Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E094D/40B7386EDE8111EBA9FC7D72C4F9AE02/22A3D2E4E5D311EFB5545A4EC4F9AE02.roa
File: 22A3D2E4E5D311EFB5545A4EC4F9AE02.roa (raw, json)
Hash identifier: KgAjUYIuzjhpkZFNtYWs181NTAA2NQcYLWH/gU6nAAg=
Subject key identifier: CE:B3:F2:B4:BE:2D:5B:B0:74:97:08:A0:3C:F0:54:2B:9B:E5:16:A6
Certificate issuer: /CN=A91E094D/serialNumber=F31705E818EA4803B0934193F61FC6E3371772ED
Certificate serial: 055D
Authority key identifier: F3:17:05:E8:18:EA:48:03:B0:93:41:93:F6:1F:C6:E3:37:17:72:ED
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8xcF6BjqSAOwk0GT9h_G4zcXcu0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E094D/40B7386EDE8111EBA9FC7D72C4F9AE02/22A3D2E4E5D311EFB5545A4EC4F9AE02.roa
Signing time: Sat 08 Feb 2025 04:22:19 +0000
ROA not before: Sat 08 Feb 2025 04:22:19 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 932
IP address blocks: 43.248.8.0/22 maxlen: 24
103.39.76.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1373 (0x55d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E094D
Validity
Not Before: Feb 8 04:22:19 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67a6dbfa-f359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:81:da:95:c6:a3:1e:b5:71:ab:ba:b6:9e:e1:
2b:df:d8:2f:fc:ac:a0:cd:e6:12:12:ad:14:06:b2:
c5:41:a8:5a:f3:58:fb:ba:23:0f:15:f7:3f:b9:6e:
2a:fc:ff:be:09:1e:8a:f9:8a:13:37:ab:bb:a8:2d:
09:23:8a:7d:df:cd:5f:fa:24:eb:d8:b1:3b:88:74:
cc:04:08:40:0d:9a:26:d5:6b:b3:4e:5a:79:c8:05:
ab:7f:bc:71:58:00:e3:c4:80:70:fb:08:4e:9b:82:
7c:93:5a:80:53:1b:33:04:60:d2:59:cb:10:bb:96:
90:ed:27:38:4f:33:ef:00:96:98:23:f9:1f:f0:97:
38:62:21:32:61:d9:44:3f:d0:c9:61:80:cb:b8:d0:
d5:e6:a1:3a:a3:49:32:5c:9f:e4:0f:08:2d:9e:12:
9c:7d:48:c0:1e:9b:e4:da:3e:0e:f1:3d:d2:10:c8:
64:33:9a:47:5b:21:35:17:f6:7b:72:9d:28:d5:6e:
4d:2b:a9:37:8e:06:ef:1c:ad:87:2b:d7:e5:b2:89:
3b:28:8c:75:9c:be:97:87:67:81:ac:44:14:59:a4:
be:d7:00:7b:f2:79:3c:c3:ea:6f:53:6a:a3:64:c3:
56:fc:89:83:a1:f8:76:cd:3d:b5:e4:78:f4:8c:ed:
ad:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B3:F2:B4:BE:2D:5B:B0:74:97:08:A0:3C:F0:54:2B:9B:E5:16:A6
X509v3 Authority Key Identifier:
keyid:F3:17:05:E8:18:EA:48:03:B0:93:41:93:F6:1F:C6:E3:37:17:72:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E094D/40B7386EDE8111EBA9FC7D72C4F9AE02/8xcF6BjqSAOwk0GT9h_G4zcXcu0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8xcF6BjqSAOwk0GT9h_G4zcXcu0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E094D/40B7386EDE8111EBA9FC7D72C4F9AE02/22A3D2E4E5D311EFB5545A4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.8.0/22
