Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E1ED2/3FE8DE6C82BD11EB9BC5D334C4F9AE02/A3AA461082BE11EB93A19A35C4F9AE02.roa
File: A3AA461082BE11EB93A19A35C4F9AE02.roa (raw, json)
Hash identifier: giAuMNdUQbQxU3qFD/XGoGW0oQf3mtKr16RicuaHSew=
Subject key identifier: 20:FD:13:6A:E5:C9:E8:BA:66:EC:1E:DD:15:AE:E8:00:02:29:C4:B7
Certificate issuer: /CN=A91E1ED2/serialNumber=A48A939B67DB22BAF77E007B21DF3B745B628390
Certificate serial: 05B3
Authority key identifier: A4:8A:93:9B:67:DB:22:BA:F7:7E:00:7B:21:DF:3B:74:5B:62:83:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pIqTm2fbIrr3fgB7Id87dFtig5A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E1ED2/3FE8DE6C82BD11EB9BC5D334C4F9AE02/A3AA461082BE11EB93A19A35C4F9AE02.roa
Signing time: Wed 19 Jun 2024 01:22:56 +0000
ROA not before: Wed 19 Jun 2024 01:22:56 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 138013
IP address blocks: 103.150.77.0/24 maxlen: 24
103.151.84.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1459 (0x5b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E1ED2
Validity
Not Before: Jun 19 01:22:56 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=667232f0-6861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e5:e8:8d:66:65:0e:1b:05:d8:d9:92:65:2f:
57:5c:2c:89:69:49:24:1c:db:f6:f2:43:95:6f:4a:
c9:92:dc:bd:b2:47:0e:4e:6f:23:9c:1c:33:ac:32:
60:96:72:80:3e:7b:38:ec:7e:bb:30:4f:07:ef:b8:
2c:2d:52:73:c7:50:e4:a0:02:f5:0d:96:55:2b:fa:
fb:ea:cd:55:30:66:6b:0b:a2:dc:6d:ec:d8:b9:52:
2b:cf:78:61:2f:68:5e:ae:68:f4:bd:9f:c5:ec:0d:
7a:81:17:fd:36:d0:db:7b:7a:02:fe:5c:94:4b:34:
3c:fb:7d:54:65:30:b6:d1:4e:ff:57:5f:7b:4c:55:
01:d6:59:e7:e3:26:61:3e:35:e5:a4:99:6d:91:e2:
67:6a:60:ad:0c:df:dc:c3:03:ff:4d:9e:32:5a:20:
53:b2:7b:28:79:b1:12:a1:84:b7:d1:5b:c9:5a:ac:
f3:87:52:61:64:4d:b3:b1:bc:be:87:d9:00:a7:70:
c3:ad:39:89:be:3c:53:79:37:30:7d:a4:8a:8f:6f:
49:8c:e5:f8:f8:cc:5e:40:e4:d0:b7:2b:88:9f:4d:
ee:26:74:fd:5c:68:26:b7:50:a7:05:2b:6d:da:a5:
59:a8:35:97:08:2b:3f:e8:8a:8e:c1:1a:f2:78:f6:
fc:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:FD:13:6A:E5:C9:E8:BA:66:EC:1E:DD:15:AE:E8:00:02:29:C4:B7
X509v3 Authority Key Identifier:
keyid:A4:8A:93:9B:67:DB:22:BA:F7:7E:00:7B:21:DF:3B:74:5B:62:83:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E1ED2/3FE8DE6C82BD11EB9BC5D334C4F9AE02/pIqTm2fbIrr3fgB7Id87dFtig5A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pIqTm2fbIrr3fgB7Id87dFtig5A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E1ED2/3FE8DE6C82BD11EB9BC5D334C4F9AE02/A3AA461082BE11EB93A19A35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.150.77.0/24
