Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/71FF4602C8B411EF85A88A11C4F9AE02.roa
File: 71FF4602C8B411EF85A88A11C4F9AE02.roa (raw, json)
Hash identifier: KUrfEQK9nKztXWFgwk0Xi/4NJRJwT88VJQ54+TMS2wM=
Subject key identifier: 58:6D:CF:97:3A:12:CF:6B:12:11:6A:B1:3E:EF:6D:21:86:27:E8:B8
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4919
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/71FF4602C8B411EF85A88A11C4F9AE02.roa
Signing time: Thu 02 Jan 2025 02:51:20 +0000
ROA not before: Thu 02 Jan 2025 02:51:20 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 131379
IP address blocks: 103.31.120.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18713 (0x4919)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Jan 2 02:51:20 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6775ff28-83fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ee:60:83:b4:d4:89:61:07:fa:ea:79:82:3f:
3e:bd:ea:11:fa:fa:95:0f:94:d7:e7:4b:1e:b3:53:
68:dd:36:6c:65:84:6b:f1:4e:38:77:ba:ab:18:6d:
1d:49:3f:fd:04:ee:80:33:ba:66:ac:88:d3:c8:8a:
c2:87:ca:47:57:6b:1d:90:ba:86:e2:6e:7e:95:e4:
dd:40:d9:8d:19:67:64:75:0d:9d:72:62:a5:e4:15:
83:f3:c3:75:0a:4a:07:fe:37:81:d0:96:e7:c7:66:
c4:d6:1f:ea:95:f1:a2:08:18:5c:7a:dc:72:f9:8e:
ed:a5:3e:50:de:30:c6:2d:35:13:1e:c8:7c:41:c4:
15:8a:e8:10:9f:f6:66:e1:ed:f3:c5:54:b6:69:54:
5c:74:22:96:72:26:f5:89:f0:28:1f:28:b9:d9:01:
94:ab:ce:2b:a4:06:8b:77:73:3f:ac:e6:7c:e8:ed:
08:51:83:cb:f0:da:c7:33:74:2a:b6:3c:f1:27:ff:
de:d1:ee:79:b4:28:b9:c2:58:43:cb:71:ab:f4:60:
3c:b5:ef:00:92:57:67:4c:b4:8d:fc:40:c9:85:4e:
43:5f:97:b2:90:d9:8e:fe:d6:ba:ee:00:54:65:9c:
b3:7e:66:98:db:4e:33:0c:8a:6e:04:4c:7e:2b:ab:
c2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:6D:CF:97:3A:12:CF:6B:12:11:6A:B1:3E:EF:6D:21:86:27:E8:B8
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/71FF4602C8B411EF85A88A11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.31.120.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:eb:c2:98:ae:d9:a8:71:8f:d8:ca:c6:95:d9:e3:b4:9e:a8:
72:e4:e6:ed:ff:5d:26:34:20:3b:64:81:21:8c:5a:b5:63:33:
7e:99:e6:27:ab:1c:59:7e:4c:38:06:d5:24:3d:7e:16:24:0a:
ae:ea:c7:c7:97:9d:36:38:05:f6:f9:46:8d:c6:cf:0d:a5:4d:
5d:f6:77:45:0a:f5:24:a4:7a:28:e3:41:85:67:e5:3d:db:a1:
e3:c0:42:4d:8d:2f:d7:df:cb:9f:24:92:d4:ac:da:0f:6c:6a:
05:ad:d5:a5:0c:b5:72:85:c4:a5:ee:40:08:2b:fa:fb:2d:74:
9b:cb:a0:ce:f9:75:5b:b9:68:da:8c:0d:c0:51:a0:22:2f:07:
ef:2d:04:15:c6:00:e5:1d:33:a3:a4:3b:4a:a9:d1:ac:61:dd:
ee:d9:a8:a9:2c:89:4d:5b:cf:2c:2a:39:c9:1f:b7:d8:8d:2c:
c6:5d:80:ce:24:8e:42:73:9e:cb:e2:97:85:95:ad:59:54:77:
e7:3c:55:87:ad:9e:d7:07:b5:0e:87:35:77:0e:11:71:9a:44:
cd:9b:5f:02:f3:79:ac:ee:f0:d8:0a:91:d5:88:8d:75:b4:be:
90:e0:7f:77:2a:fb:4a:ef:9f:c2:61:79:9f:54:ef:69:69:0b:
7b:ff:94:70
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICSRkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwMTAyMDI1MTIwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc1ZmYyOC04M2ZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1+5gg7TUiWEH+up5gj8+veoR+vqVD5TX50ses1No3TZsZYRr8U44d7qrGG0d
ST/9BO6AM7pmrIjTyIrCh8pHV2sdkLqG4m5+leTdQNmNGWdkdQ2dcmKl5BWD88N1
CkoH/jeB0Jbnx2bE1h/qlfGiCBhcetxy+Y7tpT5Q3jDGLTUTHsh8QcQViugQn/Zm
4e3zxVS2aVRcdCKWcib1ifAoHyi52QGUq84rpAaLd3M/rOZ86O0IUYPL8NrHM3Qq
tjzxJ//e0e55tCi5wlhDy3Gr9GA8te8AkldnTLSN/EDJhU5DX5eykNmO/ta67gBU
ZZyzfmaY204zDIpuBEx+K6vCwwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFhtz5c6
Es9rEhFqsT7vbSGGJ+i4MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNzFGRjQ2MDJD
OEI0MTFFRjg1QTg4QTExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnH3gwDQYJKoZIhvcNAQELBQADggEBAA/rwpiu2ahxj9jK
xpXZ47SeqHLk5u3/XSY0IDtkgSGMWrVjM36Z5ierHFl+TDgG1SQ9fhYkCq7qx8eX
nTY4Bfb5Ro3Gzw2lTV32d0UK9SSkeijjQYVn5T3boePAQk2NL9ffy58kktSs2g9s
agWt1aUMtXKFxKXuQAgr+vstdJvLoM75dVu5aNqMDcBRoCIvB+8tBBXGAOUdM6Ok
O0qp0axh3e7ZqKksiU1bzywqOckft9iNLMZdgM4kjkJznsvil4WVrVlUd+c8VYet
ntcHtQ6HNXcOEXGaRM2bXwLzeazu8NgKkdWIjXW0vpDgf3cq+0rvn8JheZ9U72lp
C3v/lHA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:46:02 2025 by rpki-client