Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/2FF45F2A3A7E11EDA75E2E49C4F9AE02.roa
File: 2FF45F2A3A7E11EDA75E2E49C4F9AE02.roa (raw, json)
Hash identifier: 1mI7ZNhBfFNd49vJc8LjEK1WRxbqhGDvQpXQXWzOWdw=
Subject key identifier: 07:C0:85:5A:4D:35:F4:26:4F:74:A6:29:6F:44:E9:F8:91:A2:52:B7
Certificate issuer: /CN=A91B5073/serialNumber=17817CB8289231B4707E9D5B406D58AFF79D1E01
Certificate serial: 0866
Authority key identifier: 17:81:7C:B8:28:92:31:B4:70:7E:9D:5B:40:6D:58:AF:F7:9D:1E:01
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F4F8uCiSMbRwfp1bQG1Yr_edHgE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/2FF45F2A3A7E11EDA75E2E49C4F9AE02.roa
Signing time: Fri 13 Dec 2024 16:41:08 +0000
ROA not before: Fri 13 Dec 2024 16:41:08 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 149311
IP address blocks: 103.134.201.0/24 maxlen: 24
103.134.202.0/24 maxlen: 24
103.134.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2150 (0x866)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5073
Validity
Not Before: Dec 13 16:41:08 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=675c63a4-a394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d3:f3:cf:57:34:00:19:27:5e:eb:87:48:5e:
b1:36:86:bd:d1:86:a7:26:ff:aa:af:42:08:26:47:
b4:3f:1b:a5:bf:55:88:d2:75:de:35:f1:4c:9f:0d:
4a:ef:3a:34:e5:9b:fb:7a:28:27:23:00:29:1c:e8:
58:89:91:e3:45:bd:54:10:09:57:2e:fe:7f:ea:17:
81:4d:cb:6a:90:dc:a9:1d:8b:db:0e:4d:27:6a:05:
eb:2b:21:76:bd:9b:eb:3a:45:f9:e8:f4:69:3b:2a:
cf:95:b9:66:7c:eb:b4:a0:c6:e1:75:61:8a:82:05:
ca:d4:42:ee:65:35:c4:a0:06:7a:cd:a7:7e:47:d0:
2c:70:13:3c:90:68:18:15:e7:f8:b9:b6:59:39:9c:
09:21:1f:d7:23:9f:96:c0:2a:d1:98:8e:81:19:fc:
fd:0d:e2:21:a8:d3:2d:54:e4:d7:05:a8:fd:8e:dc:
8f:d6:81:6c:7b:22:3e:12:2e:ec:5a:4f:01:68:fe:
67:ac:71:34:7b:2c:a4:4f:df:1c:4f:64:61:bf:f2:
ea:70:20:98:12:bf:4a:cd:3e:b1:ae:96:ca:83:4b:
25:9b:25:d6:81:1d:81:00:23:9f:ae:68:79:6c:c6:
09:5f:57:01:ca:d4:e1:b4:d8:f0:ee:a1:62:92:14:
8c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:C0:85:5A:4D:35:F4:26:4F:74:A6:29:6F:44:E9:F8:91:A2:52:B7
X509v3 Authority Key Identifier:
keyid:17:81:7C:B8:28:92:31:B4:70:7E:9D:5B:40:6D:58:AF:F7:9D:1E:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/F4F8uCiSMbRwfp1bQG1Yr_edHgE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F4F8uCiSMbRwfp1bQG1Yr_edHgE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/2FF45F2A3A7E11EDA75E2E49C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.201.0-103.134.203.255
