Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4E53/A4A519EA4E6211EBA8ACAC5AC4F9AE02/349EFE924E6511EBBFE35D1AC4F9AE02.roa
File: 349EFE924E6511EBBFE35D1AC4F9AE02.roa (raw, json)
Hash identifier: ErOTyz5l442f54R4SgwNJSi5aE/r3E7WeodId76rTk4=
Subject key identifier: 5E:8F:05:1F:C8:14:E5:39:FE:BC:CE:87:8C:30:EF:C4:0A:26:97:F8
Certificate issuer: /CN=A91D4E53/serialNumber=349E597C71788104B0649F073ABA72F65F284B9A
Certificate serial: 06C3
Authority key identifier: 34:9E:59:7C:71:78:81:04:B0:64:9F:07:3A:BA:72:F6:5F:28:4B:9A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJ5ZfHF4gQSwZJ8HOrpy9l8oS5o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D4E53/A4A519EA4E6211EBA8ACAC5AC4F9AE02/349EFE924E6511EBBFE35D1AC4F9AE02.roa
Signing time: Thu 06 Mar 2025 22:13:06 +0000
ROA not before: Thu 06 Mar 2025 22:13:06 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 136189
IP address blocks: 103.83.122.0/24 maxlen: 24
103.83.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1731 (0x6c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D4E53
Validity
Not Before: Mar 6 22:13:06 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ca1df2-4423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:27:b5:0a:25:4f:07:34:e6:ff:66:ba:1e:31:
1d:c0:1c:38:92:ee:e6:86:02:42:9a:f7:cb:10:62:
c2:e6:c7:1c:ec:94:e1:31:cd:35:1b:02:4a:ca:94:
15:3c:90:59:6b:35:4a:82:26:ff:dc:66:16:8d:a1:
40:a6:ba:d6:09:59:63:fa:a0:1d:e7:c7:c6:f2:1a:
1c:18:67:c1:3a:35:9a:b3:8a:59:90:84:00:3b:78:
31:16:22:ca:3a:47:f9:ec:96:91:00:a8:f3:84:8e:
82:10:ef:17:69:d4:60:7e:cd:d6:56:da:b1:6b:35:
ef:20:3c:88:08:bd:33:cc:bb:99:56:d9:69:3f:02:
2b:3b:d7:f4:12:d8:80:79:70:1e:94:7c:7f:e7:26:
47:cf:be:77:6a:3f:71:9a:53:f4:b3:9f:f7:09:0f:
fe:13:95:15:89:07:87:73:a3:6e:8b:a5:60:5a:95:
87:84:42:6a:97:97:c4:17:36:e3:aa:20:f9:cf:84:
f6:84:de:93:55:5d:b6:65:e6:4d:10:21:14:04:ea:
e2:be:a0:93:85:14:fd:34:f6:66:63:de:5b:ef:82:
cf:bb:be:7e:1a:88:64:5e:74:35:19:64:7e:80:ef:
c7:d8:9c:53:3b:c5:cb:b4:28:93:f8:e3:da:2e:d5:
aa:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:8F:05:1F:C8:14:E5:39:FE:BC:CE:87:8C:30:EF:C4:0A:26:97:F8
X509v3 Authority Key Identifier:
keyid:34:9E:59:7C:71:78:81:04:B0:64:9F:07:3A:BA:72:F6:5F:28:4B:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D4E53/A4A519EA4E6211EBA8ACAC5AC4F9AE02/NJ5ZfHF4gQSwZJ8HOrpy9l8oS5o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJ5ZfHF4gQSwZJ8HOrpy9l8oS5o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4E53/A4A519EA4E6211EBA8ACAC5AC4F9AE02/349EFE924E6511EBBFE35D1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.83.122.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:45:1e:82:a8:85:1a:85:c5:f2:c6:a9:a0:31:f2:c3:e7:7f:
