d9:3b:7e:3d:60:a9:2d:c9:10:02:94:99:d5:00:
dd:0c:61:6d:a5:16:4b:64:bd:2a:ea:a7:9a:ec:94:de:ef:b3:
a7:d1:4e:d5
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICCvQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0VCRkQxMTAvBgNVBAUTKEIxNDBBRjA0OTE5QjQ1MTM4MjVBNkVBNTdFMUFCOUU1
NDM3OUUzQzgwHhcNMjUwMTIwMTkxODI5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhlYTE4NS02OGU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu9BMEBuMaqU/MHtNAlZaoopHOHOfn9G59UrnIKxcL+b73Ev2Gnw513S5VwcR
XjJ+fTGCpdW8oDr14xGBggiLj7kmE7CEOUdsb2xJDpFKfx6vtl1TNfPr23dTxOos
EFGFR1mKk47HPUc/gXKlzNADrtRQRxkzpycgP9afTiKmN67Bs3HdtGkhKZhFdciR
v39sxWSfsuGlhHCFou1PRiR+mtHwvdHMR/ltyuF37A26eiJiTZUSgaYqLx/LDHWX
WB5dr1UyjQyxiRBljwYfL/VGNZhfhLTA32siQhnsnRrPwGXDg0LOoPgkpVuH08Rm
0ORNooW+/0zL37u1DKw3I8rQZwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFFb9pQYl
yk8wCuAKUvSLk1U3b2TLMB8GA1UdIwQYMBaAFLFArwSRm0UTglpupX4aueVDeePI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRUJGRC9GN0NFNjI5QTNB
OEUxMUVBODBBRjBFMzFDNEY5QUUwMi9zVUN2QkpHYlJST0NXbTZsZmhxNTVVTjU0
OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NVQ3ZCSkdiUlJPQ1dtNmxmaHE1NVVONTQ4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0VCRkQvRjdDRTYyOUEzQThFMTFFQTgwQUYwRTMxQzRGOUFFMDIvQjZFRjhGNUUz
QTkwMTFFQTk1N0E2QTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnhLgDBABnlPowDwQCAAIwCQMHACABDfeDADANBgkqhkiG
9w0BAQsFAAOCAQEAnr2ARvpiOu/G7T136s9HFWNrx01PcgXTP2iG7ikYgp0BJaXH
GyKVI6nngEGkSPafZ2pnM6cyYYbdDSnBuJHNfTObxt0bC3EYcVXUGnLgLk0ZiDy3
EEay0oqmD9MiPb7C1bbhH8fuBSU1JT7a6Lcni03HebbzgVimVn9TytfyboMMjc9B
hwX21UUDuzUxYAaf8i7L9NnzO1VKHTZwLwPaIpwiKzcoVgfnO/BhIc/E7pZagnEF
pu/GpropC4e54mM1QbDxODLQw5mbU35/R/MdcFgzCnylt5k/2o2/ntk7fj1gqS3J
EAKUmdUA3QxhbaUWS2S9KuqnmuyU3u+zp9FO1Q==
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:58:20 2025 by rpki-client