Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9163B62/4E9B76D2FBD211EDA0864345C4F9AE02/52CA5FA4FBDA11EDBC5C2B51C4F9AE02.roa
File: 52CA5FA4FBDA11EDBC5C2B51C4F9AE02.roa (raw, json)
Hash identifier: Odfpid+S8/X10dkHkByuVcfAeQDpGtmiKeMq57hIa04=
Subject key identifier: 48:83:AF:03:7F:4F:DE:91:7C:49:86:85:18:11:A0:66:1E:69:C3:C3
Certificate issuer: /CN=A9163B62/serialNumber=D3AE626449C3A9DD0E7798BCE8BCBB39662A27FF
Certificate serial: 015E
Authority key identifier: D3:AE:62:64:49:C3:A9:DD:0E:77:98:BC:E8:BC:BB:39:66:2A:27:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/065iZEnDqd0Od5i86Ly7OWYqJ_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9163B62/4E9B76D2FBD211EDA0864345C4F9AE02/52CA5FA4FBDA11EDBC5C2B51C4F9AE02.roa
Signing time: Mon 24 Mar 2025 06:26:58 +0000
ROA not before: Mon 24 Mar 2025 06:26:58 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 142631
IP address blocks: 103.208.66.0/24 maxlen: 24
103.229.232.0/24 maxlen: 24
2401:c0a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 350 (0x15e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9163B62
Validity
Not Before: Mar 24 06:26:58 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67e0fb31-3759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0f:78:34:9b:87:59:fc:e0:8b:74:44:f4:49:
e0:f1:d6:7b:f8:bb:ee:78:90:a4:46:6d:10:87:9b:
bb:aa:9b:33:db:40:50:3b:ab:40:82:76:85:4b:ab:
29:51:11:61:ce:86:d8:36:11:83:b2:14:aa:c0:49:
79:50:f4:e6:cb:a2:5c:80:03:9f:30:77:21:d1:00:
aa:aa:6b:e6:7c:80:8a:0f:8a:45:90:c3:60:cd:8e:
e4:42:d7:1b:23:df:f3:67:a5:0e:99:24:20:7e:21:
7d:37:46:be:5b:58:1e:fc:91:e5:d4:6e:63:33:bc:
a0:81:be:37:bc:68:21:c1:03:8f:d6:9c:30:05:7f:
8b:4e:82:b7:08:62:b7:1b:71:9c:37:c6:1d:a1:f0:
e3:ca:6a:11:eb:11:00:54:d3:e1:7a:0b:5a:48:37:
8a:0f:90:fa:af:9c:5d:f4:ce:fa:30:d2:e9:9d:04:
7d:53:fd:fd:48:23:f2:06:a2:6c:b3:cd:07:3e:5b:
bf:df:cd:2a:2a:20:b5:20:4f:65:97:26:f1:c0:72:
f0:e3:a6:e4:31:89:ef:65:ec:ea:df:02:88:f8:64:
38:50:b8:f2:17:6a:07:6b:24:2f:f0:e1:6c:cc:96:
3f:d9:5d:e0:25:72:c8:67:02:0b:dc:70:c0:97:40:
88:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:83:AF:03:7F:4F:DE:91:7C:49:86:85:18:11:A0:66:1E:69:C3:C3
X509v3 Authority Key Identifier:
keyid:D3:AE:62:64:49:C3:A9:DD:0E:77:98:BC:E8:BC:BB:39:66:2A:27:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9163B62/4E9B76D2FBD211EDA0864345C4F9AE02/065iZEnDqd0Od5i86Ly7OWYqJ_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/065iZEnDqd0Od5i86Ly7OWYqJ_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9163B62/4E9B76D2FBD211EDA0864345C4F9AE02/52CA5FA4FBDA11EDBC5C2B51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.208.66.0/24
