Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DE43E/CC03FBB82AFB11EA8DF37D55C4F9AE02/5E117DC82AFC11EAB5FEC955C4F9AE02.roa
File: 5E117DC82AFC11EAB5FEC955C4F9AE02.roa (raw, json)
Hash identifier: FLXDHzghX+xgCtsrZgeGezVp6qrYExOvwRgCUG3oquw=
Subject key identifier: 48:A2:36:BC:9C:76:8C:22:99:57:99:3C:96:6B:C2:B0:BC:AB:CC:5E
Certificate issuer: /CN=A91DE43E/serialNumber=B6954A628EF4F934A10A705ACBCB906ED610480C
Certificate serial: 0B42
Authority key identifier: B6:95:4A:62:8E:F4:F9:34:A1:0A:70:5A:CB:CB:90:6E:D6:10:48:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tpVKYo70-TShCnBay8uQbtYQSAw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DE43E/CC03FBB82AFB11EA8DF37D55C4F9AE02/5E117DC82AFC11EAB5FEC955C4F9AE02.roa
Signing time: Mon 20 Jan 2025 19:18:05 +0000
ROA not before: Mon 20 Jan 2025 19:18:05 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 139915
IP address blocks: 103.147.40.0/23 maxlen: 24
2405:a7c0::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2882 (0xb42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DE43E
Validity
Not Before: Jan 20 19:18:05 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=678ea16d-4d2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e9:8c:4e:de:5f:2b:be:2b:02:9b:06:dd:e1:
84:ad:0d:67:40:8c:ff:aa:1a:95:5e:7c:74:80:9a:
e8:07:86:f8:b5:69:e0:4a:1b:d4:a8:0b:b1:0d:e3:
b6:db:3b:7c:6e:aa:1c:2e:a9:ee:ae:9d:60:5a:0f:
64:85:a1:97:4c:e6:b2:f5:57:a9:a1:9d:62:52:d7:
f8:ba:51:b9:3b:64:15:b7:06:48:f4:68:b3:02:51:
31:8f:60:f4:6f:1f:08:11:77:54:a3:33:84:34:95:
86:44:ab:ae:1e:31:5c:e5:97:91:51:a6:cf:87:d2:
3f:89:42:02:ec:96:bb:ca:88:31:43:33:86:ba:05:
29:66:8d:7c:44:4b:c7:12:87:e2:8f:70:4b:b8:f9:
91:7b:b4:1f:75:0c:87:23:9d:d9:cd:6c:d6:30:9b:
49:ce:2a:d7:50:34:c0:cb:91:64:a0:fd:db:63:c1:
5b:d1:da:2e:3d:25:67:8e:4b:2f:e9:8c:fd:fd:a4:
d3:b6:0d:76:94:63:56:21:52:73:ef:39:38:20:20:
7b:ea:cc:2b:8d:4e:b5:81:38:68:f5:7d:c2:49:3c:
e9:74:80:51:16:d9:88:4f:5d:a2:1c:0b:75:29:8d:
a4:dd:3d:ae:7a:ca:df:3f:26:42:e9:e1:f5:a4:cb:
2f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:A2:36:BC:9C:76:8C:22:99:57:99:3C:96:6B:C2:B0:BC:AB:CC:5E
X509v3 Authority Key Identifier:
keyid:B6:95:4A:62:8E:F4:F9:34:A1:0A:70:5A:CB:CB:90:6E:D6:10:48:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DE43E/CC03FBB82AFB11EA8DF37D55C4F9AE02/tpVKYo70-TShCnBay8uQbtYQSAw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tpVKYo70-TShCnBay8uQbtYQSAw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DE43E/CC03FBB82AFB11EA8DF37D55C4F9AE02/5E117DC82AFC11EAB5FEC955C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.147.40.0/23
