Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CCDF3/42DE4836FF7611EDB8981558C4F9AE02/851A7AD6FF7F11EDA505D70EC4F9AE02.roa
File: 851A7AD6FF7F11EDA505D70EC4F9AE02.roa (raw, json)
Hash identifier: dYTddJDImyu3rpg7QICAEFzGZsVfww3CPHFdjrscptU=
Subject key identifier: 13:CA:97:2D:4D:67:8A:AE:7D:09:38:80:4B:C0:47:36:59:44:51:01
Certificate issuer: /CN=A91CCDF3/serialNumber=C915FD3BD45B8218B95F573749D3AA498016AAA9
Certificate serial: 013B
Authority key identifier: C9:15:FD:3B:D4:5B:82:18:B9:5F:57:37:49:D3:AA:49:80:16:AA:A9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yRX9O9Rbghi5X1c3SdOqSYAWqqk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CCDF3/42DE4836FF7611EDB8981558C4F9AE02/851A7AD6FF7F11EDA505D70EC4F9AE02.roa
Signing time: Wed 29 Jan 2025 03:06:58 +0000
ROA not before: Wed 29 Jan 2025 03:06:58 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 58604
IP address blocks: 103.247.38.0/23 maxlen: 23
103.247.38.0/24 maxlen: 24
103.247.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 315 (0x13b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CCDF3
Validity
Not Before: Jan 29 03:06:58 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67999b51-3a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:77:e7:81:ba:d0:4a:59:3f:cb:b9:42:22:3d:
b1:3f:ac:a9:ae:fb:a4:8c:01:63:06:46:b4:23:80:
ce:4f:fa:31:95:4c:f2:13:e2:7a:4f:09:60:b9:1e:
44:50:16:be:c9:55:e0:c4:d0:b9:8e:28:6f:ca:6f:
e9:4f:d7:6c:e8:79:b6:39:df:0f:0d:7b:c4:47:2a:
c8:fe:19:ed:94:0a:85:9a:79:95:95:3f:06:5a:7a:
33:b3:62:d6:89:ee:f9:07:bc:6c:32:cc:54:ce:98:
f7:84:31:6e:fc:a6:22:ed:22:bc:ab:f4:99:df:d0:
af:d5:17:4a:81:e8:8a:e2:34:02:bd:ee:dc:b4:0c:
e1:ea:27:e5:32:ac:d8:25:4b:d1:92:ad:0e:5e:e5:
7c:7f:ef:1b:5a:f0:cb:e7:19:2f:3d:bc:ec:cc:91:
55:44:17:27:fa:82:a8:d4:3d:f8:39:28:6d:d2:35:
a0:4e:b8:7d:2b:99:98:5e:86:71:7f:62:4a:50:c9:
5d:11:10:26:38:ab:80:96:47:b5:4a:d5:8b:80:50:
8c:b4:22:10:6a:07:50:fc:4e:55:36:d4:c2:f1:ff:
6a:21:f7:11:68:9b:5d:7e:9d:2d:33:1a:9d:36:dd:
7a:67:fa:8a:97:74:fb:a1:cd:74:9f:04:b4:88:7b:
a1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:CA:97:2D:4D:67:8A:AE:7D:09:38:80:4B:C0:47:36:59:44:51:01
X509v3 Authority Key Identifier:
keyid:C9:15:FD:3B:D4:5B:82:18:B9:5F:57:37:49:D3:AA:49:80:16:AA:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CCDF3/42DE4836FF7611EDB8981558C4F9AE02/yRX9O9Rbghi5X1c3SdOqSYAWqqk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yRX9O9Rbghi5X1c3SdOqSYAWqqk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CCDF3/42DE4836FF7611EDB8981558C4F9AE02/851A7AD6FF7F11EDA505D70EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.247.38.0/23
