Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/8405155C69EB11EF933A993CC4F9AE02.roa
File: 8405155C69EB11EF933A993CC4F9AE02.roa (raw, json)
Hash identifier: Nc218pLJmDdsf2Z9Kv612BkBE9ixmiOBUD2+vg6KRQA=
Subject key identifier: AD:B6:05:37:BD:F6:04:C9:CD:4A:3A:8A:62:8E:BD:2F:2D:60:D2:F6
Certificate issuer: /CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248
Certificate serial: 0153
Authority key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/8405155C69EB11EF933A993CC4F9AE02.roa
Signing time: Fri 07 Mar 2025 03:20:09 +0000
ROA not before: Fri 07 Mar 2025 03:20:09 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 133053
IP address blocks: 103.120.219.0/24 maxlen: 24
103.251.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 339 (0x153)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8D22
Validity
Not Before: Mar 7 03:20:09 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67ca65e9-1a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:cd:c5:15:5d:01:82:cf:c4:12:3c:17:89:47:
61:4e:2a:c3:07:23:c7:8b:b1:8b:f6:b4:8f:2f:b7:
17:98:59:f0:3d:15:57:3b:60:1a:65:10:12:b4:fc:
2c:9f:04:0d:1c:5d:77:99:fa:08:e0:dc:91:05:db:
03:72:55:4f:31:ff:ad:76:87:7d:29:97:26:76:08:
2d:06:7e:13:c0:80:5e:b1:2d:69:dc:9a:1d:2d:ad:
1f:c8:ed:7a:66:33:5f:de:07:15:01:29:67:21:59:
63:cf:a3:e3:5a:a4:16:31:73:d3:50:5e:e4:20:dc:
57:2d:9e:dd:f5:7e:a5:04:5d:8e:3b:1d:33:14:74:
87:a2:e6:77:1a:96:ae:52:a4:37:76:12:5e:20:bb:
ea:83:4e:b5:ab:c8:9c:31:c3:48:e2:11:fc:19:84:
c9:fb:a4:26:85:7a:8b:a6:d6:eb:61:44:2f:f9:1b:
f9:50:55:5f:14:f6:6c:39:c3:a8:7d:ab:53:6a:b1:
f6:ab:d7:ae:c6:1c:89:33:83:5e:0d:37:ff:fd:b9:
42:81:8e:1d:34:13:3d:d3:02:ce:e4:49:83:a5:11:
ca:07:d5:a3:8a:a8:8c:38:78:99:3d:a9:6c:0d:94:
80:4d:8f:5d:60:6a:5a:3d:c2:6e:d6:bf:b9:83:2a:
70:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B6:05:37:BD:F6:04:C9:CD:4A:3A:8A:62:8E:BD:2F:2D:60:D2:F6
X509v3 Authority Key Identifier:
keyid:1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/8405155C69EB11EF933A993CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.219.0/24
103.251.171.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:df:03:61:74:f6:1a:b3:7e:de:64:bc:9c:6e:f7:d5:fa:6d:
b6:ce:71:da:fe:43:05:c4:d0:fd:a8:fe:d9:b6:71:78:7c:fe:
f2:83:d8:69:54:aa:90:03:24:51:7d:e1:73:38:f4:0b:e7:b8:
95:13:6c:2b:9d:0c:83:21:a0:ff:cc:70:36:d3:09:a8:f2:46:
db:ee:09:78:83:3a:a6:19:2a:6e:ba:1b:4a:40:e3:43:81:3c:
f5:f3:8a:64:21:2e:bc:d1:44:c5:1e:a7:32:38:6f:8f:0c:fa:
8c:7a:03:f6:03:b4:26:01:99:39:32:3c:ca:aa:da:4d:dd:98:
6c:8c:89:e3:55:01:19:ac:6d:d9:47:8a:ef:53:c4:04:7f:61:
cf:b5:7a:6b:fc:a3:e8:9c:64:93:17:b3:59:8e:be:2a:69:a4:
72:c3:e6:50:ca:81:cb:88:d5:0b:1a:f9:06:5c:47:39:52:f6:
7c:91:c3:d3:04:cd:43:97:3b:39:00:12:f3:86:6c:ce:4f:4f:
c3:88:b3:09:5a:02:ca:49:1e:f9:92:a5:c6:88:28:45:fb:24:
ff:51:a4:38:1e:7d:a0:1e:f3:ca:f3:e2:77:1f:37:c2:8e:0e:
a2:1f:71:03:ee:05:45:49:85:f9:e5:10:38:07:57:cc:62:4c:
0c:f0:de:8a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAVMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2RTIxMjVCODc4
RTY0MDcyNDgwHhcNMjUwMzA3MDMyMDA5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NhNjVlOS0xYTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3c3FFV0Bgs/EEjwXiUdhTirDByPHi7GL9rSPL7cXmFnwPRVXO2AaZRAStPws
nwQNHF13mfoI4NyRBdsDclVPMf+tdod9KZcmdggtBn4TwIBesS1p3JodLa0fyO16
ZjNf3gcVASlnIVljz6PjWqQWMXPTUF7kINxXLZ7d9X6lBF2OOx0zFHSHouZ3Gpau
UqQ3dhJeILvqg061q8icMcNI4hH8GYTJ+6QmhXqLptbrYUQv+Rv5UFVfFPZsOcOo
fatTarH2q9euxhyJM4NeDTf//blCgY4dNBM90wLO5EmDpRHKB9WjiqiMOHiZPals
DZSATY9dYGpaPcJu1r+5gypwPwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFK22BTe9
9gTJzUo6imKOvS8tYNL2MB8GA1UdIwQYMBaAFB3uF6ajOA7kiO87biEluHjmQHJI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyMi8zRjdENjhBOEZE
RTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1U0k3enR1SVNXNGVPWkFj
a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hlNFhwcU00RHVTSTd6dHVJU1c0ZU9aQWNrZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThEMjIvM0Y3RDY4QThGREU1MTFFRDg3ODQxNzcwQzRGOUFFMDIvODQwNTE1NUM2
OUVCMTFFRjkzM0E5OTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABneNsDBABn+6swDQYJKoZIhvcNAQELBQADggEBABzfA2F0
9hqzft5kvJxu99X6bbbOcdr+QwXE0P2o/tm2cXh8/vKD2GlUqpADJFF94XM49Avn
uJUTbCudDIMhoP/McDbTCajyRtvuCXiDOqYZKm66G0pA40OBPPXzimQhLrzRRMUe
pzI4b48M+ox6A/YDtCYBmTkyPMqq2k3dmGyMieNVARmsbdlHiu9TxAR/Yc+1emv8
o+icZJMXs1mOvipppHLD5lDKgcuI1Qsa+QZcRzlS9nyRw9MEzUOXOzkAEvOGbM5P
T8OIswlaAspJHvmSpcaIKEX7JP9RpDgefaAe88rz4ncfN8KODqIfcQPuBUVJhfnl
EDgHV8xiTAzw3oo=
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:55:55 2025 by rpki-client