Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919887F/AB569998B9A811EA8483543FC4F9AE02/4D2299ECF7C611EF92C34E4AC4F9AE02.roa
File: 4D2299ECF7C611EF92C34E4AC4F9AE02.roa (raw, json)
Hash identifier: vDSnr7GTN6AmKRXToXihl2BttDhcvVIF1CJ22BM3AS0=
Subject key identifier: A9:A1:71:03:28:FF:4F:43:E7:E2:7D:E9:B1:49:3D:25:EE:4B:A8:8C
Certificate issuer: /CN=A919887F/serialNumber=1546C335BED5F2A5EEE58AE0D263671159D278BA
Certificate serial: 087D
Authority key identifier: 15:46:C3:35:BE:D5:F2:A5:EE:E5:8A:E0:D2:63:67:11:59:D2:78:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FUbDNb7V8qXu5Yrg0mNnEVnSeLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919887F/AB569998B9A811EA8483543FC4F9AE02/4D2299ECF7C611EF92C34E4AC4F9AE02.roa
Signing time: Mon 03 Mar 2025 00:27:34 +0000
ROA not before: Mon 03 Mar 2025 00:27:34 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 139685
IP address blocks: 103.102.165.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2173 (0x87d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919887F
Validity
Not Before: Mar 3 00:27:34 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67c4f776-12b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2b:96:2b:6b:3d:a7:56:13:d0:40:8c:e9:3b:
b3:ae:d9:92:0c:cb:4b:2b:e4:d1:09:4a:49:1a:6e:
bc:71:97:19:99:99:89:e0:41:8f:4f:86:21:06:8c:
87:a5:e1:61:c5:12:ef:89:83:33:25:dc:74:72:ee:
e2:95:21:d4:74:77:2d:29:ab:e3:5e:f9:ae:83:3b:
c9:18:9a:53:50:e8:01:74:ed:c7:b2:07:87:16:c0:
81:23:b0:18:43:46:1a:79:13:ac:8e:42:26:2e:5a:
c3:f4:c2:55:f0:4c:ba:ee:e7:ad:a0:91:ff:0d:44:
e6:27:99:2b:86:f2:ee:73:14:f8:f6:ad:74:c1:b7:
6c:15:5c:f0:8f:16:8e:88:2c:fd:9a:43:fe:f6:f7:
46:81:99:57:00:ca:10:07:2a:59:76:ed:f0:c5:e1:
e5:f6:5d:8d:e8:78:ad:a9:51:24:d1:ec:4a:c6:9b:
7b:0e:55:c3:91:cf:95:49:ef:88:bb:30:c1:c0:95:
5e:7c:04:85:31:07:14:2f:e4:d8:f9:ee:68:55:64:
48:90:1b:04:da:f7:5b:ac:39:ec:28:03:14:99:ca:
44:49:e2:d7:cd:c6:60:a6:0d:bf:9d:fd:f7:f8:dd:
4b:13:a4:54:60:1f:f2:bf:62:6c:9a:43:91:7d:3b:
61:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A1:71:03:28:FF:4F:43:E7:E2:7D:E9:B1:49:3D:25:EE:4B:A8:8C
X509v3 Authority Key Identifier:
keyid:15:46:C3:35:BE:D5:F2:A5:EE:E5:8A:E0:D2:63:67:11:59:D2:78:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919887F/AB569998B9A811EA8483543FC4F9AE02/FUbDNb7V8qXu5Yrg0mNnEVnSeLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FUbDNb7V8qXu5Yrg0mNnEVnSeLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919887F/AB569998B9A811EA8483543FC4F9AE02/4D2299ECF7C611EF92C34E4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.102.165.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:0c:13:b5:03:0a:b7:29:ff:44:fd:e8:50:73:ef:a7:f4:4e:
e1:c3:de:19:4a:6b:b7:be:70:92:f0:38:b8:b5:8c:d6:97:9e:
c6:ad:fd:59:aa:ad:f3:ea:a6:de:df:c2:1f:f3:ff:8a:6c:1d:
a4:cf:06:2b:82:80:ec:a3:51:1d:5e:ab:fd:9a:9c:ab:67:e7:
4d:c1:9b:7c:29:b8:49:70:d6:cc:e7:2b:25:b3:fe:08:ca:fb:
e8:3e:e1:25:3d:fb:a5:6d:a0:6b:bd:94:1a:d6:68:3e:55:05:
cd:28:19:ed:e5:55:9c:42:6f:61:d9:77:df:cd:0b:0e:96:b8:
ee:5c:4f:fa:c2:6f:29:4e:b4:77:f3:f8:3c:69:01:83:04:0c:
15:8d:b2:ec:de:73:a4:3f:18:26:e3:ab:f6:9a:97:3c:55:75:
14:47:67:6f:a1:5b:3f:c7:84:2c:f7:08:af:63:48:1d:2f:21:
7d:5b:b2:b0:60:ea:98:25:bc:23:cd:c8:c2:7f:b7:aa:ea:50:
97:8f:45:f8:f9:9a:9f:61:4a:cd:ca:fe:c4:5a:9f:4c:d9:5d:
2f:81:f3:b0:fd:e7:85:25:2a:b6:b4:5f:d8:db:f3:9e:aa:35:
55:46:d6:84:17:f9:38:0b:1d:98:b0:87:1e:b1:71:d0:dd:94:
d6:61:7f:9b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCH0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTg4N0YxMTAvBgNVBAUTKDE1NDZDMzM1QkVENUYyQTVFRUU1OEFFMEQyNjM2NzEx
NTlEMjc4QkEwHhcNMjUwMzAzMDAyNzM0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M0Zjc3Ni0xMmIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5SuWK2s9p1YT0ECM6TuzrtmSDMtLK+TRCUpJGm68cZcZmZmJ4EGPT4YhBoyH
peFhxRLviYMzJdx0cu7ilSHUdHctKavjXvmugzvJGJpTUOgBdO3HsgeHFsCBI7AY
Q0YaeROsjkImLlrD9MJV8Ey67uetoJH/DUTmJ5krhvLucxT49q10wbdsFVzwjxaO
iCz9mkP+9vdGgZlXAMoQBypZdu3wxeHl9l2N6HitqVEk0exKxpt7DlXDkc+VSe+I
uzDBwJVefASFMQcUL+TY+e5oVWRIkBsE2vdbrDnsKAMUmcpESeLXzcZgpg2/nf33
+N1LE6RUYB/yv2JsmkORfTth6QIDAQABo4IClTCCApEwHQYDVR0OBBYEFKmhcQMo
/09D5+J96bFJPSXuS6iMMB8GA1UdIwQYMBaAFBVGwzW+1fKl7uWK4NJjZxFZ0ni6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODg3Ri9BQjU2OTk5OEI5
QTgxMUVBODQ4MzU0M0ZDNEY5QUUwMi9GVWJETmI3VjhxWHU1WXJnMG1ObkVWblNl
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZVYkROYjdWOHFYdTVZcmcwbU5uRVZuU2VMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTg4N0YvQUI1Njk5OThCOUE4MTFFQTg0ODM1NDNGQzRGOUFFMDIvNEQyMjk5RUNG
N0M2MTFFRjkyQzM0RTRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnZqUwDQYJKoZIhvcNAQELBQADggEBAGoME7UDCrcp/0T9
6FBz76f0TuHD3hlKa7e+cJLwOLi1jNaXnsat/VmqrfPqpt7fwh/z/4psHaTPBiuC
gOyjUR1eq/2anKtn503Bm3wpuElw1sznKyWz/gjK++g+4SU9+6VtoGu9lBrWaD5V
Bc0oGe3lVZxCb2HZd9/NCw6WuO5cT/rCbylOtHfz+DxpAYMEDBWNsuzec6Q/GCbj
q/aalzxVdRRHZ2+hWz/HhCz3CK9jSB0vIX1bsrBg6pglvCPNyMJ/t6rqUJePRfj5
mp9hSs3K/sRan0zZXS+B87D954UlKra0X9jb856qNVVG1oQX+TgLHZiwhx6xcdDd
lNZhf5s=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:11:38 2025 by rpki-client