Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91605D7/3B50F132E57F11EEAF1D291BC4F9AE02/EA46D7ECE57F11EE96F8FB39C4F9AE02.roa
File: EA46D7ECE57F11EE96F8FB39C4F9AE02.roa (raw, json)
Hash identifier: yl/E8QHLka4/lwMsB6BevGouPJwrIPgnFEOjdbPwsG0=
Subject key identifier: FE:17:3A:39:38:3F:E4:B8:E5:47:48:6B:D5:7A:FA:55:66:50:F0:48
Certificate issuer: /CN=A91605D7/serialNumber=61E4F8616B6242661A91F7D012B6CD1E4093890B
Certificate serial: 92
Authority key identifier: 61:E4:F8:61:6B:62:42:66:1A:91:F7:D0:12:B6:CD:1E:40:93:89:0B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YeT4YWtiQmYakffQErbNHkCTiQs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91605D7/3B50F132E57F11EEAF1D291BC4F9AE02/EA46D7ECE57F11EE96F8FB39C4F9AE02.roa
Signing time: Sat 21 Dec 2024 04:48:52 +0000
ROA not before: Sat 21 Dec 2024 04:48:52 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 138455
IP address blocks: 103.125.222.0/24 maxlen: 24
103.141.233.0/24 maxlen: 24
203.4.161.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146 (0x92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91605D7
Validity
Not Before: Dec 21 04:48:52 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=676648b4-a89c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ac:ec:55:4a:30:21:34:7e:dd:66:de:47:b4:
6a:af:13:4e:22:27:76:e6:d1:b4:b7:05:28:03:9c:
e9:98:57:4f:20:fa:fc:a0:7a:52:bc:28:be:91:e6:
6e:6c:17:2e:90:05:27:59:2a:7b:2e:0b:42:fc:b5:
58:41:17:b7:f1:ec:af:4e:52:f3:d0:36:d0:2c:dc:
20:7b:a6:84:60:90:e4:41:99:f8:4c:c1:36:7c:7c:
f4:9d:97:5d:ed:c4:08:27:87:3e:c1:c1:7c:6b:54:
1e:a0:b6:c2:33:41:19:a0:80:d6:53:d9:c6:1c:cf:
32:d6:77:ea:5c:5a:00:b7:ed:d5:ef:e1:9f:c5:09:
c8:18:02:23:f0:1b:a0:40:27:39:ee:a2:13:5e:98:
d6:5a:c7:0c:54:3b:d3:ee:15:7d:2f:c2:66:7e:d5:
d4:3e:5c:ac:f5:f2:14:fc:0a:13:a4:a6:0b:4b:81:
2f:f9:08:1c:f5:bc:42:9c:1b:56:56:a7:df:9f:15:
15:fa:b8:89:20:bc:a9:5d:ec:d5:b5:ee:31:d7:5a:
66:27:5c:75:6c:0f:d1:73:b7:9d:82:46:ef:14:b3:
f2:89:3e:ce:2f:04:f5:b5:e9:0c:9f:7c:5f:80:94:
c9:4a:c3:1f:3a:09:2a:25:73:b4:58:7c:59:7c:b1:
07:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:17:3A:39:38:3F:E4:B8:E5:47:48:6B:D5:7A:FA:55:66:50:F0:48
X509v3 Authority Key Identifier:
keyid:61:E4:F8:61:6B:62:42:66:1A:91:F7:D0:12:B6:CD:1E:40:93:89:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91605D7/3B50F132E57F11EEAF1D291BC4F9AE02/YeT4YWtiQmYakffQErbNHkCTiQs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YeT4YWtiQmYakffQErbNHkCTiQs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91605D7/3B50F132E57F11EEAF1D291BC4F9AE02/EA46D7ECE57F11EE96F8FB39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.125.222.0/24
