Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919BCD9/17B78F16FF8211E9B402FC24C4F9AE02/E56CD3E8FF8311E9B1B99628C4F9AE02.roa
File: E56CD3E8FF8311E9B1B99628C4F9AE02.roa (raw, json)
Hash identifier: t7Z6lzZf2rYamEN2YgdXmqrw8mN9RKxx+Hcob4AGplk=
Subject key identifier: 4C:33:2A:02:5F:31:FA:7D:EB:FE:DB:56:D0:EF:90:FC:D2:F2:22:65
Certificate issuer: /CN=A919BCD9/serialNumber=4099B0084376A9E04CED7C678ABC6858DD9F851A
Certificate serial: 0C22
Authority key identifier: 40:99:B0:08:43:76:A9:E0:4C:ED:7C:67:8A:BC:68:58:DD:9F:85:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QJmwCEN2qeBM7XxnirxoWN2fhRo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919BCD9/17B78F16FF8211E9B402FC24C4F9AE02/E56CD3E8FF8311E9B1B99628C4F9AE02.roa
Signing time: Sat 04 Jan 2025 18:16:40 +0000
ROA not before: Sat 04 Jan 2025 18:16:40 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133043
IP address blocks: 103.126.220.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3106 (0xc22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919BCD9
Validity
Not Before: Jan 4 18:16:40 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67797b08-51f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:14:f4:b7:93:0d:eb:3e:2d:82:a9:61:2f:98:
c1:26:93:60:c8:b7:dd:66:09:bf:88:60:c8:c5:31:
ab:42:a9:4b:bd:a0:91:36:f8:92:ae:ec:a9:50:c2:
dc:05:40:bf:e4:80:ce:33:17:75:21:3a:51:45:29:
f9:2e:db:eb:d6:c6:0a:2a:19:0d:fc:00:1f:f8:76:
ea:8a:e1:6d:a0:36:20:07:fe:62:9f:e8:42:8c:b1:
cf:38:b1:9a:8d:08:c8:b9:16:69:94:95:8b:2b:53:
a7:62:f8:05:c4:77:a7:f7:1c:22:54:ee:6f:93:45:
5c:ac:3f:3a:ed:b2:58:f8:a4:d9:cf:7c:a6:71:d9:
ea:9b:52:43:6f:3f:f2:94:ae:e2:f8:07:03:b4:3e:
78:85:9a:0b:e4:1b:56:23:0c:ef:0a:3d:2e:04:37:
72:8a:d4:28:14:3d:d8:97:ec:7a:57:e9:0b:7a:2e:
91:76:fc:7b:9c:d9:90:9e:99:6f:3c:ba:49:bf:cf:
46:d1:32:3a:69:cf:d6:8c:20:a2:a7:94:17:db:32:
07:be:f6:db:3e:8f:ee:e4:5b:16:ea:2a:e6:f6:49:
38:fd:d3:13:6c:03:b3:dd:e0:aa:63:6b:95:ed:1a:
c1:38:67:e5:a0:60:37:f1:eb:c6:9a:f9:9f:e8:e9:
da:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:33:2A:02:5F:31:FA:7D:EB:FE:DB:56:D0:EF:90:FC:D2:F2:22:65
X509v3 Authority Key Identifier:
keyid:40:99:B0:08:43:76:A9:E0:4C:ED:7C:67:8A:BC:68:58:DD:9F:85:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919BCD9/17B78F16FF8211E9B402FC24C4F9AE02/QJmwCEN2qeBM7XxnirxoWN2fhRo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QJmwCEN2qeBM7XxnirxoWN2fhRo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919BCD9/17B78F16FF8211E9B402FC24C4F9AE02/E56CD3E8FF8311E9B1B99628C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.126.220.0/22