103.151.84.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:5c:67:86:32:a0:8e:0e:ac:c8:03:e2:b5:c5:2c:76:be:09:
b4:6e:07:69:92:3e:90:93:d5:60:ad:15:58:9d:c2:d7:da:33:
10:cf:eb:4e:3a:58:0e:e3:d3:92:e3:84:c5:2a:38:92:80:e2:
10:e1:01:b3:5e:76:18:6b:32:c1:c7:ee:74:eb:5b:0e:1a:62:
d2:e2:fe:a4:18:3f:76:3f:24:f9:45:9b:a8:ca:cc:e9:57:a6:
b1:0d:c7:8f:e9:5c:17:62:74:24:a4:d8:83:fc:09:a6:fa:d3:
6f:88:58:1d:eb:95:3f:3e:2e:95:51:0c:61:c9:93:e2:6a:76:
2f:27:3e:af:11:48:d8:6d:a4:a0:78:33:70:26:b1:c9:21:e7:
5f:44:58:fb:8f:cf:bf:ef:ac:3b:89:cc:05:3e:f6:13:80:e9:
0f:cb:82:1b:9b:fd:e5:d2:ee:5b:23:f1:d2:26:5f:a7:20:4a:
91:30:66:60:8d:ec:31:19:7d:d3:c6:52:a6:63:a1:87:41:34:
b5:4a:d7:fe:ce:fe:60:d5:9f:f7:c9:e0:2d:4d:5a:90:d1:f2:
e8:74:a2:6c:c5:88:76:3b:eb:06:ff:50:d1:38:fd:0d:5b:29:
e3:b2:6b:77:86:fe:73:a0:9e:cf:eb:04:64:31:33:98:d3:a6:
13:d2:20:89
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTFFRDIxMTAvBgNVBAUTKEE0OEE5MzlCNjdEQjIyQkFGNzdFMDA3QjIxREYzQjc0
NUI2MjgzOTAwHhcNMjQwNjE5MDEyMjU2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjcyMzJmMC02ODYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAseXojWZlDhsF2NmSZS9XXCyJaUkkHNv28kOVb0rJkty9skcOTm8jnBwzrDJg
lnKAPns47H67ME8H77gsLVJzx1DkoAL1DZZVK/r76s1VMGZrC6LcbezYuVIrz3hh
L2hermj0vZ/F7A16gRf9NtDbe3oC/lyUSzQ8+31UZTC20U7/V197TFUB1lnn4yZh
PjXlpJltkeJnamCtDN/cwwP/TZ4yWiBTsnsoebESoYS30VvJWqzzh1JhZE2zsby+
h9kAp3DDrTmJvjxTeTcwfaSKj29JjOX4+MxeQOTQtyuIn03uJnT9XGgmt1CnBStt
2qVZqDWXCCs/6IqOwRryePb8jQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCD9E2rl
yei6Zuwe3RWu6AACKcS3MB8GA1UdIwQYMBaAFKSKk5tn2yK6934AeyHfO3RbYoOQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMUVEMi8zRkU4REU2Qzgy
QkQxMUVCOUJDNUQzMzRDNEY5QUUwMi9wSXFUbTJmYklycjNmZ0I3SWQ4N2RGdGln
NUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BJcVRtMmZiSXJyM2ZnQjdJZDg3ZEZ0aWc1QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTFFRDIvM0ZFOERFNkM4MkJEMTFFQjlCQzVEMzM0QzRGOUFFMDIvQTNBQTQ2MTA4
MkJFMTFFQjkzQTE5QTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnlk0DBABnl1QwDQYJKoZIhvcNAQELBQADggEBALNcZ4Yy
oI4OrMgD4rXFLHa+CbRuB2mSPpCT1WCtFVidwtfaMxDP6046WA7j05LjhMUqOJKA
4hDhAbNedhhrMsHH7nTrWw4aYtLi/qQYP3Y/JPlFm6jKzOlXprENx4/pXBdidCSk
2IP8Cab602+IWB3rlT8+LpVRDGHJk+Jqdi8nPq8RSNhtpKB4M3Amsckh519EWPuP
z7/vrDuJzAU+9hOA6Q/Lghub/eXS7lsj8dImX6cgSpEwZmCN7DEZfdPGUqZjoYdB
NLVK1/7O/mDVn/fJ4C1NWpDR8uh0omzFiHY76wb/UNE4/Q1bKeOya3eG/nOgns/r
BGQxM5jTphPSIIk=
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:19:29 2025 by rpki-client