Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5AA8/2785991291EF11EDB06BAD1FC4F9AE02/994AC0903E1E11EFB5BBDD3BC4F9AE02.roa
File: 994AC0903E1E11EFB5BBDD3BC4F9AE02.roa (raw, json)
Hash identifier: xyd0ZZrH0VHNsmRtbjg/g57C4k5UyZ1DuB1/mljU4Qg=
Subject key identifier: 2B:D2:A1:30:1B:32:F4:2E:AA:F7:45:B9:44:AC:4B:D8:FF:4A:92:16
Certificate issuer: /CN=A91D5AA8/serialNumber=D04CB1E27157868F74F36D707915D9D7F097C908
Certificate serial: 0188
Authority key identifier: D0:4C:B1:E2:71:57:86:8F:74:F3:6D:70:79:15:D9:D7:F0:97:C9:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Eyx4nFXho90821weRXZ1_CXyQg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D5AA8/2785991291EF11EDB06BAD1FC4F9AE02/994AC0903E1E11EFB5BBDD3BC4F9AE02.roa
Signing time: Tue 21 Jan 2025 02:26:16 +0000
ROA not before: Tue 21 Jan 2025 02:26:16 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 25687
IP address blocks: 103.224.8.0/22 maxlen: 22
103.224.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 392 (0x188)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D5AA8
Validity
Not Before: Jan 21 02:26:16 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=678f05c7-001d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ad:b1:7b:c6:21:b3:b5:e3:0a:83:d2:72:cd:
ed:3d:e0:b3:20:6d:7c:ca:cf:85:fd:70:b9:9e:e9:
06:8f:42:6b:20:98:5f:a8:0d:9a:e8:3f:05:81:6f:
f2:00:54:49:f1:73:1d:e2:a8:ab:6a:5c:b8:e7:f9:
a2:15:76:37:ee:99:c5:f4:17:ff:13:e4:77:85:b5:
56:26:57:eb:50:08:8a:31:e0:e8:ec:4b:5a:6c:f6:
45:30:3b:90:ea:66:ae:c2:30:e5:40:5f:36:e1:06:
c4:a1:77:6d:c7:99:64:f2:87:2f:de:05:bd:95:87:
c7:c8:fa:da:16:08:54:fc:bc:e3:f7:fa:15:15:72:
9d:0e:6c:b6:7e:ef:67:59:b9:e0:f5:fb:8e:de:f2:
f6:be:a0:23:2f:31:71:b5:9a:cf:25:01:cb:8c:73:
4d:38:ea:f2:31:bb:6b:c7:6c:99:79:b1:86:7e:d0:
cb:e7:e5:a4:df:04:e6:02:d9:0b:c3:86:4a:d8:89:
a5:26:d1:4c:8e:0c:18:89:96:93:d9:4e:68:c9:82:
f1:e8:09:1c:eb:38:cb:b4:7d:2e:93:d5:b6:2e:17:
a6:c0:3f:9a:ef:d4:a1:6c:58:c0:05:c5:f2:bf:7b:
80:d8:d6:ad:4b:15:21:f4:3d:83:a0:5d:63:96:e6:
b4:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D2:A1:30:1B:32:F4:2E:AA:F7:45:B9:44:AC:4B:D8:FF:4A:92:16
X509v3 Authority Key Identifier:
keyid:D0:4C:B1:E2:71:57:86:8F:74:F3:6D:70:79:15:D9:D7:F0:97:C9:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D5AA8/2785991291EF11EDB06BAD1FC4F9AE02/0Eyx4nFXho90821weRXZ1_CXyQg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Eyx4nFXho90821weRXZ1_CXyQg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5AA8/2785991291EF11EDB06BAD1FC4F9AE02/994AC0903E1E11EFB5BBDD3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.224.8.0/22
