Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E47C/47B55992AD0F11E5B978FD54C4F9AE02/27CF6BE84EED11EF8D4BE30CC4F9AE02.roa
File: 27CF6BE84EED11EF8D4BE30CC4F9AE02.roa (raw, json)
Hash identifier: vUHNM7b/7rHUhQuKzV89H4uhi15N4fuBRHxCcyjL5as=
Subject key identifier: 05:0D:79:1D:A1:33:9F:6C:B8:8A:76:27:06:54:CC:B5:78:6D:4C:A6
Certificate issuer: /CN=A915E47C/serialNumber=1B8198E297ECFB8FB51AF79624D3B684A1F9B51D
Certificate serial: 2230
Authority key identifier: 1B:81:98:E2:97:EC:FB:8F:B5:1A:F7:96:24:D3:B6:84:A1:F9:B5:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G4GY4pfs-4-1GveWJNO2hKH5tR0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915E47C/47B55992AD0F11E5B978FD54C4F9AE02/27CF6BE84EED11EF8D4BE30CC4F9AE02.roa
Signing time: Thu 30 Jan 2025 16:03:13 +0000
ROA not before: Thu 30 Jan 2025 16:03:13 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 16509
IP address blocks: 103.205.78.0/24 maxlen: 24
103.205.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8752 (0x2230)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915E47C
Validity
Not Before: Jan 30 16:03:13 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679ba2c1-d085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2e:6a:83:a2:09:55:1c:e7:c7:c1:f9:da:1d:
c0:70:f0:38:ef:f2:e2:2a:de:51:bd:f5:c2:27:97:
81:f8:b2:e2:47:63:28:29:af:dc:9b:29:00:9e:c0:
68:2b:f9:46:60:e5:b2:42:39:c5:e2:02:1d:1f:6b:
8e:bc:fd:6e:d1:88:d9:ac:94:54:58:28:58:c5:31:
95:34:5e:c3:d0:b2:f4:9e:09:5a:6b:c8:cc:f8:fa:
4d:2b:f9:8e:9d:8c:25:f3:59:9b:1c:2f:dc:10:0d:
20:dd:3b:35:78:c6:94:6c:06:1d:de:dd:4e:8e:9c:
39:b8:a2:28:58:9d:58:6c:d8:1f:57:67:a6:69:ba:
d0:1b:c5:f5:0d:2e:69:a6:7b:92:6a:52:75:27:c3:
22:fd:ca:42:9c:4f:56:03:df:40:3a:20:c5:9a:c9:
ec:54:93:8d:94:13:c3:cc:f8:0b:bf:46:de:d1:78:
65:1f:69:41:3c:47:42:24:3c:0c:5b:e4:7b:9d:99:
9b:5d:26:a9:6d:7a:e1:1c:56:4d:f3:6e:95:b5:08:
d7:f4:e9:00:0f:82:d3:fe:5b:50:6e:7e:11:fa:0f:
95:a0:80:18:0b:60:79:b3:de:45:58:3d:b8:e8:11:
4e:36:87:89:2b:26:8f:b7:72:a4:7c:61:6b:0e:79:
29:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:0D:79:1D:A1:33:9F:6C:B8:8A:76:27:06:54:CC:B5:78:6D:4C:A6
X509v3 Authority Key Identifier:
keyid:1B:81:98:E2:97:EC:FB:8F:B5:1A:F7:96:24:D3:B6:84:A1:F9:B5:1D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915E47C/47B55992AD0F11E5B978FD54C4F9AE02/G4GY4pfs-4-1GveWJNO2hKH5tR0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G4GY4pfs-4-1GveWJNO2hKH5tR0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E47C/47B55992AD0F11E5B978FD54C4F9AE02/27CF6BE84EED11EF8D4BE30CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.205.78.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:5e:61:e4:eb:fc:7c:1e:80:21:66:8a:d8:c8:44:91:d7:f6:
