Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0C0B/4459448C2C6A11EA9CECBF4AC4F9AE02/71E30CDCC4ED11EAA1C5766AC4F9AE02.roa
File: 71E30CDCC4ED11EAA1C5766AC4F9AE02.roa (raw, json)
Hash identifier: vucacXYSTLw3pjicQM0MXD2U1//BsbEO3gpX4wVcXB8=
Subject key identifier: D6:97:1B:05:ED:C8:15:54:74:55:93:7D:FA:6F:B8:F1:60:85:EB:87
Certificate issuer: /CN=A91C0C0B/serialNumber=0128705D69C51E0E2B078AEDB99891E7F19B4D1F
Certificate serial: 0B4B
Authority key identifier: 01:28:70:5D:69:C5:1E:0E:2B:07:8A:ED:B9:98:91:E7:F1:9B:4D:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AShwXWnFHg4rB4rtuZiR5_GbTR8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C0C0B/4459448C2C6A11EA9CECBF4AC4F9AE02/71E30CDCC4ED11EAA1C5766AC4F9AE02.roa
Signing time: Tue 28 Jan 2025 19:08:10 +0000
ROA not before: Tue 28 Jan 2025 19:08:10 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133495
IP address blocks: 103.147.42.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2891 (0xb4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C0C0B
Validity
Not Before: Jan 28 19:08:10 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67992b1a-ae6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:90:4b:0a:87:1c:c8:37:28:69:b8:c0:58:b3:
e3:40:8f:90:cc:25:c3:70:1a:26:70:90:fb:c7:27:
52:a6:4e:d9:ba:11:a2:e4:cc:6b:f3:cf:43:a5:bd:
c0:b1:d2:2d:2a:62:48:c3:bd:07:20:6b:0f:a1:00:
dd:f5:b6:1f:03:15:99:e7:be:a0:23:dd:5c:ba:46:
ab:f5:49:10:ba:d6:48:d0:6e:05:0b:ae:b5:e9:5d:
0a:cb:ce:40:5e:0c:cc:24:20:76:36:58:1d:39:9d:
99:02:24:11:86:62:94:8a:88:c4:c4:bf:41:54:ce:
d8:ee:8a:51:90:e2:19:37:47:7c:84:69:78:2f:b8:
37:ba:0e:f0:ce:34:e7:2b:80:c4:1c:40:60:02:94:
0f:18:b4:58:8b:b5:d4:e4:bb:42:f3:14:08:67:f7:
98:0b:38:7d:54:88:d2:02:08:86:9e:64:ac:2a:2e:
e7:d6:40:5f:6e:0d:bd:4a:7b:cf:d6:4c:86:22:a9:
fc:80:9e:ec:6c:0e:9e:4b:57:ef:b2:6f:c9:9c:b1:
ec:e4:15:29:38:7a:6b:26:e0:cb:7f:bf:87:9a:35:
8b:93:e0:46:35:4d:4b:25:2c:79:8e:f0:b4:44:1e:
67:a0:66:fa:b3:c9:5f:99:72:81:c6:e4:b4:db:9d:
e7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:97:1B:05:ED:C8:15:54:74:55:93:7D:FA:6F:B8:F1:60:85:EB:87
X509v3 Authority Key Identifier:
keyid:01:28:70:5D:69:C5:1E:0E:2B:07:8A:ED:B9:98:91:E7:F1:9B:4D:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C0C0B/4459448C2C6A11EA9CECBF4AC4F9AE02/AShwXWnFHg4rB4rtuZiR5_GbTR8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AShwXWnFHg4rB4rtuZiR5_GbTR8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0C0B/4459448C2C6A11EA9CECBF4AC4F9AE02/71E30CDCC4ED11EAA1C5766AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.147.42.0/23
