Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/D0CBFCACB3E211EFB394C856C4F9AE02.roa
File: D0CBFCACB3E211EFB394C856C4F9AE02.roa (raw, json)
Hash identifier: AfLmAaeUWkYV2dK72nFlCkSEBOLKVSwRYEensQBGeCQ=
Subject key identifier: 1F:D6:69:14:9D:2B:11:94:40:0D:9B:F5:BC:28:F4:EF:A2:1E:B4:B1
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 2852
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/D0CBFCACB3E211EFB394C856C4F9AE02.roa
Signing time: Mon 06 Jan 2025 15:42:18 +0000
ROA not before: Mon 06 Jan 2025 15:42:18 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 214003
IP address blocks: 103.254.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10322 (0x2852)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9
Validity
Not Before: Jan 6 15:42:18 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677bf9d9-828f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:db:52:36:6d:8a:43:64:f3:fa:07:fb:53:4d:
d6:7b:38:18:50:27:91:fc:b3:42:e5:d1:bc:c9:49:
e9:fc:c9:b1:e6:07:3e:f6:af:91:c1:e5:d9:b6:6c:
40:32:16:f4:38:78:91:52:5b:04:13:15:21:7b:f4:
83:66:aa:04:d6:e7:ba:4b:60:98:38:c6:5f:35:80:
b9:a1:5a:ef:82:4d:a1:3b:21:0e:5e:73:d8:41:71:
9e:8e:5d:f6:48:53:3a:d0:6d:f6:e1:e4:65:98:27:
88:b4:fd:8c:98:c9:81:54:f1:fd:d4:05:fd:64:f8:
71:dc:a7:04:47:e4:93:42:bf:83:7b:40:74:87:5f:
48:4a:30:12:8e:68:64:bc:c9:cb:12:ba:75:d8:55:
76:03:cc:db:19:44:37:8d:55:5b:fd:23:c3:26:85:
64:8f:82:dc:b9:f6:44:8c:b0:69:ea:52:57:fd:4c:
c0:ff:d7:c7:5a:66:f6:c4:5d:56:f7:ba:04:c3:95:
e0:85:20:5d:0b:7e:f9:d7:73:61:d0:07:25:7f:82:
21:92:d5:73:d7:83:00:94:0b:15:ff:0a:85:10:ed:
25:8f:ba:4a:a2:6f:7c:02:06:16:ab:b9:b7:73:24:
67:25:22:59:87:49:8e:db:77:b7:90:1e:f8:74:0c:
eb:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D6:69:14:9D:2B:11:94:40:0D:9B:F5:BC:28:F4:EF:A2:1E:B4:B1
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/D0CBFCACB3E211EFB394C856C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.254.123.0/24
Signature Algorithm: sha256WithRSAEncryption
00:36:4a:62:30:e9:d9:91:d3:09:64:7f:e0:af:82:04:30:ef:
6f:ee:81:d5:c6:69:60:0a:3b:20:3a:73:1f:8c:ca:00:c8:fa:
79:af:d4:71:4b:80:a9:b9:23:7c:1e:30:d3:8b:24:f6:80:fb:
52:c3:47:5e:f7:20:c8:d9:eb:ed:1b:6e:44:2c:3e:76:1b:b0:
4b:e5:0d:8b:00:d9:24:12:3c:7b:c4:4c:e8:10:a3:02:7d:50:
76:b1:d8:e8:04:75:ce:5d:8f:34:a1:1a:2c:82:38:37:77:0b:
43:54:d8:e7:e6:b6:a6:c3:5f:ef:78:10:9c:e0:c4:ed:2f:fa:
cb:a2:ff:92:48:04:74:d6:d0:b1:f2:2d:25:ff:74:db:b4:46:
0f:8d:0e:7f:09:74:81:ed:20:b7:9f:cb:39:fb:9f:e0:23:c2:
b7:36:2a:ff:bd:50:d9:8c:b8:f8:d4:53:6c:e0:99:e3:a6:60:
1d:4f:73:95:78:1d:d7:c4:22:d3:97:03:4d:e1:ef:40:9f:42:
81:a5:95:8a:43:32:2f:fa:a9:c0:3d:68:69:d7:30:7f:40:f5:
28:22:a1:b8:66:d0:5b:59:d2:84:12:b7:6b:b8:b3:bd:31:15:
05:b4:18:cb:2f:a6:3f:8f:16:97:be:37:22:11:1a:cf:25:c7:
dc:ce:f3:76
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjUwMTA2MTU0MjE4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdiZjlkOS04MjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9ttSNm2KQ2Tz+gf7U03WezgYUCeR/LNC5dG8yUnp/Mmx5gc+9q+RweXZtmxA
Mhb0OHiRUlsEExUhe/SDZqoE1ue6S2CYOMZfNYC5oVrvgk2hOyEOXnPYQXGejl32
SFM60G324eRlmCeItP2MmMmBVPH91AX9ZPhx3KcER+STQr+De0B0h19ISjASjmhk
vMnLErp12FV2A8zbGUQ3jVVb/SPDJoVkj4LcufZEjLBp6lJX/UzA/9fHWmb2xF1W
97oEw5XghSBdC37513Nh0Aclf4IhktVz14MAlAsV/wqFEO0lj7pKom98AgYWq7m3
cyRnJSJZh0mO23e3kB74dAzrBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFB/WaRSd
KxGUQA2b9bwo9O+iHrSxMB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvRDBDQkZDQUNC
M0UyMTFFRkIzOTRDODU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn/nswDQYJKoZIhvcNAQELBQADggEBAAA2SmIw6dmR0wlk
f+CvggQw72/ugdXGaWAKOyA6cx+MygDI+nmv1HFLgKm5I3weMNOLJPaA+1LDR173
IMjZ6+0bbkQsPnYbsEvlDYsA2SQSPHvETOgQowJ9UHax2OgEdc5djzShGiyCODd3
C0NU2OfmtqbDX+94EJzgxO0v+sui/5JIBHTW0LHyLSX/dNu0Rg+NDn8JdIHtILef
yzn7n+Ajwrc2Kv+9UNmMuPjUU2zgmeOmYB1Pc5V4HdfEItOXA03h70CfQoGllYpD
Mi/6qcA9aGnXMH9A9Sgiobhm0FtZ0oQSt2u4s70xFQW0GMsvpj+PFpe+NyIRGs8l
x9zO83Y=
-----END CERTIFICATE-----
Generated at Fri Apr 11 06:27:43 2025 by rpki-client