Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF4A1/0F587A88B1CC11ED85F25A3DC4F9AE02/4405F70C03AE11F08ECE4754C4F9AE02.roa
File: 4405F70C03AE11F08ECE4754C4F9AE02.roa (raw, json)
Hash identifier: KSItAPOjkLG7UWPYALBIyJeHmExySZ4KDwSB7GWXFrI=
Subject key identifier: AE:1A:A9:89:1B:6F:72:C9:52:BB:1A:6B:66:09:03:0B:01:FE:02:89
Certificate issuer: /CN=A91BF4A1/serialNumber=4FEE47943ABE13E38556A73C281B90E3549237DC
Certificate serial: 018D
Authority key identifier: 4F:EE:47:94:3A:BE:13:E3:85:56:A7:3C:28:1B:90:E3:54:92:37:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T-5HlDq-E-OFVqc8KBuQ41SSN9w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BF4A1/0F587A88B1CC11ED85F25A3DC4F9AE02/4405F70C03AE11F08ECE4754C4F9AE02.roa
Signing time: Tue 18 Mar 2025 04:05:45 +0000
ROA not before: Tue 18 Mar 2025 04:05:45 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 153656
IP address blocks: 103.163.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 397 (0x18d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BF4A1
Validity
Not Before: Mar 18 04:05:45 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67d8f119-7448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b1:78:e0:4e:e3:17:f2:13:6a:c9:f9:9a:9c:
33:6d:bb:d3:0f:76:7b:14:c9:10:be:a5:2a:a5:7f:
12:23:0a:d2:0b:ef:5c:f4:75:be:0c:99:0c:aa:bd:
c1:81:fd:fb:02:cc:57:b2:3b:68:d1:15:59:66:44:
3b:26:b6:02:1c:ff:68:30:89:f9:56:bc:71:60:c3:
38:fd:a4:03:cd:b0:cf:33:bd:d4:9d:01:80:db:ed:
4f:d8:ee:15:79:8e:7a:26:9e:14:8d:bb:67:0b:4f:
9c:42:35:2e:38:ff:78:8a:9f:25:a8:59:63:76:da:
25:60:71:ac:62:6a:04:ca:7b:39:de:67:42:ed:53:
08:c8:34:a1:b9:f5:44:06:34:1d:22:8f:bc:58:cb:
de:5b:2e:72:11:4e:49:fe:0c:f8:d9:13:13:d5:81:
8e:57:e8:ea:96:7e:5e:38:8e:80:48:5d:3e:db:37:
95:a0:23:ca:4c:75:0f:62:8e:c0:98:56:95:3f:bd:
dd:bc:30:e5:7b:6d:0b:f9:55:6a:64:84:75:7b:01:
a5:20:3b:fd:6a:1d:ae:be:73:81:5d:64:64:2b:67:
5f:86:f7:59:0b:84:06:52:25:e6:6d:f8:be:b8:73:
eb:23:69:bc:75:9c:2b:a4:e7:6a:82:94:0d:c4:a5:
7c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:1A:A9:89:1B:6F:72:C9:52:BB:1A:6B:66:09:03:0B:01:FE:02:89
X509v3 Authority Key Identifier:
keyid:4F:EE:47:94:3A:BE:13:E3:85:56:A7:3C:28:1B:90:E3:54:92:37:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BF4A1/0F587A88B1CC11ED85F25A3DC4F9AE02/T-5HlDq-E-OFVqc8KBuQ41SSN9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T-5HlDq-E-OFVqc8KBuQ41SSN9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF4A1/0F587A88B1CC11ED85F25A3DC4F9AE02/4405F70C03AE11F08ECE4754C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.163.208.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:ec:b2:43:84:1b:b9:02:15:b8:04:29:97:76:c8:d6:8a:b5:
db:bb:e2:12:27:63:c5:c6:9c:32:73:af:8c:f7:1b:05:68:ff:
7a:e2:e5:aa:75:a7:ba:5d:50:7e:de:f8:a6:a2:c1:be:e7:a3:
71:aa:4e:3b:b3:14:b7:2e:0d:0d:58:e9:b9:5e:cd:b5:c5:bd:
0a:85:0a:2b:2c:19:3e:4c:a2:36:72:7a:07:f9:48:26:d2:fe:
9a:af:a4:1e:bf:df:80:06:f1:09:32:be:3b:bb:d4:5c:41:11:
a7:31:c3:c3:2b:fc:93:4d:5a:41:0a:6d:73:fc:1c:36:e4:48:
9f:87:a5:5d:bd:76:05:6b:50:67:fa:6e:38:94:1b:ad:61:e9:
21:a2:27:d2:a0:50:b2:6a:f1:80:09:b9:75:b4:d0:a0:ec:4e:
23:bd:77:7e:4f:90:3a:a2:87:62:e4:ba:72:64:59:2f:4f:72:
a2:f1:06:61:90:ab:7d:63:29:6a:96:31:c6:e6:d2:76:79:5c:
ac:fb:a0:e8:20:09:bb:5c:e9:c4:c0:e1:b0:45:c0:28:ff:8f:
5a:3c:26:ea:0d:a1:51:d3:42:76:17:7a:2b:44:ab:62:85:c3:
34:49:19:82:69:83:5b:59:3b:48:ec:65:ed:19:e3:11:b7:60:
cb:37:10:4d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkY0QTExMTAvBgNVBAUTKDRGRUU0Nzk0M0FCRTEzRTM4NTU2QTczQzI4MUI5MEUz
NTQ5MjM3REMwHhcNMjUwMzE4MDQwNTQ1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q4ZjExOS03NDQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp7F44E7jF/ITasn5mpwzbbvTD3Z7FMkQvqUqpX8SIwrSC+9c9HW+DJkMqr3B
gf37AsxXsjto0RVZZkQ7JrYCHP9oMIn5VrxxYMM4/aQDzbDPM73UnQGA2+1P2O4V
eY56Jp4UjbtnC0+cQjUuOP94ip8lqFljdtolYHGsYmoEyns53mdC7VMIyDShufVE
BjQdIo+8WMveWy5yEU5J/gz42RMT1YGOV+jqln5eOI6ASF0+2zeVoCPKTHUPYo7A
mFaVP73dvDDle20L+VVqZIR1ewGlIDv9ah2uvnOBXWRkK2dfhvdZC4QGUiXmbfi+
uHPrI2m8dZwrpOdqgpQNxKV8dQIDAQABo4IClTCCApEwHQYDVR0OBBYEFK4aqYkb
b3LJUrsaa2YJAwsB/gKJMB8GA1UdIwQYMBaAFE/uR5Q6vhPjhVanPCgbkONUkjfc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjRBMS8wRjU4N0E4OEIx
Q0MxMUVEODVGMjVBM0RDNEY5QUUwMi9ULTVIbERxLUUtT0ZWcWM4S0J1UTQxU1NO
OXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1QtNUhsRHEtRS1PRlZxYzhLQnVRNDFTU045dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkY0QTEvMEY1ODdBODhCMUNDMTFFRDg1RjI1QTNEQzRGOUFFMDIvNDQwNUY3MEMw
M0FFMTFGMDhFQ0U0NzU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABno9AwDQYJKoZIhvcNAQELBQADggEBAJrsskOEG7kCFbgE
KZd2yNaKtdu74hInY8XGnDJzr4z3GwVo/3ri5ap1p7pdUH7e+Kaiwb7no3GqTjuz
FLcuDQ1Y6blezbXFvQqFCissGT5MojZyegf5SCbS/pqvpB6/34AG8Qkyvju71FxB
Eacxw8Mr/JNNWkEKbXP8HDbkSJ+HpV29dgVrUGf6bjiUG61h6SGiJ9KgULJq8YAJ
uXW00KDsTiO9d35PkDqih2LkunJkWS9PcqLxBmGQq31jKWqWMcbm0nZ5XKz7oOgg
Cbtc6cTA4bBFwCj/j1o8JuoNoVHTQnYXeitEq2KFwzRJGYJpg1tZO0jsZe0Z4xG3
YMs3EE0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:36:00 2025 by rpki-client