Signature Algorithm: sha256WithRSAEncryption
08:8d:46:b6:b6:22:24:13:c9:fb:5a:83:c5:de:59:81:eb:eb:
da:91:50:a5:45:ff:45:9a:5c:1a:72:ce:e2:ef:a6:25:a1:29:
9f:d9:fe:66:6c:c4:fc:82:0a:80:4f:e6:d4:ae:36:42:c9:3b:
c2:e7:d3:ed:97:1e:11:64:93:f0:24:52:ab:c9:ae:6c:0a:96:
d6:0b:e9:03:30:d5:de:98:68:b7:4e:e7:49:68:71:a2:43:46:
be:fb:c3:51:f4:48:5b:b2:93:2f:77:08:60:ed:32:88:bc:8b:
5f:42:35:31:0f:7e:66:11:51:b7:b6:ad:63:13:5d:92:33:44:
e4:ab:d0:53:90:cd:b1:01:16:8b:9d:a5:7f:54:1b:d5:02:0b:
4d:d1:de:9c:b2:f4:cb:2b:df:34:3d:5b:09:b9:39:68:97:77:
0c:5a:cb:f1:fe:3a:09:ff:8d:19:8a:41:74:e9:01:5c:ad:ad:
a7:ab:6e:55:57:ee:57:50:d4:60:72:66:84:dc:06:35:2f:90:
09:61:10:8a:0f:d9:ca:84:6f:4e:8e:0e:69:15:f4:a6:73:12:
6d:bc:ff:e3:d2:05:a2:2a:37:97:1e:5d:8f:68:ba:b7:9e:8f:
7b:f8:76:33:b6:82:f0:e7:b5:61:85:f9:3d:ea:83:3f:c3:9f:
2d:35:b9:3f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDCIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUJDRDkxMTAvBgNVBAUTKDQwOTlCMDA4NDM3NkE5RTA0Q0VEN0M2NzhBQkM2ODU4
REQ5Rjg1MUEwHhcNMjUwMTA0MTgxNjQwWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc5N2IwOC01MWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxRT0t5MN6z4tgqlhL5jBJpNgyLfdZgm/iGDIxTGrQqlLvaCRNviSruypUMLc
BUC/5IDOMxd1ITpRRSn5Ltvr1sYKKhkN/AAf+HbqiuFtoDYgB/5in+hCjLHPOLGa
jQjIuRZplJWLK1OnYvgFxHen9xwiVO5vk0VcrD867bJY+KTZz3ymcdnqm1JDbz/y
lK7i+AcDtD54hZoL5BtWIwzvCj0uBDdyitQoFD3Yl+x6V+kLei6Rdvx7nNmQnplv
PLpJv89G0TI6ac/WjCCip5QX2zIHvvbbPo/u5FsW6irm9kk4/dMTbAOz3eCqY2uV
7RrBOGfloGA38evGmvmf6OnaJwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEwzKgJf
Mfp96/7bVtDvkPzS8iJlMB8GA1UdIwQYMBaAFECZsAhDdqngTO18Z4q8aFjdn4Ua
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QkNEOS8xN0I3OEYxNkZG
ODIxMUU5QjQwMkZDMjRDNEY5QUUwMi9RSm13Q0VOMnFlQk03WHhuaXJ4b1dOMmZo
Um8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FKbXdDRU4ycWVCTTdYeG5pcnhvV04yZmhSby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUJDRDkvMTdCNzhGMTZGRjgyMTFFOUI0MDJGQzI0QzRGOUFFMDIvRTU2Q0QzRThG
RjgzMTFFOUIxQjk5NjI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnftwwDQYJKoZIhvcNAQELBQADggEBAAiNRra2IiQTyfta
g8XeWYHr69qRUKVF/0WaXBpyzuLvpiWhKZ/Z/mZsxPyCCoBP5tSuNkLJO8Ln0+2X
HhFkk/AkUqvJrmwKltYL6QMw1d6YaLdO50locaJDRr77w1H0SFuyky93CGDtMoi8
i19CNTEPfmYRUbe2rWMTXZIzROSr0FOQzbEBFoudpX9UG9UCC03R3pyy9Msr3zQ9
Wwm5OWiXdwxay/H+Ogn/jRmKQXTpAVytraerblVX7ldQ1GByZoTcBjUvkAlhEIoP
2cqEb06ODmkV9KZzEm28/+PSBaIqN5ceXY9oureej3v4djO2gvDntWGF+T3qgz/D
ny01uT8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:55:23 2025 by rpki-client