Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DFA83/64AF80026B3211EDB4ECB768C4F9AE02/61B47D886B5211EDB97A2834C4F9AE02.roa
File: 61B47D886B5211EDB97A2834C4F9AE02.roa (raw, json)
Hash identifier: +3v4STyxr/zeU0RYF53X4MGXWGvAcT5sIBZD/HJJRoU=
Subject key identifier: 73:71:DC:1C:11:80:58:A7:1F:2D:95:7B:C7:2F:2B:4A:A1:CD:7A:2B
Certificate issuer: /CN=A91DFA83/serialNumber=B53450382E45F8A3D7D62910F379C789D147FFB0
Certificate serial: 01AB
Authority key identifier: B5:34:50:38:2E:45:F8:A3:D7:D6:29:10:F3:79:C7:89:D1:47:FF:B0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tTRQOC5F-KPX1ikQ83nHidFH_7A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DFA83/64AF80026B3211EDB4ECB768C4F9AE02/61B47D886B5211EDB97A2834C4F9AE02.roa
Signing time: Wed 05 Feb 2025 02:27:11 +0000
ROA not before: Wed 05 Feb 2025 02:27:11 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 132022
IP address blocks: 103.246.204.0/24 maxlen: 24
103.246.205.0/24 maxlen: 24
103.246.206.0/24 maxlen: 24
103.246.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 427 (0x1ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DFA83
Validity
Not Before: Feb 5 02:27:11 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a2cc7f-801e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ce:43:96:76:8e:64:3f:74:23:a9:7a:aa:8c:
da:9c:71:71:7e:76:0f:ac:4b:e9:fa:8b:bb:59:90:
97:8c:97:00:7e:b2:22:aa:8e:b9:c8:de:88:b2:ee:
13:1e:35:a9:fe:e5:df:86:d2:f2:27:93:4a:5a:a1:
64:3b:6c:e1:c9:aa:e7:80:68:e5:5d:92:47:1b:1e:
ee:b2:55:02:3e:c4:df:58:59:05:ee:b1:e4:6d:a0:
73:6d:fc:00:76:96:ba:04:b8:07:55:a4:10:8c:82:
8b:45:97:90:e4:d4:69:5c:bd:ff:a8:90:af:3d:b4:
d7:31:3a:78:3c:61:88:23:48:04:60:c8:12:d1:17:
da:41:54:46:6a:d2:f3:2b:c2:a9:ed:09:14:16:8f:
6b:32:7f:95:ac:37:3a:58:35:c8:77:55:74:42:cf:
94:c0:92:a9:e5:3e:f9:c7:0f:cc:89:2b:3b:0e:ef:
86:22:c3:e3:73:4c:16:38:07:53:b7:be:b7:e4:52:
c7:48:02:10:50:05:99:ca:09:50:c6:97:29:3f:a3:
88:3e:71:04:32:e6:59:9a:fb:62:1b:0e:21:98:12:
42:cd:0d:84:14:89:08:dc:19:ca:88:18:b5:4c:db:
85:8d:7b:ea:01:98:ab:a0:30:c8:bc:b7:43:a2:3b:
33:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:71:DC:1C:11:80:58:A7:1F:2D:95:7B:C7:2F:2B:4A:A1:CD:7A:2B
X509v3 Authority Key Identifier:
keyid:B5:34:50:38:2E:45:F8:A3:D7:D6:29:10:F3:79:C7:89:D1:47:FF:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DFA83/64AF80026B3211EDB4ECB768C4F9AE02/tTRQOC5F-KPX1ikQ83nHidFH_7A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tTRQOC5F-KPX1ikQ83nHidFH_7A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DFA83/64AF80026B3211EDB4ECB768C4F9AE02/61B47D886B5211EDB97A2834C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.246.204.0/22
