Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BAB0/6361C982163F11EDB7D8AA85C4F9AE02/FD9E5086164111ED9F008D0BC4F9AE02.roa
File: FD9E5086164111ED9F008D0BC4F9AE02.roa (raw, json)
Hash identifier: ehuJApsCUW8xgBBOxYZ8+myCKPuJ6edFRUZs0FJyYuo=
Subject key identifier: 5A:08:EB:D2:32:2D:8F:B1:A9:D3:10:52:0D:A7:59:A5:12:CB:4C:64
Certificate issuer: /CN=A914BAB0/serialNumber=607FAC4DC3BCA4CC11E372F766B258A9DAECB707
Certificate serial: 021A
Authority key identifier: 60:7F:AC:4D:C3:BC:A4:CC:11:E3:72:F7:66:B2:58:A9:DA:EC:B7:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YH-sTcO8pMwR43L3ZrJYqdrstwc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BAB0/6361C982163F11EDB7D8AA85C4F9AE02/FD9E5086164111ED9F008D0BC4F9AE02.roa
Signing time: Wed 01 Jan 2025 01:45:23 +0000
ROA not before: Wed 01 Jan 2025 01:45:23 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 150126
IP address blocks: 103.191.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 538 (0x21a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BAB0, serialNumber=607FAC4DC3BCA4CC11E372F766B258A9DAECB707
Validity
Not Before: Jan 1 01:45:23 2025 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=67749e33-5e3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6f:e4:82:31:69:b1:cd:f6:88:50:b0:8d:ef:
0f:a4:64:a5:ac:63:62:35:aa:5b:7b:33:8f:28:fb:
88:7a:37:54:7c:c6:93:00:b5:52:45:44:16:9c:3f:
aa:07:2e:0c:33:36:06:8f:cd:e2:d0:61:fc:dc:89:
f7:b8:a8:21:0a:d2:af:5d:33:b0:16:d5:c9:b9:74:
de:79:85:bb:50:66:b7:a8:84:c5:48:7f:6b:3c:89:
9c:78:81:7a:ae:05:1f:9a:39:74:af:02:23:b8:3f:
fb:46:4b:8f:f2:86:25:a1:19:b2:bd:e6:02:bc:39:
c3:6a:d8:85:c4:ed:96:67:ca:cb:88:aa:94:cf:52:
fc:ab:5b:fb:4f:b7:1e:0d:e1:3d:3c:aa:55:c9:7e:
5b:e3:d3:91:25:7c:b9:66:75:84:dd:72:51:3f:d3:
12:86:59:af:15:97:9a:ea:22:e0:c1:32:d8:4f:b7:
24:d9:a9:95:12:0b:97:b5:02:b8:5c:b6:99:dd:20:
4b:aa:ac:a9:89:cb:fe:27:f9:5c:97:73:9f:24:8d:
77:24:d6:bb:11:67:0b:9e:48:53:c2:5b:29:14:c0:
a9:95:4b:3d:8d:74:ae:cb:c6:f8:53:68:7c:b6:91:
a7:4e:f1:1e:4f:9d:cd:64:d5:9d:ad:d1:6d:3f:1c:
e5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:08:EB:D2:32:2D:8F:B1:A9:D3:10:52:0D:A7:59:A5:12:CB:4C:64
X509v3 Authority Key Identifier:
keyid:60:7F:AC:4D:C3:BC:A4:CC:11:E3:72:F7:66:B2:58:A9:DA:EC:B7:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BAB0/6361C982163F11EDB7D8AA85C4F9AE02/YH-sTcO8pMwR43L3ZrJYqdrstwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YH-sTcO8pMwR43L3ZrJYqdrstwc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BAB0/6361C982163F11EDB7D8AA85C4F9AE02/FD9E5086164111ED9F008D0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.191.108.0/24
