Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913FA1D/9EEA4D68BFEC11EA89929A58C4F9AE02/F86B8216BFED11EABE972E5AC4F9AE02.roa
File: F86B8216BFED11EABE972E5AC4F9AE02.roa (raw, json)
Hash identifier: ltvBn5VJXtz7vFB4RWKdDxpG2I+f/J+ryir96EuYqEY=
Subject key identifier: 71:2E:A0:20:8C:AA:47:05:B5:22:5D:15:B3:1F:4C:BA:FF:BC:80:D0
Certificate issuer: /CN=A913FA1D/serialNumber=7C53BF6AF493D24C3B7C6BA216B382B0C7F7FC24
Certificate serial: 0853
Authority key identifier: 7C:53:BF:6A:F4:93:D2:4C:3B:7C:6B:A2:16:B3:82:B0:C7:F7:FC:24
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fFO_avST0kw7fGuiFrOCsMf3_CQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913FA1D/9EEA4D68BFEC11EA89929A58C4F9AE02/F86B8216BFED11EABE972E5AC4F9AE02.roa
Signing time: Sun 02 Feb 2025 20:59:53 +0000
ROA not before: Sun 02 Feb 2025 20:59:53 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 132827
IP address blocks: 103.28.168.0/24 maxlen: 24
103.28.169.0/24 maxlen: 24
103.28.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2131 (0x853)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913FA1D
Validity
Not Before: Feb 2 20:59:53 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=679fdcc9-f2c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e7:f2:19:44:11:17:87:9b:58:d4:31:c8:94:
9c:23:5d:79:20:9e:d5:e2:90:8b:7d:42:a7:ac:54:
46:96:a0:af:a9:ee:c6:e2:dc:e1:00:f7:93:46:82:
f6:ac:9a:27:90:95:7c:39:cd:ac:26:cd:4e:30:fb:
8a:72:83:f5:1c:2c:ba:96:7c:2a:1d:a8:1d:56:95:
e0:2f:4d:9f:d6:15:10:e0:9b:96:a9:76:76:07:d3:
7f:71:86:39:4e:a8:bb:21:77:6d:40:38:d2:a4:02:
97:02:91:44:ae:41:45:c5:8d:8c:01:04:82:2c:01:
de:13:21:c0:e4:d6:86:76:9f:0f:1f:9e:87:fe:c2:
46:a3:17:43:9a:e3:fc:b8:ef:55:d1:fe:c7:93:15:
15:ea:82:33:d8:c9:85:2c:52:ce:3c:a9:cc:5c:09:
ce:21:3e:84:4a:68:4b:c2:23:fa:70:4c:c8:43:34:
c7:8d:79:19:cc:7c:5d:40:d1:e3:32:a9:48:7d:79:
0d:c6:d3:f2:73:5b:7f:ba:1d:9b:c0:d7:d3:3c:2a:
bc:8f:e6:68:09:97:e1:b9:1a:d1:b2:ae:bc:33:78:
da:b9:50:37:34:f6:6d:8d:2c:8d:23:e5:7e:4d:bf:
28:2b:01:ac:b9:37:8b:dd:69:c3:00:8f:de:79:ef:
64:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:2E:A0:20:8C:AA:47:05:B5:22:5D:15:B3:1F:4C:BA:FF:BC:80:D0
X509v3 Authority Key Identifier:
keyid:7C:53:BF:6A:F4:93:D2:4C:3B:7C:6B:A2:16:B3:82:B0:C7:F7:FC:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913FA1D/9EEA4D68BFEC11EA89929A58C4F9AE02/fFO_avST0kw7fGuiFrOCsMf3_CQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fFO_avST0kw7fGuiFrOCsMf3_CQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913FA1D/9EEA4D68BFEC11EA89929A58C4F9AE02/F86B8216BFED11EABE972E5AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.28.168.0-103.28.170.255
