Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/86550F680B4311EE8ABEE820C4F9AE02.roa
File: 86550F680B4311EE8ABEE820C4F9AE02.roa (raw, json)
Hash identifier: yWfAEaYcbh5fjpOL87NsV9hi8Cg9epFjV+c+Su0AUew=
Subject key identifier: 63:04:F6:DF:B4:39:8E:03:E8:45:03:50:D3:CA:58:28:63:FD:94:9F
Certificate issuer: /CN=A91C63A6/serialNumber=701F3C14F0AD7EEF65D34D003CDC1924648CDE37
Certificate serial: 039B
Authority key identifier: 70:1F:3C:14:F0:AD:7E:EF:65:D3:4D:00:3C:DC:19:24:64:8C:DE:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cB88FPCtfu9l000APNwZJGSM3jc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/86550F680B4311EE8ABEE820C4F9AE02.roa
Signing time: Mon 17 Mar 2025 00:46:18 +0000
ROA not before: Mon 17 Mar 2025 00:46:18 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 140630
IP address blocks: 103.84.44.0/24 maxlen: 24
103.84.45.0/24 maxlen: 24
103.84.46.0/24 maxlen: 24
103.84.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 923 (0x39b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C63A6
Validity
Not Before: Mar 17 00:46:18 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67d770da-a9fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:50:fd:8a:4a:91:f6:e2:7e:6d:f0:ad:e2:32:
c9:0b:c4:dc:1a:10:c5:6d:ee:82:2c:84:5d:31:00:
cb:86:45:13:cf:18:27:6a:ef:62:a4:80:aa:51:f9:
3a:22:78:94:a2:fe:9a:51:97:7d:b4:21:69:fc:c8:
a3:9c:a5:9a:c1:48:51:22:cc:2c:c7:e9:ab:46:78:
6b:18:2e:ae:c2:b7:9e:82:d2:5a:7f:85:87:83:a8:
bd:d7:e7:4a:53:26:c2:9c:42:9a:f0:13:8e:ce:85:
77:6e:52:7c:84:19:84:d1:74:c7:fc:02:92:cf:30:
26:3c:8c:96:73:41:c3:4e:10:ac:97:64:29:ad:29:
5c:06:46:9d:99:82:16:d8:fe:49:41:13:e6:d4:77:
c5:99:69:fc:1f:53:f6:af:a0:e2:21:76:ef:75:47:
cf:2f:d2:2f:c3:92:92:ed:0f:6a:1f:f2:69:b2:ea:
61:44:24:21:58:b9:dc:8b:7b:a7:4f:97:3c:cb:41:
32:df:64:37:bf:da:43:d0:cc:04:03:d4:4a:ea:13:
91:40:84:71:20:46:d6:4b:97:1b:37:1a:d6:0b:aa:
ae:be:f3:51:36:f1:52:c8:ce:a7:3c:04:d5:3e:a1:
10:10:7c:57:8d:7f:41:43:e3:8f:20:8e:0d:7b:f5:
68:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:04:F6:DF:B4:39:8E:03:E8:45:03:50:D3:CA:58:28:63:FD:94:9F
X509v3 Authority Key Identifier:
keyid:70:1F:3C:14:F0:AD:7E:EF:65:D3:4D:00:3C:DC:19:24:64:8C:DE:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/cB88FPCtfu9l000APNwZJGSM3jc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cB88FPCtfu9l000APNwZJGSM3jc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/86550F680B4311EE8ABEE820C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.44.0/22
