Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8903/D898265A8C1F11EDAE441D87C4F9AE02/5AFFB9E48C2211EDAE44DD87C4F9AE02.roa
File: 5AFFB9E48C2211EDAE44DD87C4F9AE02.roa (raw, json)
Hash identifier: jSsyiULsGlxuuewQZXjIC7D+cuv2EzgfISIGBAP8n9Q=
Subject key identifier: F4:68:C9:64:B9:A4:26:88:DB:CB:82:60:68:69:FB:77:DA:09:77:7E
Certificate issuer: /CN=A91E8903/serialNumber=456AF5E5667DE248A9CF0CEB90C6D1B3D3ED6FA8
Certificate serial: 019B
Authority key identifier: 45:6A:F5:E5:66:7D:E2:48:A9:CF:0C:EB:90:C6:D1:B3:D3:ED:6F:A8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RWr15WZ94kipzwzrkMbRs9Ptb6g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8903/D898265A8C1F11EDAE441D87C4F9AE02/5AFFB9E48C2211EDAE44DD87C4F9AE02.roa
Signing time: Fri 31 Jan 2025 03:19:21 +0000
ROA not before: Fri 31 Jan 2025 03:19:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 131471
IP address blocks: 103.221.246.0/24 maxlen: 24
103.221.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 411 (0x19b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8903
Validity
Not Before: Jan 31 03:19:21 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=679c4139-45f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d5:c6:db:5f:29:12:5e:23:65:01:bc:0b:04:
5c:2b:c5:81:f9:8a:8c:f6:fd:01:4e:98:50:b0:60:
35:2d:bc:e5:f7:b2:1e:4b:98:75:39:7b:3b:0f:1f:
15:cd:8c:31:54:b1:a2:49:8d:b7:bf:62:29:64:c8:
e2:fc:cd:00:3a:47:38:f3:13:ac:46:37:4d:ee:6a:
13:9b:dc:9c:b1:ed:f1:89:b0:e0:fd:c0:e2:3c:45:
9c:90:ad:b8:90:cf:1c:fd:90:b2:c0:99:dd:d2:31:
39:ba:96:d9:fb:30:1e:4a:c8:ca:8e:16:3d:2a:d6:
5e:b6:b8:75:56:21:e1:f4:7f:b8:07:d4:ac:5a:9a:
15:84:be:50:9d:71:89:5c:83:9c:a9:ae:b9:14:0a:
bb:33:76:aa:2b:1c:62:04:ac:6c:56:79:08:f7:e8:
6b:d7:3d:8c:cb:fc:05:f4:d5:b6:b7:18:93:8b:c3:
89:e0:d0:d1:4a:15:05:c8:fa:6e:fa:97:93:a0:f3:
74:3d:96:fa:dc:42:cd:85:9b:6b:9e:78:24:29:be:
b1:c2:90:53:ba:0f:63:54:cf:33:56:44:c6:8b:ba:
3c:78:89:3c:55:c3:99:cc:e4:f6:e9:4b:82:30:ad:
ba:a0:7d:71:48:90:ab:4c:96:b2:8a:77:e1:1c:5f:
4d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:68:C9:64:B9:A4:26:88:DB:CB:82:60:68:69:FB:77:DA:09:77:7E
X509v3 Authority Key Identifier:
keyid:45:6A:F5:E5:66:7D:E2:48:A9:CF:0C:EB:90:C6:D1:B3:D3:ED:6F:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8903/D898265A8C1F11EDAE441D87C4F9AE02/RWr15WZ94kipzwzrkMbRs9Ptb6g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RWr15WZ94kipzwzrkMbRs9Ptb6g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8903/D898265A8C1F11EDAE441D87C4F9AE02/5AFFB9E48C2211EDAE44DD87C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.246.0/23