Signature Algorithm: sha256WithRSAEncryption
44:8f:83:9f:6a:bb:25:91:de:22:d0:e2:22:5a:9b:2b:6b:64:
f7:77:54:8a:ac:88:f2:8c:e5:5d:4c:b2:5b:dd:e0:f3:ba:64:
5c:2d:05:a3:57:d1:bd:dd:3b:6b:8f:0f:91:99:ad:20:1b:ca:
94:c6:3c:fa:5f:db:5c:b4:22:86:24:ce:c3:73:4d:51:77:b4:
80:67:19:3d:4b:16:8b:78:71:7a:b9:d2:1e:fd:e2:fc:f4:f9:
df:46:c3:f1:03:90:63:f3:d2:65:31:81:b7:60:1a:6d:e8:59:
c3:db:e5:c1:83:c4:3d:ad:a3:a1:85:3a:21:0e:72:06:20:14:
26:2f:e4:7f:74:06:68:f0:ab:81:34:b7:dd:86:10:bb:92:4b:
12:de:52:50:19:33:65:74:62:bb:a9:57:2b:38:5d:28:cc:ca:
2b:8e:3a:3c:2e:83:c5:4a:f9:66:dd:cd:c9:f7:44:01:21:30:
64:72:d3:d8:bf:ac:93:8c:59:9e:2c:1f:3e:af:04:ba:15:3d:
29:e7:03:65:98:05:43:5b:84:63:04:bb:c6:16:1b:d3:13:2d:
63:2c:3a:07:23:a5:e2:a0:20:b2:ae:ee:e7:d4:bd:94:25:de:
16:b8:04:a8:71:10:3b:e9:46:bd:be:60:dd:76:97:06:49:56:
22:cb:1c:d2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC0swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzBDMEIxMTAvBgNVBAUTKDAxMjg3MDVENjlDNTFFMEUyQjA3OEFFREI5OTg5MUU3
RjE5QjREMUYwHhcNMjUwMTI4MTkwODEwWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk5MmIxYS1hZTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqpBLCoccyDcoabjAWLPjQI+QzCXDcBomcJD7xydSpk7ZuhGi5Mxr889Dpb3A
sdItKmJIw70HIGsPoQDd9bYfAxWZ576gI91cukar9UkQutZI0G4FC6616V0Ky85A
XgzMJCB2NlgdOZ2ZAiQRhmKUiojExL9BVM7Y7opRkOIZN0d8hGl4L7g3ug7wzjTn
K4DEHEBgApQPGLRYi7XU5LtC8xQIZ/eYCzh9VIjSAgiGnmSsKi7n1kBfbg29SnvP
1kyGIqn8gJ7sbA6eS1fvsm/JnLHs5BUpOHprJuDLf7+HmjWLk+BGNU1LJSx5jvC0
RB5noGb6s8lfmXKBxuS0253nHwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNaXGwXt
yBVUdFWTffpvuPFgheuHMB8GA1UdIwQYMBaAFAEocF1pxR4OKweK7bmYkefxm00f
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEMwQi80NDU5NDQ4QzJD
NkExMUVBOUNFQ0JGNEFDNEY5QUUwMi9BU2h3WFduRkhnNHJCNHJ0dVppUjVfR2JU
UjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FTaHdYV25GSGc0ckI0cnR1WmlSNV9HYlRSOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzBDMEIvNDQ1OTQ0OEMyQzZBMTFFQTlDRUNCRjRBQzRGOUFFMDIvNzFFMzBDREND
NEVEMTFFQUExQzU3NjZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnkyowDQYJKoZIhvcNAQELBQADggEBAESPg59quyWR3iLQ
4iJamytrZPd3VIqsiPKM5V1Mslvd4PO6ZFwtBaNX0b3dO2uPD5GZrSAbypTGPPpf
21y0IoYkzsNzTVF3tIBnGT1LFot4cXq50h794vz0+d9Gw/EDkGPz0mUxgbdgGm3o
WcPb5cGDxD2to6GFOiEOcgYgFCYv5H90Bmjwq4E0t92GELuSSxLeUlAZM2V0Yrup
Vys4XSjMyiuOOjwug8VK+Wbdzcn3RAEhMGRy09i/rJOMWZ4sHz6vBLoVPSnnA2WY
BUNbhGMEu8YWG9MTLWMsOgcjpeKgILKu7ufUvZQl3ha4BKhxEDvpRr2+YN12lwZJ
ViLLHNI=
-----END CERTIFICATE-----
Generated at Wed Apr 9 20:15:30 2025 by rpki-client