Signature Algorithm: sha256WithRSAEncryption
03:84:cb:0c:a3:e6:95:8c:09:5d:0d:d2:d3:ea:61:cf:2f:76:
61:4f:1d:b3:69:5c:6a:9d:e5:37:4f:c5:cd:1f:9d:3c:71:2b:
db:d8:4a:7f:8e:18:8c:d1:6c:30:1e:a4:15:2e:38:b3:26:5c:
a7:58:f5:98:08:42:8f:9e:23:eb:10:63:84:bd:b3:9d:eb:b5:
f5:38:05:e5:21:f7:ff:6a:6b:74:04:37:60:a4:0f:26:b3:37:
5f:b5:95:f8:13:33:70:9c:f9:4c:33:21:d1:f8:d0:c9:00:71:
32:67:33:be:c1:5a:bd:3d:2a:4f:19:ac:a7:b8:ea:d8:0d:34:
00:6b:6e:71:d6:29:f7:bf:a8:d2:29:32:08:94:02:ca:29:61:
41:80:59:31:a0:2c:54:2f:de:10:58:b4:0f:d2:d9:94:1d:6b:
bb:bc:fa:15:69:a6:39:4a:9b:e7:96:16:31:51:8c:14:91:8a:
98:32:93:4b:1f:e8:93:42:45:ff:f8:f5:e0:f6:8f:39:0f:e7:
4a:05:6f:bc:eb:ad:3f:5a:40:08:0c:eb:b8:f3:77:46:6d:66:
e9:c7:9a:34:bc:39:ed:5a:18:72:33:ca:38:d7:57:cb:21:3c:
ef:5e:a6:e0:dd:88:ed:43:9c:77:09:8b:e1:e7:93:9b:9b:7f:
2e:1c:59:8c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICATswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0NERjMxMTAvBgNVBAUTKEM5MTVGRDNCRDQ1QjgyMThCOTVGNTczNzQ5RDNBQTQ5
ODAxNkFBQTkwHhcNMjUwMTI5MDMwNjU4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk5OWI1MS0zYTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4XfngbrQSlk/y7lCIj2xP6yprvukjAFjBka0I4DOT/oxlUzyE+J6TwlguR5E
UBa+yVXgxNC5jihvym/pT9ds6Hm2Od8PDXvERyrI/hntlAqFmnmVlT8GWnozs2LW
ie75B7xsMsxUzpj3hDFu/KYi7SK8q/SZ39Cv1RdKgeiK4jQCve7ctAzh6iflMqzY
JUvRkq0OXuV8f+8bWvDL5xkvPbzszJFVRBcn+oKo1D34OSht0jWgTrh9K5mYXoZx
f2JKUMldERAmOKuAlke1StWLgFCMtCIQagdQ/E5VNtTC8f9qIfcRaJtdfp0tMxqd
Nt16Z/qKl3T7oc10nwS0iHuhowIDAQABo4IClTCCApEwHQYDVR0OBBYEFBPKly1N
Z4qufQk4gEvARzZZRFEBMB8GA1UdIwQYMBaAFMkV/TvUW4IYuV9XN0nTqkmAFqqp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQ0RGMy80MkRFNDgzNkZG
NzYxMUVEQjg5ODE1NThDNEY5QUUwMi95Ulg5TzlSYmdoaTVYMWMzU2RPcVNZQVdx
cWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lSWDlPOVJiZ2hpNVgxYzNTZE9xU1lBV3Fxay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0NERjMvNDJERTQ4MzZGRjc2MTFFREI4OTgxNTU4QzRGOUFFMDIvODUxQTdBRDZG
RjdGMTFFREE1MDVENzBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn9yYwDQYJKoZIhvcNAQELBQADggEBAAOEywyj5pWMCV0N
0tPqYc8vdmFPHbNpXGqd5TdPxc0fnTxxK9vYSn+OGIzRbDAepBUuOLMmXKdY9ZgI
Qo+eI+sQY4S9s53rtfU4BeUh9/9qa3QEN2CkDyazN1+1lfgTM3Cc+UwzIdH40MkA
cTJnM77BWr09Kk8ZrKe46tgNNABrbnHWKfe/qNIpMgiUAsopYUGAWTGgLFQv3hBY
tA/S2ZQda7u8+hVppjlKm+eWFjFRjBSRipgyk0sf6JNCRf/49eD2jzkP50oFb7zr
rT9aQAgM67jzd0ZtZunHmjS8Oe1aGHIzyjjXV8shPO9epuDdiO1DnHcJi+Hnk5ub
fy4cWYw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:49:55 2025 by rpki-client