Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/84CFF0D6D2F311EEAFCF3273C4F9AE02.roa
File: 84CFF0D6D2F311EEAFCF3273C4F9AE02.roa (raw, json)
Hash identifier: lwAwrTafRErL3moVwMNPzUjYlQsMQhM9S9kLt9SAVBg=
Subject key identifier: 5D:B0:2E:E6:2A:7E:C2:CD:F3:06:2A:3C:09:DF:3C:94:DF:82:BB:84
Certificate issuer: /CN=A91A45E0/serialNumber=6B0CB59503DA895FF94269D7A9BC20261704DCE9
Certificate serial: 0C00
Authority key identifier: 6B:0C:B5:95:03:DA:89:5F:F9:42:69:D7:A9:BC:20:26:17:04:DC:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/awy1lQPaiV_5QmnXqbwgJhcE3Ok.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/84CFF0D6D2F311EEAFCF3273C4F9AE02.roa
Signing time: Sat 08 Feb 2025 10:09:29 +0000
ROA not before: Sat 08 Feb 2025 10:09:29 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 150748
IP address blocks: 103.100.233.0/24 maxlen: 24
103.100.234.0/24 maxlen: 24
103.100.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3072 (0xc00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A45E0
Validity
Not Before: Feb 8 10:09:29 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67a72d59-8961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:54:91:58:28:d5:86:98:6c:ad:39:f7:4f:9a:
70:53:08:f1:2e:e8:f9:4b:20:3f:52:ea:69:e1:18:
95:03:3b:d8:af:35:ac:60:d2:28:98:64:5c:e2:04:
69:42:dd:20:c7:1b:ad:86:a2:e2:fc:7d:19:65:67:
c3:8a:f5:d1:0c:2f:14:45:c3:ed:35:00:60:d4:bf:
8f:49:4d:ee:15:9f:ac:bf:f6:c2:c1:e0:4f:26:81:
c4:22:b9:e5:b5:22:68:14:bb:5a:db:94:f1:c9:d7:
66:61:88:19:6f:3c:bb:da:0f:42:08:ec:aa:9f:3d:
6d:1e:d3:60:32:64:25:f9:34:9c:89:f8:0d:54:eb:
83:91:34:50:84:d0:10:aa:81:a6:99:16:9d:63:f6:
21:11:dd:09:81:f6:5b:fe:97:0c:4e:33:3e:d7:a9:
8e:a3:51:50:3f:b9:57:d8:08:ce:72:81:fb:63:58:
e6:73:84:ca:63:5c:4d:d3:7a:43:a6:9d:72:48:43:
ab:64:15:9c:28:9b:0a:53:c2:20:b5:1f:4a:8e:d8:
b6:e8:e9:83:7c:08:c1:df:8b:06:93:0b:bd:96:3b:
1c:b2:8c:02:4c:87:2e:d4:16:a3:55:82:1e:55:90:
71:0c:23:2b:c9:48:2b:eb:8e:fd:56:1b:0d:b5:c2:
23:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B0:2E:E6:2A:7E:C2:CD:F3:06:2A:3C:09:DF:3C:94:DF:82:BB:84
X509v3 Authority Key Identifier:
keyid:6B:0C:B5:95:03:DA:89:5F:F9:42:69:D7:A9:BC:20:26:17:04:DC:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/awy1lQPaiV_5QmnXqbwgJhcE3Ok.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/awy1lQPaiV_5QmnXqbwgJhcE3Ok.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/84CFF0D6D2F311EEAFCF3273C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.100.233.0-103.100.235.255
