Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E005/9BE781FEC69911E5B0AFE54EC4F9AE02/CD4CD0B654F311E7AC64ED3AC4F9AE02.roa
File: CD4CD0B654F311E7AC64ED3AC4F9AE02.roa (raw, json)
Hash identifier: iH2xmS1GVsSNNCZWscwdxJt8FMGLF9Yh7e5xIVsXSm8=
Subject key identifier: 7D:AD:5A:BF:68:C1:CB:CC:31:81:DA:50:59:52:A4:63:D8:BA:26:21
Certificate issuer: /CN=A915E005/serialNumber=E02BEEE88D835BD0E4254CA08D7C03BC57197484
Certificate serial: 21BC
Authority key identifier: E0:2B:EE:E8:8D:83:5B:D0:E4:25:4C:A0:8D:7C:03:BC:57:19:74:84
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Cvu6I2DW9DkJUygjXwDvFcZdIQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915E005/9BE781FEC69911E5B0AFE54EC4F9AE02/CD4CD0B654F311E7AC64ED3AC4F9AE02.roa
Signing time: Tue 14 Jan 2025 16:12:57 +0000
ROA not before: Tue 14 Jan 2025 16:12:57 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133923
IP address blocks: 103.48.88.0/24 maxlen: 24
103.212.64.0/23 maxlen: 24
2001:df2:1400::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8636 (0x21bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915E005
Validity
Not Before: Jan 14 16:12:57 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67868d09-9080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8f:71:30:b3:f2:c6:8b:57:42:10:54:2c:07:
9a:d9:57:19:3e:70:df:37:c3:cb:1d:ac:fa:b5:56:
60:63:39:c3:fd:56:fd:02:36:09:bd:5a:ef:9b:3e:
2c:4e:ab:1d:e8:80:92:bb:b4:8b:3f:f2:48:a8:02:
49:67:c8:98:7d:2b:9f:61:65:04:51:79:bc:46:eb:
f6:f3:06:26:2e:05:0a:62:8e:01:3c:bf:e6:ee:32:
03:90:b8:83:75:be:75:3b:6d:45:c2:64:e6:5c:a9:
07:df:0d:3c:46:c6:1b:8e:dc:87:67:f2:84:5d:59:
dc:01:12:95:85:a3:e0:a8:2d:79:16:6d:3d:ed:38:
7d:22:8f:6b:a3:9f:c9:76:a6:a3:c9:71:d6:f6:ed:
6b:8c:17:68:c6:97:99:38:81:b1:c4:03:3b:c7:bf:
d2:64:cf:7a:0b:60:05:7c:4a:b9:e2:5e:49:d6:79:
ac:7f:62:65:5c:0c:94:58:c3:a5:d0:7d:7b:f2:e7:
5e:70:bd:47:8a:42:44:f2:bd:2a:85:c9:cc:5f:65:
e5:19:87:df:06:a2:7a:9c:5d:a7:46:49:c1:9a:26:
46:df:58:d1:3e:2f:0a:a8:de:74:0e:bc:95:21:54:
43:2b:33:5b:48:c7:37:c5:86:af:cf:60:09:67:57:
04:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:AD:5A:BF:68:C1:CB:CC:31:81:DA:50:59:52:A4:63:D8:BA:26:21
X509v3 Authority Key Identifier:
keyid:E0:2B:EE:E8:8D:83:5B:D0:E4:25:4C:A0:8D:7C:03:BC:57:19:74:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915E005/9BE781FEC69911E5B0AFE54EC4F9AE02/4Cvu6I2DW9DkJUygjXwDvFcZdIQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Cvu6I2DW9DkJUygjXwDvFcZdIQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E005/9BE781FEC69911E5B0AFE54EC4F9AE02/CD4CD0B654F311E7AC64ED3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.48.88.0/24
