Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F57D9/0717E9EE9F5D11ECBBCA9618C4F9AE02/CD22C9C8DC0D11ECA064B94CC4F9AE02.roa
File: CD22C9C8DC0D11ECA064B94CC4F9AE02.roa (raw, json)
Hash identifier: h1qvpOWxudSOhwTtJ3Z+p/+X0JRO+haXbihi5IJyhXw=
Subject key identifier: 4E:CE:02:43:2D:A0:9A:41:BD:97:23:0A:51:E1:F2:36:9E:A3:84:3E
Certificate issuer: /CN=A91F57D9/serialNumber=1439BCE4D7A22AE8036CEB2EE6E6AF18F21BB593
Certificate serial: 036B
Authority key identifier: 14:39:BC:E4:D7:A2:2A:E8:03:6C:EB:2E:E6:E6:AF:18:F2:1B:B5:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FDm85NeiKugDbOsu5uavGPIbtZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F57D9/0717E9EE9F5D11ECBBCA9618C4F9AE02/CD22C9C8DC0D11ECA064B94CC4F9AE02.roa
Signing time: Thu 27 Feb 2025 02:26:19 +0000
ROA not before: Thu 27 Feb 2025 02:26:19 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 133201
IP address blocks: 103.233.8.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 875 (0x36b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F57D9
Validity
Not Before: Feb 27 02:26:19 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67bfcd4a-a5bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:95:99:26:fa:27:d9:56:8c:12:4c:11:f2:dc:
37:44:0f:e8:e2:2d:56:23:ce:32:92:03:f7:ad:f6:
0a:9f:a0:48:2b:66:6a:0c:39:f5:07:37:a6:f2:47:
80:f1:bd:04:c3:52:c7:41:18:5c:b6:f3:0e:b7:97:
ea:a2:cb:1b:a1:eb:8f:54:42:04:3b:e3:e3:f7:a6:
18:e8:ea:17:5f:ec:d5:9f:f2:7b:19:a5:09:10:d6:
73:81:76:5a:22:32:94:71:7b:0f:ff:40:24:19:63:
ce:24:3d:ed:fa:00:18:68:2b:a7:d5:3d:21:8f:c9:
d8:d9:ec:6b:d9:14:f1:90:79:7e:94:33:56:65:d7:
77:52:e0:af:e4:04:5d:ec:41:ee:7a:e8:d1:61:b9:
6f:97:7f:68:6b:66:66:c8:ca:c1:6f:6d:90:a9:37:
58:ba:a0:97:b0:2f:9a:03:99:db:05:48:0b:e1:e6:
31:00:8f:c1:90:e6:54:d8:d6:00:7a:58:de:74:c9:
05:33:5e:d9:f3:d8:de:00:ae:e8:9d:58:81:2c:1c:
45:7a:e2:a5:6e:6a:a7:67:47:99:42:6f:e6:de:a5:
c4:d9:14:5b:f7:91:f5:16:55:24:23:a4:83:83:ca:
59:9f:43:7d:a7:e5:a8:02:98:98:b8:bd:b1:c6:e6:
4e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:CE:02:43:2D:A0:9A:41:BD:97:23:0A:51:E1:F2:36:9E:A3:84:3E
X509v3 Authority Key Identifier:
keyid:14:39:BC:E4:D7:A2:2A:E8:03:6C:EB:2E:E6:E6:AF:18:F2:1B:B5:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F57D9/0717E9EE9F5D11ECBBCA9618C4F9AE02/FDm85NeiKugDbOsu5uavGPIbtZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FDm85NeiKugDbOsu5uavGPIbtZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F57D9/0717E9EE9F5D11ECBBCA9618C4F9AE02/CD22C9C8DC0D11ECA064B94CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.233.8.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:7a:63:b0:64:8f:e3:4f:f6:84:97:ec:e6:f2:3d:fe:78:c2:
