Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E81A5/C15843B4CA0711ED8F9E2A70C4F9AE02/7BD5A1FCCA0B11ED8B414F75C4F9AE02.roa
File: 7BD5A1FCCA0B11ED8B414F75C4F9AE02.roa (raw, json)
Hash identifier: QOfAhP3S+ePBd5bLXcD9SSvstPxykfxAtUO9d7xqQdE=
Subject key identifier: 7B:8E:CA:39:BD:D0:A3:67:F4:B7:5E:40:FD:8C:14:04:EC:1B:B6:70
Certificate issuer: /CN=A91E81A5/serialNumber=3034DEF04D9A03EE22898924E31264C01DE00303
Certificate serial: 0106
Authority key identifier: 30:34:DE:F0:4D:9A:03:EE:22:89:89:24:E3:12:64:C0:1D:E0:03:03
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MDTe8E2aA-4iiYkk4xJkwB3gAwM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E81A5/C15843B4CA0711ED8F9E2A70C4F9AE02/7BD5A1FCCA0B11ED8B414F75C4F9AE02.roa
Signing time: Wed 07 Aug 2024 04:46:07 +0000
ROA not before: Wed 07 Aug 2024 04:46:07 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 133616
IP address blocks: 103.238.195.0/24 maxlen: 24
2001:df3:4300::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 262 (0x106)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E81A5
Validity
Not Before: Aug 7 04:46:07 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66b2fc0f-505c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1e:70:f4:49:a7:73:07:9b:c0:a4:50:d6:91:
ab:4c:e1:dc:64:83:e9:14:ef:6d:21:e9:04:b8:05:
fe:2d:91:f3:0c:f6:37:f8:d6:a2:09:81:03:1e:c0:
14:40:8d:b4:16:8c:17:36:a4:45:79:d4:cd:9f:07:
8e:c1:26:f5:c6:2a:af:42:e1:46:ff:82:4b:87:2f:
ca:9c:61:ea:b5:e7:52:c6:a4:d6:5a:14:fc:0b:ea:
6d:52:f3:87:f4:0c:b9:8e:42:fe:99:53:97:2a:a4:
0b:94:18:e1:46:cc:e1:59:ad:d4:95:dd:f7:63:51:
02:b7:70:ec:39:89:27:cc:21:08:89:a9:19:5c:fa:
7f:76:e4:e9:0f:16:6d:b9:d3:a7:04:47:50:d2:60:
32:a6:9d:9f:4d:f0:17:3e:de:07:cf:56:42:c1:66:
5d:1e:10:5f:e1:92:e8:8e:23:34:fa:cc:db:ea:de:
85:f6:b8:40:ff:8e:58:c0:54:92:41:41:23:7b:0c:
e0:6b:4a:10:a5:ae:5b:14:57:a7:11:c8:e6:80:db:
8c:b0:be:0d:a6:9e:97:31:29:b8:94:95:4f:7b:62:
91:70:4b:e0:ab:32:0a:de:6c:f5:2d:e7:4f:2c:6b:
02:ac:43:9b:a2:45:9b:c2:29:ca:ca:4f:73:ab:c3:
9d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:8E:CA:39:BD:D0:A3:67:F4:B7:5E:40:FD:8C:14:04:EC:1B:B6:70
X509v3 Authority Key Identifier:
keyid:30:34:DE:F0:4D:9A:03:EE:22:89:89:24:E3:12:64:C0:1D:E0:03:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E81A5/C15843B4CA0711ED8F9E2A70C4F9AE02/MDTe8E2aA-4iiYkk4xJkwB3gAwM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MDTe8E2aA-4iiYkk4xJkwB3gAwM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E81A5/C15843B4CA0711ED8F9E2A70C4F9AE02/7BD5A1FCCA0B11ED8B414F75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.238.195.0/24
