Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/9A2B0DE4593F11EA9F9FA238C4F9AE02.roa
File: 9A2B0DE4593F11EA9F9FA238C4F9AE02.roa (raw, json)
Hash identifier: jv97nGJvaH0WKHe7n31vkT3MMMbNqFjpDhhexD6X6+Q=
Subject key identifier: 25:49:DA:00:EC:8B:93:B9:9B:C8:E9:7D:72:12:6C:7E:18:2B:B5:8A
Certificate issuer: /CN=A91A395C/serialNumber=0D8B71D86B5E202933BCB02A5B6D74092A52A17C
Certificate serial: 3481
Authority key identifier: 0D:8B:71:D8:6B:5E:20:29:33:BC:B0:2A:5B:6D:74:09:2A:52:A1:7C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DYtx2GteICkzvLAqW210CSpSoXw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/9A2B0DE4593F11EA9F9FA238C4F9AE02.roa
Signing time: Sun 22 Dec 2024 14:50:52 +0000
ROA not before: Sun 22 Dec 2024 14:50:52 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 137996
IP address blocks: 103.247.228.0/24 maxlen: 24
103.247.229.0/24 maxlen: 24
103.247.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13441 (0x3481)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A395C
Validity
Not Before: Dec 22 14:50:52 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6768274b-ebb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cc:35:b0:57:c7:98:e2:1a:dd:12:87:de:c2:
7c:c6:69:d1:a8:05:12:40:7d:7c:fe:1a:dd:f9:fc:
c6:15:92:36:4b:84:d4:2e:ce:de:b2:e6:e6:98:45:
dd:fa:a3:8f:a7:fa:65:6d:82:80:e6:d3:a4:75:2b:
c2:c5:4a:0c:d2:2b:de:a2:ba:0f:21:13:3d:e1:e2:
a8:fd:81:5a:8b:3a:58:98:23:69:43:51:69:b1:0a:
ff:bf:e9:84:aa:88:84:29:21:94:2c:da:84:06:c9:
78:7c:a9:1b:49:df:a9:48:0f:35:0d:2a:ec:fb:0e:
b3:98:c4:b6:d1:ea:b7:72:53:1e:3b:ac:6d:25:d8:
6f:f3:44:93:03:ed:5f:c7:02:d6:4c:37:70:85:38:
38:67:c2:4a:0b:fd:1e:84:f4:3f:81:cd:8e:18:f9:
a9:09:2a:06:bb:f8:44:65:b2:af:40:82:77:93:8e:
4f:43:73:e2:e0:06:98:fb:6d:e4:59:01:35:6a:5e:
84:7d:a8:2f:7d:31:23:39:a1:58:b0:1a:f6:e2:e2:
f6:82:4d:37:62:6a:ec:ec:30:ba:a2:87:6b:7d:2e:
29:04:2e:4e:50:73:53:e3:7e:96:97:71:cf:12:67:
ee:61:65:8b:24:f0:b0:3e:9c:48:64:44:5d:f2:af:
7d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:49:DA:00:EC:8B:93:B9:9B:C8:E9:7D:72:12:6C:7E:18:2B:B5:8A
X509v3 Authority Key Identifier:
keyid:0D:8B:71:D8:6B:5E:20:29:33:BC:B0:2A:5B:6D:74:09:2A:52:A1:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/DYtx2GteICkzvLAqW210CSpSoXw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DYtx2GteICkzvLAqW210CSpSoXw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/9A2B0DE4593F11EA9F9FA238C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.247.228.0-103.247.230.255