15:3b:7f:61:70:64:47:0e:32:2a:6d:78:83:3f:ee:1d:d8:77:
aa:94:69:91:24:c1:59:17:b8:35:c7:70:a2:20:9b:8d:b8:57:
8c:03:71:38:fa:ea:0e:76:88:c6:5f:f5:65:c8:d6:80:67:88:
4e:30:67:38:87:23:4b:52:fb:05:e7:24:db:d2:7e:8f:6a:e1:
81:f7:65:e0:2b:38:8e:97:25:2b:89:97:5f:02:30:e5:b0:e4:
35:d7:ee:b5:c2:61:5e:12:eb:7f:82:40:a2:92:ee:29:de:13:
35:0e:3e:89:66:83:cb:2c:21:82:8f:f2:68:4c:97:68:c8:17:
1e:d0:2f:1e:80:fb:70:d2:14:95:27:18:16:28:c7:7c:5d:87:
93:ec:ca:c7:3d:81:c4:82:5d:2c:40:8d:e9:16:be:5f:bb:51:
86:21:74:bd:ea:83:d9:65:ac:7f:6b:7f:f3:c5:46:14:e9:f1:
84:ea:69:8f:af:24:ac:f0:c4:5f:6e:0e:e4:a5:44:d0:68:1b:
72:f5:03:1a:a5:45:b9:d4:56:32:a8:3f:bd:3c:a0:f1:a9:0f:
a7:37:ea:7b:9c:d9:b7:bb:16:95:4a:87:50:ca:fc:e5:8e:30:
19:b6:bd:21
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICIjAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUU0N0MxMTAvBgNVBAUTKDFCODE5OEUyOTdFQ0ZCOEZCNTFBRjc5NjI0RDNCNjg0
QTFGOUI1MUQwHhcNMjUwMTMwMTYwMzEzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzliYTJjMS1kMDg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5S5qg6IJVRznx8H52h3AcPA47/LiKt5RvfXCJ5eB+LLiR2MoKa/cmykAnsBo
K/lGYOWyQjnF4gIdH2uOvP1u0YjZrJRUWChYxTGVNF7D0LL0nglaa8jM+PpNK/mO
nYwl81mbHC/cEA0g3Ts1eMaUbAYd3t1Ojpw5uKIoWJ1YbNgfV2emabrQG8X1DS5p
pnuSalJ1J8Mi/cpCnE9WA99AOiDFmsnsVJONlBPDzPgLv0be0XhlH2lBPEdCJDwM
W+R7nZmbXSapbXrhHFZN826VtQjX9OkAD4LT/ltQbn4R+g+VoIAYC2B5s95FWD24
6BFONoeJKyaPt3KkfGFrDnkpowIDAQABo4IClTCCApEwHQYDVR0OBBYEFAUNeR2h
M59suIp2JwZUzLV4bUymMB8GA1UdIwQYMBaAFBuBmOKX7PuPtRr3liTTtoSh+bUd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTQ3Qy80N0I1NTk5MkFE
MEYxMUU1Qjk3OEZENTRDNEY5QUUwMi9HNEdZNHBmcy00LTFHdmVXSk5PMmhLSDV0
UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0c0R1k0cGZzLTQtMUd2ZVdKTk8yaEtINXRSMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUU0N0MvNDdCNTU5OTJBRDBGMTFFNUI5NzhGRDU0QzRGOUFFMDIvMjdDRjZCRTg0
RUVEMTFFRjhENEJFMzBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnzU4wDQYJKoZIhvcNAQELBQADggEBALxeYeTr/HwegCFm
itjIRJHX9hU7f2FwZEcOMipteIM/7h3Yd6qUaZEkwVkXuDXHcKIgm424V4wDcTj6
6g52iMZf9WXI1oBniE4wZziHI0tS+wXnJNvSfo9q4YH3ZeArOI6XJSuJl18CMOWw
5DXX7rXCYV4S63+CQKKS7ineEzUOPolmg8ssIYKP8mhMl2jIFx7QLx6A+3DSFJUn
GBYox3xdh5Psysc9gcSCXSxAjekWvl+7UYYhdL3qg9llrH9rf/PFRhTp8YTqaY+v
JKzwxF9uDuSlRNBoG3L1AxqlRbnUVjKoP708oPGpD6c36nuc2be7FpVKh1DK/OWO
MBm2vSE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:49:42 2025 by rpki-client