Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/AA54657A880E11ED9BE52B17C4F9AE02.roa
File: AA54657A880E11ED9BE52B17C4F9AE02.roa (raw, json)
Hash identifier: UVvEuCytrfCrphts5UpSNqcuRE3wm/rQR1W1CXxy/Rw=
Subject key identifier: FE:99:78:28:A8:D9:92:90:3F:FB:B7:C6:2F:46:63:E1:A3:D5:75:D3
Certificate issuer: /CN=A919BEDB/serialNumber=1EDE5C6E008028BCD2AE33651381BDE1FD07C5D4
Certificate serial: 1B10
Authority key identifier: 1E:DE:5C:6E:00:80:28:BC:D2:AE:33:65:13:81:BD:E1:FD:07:C5:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/AA54657A880E11ED9BE52B17C4F9AE02.roa
Signing time: Mon 06 Jan 2025 16:33:54 +0000
ROA not before: Mon 06 Jan 2025 16:33:54 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 47582
IP address blocks: 103.82.128.0/22 maxlen: 24
125.62.64.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6928 (0x1b10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919BEDB
Validity
Not Before: Jan 6 16:33:54 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=677c05f2-7bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:32:45:5a:65:be:cc:d6:a7:2d:73:28:4e:6d:
56:4a:d4:24:62:b1:a9:94:0c:48:81:3a:41:4e:17:
bf:5e:e0:63:d5:17:f1:81:2b:55:0d:c4:71:b3:f8:
16:62:ce:9b:f0:da:3f:8f:d0:b6:5a:8f:b5:b3:da:
12:3b:b3:6a:24:a4:f3:62:78:9e:33:4d:9c:9a:20:
14:18:d0:34:de:51:af:5e:0d:6d:a0:31:9d:df:57:
80:05:b5:02:aa:2b:7b:81:b8:4a:99:3f:2a:9d:62:
48:82:2e:e0:72:32:ad:65:b9:c9:a6:88:15:c1:b3:
d1:cd:4d:75:62:86:1c:29:13:77:b2:cb:4b:ef:0a:
19:e8:26:70:0c:b0:8c:31:bd:84:81:60:8c:97:f8:
b3:38:36:7d:3e:14:6b:fe:82:69:ef:9b:cc:00:82:
66:91:60:01:6e:68:df:c3:38:10:82:fd:6e:ff:1e:
d7:87:d4:a3:6d:fd:bd:8d:49:58:2b:2e:75:ad:50:
31:a0:c7:f7:f8:ea:12:e2:30:7a:aa:66:84:f8:1b:
e2:07:73:21:a0:fe:10:68:6e:c7:bf:12:ce:50:de:
62:29:e6:74:1c:e4:e1:00:85:13:1b:21:b5:90:27:
26:87:53:eb:c7:0d:84:aa:58:99:4c:73:5f:1c:98:
19:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:99:78:28:A8:D9:92:90:3F:FB:B7:C6:2F:46:63:E1:A3:D5:75:D3
X509v3 Authority Key Identifier:
keyid:1E:DE:5C:6E:00:80:28:BC:D2:AE:33:65:13:81:BD:E1:FD:07:C5:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/AA54657A880E11ED9BE52B17C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.128.0/22
125.62.64.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:55:62:55:8c:8a:f4:f4:1f:f9:df:87:67:f0:5f:3a:5b:aa:
9b:ef:e1:0c:bc:df:e0:88:c8:07:55:ba:72:1e:2a:45:ed:96:
d3:cd:87:86:2e:e9:f0:4b:9f:fb:96:83:aa:8b:1e:ef:f8:b0:
6f:81:eb:86:b3:78:14:f5:a2:62:c1:07:b0:87:38:f7:7d:74:
49:75:34:0d:64:1c:44:af:dd:fa:e8:cf:cb:63:de:a5:25:0d:
87:d2:31:a4:8e:b6:33:04:c1:17:97:c3:95:ec:0f:c6:12:5f:
32:c4:7a:a3:97:f0:2b:b6:be:f8:94:ab:f3:4a:8d:7b:ee:d3:
2c:26:19:20:5d:50:78:4d:13:c5:ff:4e:ae:79:2e:1e:c5:83:
c3:06:ed:80:4b:c0:80:c7:9a:fe:1b:30:d4:05:6a:8c:f1:47:
7a:54:f8:ae:be:f8:5e:51:21:77:5f:ac:33:7e:0c:31:16:c9:
68:35:fd:12:09:b3:1f:76:23:10:95:bf:bb:21:3a:5c:ad:d2:
11:68:5b:aa:53:1c:40:8e:c4:b0:3c:c7:c9:30:86:9f:5a:8a:
4a:c3:4e:0f:7c:b0:d5:55:79:e8:09:95:51:d8:8b:a1:a5:11:
14:d6:30:43:ca:f4:f7:e9:95:57:7b:ac:64:b4:f3:8b:60:82:
c0:5d:25:1b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICGxAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUJFREIxMTAvBgNVBAUTKDFFREU1QzZFMDA4MDI4QkNEMkFFMzM2NTEzODFCREUx
RkQwN0M1RDQwHhcNMjUwMTA2MTYzMzU0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdjMDVmMi03YmM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuDJFWmW+zNanLXMoTm1WStQkYrGplAxIgTpBThe/XuBj1RfxgStVDcRxs/gW
Ys6b8No/j9C2Wo+1s9oSO7NqJKTzYnieM02cmiAUGNA03lGvXg1toDGd31eABbUC
qit7gbhKmT8qnWJIgi7gcjKtZbnJpogVwbPRzU11YoYcKRN3sstL7woZ6CZwDLCM
Mb2EgWCMl/izODZ9PhRr/oJp75vMAIJmkWABbmjfwzgQgv1u/x7Xh9Sjbf29jUlY
Ky51rVAxoMf3+OoS4jB6qmaE+BviB3MhoP4QaG7HvxLOUN5iKeZ0HOThAIUTGyG1
kCcmh1Prxw2EqliZTHNfHJgZeQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFP6ZeCio
2ZKQP/u3xi9GY+Gj1XXTMB8GA1UdIwQYMBaAFB7eXG4AgCi80q4zZROBveH9B8XU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QkVEQi81RDg2N0VCQzFG
ODMxMUU3QjU3RTYwNTNDNEY5QUUwMi9IdDVjYmdDQUtMelNyak5sRTRHOTRmMEh4
ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0h0NWNiZ0NBS0x6U3JqTmxFNEc5NGYwSHhkUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUJFREIvNUQ4NjdFQkMxRjgzMTFFN0I1N0U2MDUzQzRGOUFFMDIvQUE1NDY1N0E4
ODBFMTFFRDlCRTUyQjE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUoADBAJ9PkAwDQYJKoZIhvcNAQELBQADggEBALdVYlWM
ivT0H/nfh2fwXzpbqpvv4Qy83+CIyAdVunIeKkXtltPNh4Yu6fBLn/uWg6qLHu/4
sG+B64azeBT1omLBB7CHOPd9dEl1NA1kHESv3froz8tj3qUlDYfSMaSOtjMEwReX
w5XsD8YSXzLEeqOX8Cu2vviUq/NKjXvu0ywmGSBdUHhNE8X/Tq55Lh7Fg8MG7YBL
wIDHmv4bMNQFaozxR3pU+K6++F5RIXdfrDN+DDEWyWg1/RIJsx92IxCVv7shOlyt
0hFoW6pTHECOxLA8x8kwhp9aikrDTg98sNVVeegJlVHYi6GlERTWMEPK9PfplVd7
rGS084tggsBdJRs=
-----END CERTIFICATE-----
Generated at Fri Apr 11 20:59:40 2025 by rpki-client