Signature Algorithm: sha256WithRSAEncryption
0e:b5:19:03:ef:4a:07:7a:32:45:8e:58:a6:db:10:d8:5b:a6:
cf:c3:c3:3d:f4:52:67:a7:9c:c6:3a:9b:83:0c:ab:d1:a2:01:
c1:a4:8e:92:26:fb:c8:0f:53:c6:55:af:cb:42:82:6c:73:9c:
f2:ec:88:85:57:4f:3a:69:d2:31:9f:8e:17:21:43:0b:83:e2:
cd:59:49:df:7d:25:86:47:ab:c8:fd:ea:85:95:41:4c:91:47:
b1:41:49:67:be:3a:85:02:5a:1f:97:6b:48:eb:68:1b:ac:60:
d7:c0:8d:f6:ad:4d:16:82:d3:84:e1:ad:4d:fd:4e:1d:d3:e3:
ac:41:a7:c6:62:8a:89:ba:98:90:bf:46:0b:76:ad:b9:83:69:
60:3f:4c:82:51:e1:9a:73:98:c4:db:d2:2a:52:c8:71:ca:74:
96:e2:03:28:8c:80:ae:2f:b7:67:5e:a4:95:33:e7:ce:53:05:
e3:bf:1c:76:8d:99:e2:b2:6f:50:d5:20:05:03:bf:cc:55:ba:
f1:d1:b3:54:20:23:13:6a:0a:07:bb:b1:5b:1a:50:44:d3:5b:
7c:b1:e0:61:16:26:84:69:95:15:77:1c:88:44:9e:d0:e0:81:
04:47:3e:fc:55:7f:eb:2e:1c:55:3e:e7:6d:15:da:ff:09:e6:
0f:57:fc:3f
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICDAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ1RTAxMTAvBgNVBAUTKDZCMENCNTk1MDNEQTg5NUZGOTQyNjlEN0E5QkMyMDI2
MTcwNERDRTkwHhcNMjUwMjA4MTAwOTI5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E3MmQ1OS04OTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7FSRWCjVhphsrTn3T5pwUwjxLuj5SyA/Uupp4RiVAzvYrzWsYNIomGRc4gRp
Qt0gxxuthqLi/H0ZZWfDivXRDC8URcPtNQBg1L+PSU3uFZ+sv/bCweBPJoHEIrnl
tSJoFLta25TxyddmYYgZbzy72g9CCOyqnz1tHtNgMmQl+TScifgNVOuDkTRQhNAQ
qoGmmRadY/YhEd0JgfZb/pcMTjM+16mOo1FQP7lX2AjOcoH7Y1jmc4TKY1xN03pD
pp1ySEOrZBWcKJsKU8IgtR9Kjti26OmDfAjB34sGkwu9ljscsowCTIcu1BajVYIe
VZBxDCMryUgr6479VhsNtcIjeQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFF2wLuYq
fsLN8wYqPAnfPJTfgruEMB8GA1UdIwQYMBaAFGsMtZUD2olf+UJp16m8ICYXBNzp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDVFMC8yM0JGMkYyNjEx
M0UxMUVBODhFODc4NzZDNEY5QUUwMi9hd3kxbFFQYWlWXzVRbW5YcWJ3Z0poY0Uz
T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2F3eTFsUVBhaVZfNVFtblhxYndnSmhjRTNPay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ1RTAvMjNCRjJGMjYxMTNFMTFFQTg4RTg3ODc2QzRGOUFFMDIvODRDRkYwRDZE
MkYzMTFFRUFGQ0YzMjczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGdk6QMEAmdk6DANBgkqhkiG9w0BAQsFAAOCAQEADrUZ
A+9KB3oyRY5YptsQ2Fumz8PDPfRSZ6ecxjqbgwyr0aIBwaSOkib7yA9TxlWvy0KC
bHOc8uyIhVdPOmnSMZ+OFyFDC4PizVlJ330lhkeryP3qhZVBTJFHsUFJZ746hQJa
H5drSOtoG6xg18CN9q1NFoLThOGtTf1OHdPjrEGnxmKKibqYkL9GC3atuYNpYD9M
glHhmnOYxNvSKlLIccp0luIDKIyAri+3Z16klTPnzlMF478cdo2Z4rJvUNUgBQO/
zFW68dGzVCAjE2oKB7uxWxpQRNNbfLHgYRYmhGmVFXcciESe0OCBBEc+/FV/6y4c
VT7nbRXa/wnmD1f8Pw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:16:42 2025 by rpki-client