Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2F18/09504348FB6511EFB45A8966C4F9AE02/65FCC030FB6511EF88F1AD24C4F9AE02.roa
File: 65FCC030FB6511EF88F1AD24C4F9AE02.roa (raw, json)
Hash identifier: 2AzcWDQppJmuezlbwVz+XBibo6nd4SBXfykYXbtUpSQ=
Subject key identifier: 62:0C:0B:0B:B9:29:F5:D8:41:44:A3:6D:46:2C:62:3B:F6:55:DF:AA
Certificate issuer: /CN=A91F2F18/serialNumber=CEEA6638357563AC55768F00D84D277B3A63C449
Certificate serial: 02
Authority key identifier: CE:EA:66:38:35:75:63:AC:55:76:8F:00:D8:4D:27:7B:3A:63:C4:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zupmODV1Y6xVdo8A2E0nezpjxEk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F2F18/09504348FB6511EFB45A8966C4F9AE02/65FCC030FB6511EF88F1AD24C4F9AE02.roa
Signing time: Fri 07 Mar 2025 15:03:59 +0000
ROA not before: Fri 07 Mar 2025 15:03:59 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 135357
IP address blocks: 103.244.148.0/22 maxlen: 22
103.244.148.0/24 maxlen: 24
103.244.149.0/24 maxlen: 24
103.244.150.0/24 maxlen: 24
103.244.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F2F18
Validity
Not Before: Mar 7 15:03:59 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67cb0adf-b7ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:74:79:58:74:47:e5:d2:0b:26:2f:85:64:5c:
ec:e3:fc:aa:c1:e2:71:41:ff:d4:58:19:e7:3e:bb:
e0:03:bb:4b:56:94:56:15:7d:6f:69:d7:43:09:00:
0d:6e:e2:cf:e4:2f:f9:d7:29:3e:c1:ba:33:a6:bc:
03:ae:27:96:0f:5e:70:b8:ff:a4:73:80:6f:dd:1e:
aa:26:41:1c:d2:01:99:b3:69:4d:67:ae:82:1a:dc:
39:54:03:2c:ce:de:95:fd:c7:e7:94:01:10:34:12:
0f:ac:f0:e5:66:ae:9d:f0:e7:5a:50:22:f3:75:c3:
51:80:66:9c:bc:d2:39:f4:74:5b:ec:1d:88:2c:17:
77:72:ad:4f:fa:ae:87:f2:e6:3d:a9:29:1d:f9:07:
22:ed:d6:33:4a:62:27:53:4e:28:cc:ba:75:da:48:
2b:bb:42:a0:36:a1:81:54:ab:17:27:c2:83:8e:5f:
b9:55:38:a9:63:22:91:a4:19:81:e4:a3:5f:dd:3c:
25:d6:7e:90:24:af:5b:4a:6a:05:bb:66:93:d1:4b:
b6:ab:d4:90:31:80:7a:73:ad:64:13:17:70:c6:20:
98:94:cd:db:74:c4:0a:c1:f0:91:e3:26:6b:51:6a:
ba:e7:13:e8:d8:bf:b4:ac:65:69:3c:5d:78:a0:31:
ca:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0C:0B:0B:B9:29:F5:D8:41:44:A3:6D:46:2C:62:3B:F6:55:DF:AA
X509v3 Authority Key Identifier:
keyid:CE:EA:66:38:35:75:63:AC:55:76:8F:00:D8:4D:27:7B:3A:63:C4:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F2F18/09504348FB6511EFB45A8966C4F9AE02/zupmODV1Y6xVdo8A2E0nezpjxEk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zupmODV1Y6xVdo8A2E0nezpjxEk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2F18/09504348FB6511EFB45A8966C4F9AE02/65FCC030FB6511EF88F1AD24C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.244.148.0/22
