Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E77F3/94EFCC0C5B9C11EF8CEA3145C4F9AE02/CAADA49A5B9C11EF9AD89645C4F9AE02.roa
File: CAADA49A5B9C11EF9AD89645C4F9AE02.roa (raw, json)
Hash identifier: ScK5Mkjc4CtGpC9rnxIJeiwAah1HeyqfBAVqLucgBa0=
Subject key identifier: 13:1C:B4:3E:29:C9:8D:6E:0E:07:9D:52:CA:E8:9A:A5:06:2F:76:1A
Certificate issuer: /CN=A91E77F3/serialNumber=65114B1743FD60DD7728DEE1E85B49EEA1BF0DAD
Certificate serial: 55
Authority key identifier: 65:11:4B:17:43:FD:60:DD:77:28:DE:E1:E8:5B:49:EE:A1:BF:0D:AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZRFLF0P9YN13KN7h6FtJ7qG_Da0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E77F3/94EFCC0C5B9C11EF8CEA3145C4F9AE02/CAADA49A5B9C11EF9AD89645C4F9AE02.roa
Signing time: Sun 19 Jan 2025 05:28:26 +0000
ROA not before: Sun 19 Jan 2025 05:28:26 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 26658
IP address blocks: 103.204.252.0/22 maxlen: 22
203.76.232.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85 (0x55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E77F3
Validity
Not Before: Jan 19 05:28:26 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=678c8d79-9d25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:be:85:1a:d8:0b:f0:00:69:28:f5:dc:84:e3:
d1:4b:3d:ad:f6:52:f2:1c:79:aa:e3:75:a6:52:db:
1f:ff:b3:f9:f8:58:c4:0a:b6:d4:0d:69:3e:9c:a1:
38:c2:6f:a0:3a:51:6f:de:b8:05:60:80:01:59:53:
84:63:e0:7f:d3:18:da:46:a7:aa:38:49:a5:29:87:
24:06:64:28:c5:4f:eb:0f:95:b4:4e:f1:e3:72:f4:
4d:3b:e9:13:53:1c:f3:89:ca:c0:83:64:9d:a3:41:
fd:28:64:3d:21:d5:de:67:d4:ef:27:99:99:a7:de:
8c:c0:c0:3f:e7:56:3f:a5:0d:4b:ec:ed:96:f4:4f:
92:9c:2e:40:c9:df:54:58:33:b6:ee:53:55:3b:51:
60:98:25:8c:93:8d:80:fb:32:62:0e:25:68:fc:7c:
78:32:2b:78:fc:95:49:b4:d7:72:3a:f6:74:6e:d6:
bc:cb:b9:8f:04:51:a0:c8:e7:37:2f:40:89:04:51:
29:1f:f8:75:6b:7b:e0:56:57:66:2e:28:2a:b7:75:
93:0d:36:b0:92:8e:31:f3:5c:72:83:4b:04:de:e1:
dc:3b:c2:90:22:87:17:7b:0b:6b:67:26:48:c1:dd:
70:7c:10:4c:0b:ae:6d:fe:76:ba:8f:25:61:0b:46:
0d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:1C:B4:3E:29:C9:8D:6E:0E:07:9D:52:CA:E8:9A:A5:06:2F:76:1A
X509v3 Authority Key Identifier:
keyid:65:11:4B:17:43:FD:60:DD:77:28:DE:E1:E8:5B:49:EE:A1:BF:0D:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E77F3/94EFCC0C5B9C11EF8CEA3145C4F9AE02/ZRFLF0P9YN13KN7h6FtJ7qG_Da0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZRFLF0P9YN13KN7h6FtJ7qG_Da0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E77F3/94EFCC0C5B9C11EF8CEA3145C4F9AE02/CAADA49A5B9C11EF9AD89645C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.204.252.0/22
