Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D1A4/1EB9E3A6C6C011EC96C0DD23C4F9AE02/897E89B4D56B11EFBE0EB053C4F9AE02.roa
File: 897E89B4D56B11EFBE0EB053C4F9AE02.roa (raw, json)
Hash identifier: Z+nT9PoRzTDCsdNOaBI1d+PkQHDUifBiuJhBYkV5ETQ=
Subject key identifier: 32:D1:AD:FF:DF:FD:E6:5C:E8:30:1B:FB:48:4B:CA:AC:94:88:8F:B8
Certificate issuer: /CN=A918D1A4/serialNumber=B2DBAD05B69F4797EEF71F03D65ABEADD2892C80
Certificate serial: 02ED
Authority key identifier: B2:DB:AD:05:B6:9F:47:97:EE:F7:1F:03:D6:5A:BE:AD:D2:89:2C:80
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/stutBbafR5fu9x8D1lq-rdKJLIA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D1A4/1EB9E3A6C6C011EC96C0DD23C4F9AE02/897E89B4D56B11EFBE0EB053C4F9AE02.roa
Signing time: Sat 18 Jan 2025 07:12:12 +0000
ROA not before: Sat 18 Jan 2025 07:12:12 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 153494
IP address blocks: 43.239.164.0/22 maxlen: 24
103.35.84.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 749 (0x2ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D1A4
Validity
Not Before: Jan 18 07:12:12 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=678b544b-a6f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:39:db:07:be:a3:eb:a5:3a:c2:c3:a4:c5:74:
d5:2e:cf:3d:8e:ca:2b:8d:69:3a:84:de:17:ea:e3:
6b:1a:a0:6d:27:35:d5:b9:00:80:07:f7:dc:95:e8:
94:6a:c4:e9:84:d6:7b:06:a0:40:b8:03:d9:ea:15:
cd:53:a2:2e:50:09:dc:82:17:7d:cc:db:a9:ba:3b:
5a:ab:bd:70:5d:66:30:e6:e2:b8:21:68:66:d0:d8:
ae:13:b0:dc:4b:54:7e:6a:99:4a:69:b4:8a:57:09:
c9:9a:7d:a6:31:5d:1e:5c:6c:c9:53:72:f9:0c:d0:
88:ce:9a:84:c2:11:9f:c6:87:48:6e:27:a9:83:94:
a0:96:d1:b5:27:2e:29:0c:51:72:bd:bb:39:be:f2:
f2:58:25:65:26:89:46:31:b0:b6:cc:b8:22:f1:45:
2f:7c:76:1f:77:11:fb:17:9d:52:a9:10:99:75:56:
4f:f3:ca:fe:6b:db:f5:77:a6:34:5d:67:73:b6:27:
a1:22:64:25:6b:13:f2:22:a1:25:14:18:f5:29:60:
d1:35:a8:ab:88:5e:37:17:60:ef:a4:d9:8c:e8:36:
14:32:a0:0e:d6:4a:20:b3:41:94:15:92:e9:42:16:
2e:e3:25:72:8e:fb:59:57:0e:06:04:59:46:f8:b1:
53:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D1:AD:FF:DF:FD:E6:5C:E8:30:1B:FB:48:4B:CA:AC:94:88:8F:B8
X509v3 Authority Key Identifier:
keyid:B2:DB:AD:05:B6:9F:47:97:EE:F7:1F:03:D6:5A:BE:AD:D2:89:2C:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D1A4/1EB9E3A6C6C011EC96C0DD23C4F9AE02/stutBbafR5fu9x8D1lq-rdKJLIA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/stutBbafR5fu9x8D1lq-rdKJLIA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D1A4/1EB9E3A6C6C011EC96C0DD23C4F9AE02/897E89B4D56B11EFBE0EB053C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.164.0/22
