Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917B503/7B885FE4431011EF8948A381C4F9AE02/FF7048A08BB111EF8981B871C4F9AE02.roa
File: FF7048A08BB111EF8981B871C4F9AE02.roa (raw, json)
Hash identifier: 9uEwzB8ckH0lupP2vcJh2pZkJ61ZIv0842o4n0sbwyc=
Subject key identifier: 0A:FD:A5:D4:EB:B3:7C:33:55:E2:1C:A7:49:C4:60:55:E3:4C:3B:49
Certificate issuer: /CN=A917B503/serialNumber=BD63E0DDCB5CD41B34501DF2E81A2A72CEE36EF2
Certificate serial: 71
Authority key identifier: BD:63:E0:DD:CB:5C:D4:1B:34:50:1D:F2:E8:1A:2A:72:CE:E3:6E:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vWPg3ctc1Bs0UB3y6Boqcs7jbvI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917B503/7B885FE4431011EF8948A381C4F9AE02/FF7048A08BB111EF8981B871C4F9AE02.roa
Signing time: Sat 01 Feb 2025 05:39:12 +0000
ROA not before: Sat 01 Feb 2025 05:39:12 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 206888
IP address blocks: 45.114.124.0/22 maxlen: 22
103.81.168.0/22 maxlen: 22
2400:7ac0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113 (0x71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917B503
Validity
Not Before: Feb 1 05:39:12 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679db37f-56e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:3f:a2:1f:f6:a3:4c:aa:4a:f6:88:0d:62:e5:
4c:18:c3:3f:7c:a9:88:b2:ac:36:1c:31:92:cc:2d:
b2:26:c7:43:69:b0:f4:02:cc:d4:07:e5:a7:be:bd:
82:f6:27:55:14:b7:b5:13:22:e7:86:86:5c:7b:4d:
92:d1:29:5f:84:af:55:67:9d:f5:67:f2:54:d0:78:
5e:37:8d:03:c1:ba:ea:fb:9a:ae:68:6f:e4:f9:b5:
51:9f:95:54:3e:e6:dc:e8:6a:dc:62:8d:ca:f5:3c:
60:a2:37:ff:5b:a5:65:91:c9:f9:06:5c:98:9d:ce:
11:0b:d0:16:75:72:7b:8c:9a:cd:a1:73:c7:06:ba:
eb:36:66:2c:20:3f:23:93:be:de:8d:c4:7a:d9:af:
18:73:c3:49:2f:77:68:cc:51:c7:4d:65:4d:33:9a:
c1:3c:fa:2a:c1:e7:97:af:10:e3:7c:85:5f:3a:15:
0d:b9:f0:32:1c:59:19:b2:da:b2:da:19:ea:d8:19:
de:25:b2:91:e0:81:9d:20:a0:cb:72:4a:7c:17:8d:
ed:6b:c6:5a:64:b7:59:7e:5f:bc:6e:ea:48:bc:da:
7f:f9:4d:27:97:2a:e9:34:f8:1c:cf:39:ca:4c:1b:
e5:65:37:fa:1c:6b:0a:43:d6:a8:0f:65:b3:31:ba:
54:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:FD:A5:D4:EB:B3:7C:33:55:E2:1C:A7:49:C4:60:55:E3:4C:3B:49
X509v3 Authority Key Identifier:
keyid:BD:63:E0:DD:CB:5C:D4:1B:34:50:1D:F2:E8:1A:2A:72:CE:E3:6E:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917B503/7B885FE4431011EF8948A381C4F9AE02/vWPg3ctc1Bs0UB3y6Boqcs7jbvI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vWPg3ctc1Bs0UB3y6Boqcs7jbvI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B503/7B885FE4431011EF8948A381C4F9AE02/FF7048A08BB111EF8981B871C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.114.124.0/22