Signature Algorithm: sha256WithRSAEncryption
99:a2:3f:f0:35:3d:26:9b:b9:b9:ad:6e:2f:de:50:df:33:fc:
da:df:56:d0:61:c3:63:7d:47:ec:b3:ff:e0:ed:91:82:7d:a8:
02:a2:64:35:0a:70:a1:ae:6c:4f:f6:cc:6a:f2:56:75:cf:30:
5c:7b:60:77:3f:cd:4e:78:f9:c2:cf:c3:a8:e1:3d:f4:dd:89:
d6:b1:ff:e0:ef:df:8c:ab:c4:27:0a:ac:d0:90:a8:9f:c1:d8:
6a:b0:b7:30:b4:f4:2f:04:8e:f6:75:db:b6:8d:a7:42:33:19:
43:65:bf:3b:51:35:fc:86:22:81:c6:7d:b3:2a:ad:89:e6:af:
08:1d:25:b0:42:26:25:58:16:be:50:42:25:6e:e8:de:32:18:
60:79:95:65:3b:67:d3:5a:5a:17:35:6b:7d:f2:10:48:39:c2:
b3:35:73:0c:b4:87:d7:96:31:9a:44:55:40:8b:98:92:1f:05:
bf:c9:d0:2d:13:78:b5:da:29:ae:56:7f:f2:b1:00:18:13:e8:
66:b1:3e:89:6d:0f:f8:bf:fb:f8:3c:72:7d:09:0e:6b:d1:9e:
40:12:f0:83:93:62:bb:12:ac:ba:37:83:e3:12:44:80:da:5e:
5d:b4:8e:18:b5:5f:04:da:2e:2c:a4:7f:27:d3:53:a2:a9:8d:
c7:58:03:7a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICNIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTM5NUMxMTAvBgNVBAUTKDBEOEI3MUQ4NkI1RTIwMjkzM0JDQjAyQTVCNkQ3NDA5
MkE1MkExN0MwHhcNMjQxMjIyMTQ1MDUyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY4Mjc0Yi1lYmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvsw1sFfHmOIa3RKH3sJ8xmnRqAUSQH18/hrd+fzGFZI2S4TULs7esubmmEXd
+qOPp/plbYKA5tOkdSvCxUoM0iveoroPIRM94eKo/YFaizpYmCNpQ1FpsQr/v+mE
qoiEKSGULNqEBsl4fKkbSd+pSA81DSrs+w6zmMS20eq3clMeO6xtJdhv80STA+1f
xwLWTDdwhTg4Z8JKC/0ehPQ/gc2OGPmpCSoGu/hEZbKvQIJ3k45PQ3Pi4AaY+23k
WQE1al6EfagvfTEjOaFYsBr24uL2gk03Ymrs7DC6oodrfS4pBC5OUHNT436Wl3HP
EmfuYWWLJPCwPpxIZERd8q992QIDAQABo4ICnTCCApkwHQYDVR0OBBYEFCVJ2gDs
i5O5m8jpfXISbH4YK7WKMB8GA1UdIwQYMBaAFA2LcdhrXiApM7ywKlttdAkqUqF8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMzk1Qy9CQjM0MTdDMDFE
OTYxMUUyQjhCQjgyN0YwOEIwMkNEMi9EWXR4Mkd0ZUlDa3p2TEFxVzIxMENTcFNv
WHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RZdHgyR3RlSUNrenZMQXFXMjEwQ1NwU29Ydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTM5NUMvQkIzNDE3QzAxRDk2MTFFMkI4QkI4MjdGMDhCMDJDRDIvOUEyQjBERTQ1
OTNGMTFFQTlGOUZBMjM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAmf35AMEAGf35jANBgkqhkiG9w0BAQsFAAOCAQEAmaI/
8DU9Jpu5ua1uL95Q3zP82t9W0GHDY31H7LP/4O2Rgn2oAqJkNQpwoa5sT/bMavJW
dc8wXHtgdz/NTnj5ws/DqOE99N2J1rH/4O/fjKvEJwqs0JCon8HYarC3MLT0LwSO
9nXbto2nQjMZQ2W/O1E1/IYigcZ9syqtieavCB0lsEImJVgWvlBCJW7o3jIYYHmV
ZTtn01paFzVrffIQSDnCszVzDLSH15YxmkRVQIuYkh8Fv8nQLRN4tdoprlZ/8rEA
GBPoZrE+iW0P+L/7+DxyfQkOa9GeQBLwg5NiuxKsujeD4xJEgNpeXbSOGLVfBNou
LKR/J9NToqmNx1gDeg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:43:56 2025 by rpki-client