Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D6E35/729CB23076FF11EBBFB60D14C4F9AE02/EE188D209F2B11EDBB1C587AC4F9AE02.roa
File: EE188D209F2B11EDBB1C587AC4F9AE02.roa (raw, json)
Hash identifier: xunDUR+vk1rAB3LOb72QA9qMR5Y4O+s76u7aM9CtIVg=
Subject key identifier: 69:CA:B8:7A:15:1A:52:66:C5:2F:BA:19:E7:F0:C3:8A:B1:DB:92:98
Certificate issuer: /CN=A91D6E35/serialNumber=AA0D3CBE591E1BF64118BF6F0364125FA69B8A90
Certificate serial: 0664
Authority key identifier: AA:0D:3C:BE:59:1E:1B:F6:41:18:BF:6F:03:64:12:5F:A6:9B:8A:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qg08vlkeG_ZBGL9vA2QSX6abipA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D6E35/729CB23076FF11EBBFB60D14C4F9AE02/EE188D209F2B11EDBB1C587AC4F9AE02.roa
Signing time: Thu 20 Mar 2025 22:33:24 +0000
ROA not before: Thu 20 Mar 2025 22:33:24 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 56264
IP address blocks: 103.163.30.0/24 maxlen: 24
103.163.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1636 (0x664)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D6E35
Validity
Not Before: Mar 20 22:33:24 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67dc97b3-0872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f8:82:89:2f:3f:e9:a7:d1:99:34:11:78:35:
b1:26:40:4d:5b:5b:f1:71:c7:0c:16:36:88:61:1e:
2b:b1:8e:13:e0:fd:91:85:1a:04:97:e6:19:14:62:
a3:e5:09:03:74:31:63:9f:87:8c:7f:d1:a3:75:b9:
d9:67:67:9a:34:96:2b:98:22:df:3d:b7:e8:b0:14:
71:25:cb:c9:5c:79:38:be:83:5f:9f:91:75:bc:87:
22:75:73:9b:97:7b:01:64:b3:49:88:45:67:94:67:
d8:4a:8e:95:f2:14:cf:3c:64:64:48:9b:36:b9:8e:
ba:b4:57:79:e4:34:e5:87:d9:a0:ca:9b:53:d0:d1:
50:0d:26:c8:5c:ed:16:54:7f:75:2a:1c:1c:2f:02:
2c:5b:67:10:91:45:39:67:d4:a6:5f:f0:21:6d:4f:
7a:b8:27:e4:aa:7c:75:35:7b:ef:27:1a:b7:58:b9:
35:57:b7:41:80:9f:5a:e4:dd:b4:7d:44:ad:6d:8c:
c4:a9:8b:41:d6:8c:63:cf:de:d4:9a:25:95:8c:20:
b1:57:6b:0d:aa:96:a2:69:3a:5d:d2:ac:c5:28:f2:
2a:2b:7e:36:b9:4b:70:02:17:be:17:30:0d:3d:0b:
36:f9:4c:22:08:b9:9a:49:34:f8:f6:8c:b3:63:c6:
63:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CA:B8:7A:15:1A:52:66:C5:2F:BA:19:E7:F0:C3:8A:B1:DB:92:98
X509v3 Authority Key Identifier:
keyid:AA:0D:3C:BE:59:1E:1B:F6:41:18:BF:6F:03:64:12:5F:A6:9B:8A:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D6E35/729CB23076FF11EBBFB60D14C4F9AE02/qg08vlkeG_ZBGL9vA2QSX6abipA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qg08vlkeG_ZBGL9vA2QSX6abipA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D6E35/729CB23076FF11EBBFB60D14C4F9AE02/EE188D209F2B11EDBB1C587AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.163.30.0/23
