Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/46E91B3AB31211EFA6BAAF1EC4F9AE02.roa
File: 46E91B3AB31211EFA6BAAF1EC4F9AE02.roa (raw, json)
Hash identifier: b6/17IHmfruCEiR6p/M2eZlPFy6KYLkqGlsr9DlXeXk=
Subject key identifier: F3:AC:2C:70:31:06:1E:97:DA:27:22:A8:D4:A5:B0:C4:85:5D:2C:73
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 284F
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/46E91B3AB31211EFA6BAAF1EC4F9AE02.roa
Signing time: Mon 06 Jan 2025 15:42:15 +0000
ROA not before: Mon 06 Jan 2025 15:42:15 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 136050
IP address blocks: 103.254.122.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10319 (0x284f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9
Validity
Not Before: Jan 6 15:42:15 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677bf9d7-1cce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ae:e1:d9:63:27:1f:ae:dd:11:3c:a1:98:35:
5c:44:bc:fd:3c:a8:c2:03:88:4a:4a:49:4a:73:dd:
ec:4b:46:db:af:0b:5a:ca:43:bb:91:f0:e8:04:f4:
83:62:c6:9b:24:8e:39:c3:6b:e6:2f:c7:27:d9:bb:
08:3d:8c:ca:0a:b2:49:f9:fe:6e:59:d7:d2:a9:4c:
d6:db:cb:3e:6a:5b:81:ce:00:7e:93:ba:72:98:0c:
07:fa:25:a3:9e:1f:c8:c4:c4:14:9f:1d:97:67:5a:
d5:ab:ed:b3:17:13:14:53:f6:0e:79:54:cf:c9:bc:
bc:e3:5c:59:a5:c6:27:71:ac:43:af:6f:ef:2b:93:
64:c7:d9:94:12:55:3a:a8:fe:ee:62:50:e5:0b:25:
67:1e:9d:fe:c6:07:61:e5:5b:bd:ab:00:77:b1:62:
3d:5b:e1:c6:c7:68:7a:b7:77:8b:d7:fc:01:42:95:
bf:b5:36:d1:0e:fe:25:a6:42:9f:8a:b6:e8:8e:c7:
64:aa:63:64:b2:68:b3:0e:95:30:7d:e6:0b:57:91:
0e:21:f4:f1:94:27:92:a4:f4:63:09:3c:68:41:5e:
e7:4f:45:f7:37:7b:e5:d9:35:e8:ce:09:fc:58:2d:
48:0a:b4:24:cf:1e:f1:8f:00:41:53:35:da:7c:c4:
a1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AC:2C:70:31:06:1E:97:DA:27:22:A8:D4:A5:B0:C4:85:5D:2C:73
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/46E91B3AB31211EFA6BAAF1EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.254.122.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:f9:07:2c:a9:08:df:36:e9:e9:3e:58:1a:82:71:a4:16:f0:
77:08:bb:13:b2:30:a7:fe:46:1d:58:d9:70:cb:68:1e:6f:3d:
1b:e7:6f:90:47:92:4e:1c:40:b9:ac:f8:d6:d4:2a:d6:36:aa:
31:4c:d1:e2:c3:e0:35:b0:ac:46:3f:a9:bb:ba:db:5c:e6:af:
33:9e:bf:64:f7:c8:60:c5:11:76:0f:63:b5:92:25:20:f1:db:
a8:ea:62:39:a3:23:be:4c:92:09:a7:f5:28:3f:3d:39:d7:7d:
3a:d1:38:6a:d0:b8:fc:81:c3:7d:f0:8f:6c:90:27:9f:39:dc:
55:97:75:90:ba:dd:a1:77:40:44:f7:78:c2:47:dc:0e:55:14:
cc:27:41:ec:df:a9:6e:75:31:75:53:97:d5:4a:c4:47:72:54:
2d:46:db:98:5e:9e:f8:35:ea:2b:5e:26:b3:e5:9f:38:fd:53:
28:43:c4:f7:ac:5e:03:20:7c:92:5e:b2:a1:b7:89:d2:87:cb:
4f:75:de:92:b8:55:fd:8a:24:0d:eb:a3:d2:40:dd:94:c2:6c:
e6:7d:68:4d:e9:1d:0b:13:26:6c:f2:84:46:f0:7a:cc:f2:71:
d3:4f:e4:04:00:bd:50:57:a0:58:e2:e1:f1:0b:f2:5e:c5:50:
77:30:4e:99
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKE8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjUwMTA2MTU0MjE1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdiZjlkNy0xY2NlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu67h2WMnH67dETyhmDVcRLz9PKjCA4hKSklKc93sS0bbrwtaykO7kfDoBPSD
YsabJI45w2vmL8cn2bsIPYzKCrJJ+f5uWdfSqUzW28s+aluBzgB+k7pymAwH+iWj
nh/IxMQUnx2XZ1rVq+2zFxMUU/YOeVTPyby841xZpcYncaxDr2/vK5Nkx9mUElU6
qP7uYlDlCyVnHp3+xgdh5Vu9qwB3sWI9W+HGx2h6t3eL1/wBQpW/tTbRDv4lpkKf
irbojsdkqmNksmizDpUwfeYLV5EOIfTxlCeSpPRjCTxoQV7nT0X3N3vl2TXozgn8
WC1ICrQkzx7xjwBBUzXafMShowIDAQABo4IClTCCApEwHQYDVR0OBBYEFPOsLHAx
Bh6X2iciqNSlsMSFXSxzMB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvNDZFOTFCM0FC
MzEyMTFFRkE2QkFBRjFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn/nowDQYJKoZIhvcNAQELBQADggEBAMD5ByypCN826ek+
WBqCcaQW8HcIuxOyMKf+Rh1Y2XDLaB5vPRvnb5BHkk4cQLms+NbUKtY2qjFM0eLD
4DWwrEY/qbu621zmrzOev2T3yGDFEXYPY7WSJSDx26jqYjmjI75Mkgmn9Sg/PTnX
fTrROGrQuPyBw33wj2yQJ5853FWXdZC63aF3QET3eMJH3A5VFMwnQezfqW51MXVT
l9VKxEdyVC1G25henvg16iteJrPlnzj9UyhDxPesXgMgfJJesqG3idKHy0913pK4
Vf2KJA3ro9JA3ZTCbOZ9aE3pHQsTJmzyhEbweszycdNP5AQAvVBXoFji4fEL8l7F
UHcwTpk=
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:03:51 2025 by rpki-client