Signature Algorithm: sha256WithRSAEncryption
68:e9:d9:35:9d:82:a5:95:2f:18:b8:12:22:ae:ea:7c:cc:99:
0e:bb:e6:6b:60:ab:95:18:fd:87:53:c4:0b:92:98:76:1d:34:
04:47:8a:52:6e:df:c6:1f:d2:e1:cd:c8:08:89:cc:04:b6:90:
37:7b:ea:df:00:08:c6:6f:7e:4c:71:13:d9:00:16:85:71:bd:
c4:2f:aa:7d:8b:4d:23:6e:dc:7e:9e:38:c0:09:46:19:cf:30:
7a:8c:cc:2e:6e:a8:ff:80:b6:af:81:dd:f7:ce:f4:7d:f4:c9:
66:f9:a7:2c:88:17:3e:c9:e1:fc:51:44:f3:21:45:cc:36:df:
34:30:3f:97:55:69:f0:20:d4:2f:65:d6:4a:ba:1c:ac:06:b7:
ad:aa:b2:ab:b9:b8:ce:ad:74:1b:e5:d0:30:ad:ec:f0:44:78:
9b:c4:c9:67:5f:d0:e2:e5:e3:f1:c2:b3:9b:fe:37:e3:ec:59:
3b:5c:d0:a7:47:5f:f7:15:10:91:b7:92:c0:e6:04:4c:dc:30:
ac:41:f6:93:72:b8:4c:d5:79:4e:28:03:62:11:97:55:85:e1:
a1:8e:aa:16:1b:7e:39:93:a8:ea:60:c8:c4:6c:b0:f4:c4:0d:
8a:bc:01:5f:47:f0:3d:52:08:01:78:92:03:e2:0e:fb:33:36:
7e:3c:3d:9c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA5swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzYzQTYxMTAvBgNVBAUTKDcwMUYzQzE0RjBBRDdFRUY2NUQzNEQwMDNDREMxOTI0
NjQ4Q0RFMzcwHhcNMjUwMzE3MDA0NjE4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q3NzBkYS1hOWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyVD9ikqR9uJ+bfCt4jLJC8TcGhDFbe6CLIRdMQDLhkUTzxgnau9ipICqUfk6
IniUov6aUZd9tCFp/MijnKWawUhRIswsx+mrRnhrGC6uwreegtJaf4WHg6i91+dK
UybCnEKa8BOOzoV3blJ8hBmE0XTH/AKSzzAmPIyWc0HDThCsl2QprSlcBkadmYIW
2P5JQRPm1HfFmWn8H1P2r6DiIXbvdUfPL9Ivw5KS7Q9qH/JpsuphRCQhWLnci3un
T5c8y0Ey32Q3v9pD0MwEA9RK6hORQIRxIEbWS5cbNxrWC6quvvNRNvFSyM6nPATV
PqEQEHxXjX9BQ+OPII4Ne/VoCQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGME9t+0
OY4D6EUDUNPKWChj/ZSfMB8GA1UdIwQYMBaAFHAfPBTwrX7vZdNNADzcGSRkjN43
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjNBNi8wRDM5QzRFNDlB
OUIxMUVDODJDNzBCMjBDNEY5QUUwMi9jQjg4RlBDdGZ1OWwwMDBBUE53WkpHU00z
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NCODhGUEN0ZnU5bDAwMEFQTndaSkdTTTNqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzYzQTYvMEQzOUM0RTQ5QTlCMTFFQzgyQzcwQjIwQzRGOUFFMDIvODY1NTBGNjgw
QjQzMTFFRThBQkVFODIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnVCwwDQYJKoZIhvcNAQELBQADggEBAGjp2TWdgqWVLxi4
EiKu6nzMmQ675mtgq5UY/YdTxAuSmHYdNARHilJu38Yf0uHNyAiJzAS2kDd76t8A
CMZvfkxxE9kAFoVxvcQvqn2LTSNu3H6eOMAJRhnPMHqMzC5uqP+Atq+B3ffO9H30
yWb5pyyIFz7J4fxRRPMhRcw23zQwP5dVafAg1C9l1kq6HKwGt62qsqu5uM6tdBvl
0DCt7PBEeJvEyWdf0OLl4/HCs5v+N+PsWTtc0KdHX/cVEJG3ksDmBEzcMKxB9pNy
uEzVeU4oA2IRl1WF4aGOqhYbfjmTqOpgyMRssPTEDYq8AV9H8D1SCAF4kgPiDvsz
Nn48PZw=
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:14:46 2025 by rpki-client