Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/5A9BEA702D7611EB9827C368C4F9AE02.roa
File: 5A9BEA702D7611EB9827C368C4F9AE02.roa (raw, json)
Hash identifier: ebO9+Vms5oQoG4HlIUTD5BkVkXKCz/huR2BUpn+lQwI=
Subject key identifier: D4:F4:33:FB:D4:9C:9D:E7:4D:1D:1F:42:29:C8:1F:99:C1:57:C2:4F
Certificate issuer: /CN=A915DAF1/serialNumber=BB9F42CFCE388EDC4B29EA65DEB6162B256D2102
Certificate serial: 071D
Authority key identifier: BB:9F:42:CF:CE:38:8E:DC:4B:29:EA:65:DE:B6:16:2B:25:6D:21:02
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u59Cz844jtxLKepl3rYWKyVtIQI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/5A9BEA702D7611EB9827C368C4F9AE02.roa
Signing time: Sun 02 Mar 2025 23:00:07 +0000
ROA not before: Sun 02 Mar 2025 23:00:07 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 140224
IP address blocks: 103.148.186.0/24 maxlen: 24
103.148.187.0/24 maxlen: 24
2001:df2:e380::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1821 (0x71d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915DAF1
Validity
Not Before: Mar 2 23:00:07 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c4e2f7-e549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:95:ba:7d:c4:15:0a:09:32:23:b1:d8:11:ee:
ef:60:72:6d:a6:e4:46:22:95:c5:b0:79:a0:96:3a:
c0:b8:3c:47:f3:ad:15:07:cc:81:b0:a6:11:ba:e7:
83:7d:3e:78:fd:97:e3:4f:a5:59:bc:a2:c5:1b:8f:
e2:f6:c1:74:4a:da:95:e3:98:c0:5e:a1:c7:2a:9c:
8e:d6:58:b8:b1:eb:67:6f:bc:c4:21:6c:70:ab:62:
81:bb:b5:e5:36:e7:96:3b:34:6f:1e:ef:03:66:a1:
b9:6d:6a:30:b2:84:00:39:f4:05:7b:8b:3e:d9:29:
f8:58:c3:19:08:58:be:4e:e8:37:28:5b:fa:72:f0:
27:93:d7:c5:30:76:ba:f9:bf:f6:33:5c:7a:a7:b9:
8c:4c:e6:60:e4:f4:b0:24:63:68:90:6f:71:40:73:
f3:96:e0:db:56:39:d8:93:70:30:ef:9f:85:84:ae:
4a:f7:e4:ee:8c:57:80:25:94:a3:09:34:c4:5a:93:
89:e4:94:41:d0:61:77:99:25:72:fc:d5:6c:04:0a:
00:a6:cb:fb:62:62:b4:fa:25:8a:9b:ae:ab:b2:a5:
ed:7f:73:c1:37:b7:fc:a8:b8:4f:67:90:0d:a0:aa:
13:e6:c5:e8:88:0c:04:b5:d6:62:78:87:81:f3:32:
ae:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F4:33:FB:D4:9C:9D:E7:4D:1D:1F:42:29:C8:1F:99:C1:57:C2:4F
X509v3 Authority Key Identifier:
keyid:BB:9F:42:CF:CE:38:8E:DC:4B:29:EA:65:DE:B6:16:2B:25:6D:21:02
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/u59Cz844jtxLKepl3rYWKyVtIQI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u59Cz844jtxLKepl3rYWKyVtIQI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/5A9BEA702D7611EB9827C368C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.186.0/23
IPv6:
2001:df2:e380::/48