Signature Algorithm: sha256WithRSAEncryption
17:6b:eb:96:b8:f3:c7:14:fc:7b:f4:e7:33:4d:ba:b2:55:9a:
7f:24:33:2f:b2:23:fd:60:86:80:1c:31:74:7e:d4:18:19:c1:
d1:41:4d:b8:cb:ff:85:a8:4b:a3:95:52:a2:64:d9:69:c3:63:
4f:bb:12:0f:29:9d:c4:d2:ef:e9:81:24:f4:88:00:ec:87:5a:
1d:bd:a3:c3:8f:6e:b0:47:6f:17:06:5f:13:f1:b0:8f:f4:ea:
ed:7f:34:d6:e8:36:08:81:a0:ab:95:92:16:28:14:03:72:64:
cb:d0:8a:27:4b:25:6b:80:7f:c9:95:78:9d:aa:9f:2c:50:32:
4f:f0:47:11:d3:86:af:86:f5:98:09:2b:9f:00:38:9f:1f:09:
01:e1:69:c2:10:77:d3:69:3d:fd:e4:65:77:6d:bb:4a:39:8a:
c9:66:1e:4b:a7:ce:c0:48:0d:62:b4:44:a2:50:c2:81:33:c3:
c3:9d:13:d8:aa:43:93:52:5b:61:a5:9d:a4:df:b0:d5:6f:62:
b8:95:29:41:8c:ae:0f:69:26:e5:f5:1b:b5:ef:07:3e:ce:5e:
a3:c9:98:03:f3:07:e3:5e:c0:94:35:a7:c6:3b:21:28:d7:b0:
52:06:04:ef:f6:0c:89:f7:b5:9e:dd:d0:e5:a3:26:c2:0f:e2:
e5:2a:cd:12
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBmQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDZFMzUxMTAvBgNVBAUTKEFBMEQzQ0JFNTkxRTFCRjY0MTE4QkY2RjAzNjQxMjVG
QTY5QjhBOTAwHhcNMjUwMzIwMjIzMzI0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjOTdiMy0wODcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzPiCiS8/6afRmTQReDWxJkBNW1vxcccMFjaIYR4rsY4T4P2RhRoEl+YZFGKj
5QkDdDFjn4eMf9GjdbnZZ2eaNJYrmCLfPbfosBRxJcvJXHk4voNfn5F1vIcidXOb
l3sBZLNJiEVnlGfYSo6V8hTPPGRkSJs2uY66tFd55DTlh9mgyptT0NFQDSbIXO0W
VH91KhwcLwIsW2cQkUU5Z9SmX/AhbU96uCfkqnx1NXvvJxq3WLk1V7dBgJ9a5N20
fUStbYzEqYtB1oxjz97UmiWVjCCxV2sNqpaiaTpd0qzFKPIqK342uUtwAhe+FzAN
PQs2+UwiCLmaSTT49oyzY8Zj5QIDAQABo4IClTCCApEwHQYDVR0OBBYEFGnKuHoV
GlJmxS+6Gefww4qx25KYMB8GA1UdIwQYMBaAFKoNPL5ZHhv2QRi/bwNkEl+mm4qQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENkUzNS83MjlDQjIzMDc2
RkYxMUVCQkZCNjBEMTRDNEY5QUUwMi9xZzA4dmxrZUdfWkJHTDl2QTJRU1g2YWJp
cEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FnMDh2bGtlR19aQkdMOXZBMlFTWDZhYmlwQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDZFMzUvNzI5Q0IyMzA3NkZGMTFFQkJGQjYwRDE0QzRGOUFFMDIvRUUxODhEMjA5
RjJCMTFFREJCMUM1ODdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnox4wDQYJKoZIhvcNAQELBQADggEBABdr65a488cU/Hv0
5zNNurJVmn8kMy+yI/1ghoAcMXR+1BgZwdFBTbjL/4WoS6OVUqJk2WnDY0+7Eg8p
ncTS7+mBJPSIAOyHWh29o8OPbrBHbxcGXxPxsI/06u1/NNboNgiBoKuVkhYoFANy
ZMvQiidLJWuAf8mVeJ2qnyxQMk/wRxHThq+G9ZgJK58AOJ8fCQHhacIQd9NpPf3k
ZXdtu0o5islmHkunzsBIDWK0RKJQwoEzw8OdE9iqQ5NSW2GlnaTfsNVvYriVKUGM
rg9pJuX1G7XvBz7OXqPJmAPzB+NewJQ1p8Y7ISjXsFIGBO/2DIn3tZ7d0OWjJsIP
4uUqzRI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:48:49 2025 by rpki-client