103.39.76.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:76:9e:4b:05:cf:ae:0b:f3:49:99:e3:ed:8a:9c:ee:dc:95:
14:8e:db:85:74:fb:66:49:8c:df:49:67:05:c7:d2:2b:6a:bd:
b0:70:1b:fb:9e:71:f1:13:6e:21:20:cf:dd:9e:16:84:e1:f5:
7b:a8:5b:81:42:47:4a:ab:a8:4d:c0:83:66:03:7c:fe:da:9d:
ae:2d:ea:12:62:29:de:4b:9f:58:b3:db:5e:55:a8:16:5a:9f:
b8:1d:93:81:7f:11:f6:38:3b:4e:47:04:5a:43:08:66:f2:35:
6e:e0:cd:e6:ca:67:31:d1:03:bd:a4:bb:b3:58:8f:19:39:08:
a6:b9:8c:72:d5:32:29:5f:a7:e2:5c:07:04:2c:f1:0d:fd:ff:
92:4e:3e:1f:32:64:9f:1e:93:1a:63:71:b3:b4:6f:60:62:17:
e4:c6:35:f6:2b:8f:26:08:30:41:e2:32:49:88:4c:b8:0e:16:
6f:47:ca:37:76:41:c2:b7:eb:27:49:e8:24:e2:02:df:4e:fc:
6f:26:b6:9a:f8:47:c9:24:a7:ae:e5:8c:30:5e:c7:5c:5c:6e:
39:47:ff:70:2b:98:23:6f:a6:1f:b5:01:29:15:11:8d:f3:9c:
82:99:91:69:24:b1:9a:c6:42:a2:32:9b:e7:1c:4d:fb:ca:9c:
03:2d:3f:e1
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBV0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTA5NEQxMTAvBgNVBAUTKEYzMTcwNUU4MThFQTQ4MDNCMDkzNDE5M0Y2MUZDNkUz
MzcxNzcyRUQwHhcNMjUwMjA4MDQyMjE5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E2ZGJmYS1mMzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtIHalcajHrVxq7q2nuEr39gv/KygzeYSEq0UBrLFQaha81j7uiMPFfc/uW4q
/P++CR6K+YoTN6u7qC0JI4p9381f+iTr2LE7iHTMBAhADZom1WuzTlp5yAWrf7xx
WADjxIBw+whOm4J8k1qAUxszBGDSWcsQu5aQ7Sc4TzPvAJaYI/kf8Jc4YiEyYdlE
P9DJYYDLuNDV5qE6o0kyXJ/kDwgtnhKcfUjAHpvk2j4O8T3SEMhkM5pHWyE1F/Z7
cp0o1W5NK6k3jgbvHK2HK9flsok7KIx1nL6Xh2eBrEQUWaS+1wB78nk8w+pvU2qj
ZMNW/ImDofh2zT215Hj0jO2tFQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFM6z8rS+
LVuwdJcIoDzwVCub5RamMB8GA1UdIwQYMBaAFPMXBegY6kgDsJNBk/YfxuM3F3Lt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDk0RC80MEI3Mzg2RURF
ODExMUVCQTlGQzdENzJDNEY5QUUwMi84eGNGNkJqcVNBT3drMEdUOWhfRzR6Y1hj
dTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzh4Y0Y2QmpxU0FPd2swR1Q5aF9HNHpjWGN1MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTA5NEQvNDBCNzM4NkVERTgxMTFFQkE5RkM3RDcyQzRGOUFFMDIvMjJBM0QyRTRF
NUQzMTFFRkI1NTQ1QTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr+AgDBAJnJ0wwDQYJKoZIhvcNAQELBQADggEBAI52nksF
z64L80mZ4+2KnO7clRSO24V0+2ZJjN9JZwXH0itqvbBwG/uecfETbiEgz92eFoTh
9XuoW4FCR0qrqE3Ag2YDfP7ana4t6hJiKd5Ln1iz215VqBZan7gdk4F/EfY4O05H
BFpDCGbyNW7gzebKZzHRA72ku7NYjxk5CKa5jHLVMilfp+JcBwQs8Q39/5JOPh8y
ZJ8ekxpjcbO0b2BiF+TGNfYrjyYIMEHiMkmITLgOFm9Hyjd2QcK36ydJ6CTiAt9O
/G8mtpr4R8kkp67ljDBex1xcbjlH/3ArmCNvph+1ASkVEY3znIKZkWkksZrGQqIy
m+ccTfvKnAMtP+E=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:24:17 2025 by rpki-client