Signature Algorithm: sha256WithRSAEncryption
53:1d:fd:3a:67:bd:41:f1:07:74:c1:c8:5c:26:e2:e4:8d:2d:
f7:78:b9:4c:6b:f7:73:10:0f:64:52:0b:75:50:87:c5:b6:ec:
d7:4a:50:4c:53:74:f8:25:fd:f6:a7:a5:5a:f1:3a:8f:1e:dd:
4f:be:8d:57:49:41:5c:99:32:87:35:57:46:f3:69:6c:bd:b1:
aa:4e:92:93:2a:b0:5e:6f:17:16:b5:97:b5:02:a1:c7:1c:bd:
44:42:a6:e8:d5:97:69:0c:e1:18:5e:f2:3b:92:53:d9:34:bc:
4b:00:2f:f9:79:97:e3:b5:0c:71:1e:c7:22:64:98:da:8b:b6:
f5:c4:73:6c:01:22:c4:26:48:f0:69:1b:44:fe:55:78:e3:dd:
e7:05:03:36:e2:87:ff:db:e8:94:5c:12:9e:c7:8c:d3:eb:67:
f8:52:d9:33:fe:ab:15:99:98:ca:c0:3c:d2:ef:4d:97:f8:f6:
db:e9:29:18:2c:f1:74:4d:50:81:2f:e1:cf:66:0a:be:a9:00:
47:59:91:07:56:89:a8:9d:76:da:cd:33:a1:3e:34:70:0b:33:
20:33:f6:43:df:18:17:9e:7d:c5:ef:75:9a:be:08:33:cc:e4:
f9:e0:2f:b3:d1:eb:c2:a0:8a:f8:10:b2:58:10:58:20:32:27:
e6:fe:b3:b0
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MkYxODExMC8GA1UEBRMoQ0VFQTY2MzgzNTc1NjNBQzU1NzY4RjAwRDg0RDI3N0Iz
QTYzQzQ0OTAeFw0yNTAzMDcxNTAzNTlaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3Y2IwYWRmLWI3ZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDadHlYdEfl0gsmL4VkXOzj/KrB4nFB/9RYGec+u+ADu0tWlFYVfW9p10MJAA1u
4s/kL/nXKT7BujOmvAOuJ5YPXnC4/6RzgG/dHqomQRzSAZmzaU1nroIa3DlUAyzO
3pX9x+eUARA0Eg+s8OVmrp3w51pQIvN1w1GAZpy80jn0dFvsHYgsF3dyrU/6rofy
5j2pKR35ByLt1jNKYidTTijMunXaSCu7QqA2oYFUqxcnwoOOX7lVOKljIpGkGYHk
o1/dPCXWfpAkr1tKagW7ZpPRS7ar1JAxgHpzrWQTF3DGIJiUzdt0xArB8JHjJmtR
arrnE+jYv7SsZWk8XXigMco5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUYgwLC7kp
9dhBRKNtRixiO/ZV36owHwYDVR0jBBgwFoAUzupmODV1Y6xVdo8A2E0nezpjxEkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYyRjE4LzA5NTA0MzQ4RkI2
NTExRUZCNDVBODk2NkM0RjlBRTAyL3p1cG1PRFYxWTZ4VmRvOEEyRTBuZXpwanhF
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvenVwbU9EVjFZNnhWZG84QTJFMG5lenBqeEVrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MkYxOC8wOTUwNDM0OEZCNjUxMUVGQjQ1QTg5NjZDNEY5QUUwMi82NUZDQzAzMEZC
NjUxMUVGODhGMUFEMjRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmf0lDANBgkqhkiG9w0BAQsFAAOCAQEAUx39Ome9QfEHdMHI
XCbi5I0t93i5TGv3cxAPZFILdVCHxbbs10pQTFN0+CX99qelWvE6jx7dT76NV0lB
XJkyhzVXRvNpbL2xqk6SkyqwXm8XFrWXtQKhxxy9REKm6NWXaQzhGF7yO5JT2TS8
SwAv+XmX47UMcR7HImSY2ou29cRzbAEixCZI8GkbRP5VeOPd5wUDNuKH/9volFwS
nseM0+tn+FLZM/6rFZmYysA80u9Nl/j22+kpGCzxdE1QgS/hz2YKvqkAR1mRB1aJ
qJ122s0zoT40cAszIDP2Q98YF559xe91mr4IM8zk+eAvs9HrwqCK+BCyWBBYIDIn
5v6zsA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:22:29 2025 by rpki-client