Signature Algorithm: sha256WithRSAEncryption
54:6c:50:bd:8a:4c:6d:b9:a0:d2:58:05:b2:93:6b:7a:46:bb:
26:89:5f:41:56:36:19:aa:de:b1:92:5a:fe:ce:db:73:4d:82:
e4:67:21:36:c0:3c:4a:c1:c6:0a:9e:42:44:49:cb:a1:bc:f6:
91:e0:9c:d6:61:b0:ef:35:8c:dc:41:3f:d7:20:fb:87:15:bc:
4d:3e:80:5d:e9:05:ed:c4:50:8c:31:07:1d:21:5b:f3:47:d2:
d3:e6:b8:78:ad:5f:5e:0a:81:64:1b:f1:2f:25:1e:b7:ae:89:
c8:38:67:ce:28:6b:d3:24:81:61:51:35:c9:dc:05:0b:8f:2e:
eb:3e:0c:2b:8a:6f:6c:14:c2:76:b4:67:a9:64:83:46:84:ff:
e4:f3:7a:1d:4c:7d:22:35:a8:9d:d0:df:89:1d:cc:5d:68:d5:
e6:39:68:79:af:0e:f9:1d:1b:7a:56:6f:08:9c:e8:12:bd:3d:
ae:94:45:1b:84:91:99:71:ea:c4:95:02:f3:e5:c9:bc:33:cb:
df:8b:c3:30:cb:be:e6:09:22:89:ea:e7:5c:55:c8:0a:49:20:
af:61:87:12:00:d0:11:ca:83:99:45:1b:b3:da:9e:73:bf:17:
f3:98:29:77:f9:25:41:c3:16:b4:63:cd:eb:bb:54:38:1a:4a:
de:4a:24:90
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICCGYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjUwNzMxMTAvBgNVBAUTKDE3ODE3Q0I4Mjg5MjMxQjQ3MDdFOUQ1QjQwNkQ1OEFG
Rjc5RDFFMDEwHhcNMjQxMjEzMTY0MTA4WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVjNjNhNC1hMzk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyNPzz1c0ABknXuuHSF6xNoa90YanJv+qr0IIJke0Pxulv1WI0nXeNfFMnw1K
7zo05Zv7eignIwApHOhYiZHjRb1UEAlXLv5/6heBTctqkNypHYvbDk0nagXrKyF2
vZvrOkX56PRpOyrPlblmfOu0oMbhdWGKggXK1ELuZTXEoAZ6zad+R9AscBM8kGgY
Fef4ubZZOZwJIR/XI5+WwCrRmI6BGfz9DeIhqNMtVOTXBaj9jtyP1oFseyI+Ei7s
Wk8BaP5nrHE0eyykT98cT2Rhv/LqcCCYEr9KzT6xrpbKg0slmyXWgR2BACOfrmh5
bMYJX1cBytThtNjw7qFikhSM6wIDAQABo4ICnTCCApkwHQYDVR0OBBYEFAfAhVpN
NfQmT3SmKW9E6fiRolK3MB8GA1UdIwQYMBaAFBeBfLgokjG0cH6dW0BtWK/3nR4B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTA3My80M0YxNjI2NDMz
OTUxMUU5QkZCMUMyMUFDNEY5QUUwMi9GNEY4dUNpU01iUndmcDFiUUcxWXJfZWRI
Z0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Y0Rjh1Q2lTTWJSd2ZwMWJRRzFZcl9lZEhnRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjUwNzMvNDNGMTYyNjQzMzk1MTFFOUJGQjFDMjFBQzRGOUFFMDIvMkZGNDVGMkEz
QTdFMTFFREE3NUUyRTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGeGyQMEAmeGyDANBgkqhkiG9w0BAQsFAAOCAQEAVGxQ
vYpMbbmg0lgFspNreka7JolfQVY2GaresZJa/s7bc02C5GchNsA8SsHGCp5CREnL
obz2keCc1mGw7zWM3EE/1yD7hxW8TT6AXekF7cRQjDEHHSFb80fS0+a4eK1fXgqB
ZBvxLyUet66JyDhnzihr0ySBYVE1ydwFC48u6z4MK4pvbBTCdrRnqWSDRoT/5PN6
HUx9IjWondDfiR3MXWjV5jloea8O+R0belZvCJzoEr09rpRFG4SRmXHqxJUC8+XJ
vDPL34vDMMu+5gkiiernXFXICkkgr2GHEgDQEcqDmUUbs9qec78X85gpd/klQcMW
tGPN67tUOBpK3kokkA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 10:34:30 2025 by rpki-client