Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919CDE4/B5A47390C99311ED9B4B3B10C4F9AE02/955C43AAC99E11ED98E9BE5BC4F9AE02.roa
File: 955C43AAC99E11ED98E9BE5BC4F9AE02.roa (raw, json)
Hash identifier: sO+2+/cvQ7fG/IUMq+A+e08x9da5+jbIe5T9qmjARBg=
Subject key identifier: 46:34:75:E8:94:ED:27:F0:EC:70:C2:59:AF:EE:5E:04:B7:55:D7:F3
Certificate issuer: /CN=A919CDE4/serialNumber=F75AC8DC044957B1B15A0B15C6EDA318B23B4033
Certificate serial: 0168
Authority key identifier: F7:5A:C8:DC:04:49:57:B1:B1:5A:0B:15:C6:ED:A3:18:B2:3B:40:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/91rI3ARJV7GxWgsVxu2jGLI7QDM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919CDE4/B5A47390C99311ED9B4B3B10C4F9AE02/955C43AAC99E11ED98E9BE5BC4F9AE02.roa
Signing time: Tue 11 Feb 2025 03:06:08 +0000
ROA not before: Tue 11 Feb 2025 03:06:08 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 18022
IP address blocks: 103.72.214.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 360 (0x168)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919CDE4
Validity
Not Before: Feb 11 03:06:08 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67aabe9f-696f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:b1:1f:63:0b:a7:f6:a1:e1:fc:3c:46:30:19:
a7:1a:21:99:af:b6:c9:6f:e6:4a:cb:01:0e:19:76:
62:aa:7c:e8:8b:eb:71:ef:d4:be:61:2f:88:01:f7:
81:5d:32:4d:cb:52:f3:33:75:31:d0:de:28:e7:f2:
73:d2:6a:28:64:c9:8a:13:14:c7:94:b6:e7:7a:fe:
14:ea:e6:a1:6c:6f:3b:b3:88:b2:4d:52:f8:b7:ec:
77:00:15:e4:be:f6:42:07:8e:8c:e2:d6:21:0c:5b:
78:5d:d5:a0:ae:19:3f:1e:98:8f:9d:15:6f:29:e2:
bd:13:07:c0:e7:7a:ee:4d:40:15:1c:7d:18:a6:40:
07:f2:3f:c0:78:ee:ac:62:ef:72:25:78:e5:63:22:
3e:5c:3c:fc:a9:39:ff:9d:58:05:2a:1e:6a:69:26:
8e:bf:85:7f:e3:9b:67:bb:37:8e:68:7e:db:09:6c:
bc:7e:2e:3e:94:6d:6a:f5:32:e8:36:0d:d9:1a:f5:
07:80:b7:76:2d:62:7e:0e:3c:53:5d:f4:0d:c1:0d:
82:6e:d0:1f:79:4a:1b:26:89:06:e2:01:17:c2:3f:
b6:aa:4d:4d:b0:5f:9f:86:ed:21:69:8d:3d:5a:53:
79:d4:ba:c7:55:bb:f6:82:7c:b7:ce:24:5c:24:3e:
bd:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:34:75:E8:94:ED:27:F0:EC:70:C2:59:AF:EE:5E:04:B7:55:D7:F3
X509v3 Authority Key Identifier:
keyid:F7:5A:C8:DC:04:49:57:B1:B1:5A:0B:15:C6:ED:A3:18:B2:3B:40:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919CDE4/B5A47390C99311ED9B4B3B10C4F9AE02/91rI3ARJV7GxWgsVxu2jGLI7QDM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/91rI3ARJV7GxWgsVxu2jGLI7QDM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919CDE4/B5A47390C99311ED9B4B3B10C4F9AE02/955C43AAC99E11ED98E9BE5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.214.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:82:48:d4:e2:41:33:5a:cc:59:ea:44:7b:85:9d:dd:cb:78:
bd:f4:f9:3a:22:49:ad:41:b6:44:98:36:f4:1c:b2:5c:52:52:
62:64:eb:01:ef:5e:9b:5b:94:18:4f:7d:38:c1:91:c0:b7:7c:
d5:17:ed:97:5e:64:db:b1:65:18:6d:ea:12:1a:2d:fd:d6:b3:
da:4f:13:7b:bd:40:0d:58:4a:aa:3b:8f:1e:79:32:85:f1:97:
7f:cd:ee:61:c0:71:26:68:c0:20:30:5a:7d:50:e8:af:33:b9:
e7:5e:9c:2b:0d:d4:55:1a:e8:7d:68:d7:68:05:0f:5d:9c:16:
7a:b5:7d:56:ea:a5:93:5f:af:33:47:0b:b6:23:33:8d:27:db:
1a:14:33:a2:b8:5a:f8:87:75:12:d4:18:b4:c9:69:11:48:42:
1e:f8:a0:56:16:e2:d3:ff:7b:be:c9:1b:1a:09:25:bc:2b:79:
89:98:8a:57:41:6c:ec:e2:4b:0d:f8:b0:f6:f3:1e:76:94:47:
9b:b0:cc:99:bf:f3:61:13:6b:83:b4:d0:1d:51:f6:74:79:e8:
db:1d:c9:dd:52:61:ec:db:29:2b:c9:0e:bc:d5:fc:8b:66:62:
39:5c:cc:25:93:ee:92:3f:95:7f:22:38:cf:3f:cc:6c:b4:36:
15:ff:55:bd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAWgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUNERTQxMTAvBgNVBAUTKEY3NUFDOERDMDQ0OTU3QjFCMTVBMEIxNUM2RURBMzE4
QjIzQjQwMzMwHhcNMjUwMjExMDMwNjA4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FhYmU5Zi02OTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+bEfYwun9qHh/DxGMBmnGiGZr7bJb+ZKywEOGXZiqnzoi+tx79S+YS+IAfeB
XTJNy1LzM3Ux0N4o5/Jz0mooZMmKExTHlLbnev4U6uahbG87s4iyTVL4t+x3ABXk
vvZCB46M4tYhDFt4XdWgrhk/HpiPnRVvKeK9EwfA53ruTUAVHH0YpkAH8j/AeO6s
Yu9yJXjlYyI+XDz8qTn/nVgFKh5qaSaOv4V/45tnuzeOaH7bCWy8fi4+lG1q9TLo
Ng3ZGvUHgLd2LWJ+DjxTXfQNwQ2CbtAfeUobJokG4gEXwj+2qk1NsF+fhu0haY09
WlN51LrHVbv2gny3ziRcJD69gwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEY0deiU
7Sfw7HDCWa/uXgS3VdfzMB8GA1UdIwQYMBaAFPdayNwESVexsVoLFcbtoxiyO0Az
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5Q0RFNC9CNUE0NzM5MEM5
OTMxMUVEOUI0QjNCMTBDNEY5QUUwMi85MXJJM0FSSlY3R3hXZ3NWeHUyakdMSTdR
RE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzkxckkzQVJKVjdHeFdnc1Z4dTJqR0xJN1FETS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUNERTQvQjVBNDczOTBDOTkzMTFFRDlCNEIzQjEwQzRGOUFFMDIvOTU1QzQzQUFD
OTlFMTFFRDk4RTlCRTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnSNYwDQYJKoZIhvcNAQELBQADggEBAE6CSNTiQTNazFnq
RHuFnd3LeL30+ToiSa1BtkSYNvQcslxSUmJk6wHvXptblBhPfTjBkcC3fNUX7Zde
ZNuxZRht6hIaLf3Ws9pPE3u9QA1YSqo7jx55MoXxl3/N7mHAcSZowCAwWn1Q6K8z
uedenCsN1FUa6H1o12gFD12cFnq1fVbqpZNfrzNHC7YjM40n2xoUM6K4WviHdRLU
GLTJaRFIQh74oFYW4tP/e77JGxoJJbwreYmYildBbOziSw34sPbzHnaUR5uwzJm/
82ETa4O00B1R9nR56Nsdyd1SYezbKSvJDrzV/ItmYjlczCWT7pI/lX8iOM8/zGy0
NhX/Vb0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:06:00 2025 by rpki-client