e6:a0:1f:52:98:b9:f2:5e:a5:a9:8a:c1:5c:4d:8a:8a:f4:8a:
8d:b7:b3:5c:5a:3b:d9:72:0f:62:95:fd:72:44:d3:44:34:2c:
ba:5d:97:51:ea:c4:76:1f:48:ce:79:9f:6f:de:38:02:05:21:
e3:0c:12:cb:6b:00:83:d4:c3:08:8c:ac:7c:c3:c0:be:7e:7a:
60:c1:f3:49:f9:7d:ee:2c:15:05:4a:e0:18:ab:0a:d6:9a:ec:
ee:13:81:9e:eb:98:e0:bd:4b:e8:ab:c8:8a:03:cb:9f:1c:cf:
d1:9e:95:92:87:a8:1c:99:a0:be:ed:71:23:e0:3a:26:d9:46:
7c:9f:b6:b8:33:e4:24:81:59:9c:66:86:68:6f:22:7b:0d:c2:
48:61:2a:6a:1a:ae:13:b2:96:ff:53:28:94:c0:02:e3:4a:de:
6a:7e:cf:0e:5a:1a:ac:81:ae:e2:60:f3:e3:9c:94:14:01:ea:
d5:51:f8:ed:67:8d:68:34:8d:00:a0:db:8d:39:04:2c:dc:6b:
32:e2:db:d9:e6:6b:ca:a5:a2:9c:15:89:d7:9c:f2:7d:2a:3f:
9c:d1:8d:4e:b2:12:1f:22:ad:c8:82:3a:69:7a:97:1b:cc:ba:
1f:59:ba:b9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBsMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDRFNTMxMTAvBgNVBAUTKDM0OUU1OTdDNzE3ODgxMDRCMDY0OUYwNzNBQkE3MkY2
NUYyODRCOUEwHhcNMjUwMzA2MjIxMzA2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NhMWRmMi00NDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxSe1CiVPBzTm/2a6HjEdwBw4ku7mhgJCmvfLEGLC5scc7JThMc01GwJKypQV
PJBZazVKgib/3GYWjaFAprrWCVlj+qAd58fG8hocGGfBOjWas4pZkIQAO3gxFiLK
Okf57JaRAKjzhI6CEO8XadRgfs3WVtqxazXvIDyICL0zzLuZVtlpPwIrO9f0EtiA
eXAelHx/5yZHz753aj9xmlP0s5/3CQ/+E5UViQeHc6Nui6VgWpWHhEJql5fEFzbj
qiD5z4T2hN6TVV22ZeZNECEUBOrivqCThRT9NPZmY95b74LPu75+GohkXnQ1GWR+
gO/H2JxTO8XLtCiT+OPaLtWqDwIDAQABo4IClTCCApEwHQYDVR0OBBYEFF6PBR/I
FOU5/rzOh4ww78QKJpf4MB8GA1UdIwQYMBaAFDSeWXxxeIEEsGSfBzq6cvZfKEua
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENEU1My9BNEE1MTlFQTRF
NjIxMUVCQThBQ0FDNUFDNEY5QUUwMi9OSjVaZkhGNGdRU3daSjhIT3JweTlsOG9T
NW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05KNVpmSEY0Z1FTd1pKOEhPcnB5OWw4b1M1by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDRFNTMvQTRBNTE5RUE0RTYyMTFFQkE4QUNBQzVBQzRGOUFFMDIvMzQ5RUZFOTI0
RTY1MTFFQkJGRTM1RDFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnU3owDQYJKoZIhvcNAQELBQADggEBAKhFHoKohRqFxfLG
qaAx8sPnf+agH1KYufJepamKwVxNior0io23s1xaO9lyD2KV/XJE00Q0LLpdl1Hq
xHYfSM55n2/eOAIFIeMMEstrAIPUwwiMrHzDwL5+emDB80n5fe4sFQVK4BirCtaa
7O4TgZ7rmOC9S+iryIoDy58cz9GelZKHqByZoL7tcSPgOibZRnyftrgz5CSBWZxm
hmhvInsNwkhhKmoarhOylv9TKJTAAuNK3mp+zw5aGqyBruJg8+OclBQB6tVR+O1n
jWg0jQCg2405BCzcazLi29nma8qlopwVidec8n0qP5zRjU6yEh8irciCOml6lxvM
uh9Zurk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:16:43 2025 by rpki-client