Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F05B5/475012062AB311EE8FAE7214C4F9AE02/E0A69DBC2AB311EE9CA5E515C4F9AE02.roa
File: E0A69DBC2AB311EE9CA5E515C4F9AE02.roa (raw, json)
Hash identifier: ZqsBefU5j7GUz5qH7o82aafqjpUX9O/Biz1HkkL6OG4=
Subject key identifier: 77:E1:3C:D1:21:09:D6:5B:D6:E2:B0:4E:35:88:F1:75:C2:4F:97:34
Certificate issuer: /CN=A91F05B5/serialNumber=095F6C6BB387C6932FDA01C0BFA626F6AAC7BB00
Certificate serial: 0120
Authority key identifier: 09:5F:6C:6B:B3:87:C6:93:2F:DA:01:C0:BF:A6:26:F6:AA:C7:BB:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CV9sa7OHxpMv2gHAv6Ym9qrHuwA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F05B5/475012062AB311EE8FAE7214C4F9AE02/E0A69DBC2AB311EE9CA5E515C4F9AE02.roa
Signing time: Thu 23 Jan 2025 03:16:38 +0000
ROA not before: Thu 23 Jan 2025 03:16:38 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 131267
IP address blocks: 103.1.28.0/22 maxlen: 24
183.182.96.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 288 (0x120)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F05B5
Validity
Not Before: Jan 23 03:16:38 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6791b495-3cb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2a:a4:23:a3:74:1f:0e:1b:fb:95:41:30:a1:
2b:fe:64:00:b0:5c:33:a0:61:4b:1c:67:e5:40:d1:
e9:d9:a5:4b:5c:49:9b:ff:05:f0:7d:a6:06:81:d6:
02:4e:5c:d2:cc:4e:45:93:ee:13:b1:53:b6:7a:a6:
db:ff:0c:00:a9:f3:dd:0b:4b:94:33:f3:cc:ba:a6:
25:01:03:de:43:20:89:d6:de:8f:82:6d:c4:a1:c2:
03:0d:87:31:99:10:79:1c:41:a3:cf:51:b5:d9:63:
48:4e:84:d1:1b:95:c4:10:73:33:e8:31:40:ea:1a:
3a:bc:9f:e9:22:af:26:18:f6:3e:d1:dc:57:bb:8d:
d7:5c:90:91:6b:a3:01:7f:9e:fc:fb:80:33:ab:9e:
82:e5:ea:b7:91:fc:c0:35:da:57:2c:d2:59:07:49:
ae:8e:7c:48:e0:5d:0f:e3:9b:aa:0c:58:2a:5a:64:
ad:e7:46:76:9a:e5:1b:17:df:3a:8c:83:f5:90:67:
71:71:27:79:d4:68:08:cf:fa:ea:41:9c:3c:84:e0:
14:7e:70:df:44:25:6f:c7:35:92:c2:69:45:2a:27:
0b:06:c9:4a:5c:21:8f:49:e9:bb:5e:bc:17:09:cf:
2f:dd:26:f3:e6:64:79:5d:94:b9:bf:bc:29:69:56:
e6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E1:3C:D1:21:09:D6:5B:D6:E2:B0:4E:35:88:F1:75:C2:4F:97:34
X509v3 Authority Key Identifier:
keyid:09:5F:6C:6B:B3:87:C6:93:2F:DA:01:C0:BF:A6:26:F6:AA:C7:BB:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F05B5/475012062AB311EE8FAE7214C4F9AE02/CV9sa7OHxpMv2gHAv6Ym9qrHuwA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CV9sa7OHxpMv2gHAv6Ym9qrHuwA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F05B5/475012062AB311EE8FAE7214C4F9AE02/E0A69DBC2AB311EE9CA5E515C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.1.28.0/22