Signature Algorithm: sha256WithRSAEncryption
62:66:89:5e:e0:4f:88:ef:57:50:8e:9f:10:26:2d:91:22:2c:
39:fe:35:95:54:11:f4:d6:a4:2b:33:8f:e1:d9:60:e1:43:ce:
b3:b6:3c:ff:8c:7f:0f:00:ea:bf:36:58:60:47:e1:82:55:fa:
b6:9d:7f:67:98:e6:f5:57:83:c8:97:c8:14:63:fb:a0:51:35:
26:e0:15:55:7a:a9:97:b0:cb:ff:96:26:5a:56:0f:30:14:e2:
48:79:1c:9f:d8:fe:ad:8b:0f:8d:c3:71:51:c0:50:b3:4e:7d:
44:9f:96:7d:2d:e7:d1:d7:b0:2e:e1:7c:c8:a5:be:b8:f6:46:
e0:d8:92:db:0b:29:5a:ff:d5:09:3b:ea:4f:ff:2c:af:33:07:
c2:0d:5f:9c:8a:67:d3:5a:4b:4a:da:eb:f5:40:99:aa:10:a1:
6e:39:c0:b0:91:d1:ae:0a:95:f8:3e:74:ed:8b:d7:c6:62:34:
1f:72:3a:20:b6:f4:80:46:d7:5f:e4:63:cd:8f:35:28:b3:03:
26:5d:cf:d9:18:ea:1e:fa:64:08:da:bc:57:19:e2:60:88:33:
08:b6:a3:70:f3:7b:38:02:6f:b8:5d:e8:cf:98:9d:94:b4:04:
e3:d6:07:1b:d2:e8:96:4e:de:b2:36:b0:3f:d5:e2:78:b0:73:
b1:12:85:c2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAhowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJBQjAxMTAvBgNVBAUTKDYwN0ZBQzREQzNCQ0E0Q0MxMUUzNzJGNzY2QjI1OEE5
REFFQ0I3MDcwHhcNMjUwMTAxMDE0NTIzWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0OWUzMy01ZTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtG/kgjFpsc32iFCwje8PpGSlrGNiNapbezOPKPuIejdUfMaTALVSRUQWnD+q
By4MMzYGj83i0GH83In3uKghCtKvXTOwFtXJuXTeeYW7UGa3qITFSH9rPImceIF6
rgUfmjl0rwIjuD/7RkuP8oYloRmyveYCvDnDatiFxO2WZ8rLiKqUz1L8q1v7T7ce
DeE9PKpVyX5b49ORJXy5ZnWE3XJRP9MShlmvFZea6iLgwTLYT7ck2amVEguXtQK4
XLaZ3SBLqqypicv+J/lcl3OfJI13JNa7EWcLnkhTwlspFMCplUs9jXSuy8b4U2h8
tpGnTvEeT53NZNWdrdFtPxzlXwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFoI69Iy
LY+xqdMQUg2nWaUSy0xkMB8GA1UdIwQYMBaAFGB/rE3DvKTMEeNy92ayWKna7LcH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkFCMC82MzYxQzk4MjE2
M0YxMUVEQjdEOEFBODVDNEY5QUUwMi9ZSC1zVGNPOHBNd1I0M0wzWnJKWXFkcnN0
d2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lILXNUY084cE13UjQzTDNackpZcWRyc3R3Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJBQjAvNjM2MUM5ODIxNjNGMTFFREI3RDhBQTg1QzRGOUFFMDIvRkQ5RTUwODYx
NjQxMTFFRDlGMDA4RDBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnv2wwDQYJKoZIhvcNAQELBQADggEBAGJmiV7gT4jvV1CO
nxAmLZEiLDn+NZVUEfTWpCszj+HZYOFDzrO2PP+Mfw8A6r82WGBH4YJV+radf2eY
5vVXg8iXyBRj+6BRNSbgFVV6qZewy/+WJlpWDzAU4kh5HJ/Y/q2LD43DcVHAULNO
fUSfln0t59HXsC7hfMilvrj2RuDYktsLKVr/1Qk76k//LK8zB8INX5yKZ9NaS0ra
6/VAmaoQoW45wLCR0a4Klfg+dO2L18ZiNB9yOiC29IBG11/kY82PNSizAyZdz9kY
6h76ZAjavFcZ4mCIMwi2o3DzezgCb7hd6M+YnZS0BOPWBxvS6JZO3rI2sD/V4niw
c7EShcI=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:10:41 2025 by rpki-client