IPv6:
2405:a7c0::/32
Signature Algorithm: sha256WithRSAEncryption
08:b0:81:70:63:b9:03:af:f4:c4:dd:29:dc:48:da:97:72:11:
98:af:4c:f7:cd:31:9f:f7:76:8d:cc:d3:e9:a1:02:28:91:32:
3d:3d:90:59:e6:57:23:1b:07:47:ef:fc:d4:f1:00:22:cc:d5:
e4:6c:d6:bd:73:88:6d:38:7c:35:09:ab:e9:4c:5a:79:b9:90:
39:ed:f2:79:9d:7a:51:f5:77:72:99:82:6e:12:31:dd:c0:aa:
d3:3e:c8:32:46:4a:0d:c1:8c:a5:47:ea:f1:11:3b:20:b9:ec:
d0:0b:b2:97:48:4d:7d:f3:5a:3e:fc:d8:4e:3d:33:a7:e9:d7:
0d:c7:52:5c:69:41:60:cf:0a:b0:95:8f:62:89:f3:3d:91:ba:
b1:b2:4b:8f:d8:e6:f1:39:b1:10:71:98:66:41:1c:1d:f2:0a:
c4:8d:13:0f:d3:84:cb:42:bf:99:f7:e8:ec:55:ed:88:cf:1e:
42:61:49:73:b1:c2:67:21:39:64:cc:41:76:a6:63:2c:6c:db:
3c:64:50:c2:c9:31:02:27:b7:f9:e6:05:67:72:62:fc:26:f0:
9f:57:8a:87:10:71:ab:7d:24:cb:fd:68:a5:23:c6:21:f2:7b:
e9:79:37:65:96:df:a6:c0:f4:5c:0d:0f:43:51:0f:3c:e3:72:
c6:7f:5e:01
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC0IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REU0M0UxMTAvBgNVBAUTKEI2OTU0QTYyOEVGNEY5MzRBMTBBNzA1QUNCQ0I5MDZF
RDYxMDQ4MEMwHhcNMjUwMTIwMTkxODA1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhlYTE2ZC00ZDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsemMTt5fK74rApsG3eGErQ1nQIz/qhqVXnx0gJroB4b4tWngShvUqAuxDeO2
2zt8bqocLqnurp1gWg9khaGXTOay9VepoZ1iUtf4ulG5O2QVtwZI9GizAlExj2D0
bx8IEXdUozOENJWGRKuuHjFc5ZeRUabPh9I/iUIC7Ja7yogxQzOGugUpZo18REvH
Eofij3BLuPmRe7QfdQyHI53ZzWzWMJtJzirXUDTAy5FkoP3bY8Fb0douPSVnjksv
6Yz9/aTTtg12lGNWIVJz7zk4ICB76swrjU61gTho9X3CSTzpdIBRFtmIT12iHAt1
KY2k3T2uesrfPyZC6eH1pMsvqwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEiiNryc
dowimVeZPJZrwrC8q8xeMB8GA1UdIwQYMBaAFLaVSmKO9Pk0oQpwWsvLkG7WEEgM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERTQzRS9DQzAzRkJCODJB
RkIxMUVBOERGMzdENTVDNEY5QUUwMi90cFZLWW83MC1UU2hDbkJheTh1UWJ0WVFT
QXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RwVktZbzcwLVRTaENuQmF5OHVRYnRZUVNBdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REU0M0UvQ0MwM0ZCQjgyQUZCMTFFQThERjM3RDU1QzRGOUFFMDIvNUUxMTdEQzgy
QUZDMTFFQUI1RkVDOTU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnkygwDQQCAAIwBwMFACQFp8AwDQYJKoZIhvcNAQELBQAD
ggEBAAiwgXBjuQOv9MTdKdxI2pdyEZivTPfNMZ/3do3M0+mhAiiRMj09kFnmVyMb
B0fv/NTxACLM1eRs1r1ziG04fDUJq+lMWnm5kDnt8nmdelH1d3KZgm4SMd3AqtM+
yDJGSg3BjKVH6vEROyC57NALspdITX3zWj782E49M6fp1w3HUlxpQWDPCrCVj2KJ
8z2RurGyS4/Y5vE5sRBxmGZBHB3yCsSNEw/ThMtCv5n36OxV7YjPHkJhSXOxwmch
OWTMQXamYyxs2zxkUMLJMQInt/nmBWdyYvwm8J9XiocQcat9JMv9aKUjxiHye+l5
N2WW36bA9FwND0NRDzzjcsZ/XgE=
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:21:39 2025 by rpki-client