Signature Algorithm: sha256WithRSAEncryption
56:26:3e:fa:0e:28:91:df:1d:d0:f6:a1:79:ff:8f:b9:54:54:
71:62:2f:3d:85:20:45:6c:fb:c6:e3:ea:07:e1:1d:db:60:cf:
1c:90:6d:93:46:f0:e2:ec:fa:cb:b7:d5:e2:b4:f1:5e:c5:8b:
83:fb:42:62:ea:10:f6:88:3a:81:d1:7b:4a:8e:a2:dc:c7:00:
1f:0d:9d:ad:59:38:72:e1:42:10:49:d2:2a:77:6d:b0:d3:8c:
60:f8:b7:a2:52:78:dc:97:79:1c:3b:21:23:10:8d:0f:dd:4a:
34:2b:db:df:97:6f:8d:46:8f:6f:79:79:6b:7d:60:49:18:e8:
06:e9:04:d6:ed:d6:fd:8a:a9:c9:e8:58:45:d5:1c:80:51:b2:
55:d3:6d:d7:3d:eb:8f:36:79:66:6f:a4:93:72:d8:77:bd:53:
5e:59:f5:b1:c6:df:95:76:df:f0:bd:6e:e6:ef:e3:73:f4:2e:
92:f7:a6:8c:af:9e:87:10:02:95:d3:3f:c0:1a:6a:f9:0f:37:
be:39:25:8a:4d:70:c0:f7:59:5f:72:e8:d2:fd:db:ab:cd:56:
12:fa:22:a8:6b:1c:e3:23:6e:cc:48:99:67:37:e8:b2:7f:87:
9c:69:c8:87:0e:47:16:7c:ec:db:20:0d:08:70:8b:5d:e7:d2:
a9:dd:d0:37
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAZswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTg5MDMxMTAvBgNVBAUTKDQ1NkFGNUU1NjY3REUyNDhBOUNGMENFQjkwQzZEMUIz
RDNFRDZGQTgwHhcNMjUwMTMxMDMxOTIxWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljNDEzOS00NWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvNXG218pEl4jZQG8CwRcK8WB+YqM9v0BTphQsGA1Lbzl97IeS5h1OXs7Dx8V
zYwxVLGiSY23v2IpZMji/M0AOkc48xOsRjdN7moTm9ycse3xibDg/cDiPEWckK24
kM8c/ZCywJnd0jE5upbZ+zAeSsjKjhY9KtZetrh1ViHh9H+4B9SsWpoVhL5QnXGJ
XIOcqa65FAq7M3aqKxxiBKxsVnkI9+hr1z2My/wF9NW2txiTi8OJ4NDRShUFyPpu
+peToPN0PZb63ELNhZtrnngkKb6xwpBTug9jVM8zVkTGi7o8eIk8VcOZzOT26UuC
MK26oH1xSJCrTJayinfhHF9NcwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPRoyWS5
pCaI28uCYGhp+3faCXd+MB8GA1UdIwQYMBaAFEVq9eVmfeJIqc8M65DG0bPT7W+o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODkwMy9EODk4MjY1QThD
MUYxMUVEQUU0NDFEODdDNEY5QUUwMi9SV3IxNVdaOTRraXB6d3pya01iUnM5UHRi
NmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JXcjE1V1o5NGtpcHp3enJrTWJSczlQdGI2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTg5MDMvRDg5ODI2NUE4QzFGMTFFREFFNDQxRDg3QzRGOUFFMDIvNUFGRkI5RTQ4
QzIyMTFFREFFNDRERDg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn3fYwDQYJKoZIhvcNAQELBQADggEBAFYmPvoOKJHfHdD2
oXn/j7lUVHFiLz2FIEVs+8bj6gfhHdtgzxyQbZNG8OLs+su31eK08V7Fi4P7QmLq
EPaIOoHRe0qOotzHAB8Nna1ZOHLhQhBJ0ip3bbDTjGD4t6JSeNyXeRw7ISMQjQ/d
SjQr29+Xb41Gj295eWt9YEkY6AbpBNbt1v2KqcnoWEXVHIBRslXTbdc96482eWZv
pJNy2He9U15Z9bHG35V23/C9bubv43P0LpL3poyvnocQApXTP8AaavkPN745JYpN
cMD3WV9y6NL926vNVhL6IqhrHOMjbsxImWc36LJ/h5xpyIcORxZ87NsgDQhwi13n
0qnd0Dc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:22:21 2025 by rpki-client