103.35.84.0/22
Signature Algorithm: sha256WithRSAEncryption
d0:11:24:30:e7:ba:62:c7:36:2b:1c:46:75:88:29:6e:12:23:
52:fe:d6:0e:55:08:c0:71:33:d3:0b:59:db:80:36:ae:1d:f0:
80:e3:f5:7c:00:72:01:94:cc:27:f2:9b:a6:a3:53:03:cb:ff:
ce:a8:94:1b:83:c1:1f:ba:9a:b3:21:92:89:e4:33:a9:82:1d:
9c:da:86:ac:86:33:fa:72:31:32:a0:4d:a0:bf:c8:50:ea:77:
b3:af:2f:49:0d:af:34:48:6c:7c:60:b6:22:c4:16:77:85:b1:
a5:95:a1:6d:dd:76:22:ed:f4:02:42:2a:26:86:20:03:eb:ee:
e1:c8:37:29:46:b9:20:90:72:e7:ad:f1:16:03:c3:ae:3b:d3:
0e:4c:5b:75:fb:69:64:9e:32:fa:7a:b7:95:ba:3a:b1:56:fe:
27:d1:64:0f:ca:1f:70:a1:13:9f:36:2a:07:25:78:c5:85:8a:
31:4a:6f:e1:dc:36:50:20:f4:fe:5d:c5:59:ab:f1:4c:80:bf:
c1:5b:fb:1d:af:dd:bd:d0:f2:02:75:8c:4e:b2:98:cd:59:1f:
9f:a6:4e:8a:6a:1d:c6:a3:ba:f1:1d:9d:73:da:02:03:84:f3:
cb:19:a2:6d:5d:3a:fb:16:6a:ea:97:61:b1:63:3b:37:6a:6f:
b8:9d:f8:11
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAu0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQxQTQxMTAvBgNVBAUTKEIyREJBRDA1QjY5RjQ3OTdFRUY3MUYwM0Q2NUFCRUFE
RDI4OTJDODAwHhcNMjUwMTE4MDcxMjEyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhiNTQ0Yi1hNmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6DnbB76j66U6wsOkxXTVLs89jsorjWk6hN4X6uNrGqBtJzXVuQCAB/fcleiU
asTphNZ7BqBAuAPZ6hXNU6IuUAncghd9zNupujtaq71wXWYw5uK4IWhm0NiuE7Dc
S1R+aplKabSKVwnJmn2mMV0eXGzJU3L5DNCIzpqEwhGfxodIbiepg5SgltG1Jy4p
DFFyvbs5vvLyWCVlJolGMbC2zLgi8UUvfHYfdxH7F51SqRCZdVZP88r+a9v1d6Y0
XWdztiehImQlaxPyIqElFBj1KWDRNairiF43F2DvpNmM6DYUMqAO1kogs0GUFZLp
QhYu4yVyjvtZVw4GBFlG+LFTkQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDLRrf/f
/eZc6DAb+0hLyqyUiI+4MB8GA1UdIwQYMBaAFLLbrQW2n0eX7vcfA9Zavq3SiSyA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDFBNC8xRUI5RTNBNkM2
QzAxMUVDOTZDMEREMjNDNEY5QUUwMi9zdHV0QmJhZlI1ZnU5eDhEMWxxLXJkS0pM
SUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3N0dXRCYmFmUjVmdTl4OEQxbHEtcmRLSkxJQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQxQTQvMUVCOUUzQTZDNkMwMTFFQzk2QzBERDIzQzRGOUFFMDIvODk3RTg5QjRE
NTZCMTFFRkJFMEVCMDUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr76QDBAJnI1QwDQYJKoZIhvcNAQELBQADggEBANARJDDn
umLHNiscRnWIKW4SI1L+1g5VCMBxM9MLWduANq4d8IDj9XwAcgGUzCfym6ajUwPL
/86olBuDwR+6mrMhkonkM6mCHZzahqyGM/pyMTKgTaC/yFDqd7OvL0kNrzRIbHxg
tiLEFneFsaWVoW3ddiLt9AJCKiaGIAPr7uHINylGuSCQcuet8RYDw6470w5MW3X7
aWSeMvp6t5W6OrFW/ifRZA/KH3ChE582KgcleMWFijFKb+HcNlAg9P5dxVmr8UyA
v8Fb+x2v3b3Q8gJ1jE6ymM1ZH5+mTopqHcajuvEdnXPaAgOE88sZom1dOvsWauqX
YbFjOzdqb7id+BE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:49:50 2025 by rpki-client