103.212.64.0/23
IPv6:
2001:df2:1400::/48
Signature Algorithm: sha256WithRSAEncryption
1b:a6:1f:3b:9c:49:17:5a:de:47:1c:ab:54:40:fb:ac:aa:4a:
ae:ad:bc:b4:a5:2f:ad:be:15:bc:c9:a8:93:81:5e:64:5d:97:
d7:4e:bd:ae:08:84:14:13:39:b3:a3:0b:a7:37:9c:7c:ee:65:
bb:09:80:19:ec:52:26:7a:83:fd:ec:d5:92:27:3a:92:19:14:
04:da:9c:f9:e9:9f:a6:67:4f:d4:55:d2:07:98:98:dc:c4:73:
b6:83:3c:aa:f0:f5:f6:ae:11:9c:90:39:19:38:1a:1d:73:de:
a0:32:0b:b9:4a:8c:2b:e8:95:ef:e2:1b:43:39:02:30:16:97:
4b:3b:a6:6d:11:49:1f:e1:92:e8:80:ea:3b:b2:51:0b:43:d9:
c2:44:eb:05:ad:3a:4a:8a:97:3f:4f:5e:65:79:3f:66:1d:78:
66:f6:1a:dd:63:7e:1a:c4:42:48:c5:5c:5d:c3:58:79:c9:86:
98:5b:d2:12:ac:2b:49:e1:d1:56:65:b4:b8:b6:6c:be:75:42:
4e:2b:c4:80:cd:23:ef:68:2f:90:df:b3:32:54:10:ed:62:e0:
9d:d8:a1:d4:3c:a4:73:f2:31:2a:7b:4d:00:69:0a:99:a8:ea:
73:34:6c:88:57:da:14:86:a7:1f:2a:83:73:27:5b:d2:9b:ed:
34:3c:bb:fd
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICIbwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUUwMDUxMTAvBgNVBAUTKEUwMkJFRUU4OEQ4MzVCRDBFNDI1NENBMDhEN0MwM0JD
NTcxOTc0ODQwHhcNMjUwMTE0MTYxMjU3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2OGQwOS05MDgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApI9xMLPyxotXQhBULAea2VcZPnDfN8PLHaz6tVZgYznD/Vb9AjYJvVrvmz4s
Tqsd6ICSu7SLP/JIqAJJZ8iYfSufYWUEUXm8Ruv28wYmLgUKYo4BPL/m7jIDkLiD
db51O21FwmTmXKkH3w08RsYbjtyHZ/KEXVncARKVhaPgqC15Fm097Th9Io9ro5/J
dqajyXHW9u1rjBdoxpeZOIGxxAM7x7/SZM96C2AFfEq54l5J1nmsf2JlXAyUWMOl
0H178udecL1HikJE8r0qhcnMX2XlGYffBqJ6nF2nRknBmiZG31jRPi8KqN50DryV
IVRDKzNbSMc3xYavz2AJZ1cEgQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFH2tWr9o
wcvMMYHaUFlSpGPYuiYhMB8GA1UdIwQYMBaAFOAr7uiNg1vQ5CVMoI18A7xXGXSE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTAwNS85QkU3ODFGRUM2
OTkxMUU1QjBBRkU1NEVDNEY5QUUwMi80Q3Z1NkkyRFc5RGtKVXlnalh3RHZGY1pk
SVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRDdnU2STJEVzlEa0pVeWdqWHdEdkZjWmRJUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUUwMDUvOUJFNzgxRkVDNjk5MTFFNUIwQUZFNTRFQzRGOUFFMDIvQ0Q0Q0QwQjY1
NEYzMTFFN0FDNjRFRDNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnMFgDBAFn1EAwDwQCAAIwCQMHACABDfIUADANBgkqhkiG
9w0BAQsFAAOCAQEAG6YfO5xJF1reRxyrVED7rKpKrq28tKUvrb4VvMmok4FeZF2X
1069rgiEFBM5s6MLpzecfO5luwmAGexSJnqD/ezVkic6khkUBNqc+emfpmdP1FXS
B5iY3MRztoM8qvD19q4RnJA5GTgaHXPeoDILuUqMK+iV7+IbQzkCMBaXSzumbRFJ
H+GS6IDqO7JRC0PZwkTrBa06SoqXP09eZXk/Zh14ZvYa3WN+GsRCSMVcXcNYecmG
mFvSEqwrSeHRVmW0uLZsvnVCTivEgM0j72gvkN+zMlQQ7WLgndih1Dykc/IxKntN
AGkKmajqczRsiFfaFIanHyqDcydb0pvtNDy7/Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:57:36 2025 by rpki-client