Signature Algorithm: sha256WithRSAEncryption
99:58:47:a3:5d:22:ea:45:26:aa:01:4a:4a:fc:3b:59:96:d2:
ea:17:4f:4e:26:e1:58:4d:ce:47:35:c2:a6:36:bf:74:2d:45:
0d:65:51:41:40:f7:6b:06:98:6b:8a:96:76:7d:2f:16:28:a9:
38:e2:9c:b7:ea:62:5e:6d:03:cc:3f:e5:ad:e9:51:b8:2d:ec:
c0:15:b1:60:fa:0c:a3:27:4d:a8:cd:23:44:85:2a:66:d7:30:
9a:83:c5:7f:33:47:8b:bf:48:e3:16:c8:e7:33:1a:39:60:fa:
98:81:a4:9c:ae:50:b3:87:3c:09:dc:1c:cd:4a:73:67:64:d1:
4e:d1:c3:4b:1a:28:6a:22:7b:41:69:5c:cc:07:d0:e8:fc:f3:
43:77:a0:8b:ad:31:51:2b:a1:1e:e0:6c:0d:f3:ec:3d:19:46:
16:98:96:02:6d:ef:6f:bf:f0:7b:9d:08:18:91:f7:ef:99:7e:
c6:b8:1b:37:88:8b:28:3c:39:68:8a:d5:7d:b6:35:5e:1c:7e:
a0:56:b7:65:e0:c1:8d:af:3b:c1:d4:60:de:0f:e9:d3:6b:e5:
33:59:8c:c8:44:fc:8d:35:56:0e:42:45:81:cc:d8:f2:74:d9:
0b:b8:ab:9f:a1:88:a2:84:1b:94:eb:38:7a:d5:24:b0:4b:f5:
67:f1:5a:92
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAYgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDVBQTgxMTAvBgNVBAUTKEQwNENCMUUyNzE1Nzg2OEY3NEYzNkQ3MDc5MTVEOUQ3
RjA5N0M5MDgwHhcNMjUwMTIxMDIyNjE2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhmMDVjNy0wMDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu62xe8Yhs7XjCoPScs3tPeCzIG18ys+F/XC5nukGj0JrIJhfqA2a6D8FgW/y
AFRJ8XMd4qiraly45/miFXY37pnF9Bf/E+R3hbVWJlfrUAiKMeDo7EtabPZFMDuQ
6mauwjDlQF824QbEoXdtx5lk8ocv3gW9lYfHyPraFghU/Lzj9/oVFXKdDmy2fu9n
Wbng9fuO3vL2vqAjLzFxtZrPJQHLjHNNOOryMbtrx2yZebGGftDL5+Wk3wTmAtkL
w4ZK2ImlJtFMjgwYiZaT2U5oyYLx6Akc6zjLtH0uk9W2LhemwD+a79ShbFjABcXy
v3uA2NatSxUh9D2DoF1jlua0wwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCvSoTAb
MvQuqvdFuUSsS9j/SpIWMB8GA1UdIwQYMBaAFNBMseJxV4aPdPNtcHkV2dfwl8kI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUFBOC8yNzg1OTkxMjkx
RUYxMUVEQjA2QkFEMUZDNEY5QUUwMi8wRXl4NG5GWGhvOTA4MjF3ZVJYWjFfQ1h5
UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBFeXg0bkZYaG85MDgyMXdlUlhaMV9DWHlRZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDVBQTgvMjc4NTk5MTI5MUVGMTFFREIwNkJBRDFGQzRGOUFFMDIvOTk0QUMwOTAz
RTFFMTFFRkI1QkJERDNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn4AgwDQYJKoZIhvcNAQELBQADggEBAJlYR6NdIupFJqoB
Skr8O1mW0uoXT04m4VhNzkc1wqY2v3QtRQ1lUUFA92sGmGuKlnZ9LxYoqTjinLfq
Yl5tA8w/5a3pUbgt7MAVsWD6DKMnTajNI0SFKmbXMJqDxX8zR4u/SOMWyOczGjlg
+piBpJyuULOHPAncHM1Kc2dk0U7Rw0saKGoie0FpXMwH0Oj880N3oIutMVEroR7g
bA3z7D0ZRhaYlgJt72+/8HudCBiR9++Zfsa4GzeIiyg8OWiK1X22NV4cfqBWt2Xg
wY2vO8HUYN4P6dNr5TNZjMhE/I01Vg5CRYHM2PJ02Qu4q5+hiKKEG5TrOHrVJLBL
9WfxWpI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:17:13 2025 by rpki-client