ed:db:73:4c:47:6e:78:24:68:e5:5e:17:38:66:fd:26:f1:52:
41:23:62:fb:e2:63:6a:b3:ca:2f:b3:37:23:af:d2:a0:7c:58:
72:95:9b:c3:58:a3:3e:ff:6d:b9:18:14:91:8b:eb:ce:48:20:
39:53:25:5a:55:12:76:ed:19:b5:b8:8b:96:a6:69:d0:94:61:
b2:5a:0a:4e:1d:b8:c5:cb:4a:97:83:2d:44:72:8b:ff:7b:17:
da:99:e2:7b:85:a5:7f:5a:38:b5:1a:ae:90:79:3f:ae:96:ab:
0f:3f:eb:c2:63:24:f0:ad:96:23:1d:62:e2:b6:20:e7:34:22:
37:83:f2:9f:8c:cc:7e:22:ac:3c:fe:b5:e2:85:e1:4d:52:e5:
2f:9c:8d:9b:d9:15:28:6c:90:2d:f9:f8:a3:e7:ec:f7:d5:a5:
21:b0:22:a6:19:5f:1e:e4:8e:a7:c5:16:83:2d:93:82:75:e4:
39:48:e6:2a:56:3b:af:04:46:f1:87:02:12:cb:1e:dd:b2:8e:
5e:b9:66:29:f8:2f:46:a1:eb:d1:fc:4d:43:17:cf:2e:41:a1:
f9:ba:ba:40:fe:8d:cc:f6:32:bd:0e:6f:b5:4f:ec:23:0f:c6:
d5:b2:63:45
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA2swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjU3RDkxMTAvBgNVBAUTKDE0MzlCQ0U0RDdBMjJBRTgwMzZDRUIyRUU2RTZBRjE4
RjIxQkI1OTMwHhcNMjUwMjI3MDIyNjE5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JmY2Q0YS1hNWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx5WZJvon2VaMEkwR8tw3RA/o4i1WI84ykgP3rfYKn6BIK2ZqDDn1Bzem8keA
8b0Ew1LHQRhctvMOt5fqossboeuPVEIEO+Pj96YY6OoXX+zVn/J7GaUJENZzgXZa
IjKUcXsP/0AkGWPOJD3t+gAYaCun1T0hj8nY2exr2RTxkHl+lDNWZdd3UuCv5ARd
7EHueujRYblvl39oa2ZmyMrBb22QqTdYuqCXsC+aA5nbBUgL4eYxAI/BkOZU2NYA
eljedMkFM17Z89jeAK7onViBLBxFeuKlbmqnZ0eZQm/m3qXE2RRb95H1FlUkI6SD
g8pZn0N9p+WoApiYuL2xxuZOEwIDAQABo4IClTCCApEwHQYDVR0OBBYEFE7OAkMt
oJpBvZcjClHh8jaeo4Q+MB8GA1UdIwQYMBaAFBQ5vOTXoiroA2zrLubmrxjyG7WT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTdEOS8wNzE3RTlFRTlG
NUQxMUVDQkJDQTk2MThDNEY5QUUwMi9GRG04NU5laUt1Z0RiT3N1NXVhdkdQSWJ0
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZEbTg1TmVpS3VnRGJPc3U1dWF2R1BJYnRaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjU3RDkvMDcxN0U5RUU5RjVEMTFFQ0JCQ0E5NjE4QzRGOUFFMDIvQ0QyMkM5QzhE
QzBEMTFFQ0EwNjRCOTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn6QgwDQYJKoZIhvcNAQELBQADggEBALt6Y7Bkj+NP9oSX
7ObyPf54wu3bc0xHbngkaOVeFzhm/SbxUkEjYvviY2qzyi+zNyOv0qB8WHKVm8NY
oz7/bbkYFJGL685IIDlTJVpVEnbtGbW4i5amadCUYbJaCk4duMXLSpeDLURyi/97
F9qZ4nuFpX9aOLUarpB5P66Wqw8/68JjJPCtliMdYuK2IOc0IjeD8p+MzH4irDz+
teKF4U1S5S+cjZvZFShskC35+KPn7PfVpSGwIqYZXx7kjqfFFoMtk4J15DlI5ipW
O68ERvGHAhLLHt2yjl65Zin4L0ah69H8TUMXzy5Bofm6ukD+jcz2Mr0Ob7VP7CMP
xtWyY0U=
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:40:17 2025 by rpki-client