Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914E4E3/423B6FDC1D2F11E8A2FD3712C4F9AE02/7A1AC3F44B6111EBAE5C8E77C4F9AE02.roa
File: 7A1AC3F44B6111EBAE5C8E77C4F9AE02.roa (raw, json)
Hash identifier: WcED1PrxQj41VcZbH/7zC6FIs8aGf9HCbcXArPjWnfI=
Subject key identifier: 9E:F4:32:5C:A5:92:07:2B:38:DE:C0:3C:79:1B:99:94:B0:1D:71:7C
Certificate issuer: /CN=A914E4E3/serialNumber=27E6CB1889C0A3F36F91F58E059B889A26797C94
Certificate serial: 15D3
Authority key identifier: 27:E6:CB:18:89:C0:A3:F3:6F:91:F5:8E:05:9B:88:9A:26:79:7C:94
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J-bLGInAo_NvkfWOBZuImiZ5fJQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914E4E3/423B6FDC1D2F11E8A2FD3712C4F9AE02/7A1AC3F44B6111EBAE5C8E77C4F9AE02.roa
Signing time: Wed 12 Feb 2025 17:24:49 +0000
ROA not before: Wed 12 Feb 2025 17:24:49 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 136262
IP address blocks: 103.85.160.0/22 maxlen: 24
2400:ad40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5587 (0x15d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914E4E3
Validity
Not Before: Feb 12 17:24:49 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67acd961-1e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:56:94:be:c1:bb:8a:fd:43:b5:2d:af:51:fa:
a3:90:da:54:d3:55:36:da:89:08:b5:e6:78:38:76:
f0:66:61:3a:9c:36:d8:93:ca:b8:f3:ea:18:4b:a5:
c9:00:53:b3:6f:6b:23:e5:0f:a1:2b:ea:8e:c7:48:
b6:65:e9:53:8f:ac:3d:bd:96:34:3a:ec:33:8f:a4:
b5:fd:20:e3:26:7c:f0:28:08:70:d8:16:ff:4e:20:
1e:70:49:8f:9a:a3:53:97:c9:a8:37:99:21:b2:d3:
dd:8a:c0:ea:48:14:f3:c5:56:e3:cc:0b:f1:c3:ae:
b3:84:58:28:a3:1b:a8:55:70:cc:cf:af:2d:71:c1:
01:a3:9a:7d:0f:1d:8a:4f:c0:04:1c:05:18:b6:a8:
7f:53:11:f8:fb:43:23:60:e1:74:66:fb:d1:6d:44:
f5:bd:b0:6f:34:c0:6d:6c:6c:67:e8:3a:96:6c:f4:
26:45:fb:5e:3f:d6:c3:f5:ca:43:60:ae:ce:f6:fd:
7d:01:55:ba:8c:80:1f:dc:ab:fc:ba:4c:2d:20:9d:
00:f8:49:4c:af:96:4d:8f:52:53:47:11:90:fa:b8:
57:ad:1d:83:d1:c6:16:f6:d0:41:c6:3b:9c:45:98:
1c:1f:f1:77:11:05:44:ec:51:89:a9:d0:46:4f:53:
70:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:F4:32:5C:A5:92:07:2B:38:DE:C0:3C:79:1B:99:94:B0:1D:71:7C
X509v3 Authority Key Identifier:
keyid:27:E6:CB:18:89:C0:A3:F3:6F:91:F5:8E:05:9B:88:9A:26:79:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914E4E3/423B6FDC1D2F11E8A2FD3712C4F9AE02/J-bLGInAo_NvkfWOBZuImiZ5fJQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J-bLGInAo_NvkfWOBZuImiZ5fJQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E4E3/423B6FDC1D2F11E8A2FD3712C4F9AE02/7A1AC3F44B6111EBAE5C8E77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.85.160.0/22
