Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919103F/F8B4BCDCF06611ECA54C3742C4F9AE02/E75A8B8095D011EFA2CE197BC4F9AE02.roa
File: E75A8B8095D011EFA2CE197BC4F9AE02.roa (raw, json)
Hash identifier: E8vwAczjvQJXB4RuH83+id/dNjBD9Eo3yf3KRRas1Z8=
Subject key identifier: 03:F3:56:E6:B2:E3:02:33:71:77:C5:A3:43:04:E3:79:10:FA:01:05
Certificate issuer: /CN=A919103F/serialNumber=FAE9C2F4FE20453BE92FCAB182C09581C8132DF1
Certificate serial: 02AF
Authority key identifier: FA:E9:C2:F4:FE:20:45:3B:E9:2F:CA:B1:82:C0:95:81:C8:13:2D:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-unC9P4gRTvpL8qxgsCVgcgTLfE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919103F/F8B4BCDCF06611ECA54C3742C4F9AE02/E75A8B8095D011EFA2CE197BC4F9AE02.roa
Signing time: Sun 16 Mar 2025 10:23:17 +0000
ROA not before: Sun 16 Mar 2025 10:23:17 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 152601
IP address blocks: 103.189.212.0/24 maxlen: 24
103.189.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 687 (0x2af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919103F
Validity
Not Before: Mar 16 10:23:17 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67d6a695-4a89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ba:03:3e:97:49:9a:a2:5c:08:cd:cf:37:a3:
46:a3:b2:fd:4e:10:32:fa:13:e4:c6:58:e2:0d:33:
f4:8b:4d:25:18:56:e7:d9:c1:cc:a8:75:43:26:99:
41:a1:1d:90:d0:64:60:84:20:02:ec:db:ae:53:22:
1a:d4:fd:79:2f:e4:32:8f:91:8c:38:b2:11:06:9c:
3b:60:c8:d9:d6:85:c0:dc:c9:7f:86:6b:93:9d:b1:
4c:96:86:87:e5:83:b1:9a:d0:c5:fc:d3:09:75:1c:
9b:9d:da:15:cf:8a:47:6b:e7:3e:6e:c2:f8:d3:26:
72:dd:87:6c:f8:dd:d3:70:61:00:55:4e:56:4c:95:
2b:bc:89:86:5d:c5:06:45:fd:5c:77:44:e2:69:ac:
01:d7:93:02:21:b9:37:46:d4:82:2f:c2:2b:d4:16:
3c:91:68:0d:f7:74:57:44:6d:fd:bd:d1:cc:01:74:
20:8c:9c:65:b3:e0:67:94:03:ba:35:fa:9b:61:50:
1b:85:b1:a1:46:f7:8d:77:47:7c:83:db:00:54:8a:
1b:08:5b:d9:4d:51:f4:76:fc:72:a1:5d:6d:a3:d0:
2f:33:9c:49:e1:3b:17:9d:3e:56:e9:89:35:0d:83:
a6:2a:03:b4:da:af:04:25:01:79:7d:35:e2:c6:ee:
1a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F3:56:E6:B2:E3:02:33:71:77:C5:A3:43:04:E3:79:10:FA:01:05
X509v3 Authority Key Identifier:
keyid:FA:E9:C2:F4:FE:20:45:3B:E9:2F:CA:B1:82:C0:95:81:C8:13:2D:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919103F/F8B4BCDCF06611ECA54C3742C4F9AE02/-unC9P4gRTvpL8qxgsCVgcgTLfE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-unC9P4gRTvpL8qxgsCVgcgTLfE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919103F/F8B4BCDCF06611ECA54C3742C4F9AE02/E75A8B8095D011EFA2CE197BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.212.0/23