Signature Algorithm: sha256WithRSAEncryption
45:96:8a:3c:52:7b:21:d4:24:35:6e:e1:57:9b:4a:88:d1:9d:
98:cb:00:fb:46:ef:b0:c7:df:36:19:79:af:13:ed:36:3f:f8:
3b:27:db:b7:41:b7:c3:66:c6:36:98:b1:a7:e4:15:54:03:29:
81:41:90:b3:29:d3:c2:29:4d:5d:ae:13:82:89:4b:b5:63:1e:
9a:21:8d:8b:2d:76:1a:76:48:1f:02:f8:39:b5:1c:1d:7b:31:
6b:6a:41:01:42:a2:07:68:eb:a2:f3:1e:ba:e5:df:e7:ab:27:
0b:2a:ce:d2:26:ae:4d:d2:90:1d:d5:6b:3a:c9:ad:fe:15:41:
d7:86:31:e0:25:e6:df:37:54:d2:98:01:be:0d:4b:06:48:4c:
53:49:21:f2:b4:9f:a8:7b:be:61:52:61:11:f6:94:6a:a5:8c:
de:16:09:8c:9f:f3:8c:46:03:da:8d:88:d5:b9:9e:42:db:db:
23:85:92:04:b3:5a:43:66:c8:8a:b4:61:6d:d1:3c:a9:51:8c:
ab:d3:fa:bd:6f:ce:7e:84:54:96:11:96:6d:ee:69:d9:f8:66:
24:a3:14:ff:0c:9a:76:b9:a2:98:53:22:20:e5:fc:a0:81:e2:
a2:dd:25:01:f7:c4:8e:66:da:e9:46:f3:16:1e:96:f6:94:ad:
02:34:13:02
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAaswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REZBODMxMTAvBgNVBAUTKEI1MzQ1MDM4MkU0NUY4QTNEN0Q2MjkxMEYzNzlDNzg5
RDE0N0ZGQjAwHhcNMjUwMjA1MDIyNzExWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyY2M3Zi04MDFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv85DlnaOZD90I6l6qozanHFxfnYPrEvp+ou7WZCXjJcAfrIiqo65yN6Isu4T
HjWp/uXfhtLyJ5NKWqFkO2zhyarngGjlXZJHGx7uslUCPsTfWFkF7rHkbaBzbfwA
dpa6BLgHVaQQjIKLRZeQ5NRpXL3/qJCvPbTXMTp4PGGII0gEYMgS0RfaQVRGatLz
K8Kp7QkUFo9rMn+VrDc6WDXId1V0Qs+UwJKp5T75xw/MiSs7Du+GIsPjc0wWOAdT
t7635FLHSAIQUAWZyglQxpcpP6OIPnEEMuZZmvtiGw4hmBJCzQ2EFIkI3BnKiBi1
TNuFjXvqAZiroDDIvLdDojszSwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHNx3BwR
gFinHy2Ve8cvK0qhzXorMB8GA1UdIwQYMBaAFLU0UDguRfij19YpEPN5x4nRR/+w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERkE4My82NEFGODAwMjZC
MzIxMUVEQjRFQ0I3NjhDNEY5QUUwMi90VFJRT0M1Ri1LUFgxaWtRODNuSGlkRkhf
N0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RUUlFPQzVGLUtQWDFpa1E4M25IaWRGSF83QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REZBODMvNjRBRjgwMDI2QjMyMTFFREI0RUNCNzY4QzRGOUFFMDIvNjFCNDdEODg2
QjUyMTFFREI5N0EyODM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn9swwDQYJKoZIhvcNAQELBQADggEBAEWWijxSeyHUJDVu
4VebSojRnZjLAPtG77DH3zYZea8T7TY/+Dsn27dBt8NmxjaYsafkFVQDKYFBkLMp
08IpTV2uE4KJS7VjHpohjYstdhp2SB8C+Dm1HB17MWtqQQFCogdo66LzHrrl3+er
JwsqztImrk3SkB3VazrJrf4VQdeGMeAl5t83VNKYAb4NSwZITFNJIfK0n6h7vmFS
YRH2lGqljN4WCYyf84xGA9qNiNW5nkLb2yOFkgSzWkNmyIq0YW3RPKlRjKvT+r1v
zn6EVJYRlm3uadn4ZiSjFP8Mmna5ophTIiDl/KCB4qLdJQH3xI5m2ulG8xYelvaU
rQI0EwI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:49:24 2025 by rpki-client