IPv6:
2001:df3:4300::/48
Signature Algorithm: sha256WithRSAEncryption
57:e8:8a:36:3b:b9:bf:88:b6:3d:69:58:e6:8c:95:6d:9e:be:
8a:69:24:e2:4c:c0:f7:92:d4:e2:81:6d:8e:19:2d:28:42:1e:
56:79:59:52:87:90:01:8e:40:a9:2b:3e:b9:29:7b:b8:78:84:
9a:97:bb:7e:79:e0:23:13:36:8a:18:d7:c4:e6:c5:d7:04:e0:
de:2d:e2:58:2e:2b:40:ed:71:70:5a:18:86:fb:a6:ca:18:5f:
d1:37:a6:bf:89:32:47:f1:06:bf:f3:76:ad:ce:f1:88:42:a3:
12:be:1d:08:0e:5d:e5:13:e2:22:74:c1:34:08:21:25:0b:66:
32:5b:b6:6a:df:b2:81:38:a5:dd:b7:47:c2:c8:bf:25:96:f3:
38:b1:d8:d8:16:7d:33:14:a9:94:a8:f0:d2:77:2d:9a:80:21:
69:3d:71:80:c9:86:c3:f6:be:2f:44:bb:5a:66:2c:8c:c4:c9:
d8:4e:91:b4:38:de:50:97:b0:18:d8:07:b5:a5:34:3b:23:a3:
da:27:28:60:42:8e:4f:38:94:a8:24:94:48:c4:38:95:71:78:
46:c1:87:b6:ad:d2:a8:44:b1:f7:be:ec:93:a0:48:af:fd:3a:
79:68:37:32:10:b6:a1:b8:ac:bd:94:0c:f8:5c:00:29:b8:ef:
2c:1f:22:1c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAQYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTgxQTUxMTAvBgNVBAUTKDMwMzRERUYwNEQ5QTAzRUUyMjg5ODkyNEUzMTI2NEMw
MURFMDAzMDMwHhcNMjQwODA3MDQ0NjA3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIyZmMwZi01MDVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4B5w9EmncwebwKRQ1pGrTOHcZIPpFO9tIekEuAX+LZHzDPY3+NaiCYEDHsAU
QI20FowXNqRFedTNnweOwSb1xiqvQuFG/4JLhy/KnGHqtedSxqTWWhT8C+ptUvOH
9Ay5jkL+mVOXKqQLlBjhRszhWa3Uld33Y1ECt3DsOYknzCEIiakZXPp/duTpDxZt
udOnBEdQ0mAypp2fTfAXPt4Hz1ZCwWZdHhBf4ZLojiM0+szb6t6F9rhA/45YwFSS
QUEjewzga0oQpa5bFFenEcjmgNuMsL4Npp6XMSm4lJVPe2KRcEvgqzIK3mz1LedP
LGsCrEObokWbwinKyk9zq8OdEQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFHuOyjm9
0KNn9LdeQP2MFATsG7ZwMB8GA1UdIwQYMBaAFDA03vBNmgPuIomJJOMSZMAd4AMD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODFBNS9DMTU4NDNCNENB
MDcxMUVEOEY5RTJBNzBDNEY5QUUwMi9NRFRlOEUyYUEtNGlpWWtrNHhKa3dCM2dB
d00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01EVGU4RTJhQS00aWlZa2s0eEprd0IzZ0F3TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTgxQTUvQzE1ODQzQjRDQTA3MTFFRDhGOUUyQTcwQzRGOUFFMDIvN0JENUExRkND
QTBCMTFFRDhCNDE0Rjc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABn7sMwDwQCAAIwCQMHACABDfNDADANBgkqhkiG9w0BAQsF
AAOCAQEAV+iKNju5v4i2PWlY5oyVbZ6+imkk4kzA95LU4oFtjhktKEIeVnlZUoeQ
AY5AqSs+uSl7uHiEmpe7fnngIxM2ihjXxObF1wTg3i3iWC4rQO1xcFoYhvumyhhf
0Temv4kyR/EGv/N2rc7xiEKjEr4dCA5d5RPiInTBNAghJQtmMlu2at+ygTil3bdH
wsi/JZbzOLHY2BZ9MxSplKjw0nctmoAhaT1xgMmGw/a+L0S7WmYsjMTJ2E6RtDje
UJewGNgHtaU0OyOj2icoYEKOTziUqCSUSMQ4lXF4RsGHtq3SqESx977sk6BIr/06
eWg3MhC2obisvZQM+FwAKbjvLB8iHA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:18:05 2025 by rpki-client