Signature Algorithm: sha256WithRSAEncryption
43:71:51:95:07:ad:5d:72:d8:3e:05:ca:fc:0e:aa:71:d5:66:
9e:65:c2:c8:ce:f8:89:bd:86:97:94:42:ee:6d:3b:d4:46:27:
04:36:6e:92:fe:8a:86:17:97:0c:e7:96:5f:31:d1:8b:81:51:
1f:dd:1b:f9:93:33:12:09:59:b5:1a:66:f6:4e:b9:c2:b8:3c:
cd:48:e5:a6:31:83:ec:0b:63:30:ce:1a:5a:67:8a:f0:45:b0:
24:22:ca:41:bc:87:e5:0b:05:2d:b0:25:0b:b7:e9:4e:dc:d1:
ce:08:e0:d2:68:74:d0:1d:4c:b3:34:8a:01:ac:b2:e3:a1:10:
10:7a:82:56:c2:e8:b4:aa:2a:53:3f:70:78:4c:4a:60:57:84:
83:0d:27:78:ce:2b:9a:6c:c9:68:f7:bc:4e:6c:48:4a:41:ef:
f0:17:6e:38:cb:8e:dc:bf:9f:84:32:65:d6:28:d6:3b:01:2f:
f5:97:b1:f0:3b:cf:62:b2:b8:a1:cc:96:54:ad:87:95:45:e4:
f0:b4:3a:5b:43:24:4f:c4:dd:aa:ca:5d:a0:36:26:5b:bd:c3:
f0:fd:58:11:45:fd:0d:ff:ac:9b:69:e4:bc:67:b8:c7:4a:4c:
1b:b2:94:3b:5d:5e:42:29:44:ba:66:bd:1e:57:82:56:0f:e6:
08:7e:43:18
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAq8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTEwM0YxMTAvBgNVBAUTKEZBRTlDMkY0RkUyMDQ1M0JFOTJGQ0FCMTgyQzA5NTgx
QzgxMzJERjEwHhcNMjUwMzE2MTAyMzE3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q2YTY5NS00YTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApboDPpdJmqJcCM3PN6NGo7L9ThAy+hPkxljiDTP0i00lGFbn2cHMqHVDJplB
oR2Q0GRghCAC7NuuUyIa1P15L+Qyj5GMOLIRBpw7YMjZ1oXA3Ml/hmuTnbFMloaH
5YOxmtDF/NMJdRybndoVz4pHa+c+bsL40yZy3Yds+N3TcGEAVU5WTJUrvImGXcUG
Rf1cd0TiaawB15MCIbk3RtSCL8Ir1BY8kWgN93RXRG39vdHMAXQgjJxls+BnlAO6
NfqbYVAbhbGhRveNd0d8g9sAVIobCFvZTVH0dvxyoV1to9AvM5xJ4TsXnT5W6Yk1
DYOmKgO02q8EJQF5fTXixu4aMQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAPzVuay
4wIzcXfFo0ME43kQ+gEFMB8GA1UdIwQYMBaAFPrpwvT+IEU76S/KsYLAlYHIEy3x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTAzRi9GOEI0QkNEQ0Yw
NjYxMUVDQTU0QzM3NDJDNEY5QUUwMi8tdW5DOVA0Z1JUdnBMOHF4Z3NDVmdjZ1RM
ZkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy11bkM5UDRnUlR2cEw4cXhnc0NWZ2NnVExmRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTEwM0YvRjhCNEJDRENGMDY2MTFFQ0E1NEMzNzQyQzRGOUFFMDIvRTc1QThCODA5
NUQwMTFFRkEyQ0UxOTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnvdQwDQYJKoZIhvcNAQELBQADggEBAENxUZUHrV1y2D4F
yvwOqnHVZp5lwsjO+Im9hpeUQu5tO9RGJwQ2bpL+ioYXlwznll8x0YuBUR/dG/mT
MxIJWbUaZvZOucK4PM1I5aYxg+wLYzDOGlpnivBFsCQiykG8h+ULBS2wJQu36U7c
0c4I4NJodNAdTLM0igGssuOhEBB6glbC6LSqKlM/cHhMSmBXhIMNJ3jOK5psyWj3
vE5sSEpB7/AXbjjLjty/n4QyZdYo1jsBL/WXsfA7z2KyuKHMllSth5VF5PC0OltD
JE/E3arKXaA2Jlu9w/D9WBFF/Q3/rJtp5LxnuMdKTBuylDtdXkIpRLpmvR5XglYP
5gh+Qxg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:10:14 2025 by rpki-client