103.141.233.0/24
203.4.161.0/24
Signature Algorithm: sha256WithRSAEncryption
01:d5:0f:1c:8b:e0:a4:2a:0d:1c:9f:d8:4c:a7:8d:c5:38:51:
17:fe:b5:70:19:c5:0e:00:17:1c:a8:0e:b2:62:1e:f6:3c:d4:
90:b5:fb:1b:4b:14:9b:8a:69:67:fd:a4:28:64:ff:64:64:75:
31:8d:a1:58:14:48:33:eb:57:1a:9a:7d:b5:b6:ec:53:4c:58:
c2:60:68:df:91:2f:38:a9:96:a1:5c:36:d4:64:81:de:c7:f1:
f3:d9:3a:bd:ec:57:0f:11:c6:9e:20:6f:25:78:8b:e0:7e:25:
47:8d:a8:4b:8c:d2:d4:77:2c:cb:1c:46:6d:4b:a0:c2:01:47:
28:05:11:51:cf:66:9b:53:94:e5:5c:e4:99:71:0a:6e:29:b7:
69:08:1b:40:00:a2:99:fa:f3:63:3b:97:53:0a:21:1b:45:a4:
1d:50:01:85:21:19:91:4e:be:e2:29:60:49:05:d3:87:34:ce:
de:6b:91:bd:39:d3:d5:f3:79:29:86:6d:03:31:0c:b6:04:ea:
8f:aa:d4:b1:37:20:fe:76:85:b6:ad:f6:67:50:25:42:e8:ea:
c5:4e:64:d9:eb:27:1f:cf:21:3c:4f:96:91:2f:0c:3a:81:7a:
db:23:3f:94:da:8a:39:58:a9:0d:01:a6:a4:00:f8:fd:5a:aa:
82:22:93:22
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjA1RDcxMTAvBgNVBAUTKDYxRTRGODYxNkI2MjQyNjYxQTkxRjdEMDEyQjZDRDFF
NDA5Mzg5MEIwHhcNMjQxMjIxMDQ0ODUyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY2NDhiNC1hODljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoazsVUowITR+3WbeR7RqrxNOIid25tG0twUoA5zpmFdPIPr8oHpSvCi+keZu
bBcukAUnWSp7LgtC/LVYQRe38eyvTlLz0DbQLNwge6aEYJDkQZn4TME2fHz0nZdd
7cQIJ4c+wcF8a1QeoLbCM0EZoIDWU9nGHM8y1nfqXFoAt+3V7+GfxQnIGAIj8Bug
QCc57qITXpjWWscMVDvT7hV9L8JmftXUPlys9fIU/AoTpKYLS4Ev+Qgc9bxCnBtW
VqffnxUV+riJILypXezVte4x11pmJ1x1bA/Rc7edgkbvFLPyiT7OLwT1tekMn3xf
gJTJSsMfOgkqJXO0WHxZfLEHlQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFP4XOjk4
P+S45UdIa9V6+lVmUPBIMB8GA1UdIwQYMBaAFGHk+GFrYkJmGpH30BK2zR5Ak4kL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDVENy8zQjUwRjEzMkU1
N0YxMUVFQUYxRDI5MUJDNEY5QUUwMi9ZZVQ0WVd0aVFtWWFrZmZRRXJiTkhrQ1Rp
UXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1llVDRZV3RpUW1ZYWtmZlFFcmJOSGtDVGlRcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjA1RDcvM0I1MEYxMzJFNTdGMTFFRUFGMUQyOTFCQzRGOUFFMDIvRUE0NkQ3RUNF
NTdGMTFFRTk2RjhGQjM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnfd4DBABnjekDBADLBKEwDQYJKoZIhvcNAQELBQADggEB
AAHVDxyL4KQqDRyf2EynjcU4URf+tXAZxQ4AFxyoDrJiHvY81JC1+xtLFJuKaWf9
pChk/2RkdTGNoVgUSDPrVxqafbW27FNMWMJgaN+RLziplqFcNtRkgd7H8fPZOr3s
Vw8Rxp4gbyV4i+B+JUeNqEuM0tR3LMscRm1LoMIBRygFEVHPZptTlOVc5JlxCm4p
t2kIG0AAopn682M7l1MKIRtFpB1QAYUhGZFOvuIpYEkF04c0zt5rkb0509XzeSmG
bQMxDLYE6o+q1LE3IP52hbat9mdQJULo6sVOZNnrJx/PITxPlpEvDDqBetsjP5Ta
ijlYqQ0BpqQA+P1aqoIikyI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:12:39 2025 by rpki-client