203.76.232.0/22
Signature Algorithm: sha256WithRSAEncryption
61:55:37:2d:f0:4d:45:74:2d:59:5a:87:48:fb:d8:ae:eb:f5:
97:b2:69:d0:74:0a:16:9b:f8:15:51:0a:6b:d1:dd:f2:93:03:
72:da:73:c8:53:46:3f:a1:ca:3a:3f:61:a5:a7:63:72:8f:60:
2d:fc:db:c3:c4:86:61:23:1d:4e:e7:1a:ff:ac:4e:6e:07:ff:
60:6b:03:cd:65:ce:01:19:51:a4:d6:35:24:8d:ec:75:92:6f:
3c:77:bd:22:ef:96:63:d3:65:26:c7:af:0f:19:b0:00:28:96:
11:17:e7:ea:e5:96:f5:ef:b0:68:a5:34:44:3b:ce:33:04:dd:
ad:f2:0a:23:61:4c:92:16:bb:9b:85:5c:51:5b:78:1b:ca:79:
b6:34:3f:ca:10:d9:46:cb:f1:a1:e9:61:60:75:d5:c8:aa:dd:
65:c0:59:a3:d8:64:9e:a1:e7:7e:23:b1:ea:94:a3:cc:4b:f9:
00:a8:40:2d:ee:02:c3:33:12:43:cf:05:9b:0e:d5:f4:2d:9b:
e5:0c:3d:58:36:ec:66:60:55:50:5c:8e:b4:16:ad:6d:c9:c6:
a3:27:37:37:99:c2:63:8f:26:57:76:84:a5:e3:a3:43:cf:c4:
e8:a0:69:46:ec:04:ee:93:e3:2b:21:71:de:ac:92:b7:74:a3:
ec:7c:26:93
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBVTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
NzdGMzExMC8GA1UEBRMoNjUxMTRCMTc0M0ZENjBERDc3MjhERUUxRTg1QjQ5RUVB
MUJGMERBRDAeFw0yNTAxMTkwNTI4MjZaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OGM4ZDc5LTlkMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQChvoUa2AvwAGko9dyE49FLPa32UvIcearjdaZS2x//s/n4WMQKttQNaT6coTjC
b6A6UW/euAVggAFZU4Rj4H/TGNpGp6o4SaUphyQGZCjFT+sPlbRO8eNy9E076RNT
HPOJysCDZJ2jQf0oZD0h1d5n1O8nmZmn3ozAwD/nVj+lDUvs7Zb0T5KcLkDJ31RY
M7buU1U7UWCYJYyTjYD7MmIOJWj8fHgyK3j8lUm013I69nRu1rzLuY8EUaDI5zcv
QIkEUSkf+HVre+BWV2YuKCq3dZMNNrCSjjHzXHKDSwTe4dw7wpAihxd7C2tnJkjB
3XB8EEwLrm3+drqPJWELRg1DAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUExy0PinJ
jW4OB51SyuiapQYvdhowHwYDVR0jBBgwFoAUZRFLF0P9YN13KN7h6FtJ7qG/Da0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU3N0YzLzk0RUZDQzBDNUI5
QzExRUY4Q0VBMzE0NUM0RjlBRTAyL1pSRkxGMFA5WU4xM0tON2g2RnRKN3FHX0Rh
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWlJGTEYwUDlZTjEzS043aDZGdEo3cUdfRGEwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NzdGMy85NEVGQ0MwQzVCOUMxMUVGOENFQTMxNDVDNEY5QUUwMi9DQUFEQTQ5QTVC
OUMxMUVGOUFEODk2NDVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAmfM/AMEAstM6DANBgkqhkiG9w0BAQsFAAOCAQEAYVU3LfBN
RXQtWVqHSPvYruv1l7Jp0HQKFpv4FVEKa9Hd8pMDctpzyFNGP6HKOj9hpadjco9g
Lfzbw8SGYSMdTuca/6xObgf/YGsDzWXOARlRpNY1JI3sdZJvPHe9Iu+WY9NlJsev
DxmwACiWERfn6uWW9e+waKU0RDvOMwTdrfIKI2FMkha7m4VcUVt4G8p5tjQ/yhDZ
RsvxoelhYHXVyKrdZcBZo9hknqHnfiOx6pSjzEv5AKhALe4CwzMSQ88Fmw7V9C2b
5Qw9WDbsZmBVUFyOtBatbcnGoyc3N5nCY48mV3aEpeOjQ8/E6KBpRuwE7pPjKyFx
3qySt3Sj7Hwmkw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:10:02 2025 by rpki-client