Signature Algorithm: sha256WithRSAEncryption
70:32:a7:f6:a6:d5:d7:59:e5:8c:5b:0d:84:b5:a1:db:91:fb:
ac:23:ad:07:0b:cb:74:40:d4:2a:cf:26:01:83:c9:0c:39:64:
d8:4a:b9:8a:63:84:f2:e3:db:fb:c2:0e:9f:93:91:98:18:c5:
96:df:e0:b5:59:83:75:b3:28:30:51:a5:2a:37:28:00:0b:a6:
51:16:ce:e3:b6:c9:b2:26:5a:c2:7f:42:0c:d2:fb:87:03:15:
83:c5:e5:58:7b:f3:c2:86:fa:b3:52:ba:06:82:2c:0d:24:2b:
13:af:e1:2c:77:70:24:b9:46:8e:c4:8f:20:37:30:61:e0:29:
2d:60:4b:5b:28:54:5d:41:2c:cd:7c:5b:94:77:68:25:b4:26:
78:bd:d6:9d:25:6b:a4:95:bd:27:e9:08:ae:64:0a:0b:cb:64:
9f:dd:20:14:35:2c:ff:25:21:a6:78:88:a9:f9:54:50:c1:fc:
03:a1:07:32:4e:46:26:1f:ec:95:e9:32:6c:38:93:10:47:df:
d1:b7:99:3d:89:55:d6:1e:be:69:76:96:31:db:85:7a:91:e7:
0a:80:62:4e:7a:cc:fe:3d:a6:58:99:0c:50:f1:b5:aa:bd:df:
42:e1:69:06:be:e5:1f:78:1a:39:bc:c6:43:47:b0:8a:62:a4:
3e:76:59:9d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBx0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NURBRjExMTAvBgNVBAUTKEJCOUY0MkNGQ0UzODhFREM0QjI5RUE2NURFQjYxNjJC
MjU2RDIxMDIwHhcNMjUwMzAyMjMwMDA3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M0ZTJmNy1lNTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvZW6fcQVCgkyI7HYEe7vYHJtpuRGIpXFsHmgljrAuDxH860VB8yBsKYRuueD
fT54/ZfjT6VZvKLFG4/i9sF0StqV45jAXqHHKpyO1li4setnb7zEIWxwq2KBu7Xl
NueWOzRvHu8DZqG5bWowsoQAOfQFe4s+2Sn4WMMZCFi+Tug3KFv6cvAnk9fFMHa6
+b/2M1x6p7mMTOZg5PSwJGNokG9xQHPzluDbVjnYk3Aw75+FhK5K9+TujFeAJZSj
CTTEWpOJ5JRB0GF3mSVy/NVsBAoApsv7YmK0+iWKm66rsqXtf3PBN7f8qLhPZ5AN
oKoT5sXoiAwEtdZieIeB8zKuzwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNT0M/vU
nJ3nTR0fQinIH5nBV8JPMB8GA1UdIwQYMBaAFLufQs/OOI7cSynqZd62FislbSEC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1REFGMS8wQjJCOTBBNDJE
NzUxMUVCOTM2RTM0NThDNEY5QUUwMi91NTlDejg0NGp0eExLZXBsM3JZV0t5VnRJ
UUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3U1OUN6ODQ0anR4TEtlcGwzcllXS3lWdElRSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NURBRjEvMEIyQjkwQTQyRDc1MTFFQjkzNkUzNDU4QzRGOUFFMDIvNUE5QkVBNzAy
RDc2MTFFQjk4MjdDMzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnlLowDwQCAAIwCQMHACABDfLjgDANBgkqhkiG9w0BAQsF
AAOCAQEAcDKn9qbV11nljFsNhLWh25H7rCOtBwvLdEDUKs8mAYPJDDlk2Eq5imOE
8uPb+8IOn5ORmBjFlt/gtVmDdbMoMFGlKjcoAAumURbO47bJsiZawn9CDNL7hwMV
g8XlWHvzwob6s1K6BoIsDSQrE6/hLHdwJLlGjsSPIDcwYeApLWBLWyhUXUEszXxb
lHdoJbQmeL3WnSVrpJW9J+kIrmQKC8tkn90gFDUs/yUhpniIqflUUMH8A6EHMk5G
Jh/slekybDiTEEff0beZPYlV1h6+aXaWMduFepHnCoBiTnrM/j2mWJkMUPG1qr3f
QuFpBr7lH3gaObzGQ0ewimKkPnZZnQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:07:19 2025 by rpki-client