Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/707BA10E9DB211EAB3A85A19C4F9AE02.roa
File: 707BA10E9DB211EAB3A85A19C4F9AE02.roa (raw, json)
Hash identifier: GS9APLnsd9N7vlTL0hOq7MNSzNO+PtSv7rLmtH3iPh4=
Subject key identifier: 64:22:B9:E7:75:34:85:91:3B:77:30:8F:22:06:B9:EA:C6:26:19:D6
Certificate issuer: /CN=A91B5732/serialNumber=0CEAF28FEE812F1CC97F1C96BCA6452EF72E6D4C
Certificate serial: 0B39
Authority key identifier: 0C:EA:F2:8F:EE:81:2F:1C:C9:7F:1C:96:BC:A6:45:2E:F7:2E:6D:4C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DOryj-6BLxzJfxyWvKZFLvcubUw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/707BA10E9DB211EAB3A85A19C4F9AE02.roa
Signing time: Tue 28 Jan 2025 19:08:18 +0000
ROA not before: Tue 28 Jan 2025 19:08:18 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133187
IP address blocks: 103.203.238.0/23 maxlen: 23
103.243.96.0/22 maxlen: 24
2403:d140::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2873 (0xb39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5732
Validity
Not Before: Jan 28 19:08:18 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67992b22-028c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:20:63:db:4b:f3:50:b1:00:b2:61:05:f2:3e:
b3:07:3d:c7:1a:dc:d9:97:79:9d:64:d8:7e:d6:c2:
51:8b:6b:2a:6a:79:e5:47:6e:4a:eb:d7:0d:d0:79:
be:58:7e:f0:f6:54:76:00:ae:af:de:27:b5:45:7f:
c0:e6:4a:d6:9d:6b:0a:6b:59:3a:55:b9:17:ff:a8:
8e:1d:97:68:c8:6d:81:44:42:63:54:6b:ee:bd:43:
4d:d1:96:24:38:ea:fb:e9:31:a0:67:42:7c:0a:58:
0e:c9:68:ac:2f:52:6e:29:a8:7f:7a:2f:2d:c4:95:
b4:70:4b:13:59:e4:ff:27:52:fc:a2:8c:07:79:23:
e8:85:92:71:32:26:3f:53:87:a0:c9:b8:6e:1e:fc:
ae:22:a9:b4:ff:92:a9:1d:dd:67:a2:a1:ea:a4:39:
eb:6f:95:15:47:59:61:90:ed:1c:ca:e0:2e:33:57:
43:ea:61:fe:9f:8d:ac:ff:2d:4d:da:9a:49:57:14:
26:76:4c:1e:74:44:86:0d:d3:66:c3:de:d7:d8:b4:
53:41:2a:32:a3:41:fe:5e:75:79:36:8d:13:a0:59:
9c:ec:ea:7b:19:90:70:a7:79:4c:01:b3:f5:77:a0:
3b:c2:00:20:b3:7c:f4:d0:55:99:12:b5:57:e0:b1:
b6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:22:B9:E7:75:34:85:91:3B:77:30:8F:22:06:B9:EA:C6:26:19:D6
X509v3 Authority Key Identifier:
keyid:0C:EA:F2:8F:EE:81:2F:1C:C9:7F:1C:96:BC:A6:45:2E:F7:2E:6D:4C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/DOryj-6BLxzJfxyWvKZFLvcubUw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DOryj-6BLxzJfxyWvKZFLvcubUw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/707BA10E9DB211EAB3A85A19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.238.0/23
103.243.96.0/22
IPv6:
2403:d140::/32