183.182.96.0/19
Signature Algorithm: sha256WithRSAEncryption
1e:82:69:33:3f:07:49:76:a8:71:38:5c:54:ee:35:48:09:77:
72:23:3a:e8:b8:1b:ee:9f:14:a4:45:c4:f9:10:e9:66:7c:12:
2c:dc:89:53:04:d2:ad:30:93:08:a1:5c:3d:7e:d9:4c:99:b5:
87:ab:51:7d:4f:63:4a:d8:5d:aa:3e:3b:f2:b4:2d:8c:64:5f:
64:36:3a:31:74:23:e6:a2:00:e3:f4:be:83:53:b0:1d:36:da:
0c:32:d2:26:6d:89:62:dc:1a:ad:04:5b:fc:f2:84:f7:19:0b:
56:f9:d9:ab:3d:b9:f8:0a:f3:0e:69:de:e5:a1:ff:95:62:bc:
51:93:c6:76:fd:c4:c5:1a:40:38:ae:4e:bf:e0:00:8c:f9:5b:
9c:84:41:ce:26:c0:37:15:3b:d9:4f:be:ad:44:d1:83:c6:1d:
90:9c:15:7e:39:a4:a7:45:fc:50:a8:6a:73:49:01:68:08:71:
fa:16:5b:39:1c:da:36:d0:83:ff:64:cc:58:05:4b:b1:3a:be:
b5:40:16:f4:ba:47:ec:3f:e9:52:30:98:f0:70:fc:70:a4:ac:
59:ad:ee:ee:e2:31:30:0d:be:fb:45:de:78:cb:d1:bd:6d:f1:
c8:b9:bb:4e:79:21:a3:2a:d2:d6:87:98:7a:08:6e:f8:e6:9d:
2d:e6:20:a7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICASAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjA1QjUxMTAvBgNVBAUTKDA5NUY2QzZCQjM4N0M2OTMyRkRBMDFDMEJGQTYyNkY2
QUFDN0JCMDAwHhcNMjUwMTIzMDMxNjM4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxYjQ5NS0zY2IxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuSqkI6N0Hw4b+5VBMKEr/mQAsFwzoGFLHGflQNHp2aVLXEmb/wXwfaYGgdYC
TlzSzE5Fk+4TsVO2eqbb/wwAqfPdC0uUM/PMuqYlAQPeQyCJ1t6Pgm3EocIDDYcx
mRB5HEGjz1G12WNIToTRG5XEEHMz6DFA6ho6vJ/pIq8mGPY+0dxXu43XXJCRa6MB
f578+4Azq56C5eq3kfzANdpXLNJZB0mujnxI4F0P45uqDFgqWmSt50Z2muUbF986
jIP1kGdxcSd51GgIz/rqQZw8hOAUfnDfRCVvxzWSwmlFKicLBslKXCGPSem7XrwX
Cc8v3Sbz5mR5XZS5v7wpaVbmUwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHfhPNEh
CdZb1uKwTjWI8XXCT5c0MB8GA1UdIwQYMBaAFAlfbGuzh8aTL9oBwL+mJvaqx7sA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMDVCNS80NzUwMTIwNjJB
QjMxMUVFOEZBRTcyMTRDNEY5QUUwMi9DVjlzYTdPSHhwTXYyZ0hBdjZZbTlxckh1
d0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NWOXNhN09IeHBNdjJnSEF2NlltOXFySHV3QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjA1QjUvNDc1MDEyMDYyQUIzMTFFRThGQUU3MjE0QzRGOUFFMDIvRTBBNjlEQkMy
QUIzMTFFRTlDQTVFNTE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnARwDBAW3tmAwDQYJKoZIhvcNAQELBQADggEBAB6CaTM/
B0l2qHE4XFTuNUgJd3IjOui4G+6fFKRFxPkQ6WZ8EizciVME0q0wkwihXD1+2UyZ
tYerUX1PY0rYXao+O/K0LYxkX2Q2OjF0I+aiAOP0voNTsB022gwy0iZtiWLcGq0E
W/zyhPcZC1b52as9ufgK8w5p3uWh/5VivFGTxnb9xMUaQDiuTr/gAIz5W5yEQc4m
wDcVO9lPvq1E0YPGHZCcFX45pKdF/FCoanNJAWgIcfoWWzkc2jbQg/9kzFgFS7E6
vrVAFvS6R+w/6VIwmPBw/HCkrFmt7u7iMTANvvtF3njL0b1t8ci5u055IaMq0taH
mHoIbvjmnS3mIKc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:08:04 2025 by rpki-client