103.81.168.0/22
IPv6:
2400:7ac0::/32
Signature Algorithm: sha256WithRSAEncryption
a1:8b:73:e1:03:6c:2b:42:fb:8f:9f:d0:f5:12:6f:2e:b1:70:
0d:58:d0:6c:67:2a:03:be:f1:0d:80:0b:5b:2f:8f:44:ec:e5:
e6:04:3e:ee:f4:ee:4c:dc:18:90:d0:1c:4a:cd:9c:b8:4e:84:
c9:92:1c:94:4e:2e:22:c1:51:48:01:c0:a6:41:d8:30:41:1b:
e1:f8:74:2d:1a:cd:99:3c:73:eb:9b:9c:0f:f8:9c:98:69:02:
d7:29:d4:98:3b:46:aa:3e:ee:0f:dd:dd:4f:0b:09:2f:f5:98:
b8:4f:c5:68:28:5e:8e:c1:d8:01:e2:59:b1:b9:84:db:e0:59:
1d:f0:41:cb:28:81:8a:85:6a:23:f3:70:52:1c:09:eb:45:0e:
46:be:3c:f7:bb:34:79:58:e9:1f:89:ea:c2:84:93:68:9f:ae:
45:6b:f5:dc:c8:4e:30:11:ea:cb:dd:6a:73:6e:48:1f:f1:53:
43:12:1f:54:1f:21:41:9a:79:62:87:46:a4:27:b3:90:bd:78:
a6:73:8c:0d:4d:ba:3d:2e:b3:4d:86:35:00:5b:28:d7:eb:9a:
46:90:b4:bc:ea:47:1d:49:bc:44:cb:c7:a6:55:14:ff:cc:ea:
5b:b7:0b:38:94:fd:22:3f:a6:9d:d6:27:83:c4:df:d9:8b:62:
b8:ad:40:e5
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBcTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
QjUwMzExMC8GA1UEBRMoQkQ2M0UwRERDQjVDRDQxQjM0NTAxREYyRTgxQTJBNzJD
RUUzNkVGMjAeFw0yNTAyMDEwNTM5MTJaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OWRiMzdmLTU2ZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDwP6If9qNMqkr2iA1i5UwYwz98qYiyrDYcMZLMLbImx0NpsPQCzNQH5ae+vYL2
J1UUt7UTIueGhlx7TZLRKV+Er1VnnfVn8lTQeF43jQPBuur7mq5ob+T5tVGflVQ+
5tzoatxijcr1PGCiN/9bpWWRyfkGXJidzhEL0BZ1cnuMms2hc8cGuus2ZiwgPyOT
vt6NxHrZrxhzw0kvd2jMUcdNZU0zmsE8+irB55evEON8hV86FQ258DIcWRmy2rLa
GerYGd4lspHggZ0goMtySnwXje1rxlpkt1l+X7xu6ki82n/5TSeXKuk0+BzPOcpM
G+VlN/ocawpD1qgPZbMxulSFAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQUCv2l1Ouz
fDNV4hynScRgVeNMO0kwHwYDVR0jBBgwFoAUvWPg3ctc1Bs0UB3y6Boqcs7jbvIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdCNTAzLzdCODg1RkU0NDMx
MDExRUY4OTQ4QTM4MUM0RjlBRTAyL3ZXUGczY3RjMUJzMFVCM3k2Qm9xY3M3amJ2
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdldQZzNjdGMxQnMwVUIzeTZCb3FjczdqYnZJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QjUwMy83Qjg4NUZFNDQzMTAxMUVGODk0OEEzODFDNEY5QUUwMi9GRjcwNDhBMDhC
QjExMUVGODk4MUI4NzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAi1yfAMEAmdRqDANBAIAAjAHAwUAJAB6wDANBgkqhkiG9w0B
AQsFAAOCAQEAoYtz4QNsK0L7j5/Q9RJvLrFwDVjQbGcqA77xDYALWy+PROzl5gQ+
7vTuTNwYkNAcSs2cuE6EyZIclE4uIsFRSAHApkHYMEEb4fh0LRrNmTxz65ucD/ic
mGkC1ynUmDtGqj7uD93dTwsJL/WYuE/FaChejsHYAeJZsbmE2+BZHfBByyiBioVq
I/NwUhwJ60UORr4897s0eVjpH4nqwoSTaJ+uRWv13MhOMBHqy91qc25IH/FTQxIf
VB8hQZp5YodGpCezkL14pnOMDU26PS6zTYY1AFso1+uaRpC0vOpHHUm8RMvHplUU
/8zqW7cLOJT9Ij+mndYng8Tf2YtiuK1A5Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:19:20 2025 by rpki-client