Signature Algorithm: sha256WithRSAEncryption
a0:77:b3:59:78:f8:db:70:e7:56:c4:32:15:24:fd:ce:86:b2:
59:c7:a7:5f:60:f8:8f:2a:ac:40:81:a9:d2:6f:ca:5a:16:a4:
26:25:9e:3e:d0:10:8a:a5:0b:86:43:e6:83:68:c0:4a:96:59:
35:b5:69:26:41:37:1c:ae:f4:d3:51:12:ba:60:f6:f0:ce:b0:
55:ed:50:36:33:4a:2f:8d:8a:a6:c6:c0:5a:b3:16:04:a2:f4:
5b:9e:31:74:a4:5f:b2:03:5e:dd:33:fb:db:f6:e0:08:01:fc:
9f:e2:70:63:f5:09:69:e4:5b:ad:dc:c0:d2:69:5c:92:f0:2d:
7d:80:89:e8:c8:93:c3:87:d8:ec:31:15:01:74:07:8c:19:4a:
93:a0:e7:6f:59:c7:fb:f8:ba:cc:cb:62:6d:48:e5:43:45:ff:
1d:1d:52:af:c0:91:58:3d:4a:c8:7b:ed:55:f6:58:bc:4f:32:
8b:dc:4a:95:98:a7:54:12:ec:4a:fe:9a:2f:8f:7e:6d:78:a4:
0d:7c:2d:de:5e:03:8f:17:a0:8f:91:1e:1b:f2:81:59:94:ff:
5a:45:e4:15:4e:c8:a1:7c:1f:e4:f6:c6:4a:0e:e6:76:64:13:
11:cd:24:03:18:c0:a9:16:ae:0e:b8:98:b0:5b:19:14:20:86:
09:37:86:d5
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICCFMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0ZBMUQxMTAvBgNVBAUTKDdDNTNCRjZBRjQ5M0QyNEMzQjdDNkJBMjE2QjM4MkIw
QzdGN0ZDMjQwHhcNMjUwMjAyMjA1OTUzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzlmZGNjOS1mMmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmefyGUQRF4ebWNQxyJScI115IJ7V4pCLfUKnrFRGlqCvqe7G4tzhAPeTRoL2
rJonkJV8Oc2sJs1OMPuKcoP1HCy6lnwqHagdVpXgL02f1hUQ4JuWqXZ2B9N/cYY5
Tqi7IXdtQDjSpAKXApFErkFFxY2MAQSCLAHeEyHA5NaGdp8PH56H/sJGoxdDmuP8
uO9V0f7HkxUV6oIz2MmFLFLOPKnMXAnOIT6ESmhLwiP6cEzIQzTHjXkZzHxdQNHj
MqlIfXkNxtPyc1t/uh2bwNfTPCq8j+ZoCZfhuRrRsq68M3jauVA3NPZtjSyNI+V+
Tb8oKwGsuTeL3WnDAI/eee9kQQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFHEuoCCM
qkcFtSJdFbMfTLr/vIDQMB8GA1UdIwQYMBaAFHxTv2r0k9JMO3xrohazgrDH9/wk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRkExRC85RUVBNEQ2OEJG
RUMxMUVBODk5MjlBNThDNEY5QUUwMi9mRk9fYXZTVDBrdzdmR3VpRnJPQ3NNZjNf
Q1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZGT19hdlNUMGt3N2ZHdWlGck9Dc01mM19DUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0ZBMUQvOUVFQTRENjhCRkVDMTFFQTg5OTI5QTU4QzRGOUFFMDIvRjg2QjgyMTZC
RkVEMTFFQUJFOTcyRTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEA2ccqAMEAGccqjANBgkqhkiG9w0BAQsFAAOCAQEAoHez
WXj423DnVsQyFST9zoayWcenX2D4jyqsQIGp0m/KWhakJiWePtAQiqULhkPmg2jA
SpZZNbVpJkE3HK7001ESumD28M6wVe1QNjNKL42KpsbAWrMWBKL0W54xdKRfsgNe
3TP72/bgCAH8n+JwY/UJaeRbrdzA0mlckvAtfYCJ6MiTw4fY7DEVAXQHjBlKk6Dn
b1nH+/i6zMtibUjlQ0X/HR1Sr8CRWD1KyHvtVfZYvE8yi9xKlZinVBLsSv6aL49+
bXikDXwt3l4Djxegj5EeG/KBWZT/WkXkFU7IoXwf5PbGSg7mdmQTEc0kAxjAqRau
DriYsFsZFCCGCTeG1Q==
-----END CERTIFICATE-----
Generated at Fri Apr 11 15:51:00 2025 by rpki-client