IPv6:
2400:ad40::/32
Signature Algorithm: sha256WithRSAEncryption
a0:98:db:85:57:d9:cd:51:f7:9a:ce:22:c7:b0:6e:b0:c4:34:
15:16:0b:8a:96:63:ed:e4:04:29:c5:8c:f7:fb:46:90:8d:ff:
c9:b6:64:8e:f6:26:29:c9:94:3a:69:68:8b:e7:fb:47:49:2f:
97:b3:f3:f7:dc:47:e7:4d:b0:ac:15:f7:3a:33:b7:0e:30:a1:
67:81:3f:0e:91:74:3d:20:88:2f:cf:e1:89:3d:fb:f7:64:45:
ca:9a:98:fd:6b:53:02:ed:6b:33:63:bb:59:1d:13:f4:bc:36:
5f:45:3e:85:8b:cf:24:e1:58:3e:f0:c9:6a:79:9e:88:dd:3d:
3d:4a:78:79:88:7a:62:0d:e8:e7:5a:a0:9b:3e:59:e3:9a:1b:
e0:08:83:d6:51:9f:b9:6e:d9:4c:a0:98:21:e6:47:15:2b:5c:
05:fb:20:f9:a6:dd:b0:e0:f1:6e:b4:07:6d:a6:66:63:b7:67:
c6:c2:60:19:e0:8c:94:98:a0:73:d1:5b:48:bd:5f:a0:72:f4:
46:be:c1:f7:82:28:a8:9e:77:18:cc:99:5c:42:b4:b5:61:8d:
39:d3:51:23:be:34:ba:2c:6f:de:57:03:ee:e4:70:6f:08:01:
33:9d:f0:3c:6e:65:d3:25:73:3d:4a:fc:0f:f3:9e:79:21:b1:
4b:70:11:8e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICFdMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEU0RTMxMTAvBgNVBAUTKDI3RTZDQjE4ODlDMEEzRjM2RjkxRjU4RTA1OUI4ODlB
MjY3OTdDOTQwHhcNMjUwMjEyMTcyNDQ5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FjZDk2MS0xZTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyFaUvsG7iv1DtS2vUfqjkNpU01U22okIteZ4OHbwZmE6nDbYk8q48+oYS6XJ
AFOzb2sj5Q+hK+qOx0i2ZelTj6w9vZY0Ouwzj6S1/SDjJnzwKAhw2Bb/TiAecEmP
mqNTl8moN5khstPdisDqSBTzxVbjzAvxw66zhFgooxuoVXDMz68tccEBo5p9Dx2K
T8AEHAUYtqh/UxH4+0MjYOF0ZvvRbUT1vbBvNMBtbGxn6DqWbPQmRfteP9bD9cpD
YK7O9v19AVW6jIAf3Kv8ukwtIJ0A+ElMr5ZNj1JTRxGQ+rhXrR2D0cYW9tBBxjuc
RZgcH/F3EQVE7FGJqdBGT1NwpwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJ70Mlyl
kgcrON7APHkbmZSwHXF8MB8GA1UdIwQYMBaAFCfmyxiJwKPzb5H1jgWbiJomeXyU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTRFMy80MjNCNkZEQzFE
MkYxMUU4QTJGRDM3MTJDNEY5QUUwMi9KLWJMR0luQW9fTnZrZldPQlp1SW1pWjVm
SlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0otYkxHSW5Bb19OdmtmV09CWnVJbWlaNWZKUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEU0RTMvNDIzQjZGREMxRDJGMTFFOEEyRkQzNzEyQzRGOUFFMDIvN0ExQUMzRjQ0
QjYxMTFFQkFFNUM4RTc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnVaAwDQQCAAIwBwMFACQArUAwDQYJKoZIhvcNAQELBQAD
ggEBAKCY24VX2c1R95rOIsewbrDENBUWC4qWY+3kBCnFjPf7RpCN/8m2ZI72JinJ
lDppaIvn+0dJL5ez8/fcR+dNsKwV9zoztw4woWeBPw6RdD0giC/P4Yk9+/dkRcqa
mP1rUwLtazNju1kdE/S8Nl9FPoWLzyThWD7wyWp5nojdPT1KeHmIemIN6OdaoJs+
WeOaG+AIg9ZRn7lu2UygmCHmRxUrXAX7IPmm3bDg8W60B22mZmO3Z8bCYBngjJSY
oHPRW0i9X6By9Ea+wfeCKKiedxjMmVxCtLVhjTnTUSO+NLosb95XA+7kcG8IATOd
8DxuZdMlcz1K/A/znnkhsUtwEY4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:48:27 2025 by rpki-client