Signature Algorithm: sha256WithRSAEncryption
6c:fd:32:e9:e2:a2:68:2d:5b:fc:5a:34:ce:83:16:ba:36:2f:
d7:ec:51:c0:af:d0:07:06:47:b8:56:f7:2d:60:f7:20:75:80:
ef:c6:84:7b:ec:0f:8f:70:9a:3f:04:3e:73:bf:52:19:49:b6:
f6:36:f8:f1:c2:f3:0d:f9:6c:25:e0:de:3c:6d:8a:1c:f0:6f:
da:f3:5a:d6:a1:7f:7d:ff:b5:72:44:8c:77:49:49:b5:a2:a2:
eb:67:70:35:4e:80:62:2e:8c:a3:bc:fb:f7:02:71:1b:f2:6a:
5a:fe:65:3f:9f:35:ec:f9:df:33:5a:f4:bf:25:cc:8b:6f:09:
de:7e:e9:21:ff:03:93:ad:77:cb:47:bc:1d:94:a9:6d:a4:a3:
bb:a5:82:c4:72:da:37:89:95:0f:af:8b:b0:e2:80:28:9e:3d:
6b:0f:d7:a1:44:b7:78:d2:54:b2:f8:69:29:47:2f:30:24:34:
31:eb:28:24:54:7c:85:bb:0e:05:57:23:23:cf:ce:a9:ea:6c:
50:33:96:9b:8e:b7:9d:ff:f9:b8:c5:b2:18:31:b8:d2:91:6f:
17:f8:26:20:f7:ca:3d:0b:48:ce:47:96:6b:39:94:6c:fe:73:
cf:a3:37:0c:0e:1c:1e:3f:0f:d6:cc:d9:9a:91:04:19:e8:81:
70:c4:98:9d
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCzkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjU3MzIxMTAvBgNVBAUTKDBDRUFGMjhGRUU4MTJGMUNDOTdGMUM5NkJDQTY0NTJF
RjcyRTZENEMwHhcNMjUwMTI4MTkwODE4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk5MmIyMi0wMjhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwSBj20vzULEAsmEF8j6zBz3HGtzZl3mdZNh+1sJRi2sqannlR25K69cN0Hm+
WH7w9lR2AK6v3ie1RX/A5krWnWsKa1k6VbkX/6iOHZdoyG2BREJjVGvuvUNN0ZYk
OOr76TGgZ0J8ClgOyWisL1JuKah/ei8txJW0cEsTWeT/J1L8oowHeSPohZJxMiY/
U4egybhuHvyuIqm0/5KpHd1noqHqpDnrb5UVR1lhkO0cyuAuM1dD6mH+n42s/y1N
2ppJVxQmdkwedESGDdNmw97X2LRTQSoyo0H+XnV5No0ToFmc7Op7GZBwp3lMAbP1
d6A7wgAgs3z00FWZErVX4LG2IwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGQiued1
NIWRO3cwjyIGuerGJhnWMB8GA1UdIwQYMBaAFAzq8o/ugS8cyX8clrymRS73Lm1M
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTczMi84QTdFOUU0MjJG
MjMxMUVBOTAzQzE0MzlDNEY5QUUwMi9ET3J5ai02Qkx4ekpmeHlXdktaRkx2Y3Vi
VXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RPcnlqLTZCTHh6SmZ4eVd2S1pGTHZjdWJVdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjU3MzIvOEE3RTlFNDIyRjIzMTFFQTkwM0MxNDM5QzRGOUFFMDIvNzA3QkExMEU5
REIyMTFFQUIzQTg1QTE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAFny+4DBAJn82AwDQQCAAIwBwMFACQD0UAwDQYJKoZIhvcN
AQELBQADggEBAGz9MuniomgtW/xaNM6DFro2L9fsUcCv0AcGR7hW9y1g9yB1gO/G
hHvsD49wmj8EPnO/UhlJtvY2+PHC8w35bCXg3jxtihzwb9rzWtahf33/tXJEjHdJ
SbWioutncDVOgGIujKO8+/cCcRvyalr+ZT+fNez53zNa9L8lzItvCd5+6SH/A5Ot
d8tHvB2UqW2ko7ulgsRy2jeJlQ+vi7DigCiePWsP16FEt3jSVLL4aSlHLzAkNDHr
KCRUfIW7DgVXIyPPzqnqbFAzlpuOt53/+bjFshgxuNKRbxf4JiD3yj0LSM5Hlms5
lGz+c8+jNwwOHB4/D9bM2ZqRBBnogXDEmJ0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:15:27 2025 by rpki-client