Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B36DC/B043647A19F911EBB8CDED4FC4F9AE02/FEA1EB7219FA11EBA0F82851C4F9AE02.roa
File: FEA1EB7219FA11EBA0F82851C4F9AE02.roa (raw, json)
Hash identifier: Wckb8TWjJLJRdDl4+GoL8AkidPynBfPxz8z2YoV99xc=
Subject key identifier: 40:F1:6F:2F:F7:53:D6:19:8A:50:EC:43:8A:2A:F0:80:97:69:73:84
Certificate issuer: /CN=A91B36DC/serialNumber=BC02B005CCAA0453FC9B817BB78CBA915F27C2A8
Certificate serial: 0732
Authority key identifier: BC:02:B0:05:CC:AA:04:53:FC:9B:81:7B:B7:8C:BA:91:5F:27:C2:A8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vAKwBcyqBFP8m4F7t4y6kV8nwqg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B36DC/B043647A19F911EBB8CDED4FC4F9AE02/FEA1EB7219FA11EBA0F82851C4F9AE02.roa
Signing time: Fri 06 Dec 2024 21:50:49 +0000
ROA not before: Fri 06 Dec 2024 21:50:49 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 141377
IP address blocks: 103.157.248.0/24 maxlen: 24
103.157.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1842 (0x732)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B36DC
Validity
Not Before: Dec 6 21:50:49 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=675371b9-6cf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:98:00:77:b9:7a:01:85:5f:e3:24:5c:54:a9:
04:ce:d1:d2:f4:15:a3:08:b1:b3:b0:ad:3e:2d:4c:
ac:65:da:37:fe:4c:a1:82:f3:47:f1:52:20:ea:3f:
51:5f:70:54:b3:84:37:ed:e9:25:71:0e:bd:cd:4d:
b1:48:ef:c7:ea:98:83:f1:78:10:35:48:e2:ea:9c:
3e:5f:4f:86:29:c5:15:6a:7e:24:c7:4f:2b:c2:1c:
6b:7a:55:54:35:c3:3b:35:3c:9d:3a:57:c4:fb:2e:
6a:3a:e3:22:42:ee:94:c7:65:c4:c6:93:b2:61:ea:
c1:db:70:7c:66:06:14:7c:4a:b0:9f:ca:77:3f:30:
97:85:4f:6f:b0:a8:70:db:dd:c5:0b:4a:b0:70:65:
b0:2d:bf:58:7e:00:55:6a:d2:f1:37:8b:77:83:1d:
e7:2e:7b:62:cd:38:cd:be:bd:a2:8d:6e:d5:7f:1a:
4d:39:5b:f4:e5:be:7f:24:09:22:ac:7b:3d:5b:8b:
d2:4f:97:a8:a5:ee:c1:9c:12:3e:c0:1f:25:14:43:
1e:49:70:7c:0c:ba:63:76:b0:40:92:29:0f:ed:c4:
f7:b0:02:94:9c:21:cf:d1:c8:5d:e7:92:1b:a2:e6:
95:d3:dd:1e:46:05:9d:3c:01:2e:e1:8c:26:67:72:
cf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F1:6F:2F:F7:53:D6:19:8A:50:EC:43:8A:2A:F0:80:97:69:73:84
X509v3 Authority Key Identifier:
keyid:BC:02:B0:05:CC:AA:04:53:FC:9B:81:7B:B7:8C:BA:91:5F:27:C2:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B36DC/B043647A19F911EBB8CDED4FC4F9AE02/vAKwBcyqBFP8m4F7t4y6kV8nwqg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vAKwBcyqBFP8m4F7t4y6kV8nwqg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B36DC/B043647A19F911EBB8CDED4FC4F9AE02/FEA1EB7219FA11EBA0F82851C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.248.0/23
