Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/02D73B5ED1A911EC97A6335DC4F9AE02.roa
File: 02D73B5ED1A911EC97A6335DC4F9AE02.roa (raw, json)
Hash identifier: JkiQjxSrG6/RaUVfR49c5xHDDJTw7u5WZLOBsd3qe+Y=
Subject key identifier: 86:EE:47:C5:B2:44:23:7B:F6:EB:BF:09:75:70:50:91:72:57:CB:DF
Certificate issuer: /CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392
Certificate serial: 0C28
Authority key identifier: 24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/02D73B5ED1A911EC97A6335DC4F9AE02.roa
Signing time: Sun 16 Mar 2025 18:38:28 +0000
ROA not before: Sun 16 Mar 2025 18:38:28 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 135037
IP address blocks: 103.206.228.0/23 maxlen: 23
103.206.228.0/24 maxlen: 24
103.206.229.0/24 maxlen: 24
103.206.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3112 (0xc28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F2152
Validity
Not Before: Mar 16 18:38:28 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67d71aa3-86d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:46:40:88:88:99:b6:e6:c5:aa:60:6e:a1:df:
88:3e:44:d1:df:46:9b:c4:43:33:d8:97:f9:4e:9d:
40:d6:e9:05:5c:55:02:a4:71:6a:e1:2d:3b:df:02:
07:f0:38:84:90:c8:3f:70:46:b2:8f:c5:7f:10:98:
ee:c9:8c:e0:0a:5e:5f:0b:2b:28:2b:17:ff:ba:5e:
2d:28:b6:00:50:20:6d:07:78:62:58:bf:b3:32:59:
2e:33:0f:7e:90:dc:98:b7:7b:e0:7d:a3:97:32:96:
b1:f4:b2:4c:67:60:e1:92:fb:64:25:75:11:03:bd:
76:0c:8b:31:2f:04:5e:b9:3d:35:fd:10:60:c2:fb:
db:77:01:5e:04:12:9a:e0:6b:c1:c4:2b:31:7c:e6:
df:66:b5:3d:4d:14:04:ee:e2:a8:13:1a:f9:31:b9:
4c:1d:d9:1b:13:ac:6f:41:c0:c5:7c:e9:b0:21:d1:
dc:d3:10:2a:e3:60:94:9d:8c:80:93:f3:5d:56:9e:
ee:ae:8c:e7:44:cf:47:2d:fd:ca:e3:cb:ac:71:e9:
20:6e:4e:ac:65:81:32:40:b2:c0:64:75:ff:6a:fe:
0c:30:c3:fd:bd:4d:47:92:03:35:76:6f:45:37:64:
35:1d:47:cf:84:2f:12:c8:2d:f8:1f:12:ee:f6:7a:
1e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:EE:47:C5:B2:44:23:7B:F6:EB:BF:09:75:70:50:91:72:57:CB:DF
X509v3 Authority Key Identifier:
keyid:24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/02D73B5ED1A911EC97A6335DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.206.228.0-103.206.230.255
Signature Algorithm: sha256WithRSAEncryption
c1:dd:96:e1:92:ce:b7:4b:ec:60:74:fd:b0:1c:1a:cd:e7:bf:
0a:f2:ef:47:a8:bf:98:54:b3:7e:44:61:07:f9:b6:28:11:af:
5a:c6:63:7c:23:97:d8:91:53:32:ed:9e:98:17:04:e3:50:e4:
b8:09:96:4c:49:f2:8d:56:6a:2e:02:6e:67:d2:20:2e:86:71:
f3:99:49:83:3d:2c:9e:fb:63:d8:d4:81:90:9f:e9:ae:e5:ca:
fd:92:df:73:ae:3f:0f:f6:f8:7c:4d:39:a6:ea:62:eb:86:81:
4d:01:32:24:2c:e1:ad:7c:eb:67:da:b3:82:e1:a6:92:06:92:
26:00:b5:99:59:db:56:6e:89:8f:03:82:90:73:67:ba:76:c4:
3d:fa:c3:80:70:4a:97:ac:ee:be:56:67:58:5e:bd:48:40:0a:
c6:40:30:54:e2:57:a5:fb:61:ee:94:85:f3:8b:62:cd:22:45:
9c:fd:91:1d:33:ea:3a:50:1c:6f:e1:1a:7d:7f:bf:cc:32:46:
b5:ef:27:33:7d:35:dc:cc:fd:6a:c6:eb:28:6f:06:1c:e4:14:
83:d0:68:a6:74:c2:d1:b3:4b:56:90:d7:9a:fb:a8:7d:a9:54:
89:d1:e1:e4:5a:2b:f5:54:28:7a:4e:56:14:1d:87:1c:9b:64:
36:2b:d1:c0
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICDCgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjIxNTIxMTAvBgNVBAUTKDI0M0U0ODI5QUJGMkY5MDlDMTJEREEwNDRGRTVEMzZC
ODIxMDUzOTIwHhcNMjUwMzE2MTgzODI4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q3MWFhMy04NmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA30ZAiIiZtubFqmBuod+IPkTR30abxEMz2Jf5Tp1A1ukFXFUCpHFq4S073wIH
8DiEkMg/cEayj8V/EJjuyYzgCl5fCysoKxf/ul4tKLYAUCBtB3hiWL+zMlkuMw9+
kNyYt3vgfaOXMpax9LJMZ2DhkvtkJXURA712DIsxLwReuT01/RBgwvvbdwFeBBKa
4GvBxCsxfObfZrU9TRQE7uKoExr5MblMHdkbE6xvQcDFfOmwIdHc0xAq42CUnYyA
k/NdVp7uroznRM9HLf3K48uscekgbk6sZYEyQLLAZHX/av4MMMP9vU1HkgM1dm9F
N2Q1HUfPhC8SyC34HxLu9noefQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFIbuR8Wy
RCN79uu/CXVwUJFyV8vfMB8GA1UdIwQYMBaAFCQ+SCmr8vkJwS3aBE/l02uCEFOS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjE1Mi9CN0M2QzYwMDA2
RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1RbkJMZG9FVC1YVGE0SVFV
NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pENUlLYXZ5LVFuQkxkb0VULVhUYTRJUVU1SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjIxNTIvQjdDNkM2MDAwNkQyMTFFQThBQUM5MzQ0QzRGOUFFMDIvMDJENzNCNUVE
MUE5MTFFQzk3QTYzMzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAmfO5AMEAGfO5jANBgkqhkiG9w0BAQsFAAOCAQEAwd2W
4ZLOt0vsYHT9sBwazee/CvLvR6i/mFSzfkRhB/m2KBGvWsZjfCOX2JFTMu2emBcE
41DkuAmWTEnyjVZqLgJuZ9IgLoZx85lJgz0snvtj2NSBkJ/pruXK/ZLfc64/D/b4
fE05pupi64aBTQEyJCzhrXzrZ9qzguGmkgaSJgC1mVnbVm6JjwOCkHNnunbEPfrD
gHBKl6zuvlZnWF69SEAKxkAwVOJXpfth7pSF84tizSJFnP2RHTPqOlAcb+EafX+/
zDJGte8nM3013Mz9asbrKG8GHOQUg9BopnTC0bNLVpDXmvuofalUidHh5For9VQo
ek5WFB2HHJtkNivRwA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:27:48 2025 by rpki-client