Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACC22/6906C6FA4C7411E9B7C4BB55C4F9AE02/2A3D8B5EA97D11EABA31B843C4F9AE02.roa
File: 2A3D8B5EA97D11EABA31B843C4F9AE02.roa (raw, json)
Hash identifier: fPoBgkYnMh4IMhrB/TA39+M1O1OAHZFrtUEJDkMooUg=
Subject key identifier: 3D:B0:FB:0D:1B:5E:3B:CE:D6:89:E5:1A:0E:C7:CC:38:B9:D3:82:46
Certificate issuer: /CN=A91ACC22/serialNumber=28F5E65D7505961DC550A94924DBCEFBB67694BD
Certificate serial: 0FDF
Authority key identifier: 28:F5:E6:5D:75:05:96:1D:C5:50:A9:49:24:DB:CE:FB:B6:76:94:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPXmXXUFlh3FUKlJJNvO-7Z2lL0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ACC22/6906C6FA4C7411E9B7C4BB55C4F9AE02/2A3D8B5EA97D11EABA31B843C4F9AE02.roa
Signing time: Thu 20 Mar 2025 17:26:45 +0000
ROA not before: Thu 20 Mar 2025 17:26:45 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 132298
IP address blocks: 103.133.200.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4063 (0xfdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ACC22
Validity
Not Before: Mar 20 17:26:45 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67dc4fd4-a924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d6:70:12:e8:b1:b0:cd:9b:fb:32:50:d4:e1:
09:fb:ac:18:5c:c3:79:e2:6e:18:44:53:08:9e:82:
ee:a6:6a:95:8f:40:32:0d:4c:8e:a6:81:4c:ff:41:
2b:a2:3e:11:2c:56:98:e1:47:8e:07:75:dd:6d:93:
d8:d4:3d:7d:57:5a:7c:4a:96:23:17:bf:fb:07:81:
0b:da:0d:5b:25:58:00:c0:28:cb:b8:2b:e8:ca:00:
6e:62:39:8c:bc:43:4b:6b:36:f9:94:43:ec:48:74:
22:0d:39:b6:93:36:68:80:90:f9:dd:bb:9e:ac:dc:
9f:b8:ae:f3:94:01:ad:74:f6:5a:35:e6:f7:01:5e:
b1:0c:8d:33:68:ee:47:8e:5f:c6:0c:0a:80:7a:f0:
75:bf:d6:2a:b8:b3:49:ed:f1:d6:aa:6d:7a:bb:92:
5a:ed:d8:7b:26:25:31:f7:a8:f3:77:4f:6b:f7:a3:
94:a9:de:6b:8e:16:0a:37:25:e5:f8:74:67:d0:f4:
fe:22:8a:65:d6:39:39:2d:4a:56:27:eb:41:99:48:
5e:11:61:29:49:34:2e:8e:8a:7e:c0:3e:b4:be:4e:
b7:9b:36:10:05:52:06:8c:49:b0:d2:b3:cb:e0:28:
e1:85:7b:0b:30:2c:e2:25:b9:3d:2f:40:8e:df:14:
24:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B0:FB:0D:1B:5E:3B:CE:D6:89:E5:1A:0E:C7:CC:38:B9:D3:82:46
X509v3 Authority Key Identifier:
keyid:28:F5:E6:5D:75:05:96:1D:C5:50:A9:49:24:DB:CE:FB:B6:76:94:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ACC22/6906C6FA4C7411E9B7C4BB55C4F9AE02/KPXmXXUFlh3FUKlJJNvO-7Z2lL0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPXmXXUFlh3FUKlJJNvO-7Z2lL0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACC22/6906C6FA4C7411E9B7C4BB55C4F9AE02/2A3D8B5EA97D11EABA31B843C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.200.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:14:9c:31:84:37:71:84:06:cd:5f:da:ba:6b:9a:b2:46:bc:
78:73:aa:95:f4:fa:2f:fd:09:2f:a7:28:5a:80:8b:13:d4:5e:
cb:7c:c9:b8:1f:42:e3:bc:69:da:d8:ea:6d:16:40:97:6e:66:
a1:6e:93:60:3f:5a:dd:96:2b:30:ea:ae:68:4a:8b:75:15:ee:
17:c3:a0:48:ee:9b:d7:b7:d8:fc:45:08:49:b4:24:8d:c4:0a:
50:2d:a4:ec:e5:c5:b8:ac:90:47:df:82:c2:c9:2f:94:7d:93:
5b:26:33:51:9d:b7:94:50:53:3b:79:1c:7a:6d:32:4f:95:a0:
c6:da:b6:81:2c:97:9e:eb:6c:d8:ed:3e:52:15:2e:c1:41:b3:
01:20:45:51:ee:5e:8d:ac:23:8d:42:b6:df:f3:c7:b3:c1:0b:
05:55:33:c4:26:0f:8f:69:28:64:0f:12:08:38:9e:2c:e1:45:
4a:14:fa:1a:6b:2b:71:ab:c6:02:b7:80:29:4f:14:46:3e:7b:
d0:86:3d:1c:2a:e0:63:3a:38:1e:64:83:43:23:e9:aa:c2:46:
b8:99:5f:4d:c4:57:43:93:7d:cc:5d:44:53:53:e6:af:27:89:
a9:cc:60:84:d7:09:80:6a:a6:95:3b:ec:77:47:5a:d3:80:a0:
3c:e9:00:00
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICD98wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNDMjIxMTAvBgNVBAUTKDI4RjVFNjVENzUwNTk2MURDNTUwQTk0OTI0REJDRUZC
QjY3Njk0QkQwHhcNMjUwMzIwMTcyNjQ1WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjNGZkNC1hOTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA39ZwEuixsM2b+zJQ1OEJ+6wYXMN54m4YRFMInoLupmqVj0AyDUyOpoFM/0Er
oj4RLFaY4UeOB3XdbZPY1D19V1p8SpYjF7/7B4EL2g1bJVgAwCjLuCvoygBuYjmM
vENLazb5lEPsSHQiDTm2kzZogJD53buerNyfuK7zlAGtdPZaNeb3AV6xDI0zaO5H
jl/GDAqAevB1v9YquLNJ7fHWqm16u5Ja7dh7JiUx96jzd09r96OUqd5rjhYKNyXl
+HRn0PT+Iopl1jk5LUpWJ+tBmUheEWEpSTQujop+wD60vk63mzYQBVIGjEmw0rPL
4CjhhXsLMCziJbk9L0CO3xQkkwIDAQABo4IClTCCApEwHQYDVR0OBBYEFD2w+w0b
XjvO1onlGg7HzDi504JGMB8GA1UdIwQYMBaAFCj15l11BZYdxVCpSSTbzvu2dpS9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0MyMi82OTA2QzZGQTRD
NzQxMUU5QjdDNEJCNTVDNEY5QUUwMi9LUFhtWFhVRmxoM0ZVS2xKSk52Ty03WjJs
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tQWG1YWFVGbGgzRlVLbEpKTnZPLTdaMmxMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNDMjIvNjkwNkM2RkE0Qzc0MTFFOUI3QzRCQjU1QzRGOUFFMDIvMkEzRDhCNUVB
OTdEMTFFQUJBMzFCODQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnhcgwDQYJKoZIhvcNAQELBQADggEBAA4UnDGEN3GEBs1f
2rprmrJGvHhzqpX0+i/9CS+nKFqAixPUXst8ybgfQuO8adrY6m0WQJduZqFuk2A/
Wt2WKzDqrmhKi3UV7hfDoEjum9e32PxFCEm0JI3EClAtpOzlxbiskEffgsLJL5R9
k1smM1Gdt5RQUzt5HHptMk+VoMbatoEsl57rbNjtPlIVLsFBswEgRVHuXo2sI41C
tt/zx7PBCwVVM8QmD49pKGQPEgg4nizhRUoU+hprK3GrxgK3gClPFEY+e9CGPRwq
4GM6OB5kg0Mj6arCRriZX03EV0OTfcxdRFNT5q8nianMYITXCYBqppU77HdHWtOA
oDzpAAA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:08:06 2025 by rpki-client