Signature Algorithm: sha256WithRSAEncryption
33:ae:7c:f7:d7:9c:c2:12:aa:07:d7:e5:0e:10:ad:ce:9e:2f:
56:69:76:33:6d:7f:ee:95:04:7d:0f:38:83:76:f6:9f:f5:82:
e9:0b:8f:23:59:36:a8:52:a8:e5:aa:d0:42:a1:d8:97:7a:54:
e1:7a:d0:9e:7f:06:b2:8d:9c:75:1b:31:30:d7:1a:22:3a:27:
95:e8:0d:5e:0d:38:b5:1b:2e:a3:46:0d:fd:fc:1f:42:82:ab:
82:b3:72:5a:c2:9a:8b:26:0d:b6:76:72:6e:c7:e7:00:16:15:
da:d8:d9:f3:2f:33:ea:f7:69:b8:9b:23:ad:7d:a2:d4:51:4b:
d0:d8:97:0b:3f:a4:55:67:96:72:86:a7:09:7f:45:7e:bd:59:
b1:65:8e:ac:f1:31:58:84:f0:43:76:7e:3b:be:73:f2:5c:cd:
db:58:ee:90:84:1b:82:35:17:1b:b4:8c:f6:1a:22:a1:db:35:
ad:90:0c:76:c7:12:f6:47:6a:3e:12:65:9d:c2:19:84:98:d6:
7a:c6:f7:52:df:8e:b2:6d:5d:a2:13:ef:3a:19:a6:f9:cb:41:
47:0c:bb:f6:dc:b5:0d:a2:65:7f:da:49:4c:7d:9c:4b:a6:d3:
3f:81:94:c0:78:88:03:26:d7:4c:9e:e6:ad:99:31:45:d2:df:
da:cf:7f:92
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBzIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjM2REMxMTAvBgNVBAUTKEJDMDJCMDA1Q0NBQTA0NTNGQzlCODE3QkI3OENCQTkx
NUYyN0MyQTgwHhcNMjQxMjA2MjE1MDQ5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUzNzFiOS02Y2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw5gAd7l6AYVf4yRcVKkEztHS9BWjCLGzsK0+LUysZdo3/kyhgvNH8VIg6j9R
X3BUs4Q37eklcQ69zU2xSO/H6piD8XgQNUji6pw+X0+GKcUVan4kx08rwhxrelVU
NcM7NTydOlfE+y5qOuMiQu6Ux2XExpOyYerB23B8ZgYUfEqwn8p3PzCXhU9vsKhw
293FC0qwcGWwLb9YfgBVatLxN4t3gx3nLntizTjNvr2ijW7VfxpNOVv05b5/JAki
rHs9W4vST5eope7BnBI+wB8lFEMeSXB8DLpjdrBAkikP7cT3sAKUnCHP0chd55Ib
ouaV090eRgWdPAEu4YwmZ3LPcwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEDxby/3
U9YZilDsQ4oq8ICXaXOEMB8GA1UdIwQYMBaAFLwCsAXMqgRT/JuBe7eMupFfJ8Ko
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMzZEQy9CMDQzNjQ3QTE5
RjkxMUVCQjhDREVENEZDNEY5QUUwMi92QUt3QmN5cUJGUDhtNEY3dDR5NmtWOG53
cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZBS3dCY3lxQkZQOG00Rjd0NHk2a1Y4bndxZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjM2REMvQjA0MzY0N0ExOUY5MTFFQkI4Q0RFRDRGQzRGOUFFMDIvRkVBMUVCNzIx
OUZBMTFFQkEwRjgyODUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnfgwDQYJKoZIhvcNAQELBQADggEBADOufPfXnMISqgfX
5Q4Qrc6eL1ZpdjNtf+6VBH0POIN29p/1gukLjyNZNqhSqOWq0EKh2Jd6VOF60J5/
BrKNnHUbMTDXGiI6J5XoDV4NOLUbLqNGDf38H0KCq4KzclrCmosmDbZ2cm7H5wAW
FdrY2fMvM+r3abibI619otRRS9DYlws/pFVnlnKGpwl/RX69WbFljqzxMViE8EN2
fju+c/JczdtY7pCEG4I1Fxu0jPYaIqHbNa2QDHbHEvZHaj4SZZ3CGYSY1nrG91Lf
jrJtXaIT7zoZpvnLQUcMu/bctQ2iZX/aSUx9nEum0z+BlMB4iAMm10ye5q2ZMUXS
39rPf5I=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:12:47 2025 by rpki-client