103.229.232.0/24
IPv6:
2401:c0a0::/32
Signature Algorithm: sha256WithRSAEncryption
5f:8c:80:1f:73:9f:be:fd:4a:4a:c7:5c:41:67:4c:79:3e:6a:
bb:4f:af:59:2f:b6:36:af:50:e6:96:33:db:54:52:1c:ee:1a:
87:a1:f2:29:49:29:51:b1:40:3d:c6:75:67:c0:ea:dd:fd:f2:
57:47:85:a6:0f:d3:9f:63:16:fb:b1:0e:14:42:ae:d1:1e:6f:
81:5d:ec:87:9d:f1:27:cf:ac:c1:50:7c:2e:0b:2c:db:31:07:
dc:d7:f6:d1:86:d8:eb:71:7e:68:26:82:57:6c:8d:d5:e7:53:
e9:df:12:64:aa:ae:52:93:0d:3e:a7:88:7e:29:f2:1b:1e:65:
a5:fd:c9:f3:57:9d:73:65:70:9f:bf:45:28:ec:b9:46:84:bd:
3c:62:db:97:b4:ad:55:8f:78:c0:33:7a:32:2e:d8:ec:5c:df:
8c:4b:1e:8a:9a:9d:1f:d7:5c:5a:b5:93:14:4e:b7:53:65:9f:
27:17:c5:a5:c2:45:2c:40:31:03:f4:d2:8f:00:ea:e6:fa:06:
55:b1:62:b4:36:cc:ab:25:35:e8:4b:8e:bc:6f:67:69:66:c7:
09:45:cf:98:3a:87:d1:9c:de:a5:9d:af:ef:d2:0c:f8:04:8c:
6f:ba:61:dc:40:fc:6c:35:ac:68:5d:09:3d:d9:86:bb:6c:75:
96:f0:f1:c1
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAV4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjNCNjIxMTAvBgNVBAUTKEQzQUU2MjY0NDlDM0E5REQwRTc3OThCQ0U4QkNCQjM5
NjYyQTI3RkYwHhcNMjUwMzI0MDYyNjU4WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UwZmIzMS0zNzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzw94NJuHWfzgi3RE9Eng8dZ7+LvueJCkRm0Qh5u7qpsz20BQO6tAgnaFS6sp
URFhzobYNhGDshSqwEl5UPTmy6JcgAOfMHch0QCqqmvmfICKD4pFkMNgzY7kQtcb
I9/zZ6UOmSQgfiF9N0a+W1ge/JHl1G5jM7yggb43vGghwQOP1pwwBX+LToK3CGK3
G3GcN8YdofDjymoR6xEAVNPhegtaSDeKD5D6r5xd9M76MNLpnQR9U/39SCPyBqJs
s80HPlu/380qKiC1IE9llybxwHLw46bkMYnvZezq3wKI+GQ4ULjyF2oHayQv8OFs
zJY/2V3gJXLIZwIL3HDAl0CI3QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEiDrwN/
T96RfEmGhRgRoGYeacPDMB8GA1UdIwQYMBaAFNOuYmRJw6ndDneYvOi8uzlmKif/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2M0I2Mi80RTlCNzZEMkZC
RDIxMUVEQTA4NjQzNDVDNEY5QUUwMi8wNjVpWkVuRHFkME9kNWk4Nkx5N09XWXFK
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzA2NWlaRW5EcWQwT2Q1aTg2THk3T1dZcUpfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjNCNjIvNEU5Qjc2RDJGQkQyMTFFREEwODY0MzQ1QzRGOUFFMDIvNTJDQTVGQTRG
QkRBMTFFREJDNUMyQjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABn0EIDBABn5egwDQQCAAIwBwMFACQBwKAwDQYJKoZIhvcN
AQELBQADggEBAF+MgB9zn779SkrHXEFnTHk+artPr1kvtjavUOaWM9tUUhzuGoeh
8ilJKVGxQD3GdWfA6t398ldHhaYP059jFvuxDhRCrtEeb4Fd7Ied8SfPrMFQfC4L
LNsxB9zX9tGG2OtxfmgmgldsjdXnU+nfEmSqrlKTDT6niH4p8hseZaX9yfNXnXNl
cJ+/RSjsuUaEvTxi25e0rVWPeMAzejIu2Oxc34xLHoqanR/XXFq1kxROt1NlnycX
xaXCRSxAMQP00o8A6ub6BlWxYrQ2zKslNehLjrxvZ2lmxwlFz5g6h9Gc3qWdr+/S
DPgEjG+6YdxA/Gw1rGhdCT3ZhrtsdZbw8cE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:06:54 2025 by rpki-client