Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912A39C/9D584D68E1FF11EEB2A1CE24C4F9AE02/F2F9933AE1FF11EE9A5D8C25C4F9AE02.roa
File: F2F9933AE1FF11EE9A5D8C25C4F9AE02.roa (raw, json)
Hash identifier: lPNxJv5jYAIYsbUPwyAdDYAh7Qhc4SccUGVi7BJh/pk=
Subject key identifier: 41:61:7E:9D:B5:45:64:D8:13:32:10:6C:84:A9:8C:14:10:5D:33:85
Certificate issuer: /CN=A912A39C/serialNumber=8C6CFBABCE87BA19A20A7B87F28652DB5B4A7D52
Certificate serial: CB
Authority key identifier: 8C:6C:FB:AB:CE:87:BA:19:A2:0A:7B:87:F2:86:52:DB:5B:4A:7D:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jGz7q86HuhmiCnuH8oZS21tKfVI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912A39C/9D584D68E1FF11EEB2A1CE24C4F9AE02/F2F9933AE1FF11EE9A5D8C25C4F9AE02.roa
Signing time: Sat 05 Apr 2025 05:11:00 +0000
ROA not before: Sat 05 Apr 2025 05:11:00 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 138152
IP address blocks: 103.147.14.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203 (0xcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912A39C, serialNumber=8C6CFBABCE87BA19A20A7B87F28652DB5B4A7D52
Validity
Not Before: Apr 5 05:11:00 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67f0bb64-9df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:aa:ec:1e:13:3c:22:1a:29:ef:9f:b0:1b:e4:
53:7a:4a:b1:52:77:18:7b:e9:6b:fb:4f:6c:86:a4:
71:76:2c:85:19:4d:ed:cb:df:99:c4:74:11:ae:03:
1d:56:83:a4:96:4a:44:a3:4c:dc:20:5e:be:5b:7a:
f5:17:97:a0:a2:dd:2e:42:98:dd:3d:f1:b1:d5:8c:
aa:63:3d:60:6f:a3:71:12:00:dc:f5:55:5c:6b:d3:
05:6c:58:49:b6:41:90:15:65:09:1a:ed:04:28:68:
e7:14:f9:f0:4f:c4:15:2e:9f:c9:ae:b3:2d:a8:0f:
a0:8c:e6:2d:c8:2d:14:4f:aa:70:c7:c0:8c:f2:b5:
5a:eb:0c:40:49:ff:39:71:38:aa:a1:ff:10:74:be:
dc:f4:39:08:94:06:43:a9:31:1a:57:1e:b9:8d:3b:
af:12:df:ef:73:1b:cd:49:66:fb:bd:a2:2b:00:bb:
3c:8d:19:1a:83:c0:3a:9c:ce:31:0e:2c:a6:9a:3e:
27:45:74:a4:86:a8:bf:1b:d4:b5:3b:ab:1c:c4:7a:
80:da:d5:3c:06:e9:d1:9b:79:ba:8d:40:59:aa:a9:
0d:60:cb:ec:28:c1:a5:ad:72:a1:f3:a8:ba:38:08:
b7:93:94:cd:9a:e2:4a:c0:f8:77:aa:cd:01:0a:4d:
17:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:61:7E:9D:B5:45:64:D8:13:32:10:6C:84:A9:8C:14:10:5D:33:85
X509v3 Authority Key Identifier:
keyid:8C:6C:FB:AB:CE:87:BA:19:A2:0A:7B:87:F2:86:52:DB:5B:4A:7D:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912A39C/9D584D68E1FF11EEB2A1CE24C4F9AE02/jGz7q86HuhmiCnuH8oZS21tKfVI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jGz7q86HuhmiCnuH8oZS21tKfVI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912A39C/9D584D68E1FF11EEB2A1CE24C4F9AE02/F2F9933AE1FF11EE9A5D8C25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.147.14.0/24
Signature Algorithm: sha256WithRSAEncryption
03:c4:6f:32:b6:dc:5b:51:d7:cd:54:8a:92:c6:20:58:14:72:
63:75:23:ac:ce:9d:76:d7:ba:1b:5b:9a:08:7d:cc:53:a7:ae:
9d:06:ed:c9:62:fb:2b:32:85:65:0f:f7:34:69:24:43:cf:e5:
cc:fb:a6:4f:4e:b0:9d:2c:70:d3:3c:cf:ef:29:6a:0d:73:b2:
40:3d:79:17:6f:01:42:24:c4:e6:86:60:77:c0:f0:78:10:23:
67:02:c5:a6:d2:1c:56:b2:eb:b8:0e:f5:b7:c5:cf:9e:2a:35:
87:75:f3:5b:73:d2:3b:c4:6e:c8:3f:d3:55:55:bb:53:89:ba:
cf:41:25:5e:c9:53:ce:d0:5f:fa:08:a8:5f:5b:52:52:a0:b4:
1b:22:96:92:0b:46:f2:f8:1e:e3:91:9a:06:10:b4:fd:f8:4e:
a7:ca:fe:15:d1:ae:d1:69:7a:6e:2a:8b:f3:b4:96:7f:ad:dd:
81:da:e4:7e:57:17:47:c0:2b:a8:36:f6:1e:66:ac:57:e2:f4:
95:8c:e6:e0:7c:6d:97:59:03:7d:a6:b0:1c:ac:f6:0b:a3:1b:
eb:42:a4:80:cb:b9:cc:b8:10:e2:2b:6a:bd:23:eb:5b:e4:29:
e8:b0:8d:a9:73:dd:33:34:ea:ad:3c:91:ca:89:58:3f:fd:a4:
97:0d:0a:c5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkEzOUMxMTAvBgNVBAUTKDhDNkNGQkFCQ0U4N0JBMTlBMjBBN0I4N0YyODY1MkRC
NUI0QTdENTIwHhcNMjUwNDA1MDUxMTAwWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2YwYmI2NC05ZGYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy6rsHhM8Ihop75+wG+RTekqxUncYe+lr+09shqRxdiyFGU3ty9+ZxHQRrgMd
VoOklkpEo0zcIF6+W3r1F5egot0uQpjdPfGx1YyqYz1gb6NxEgDc9VVca9MFbFhJ
tkGQFWUJGu0EKGjnFPnwT8QVLp/JrrMtqA+gjOYtyC0UT6pwx8CM8rVa6wxASf85
cTiqof8QdL7c9DkIlAZDqTEaVx65jTuvEt/vcxvNSWb7vaIrALs8jRkag8A6nM4x
Diymmj4nRXSkhqi/G9S1O6scxHqA2tU8BunRm3m6jUBZqqkNYMvsKMGlrXKh86i6
OAi3k5TNmuJKwPh3qs0BCk0XbwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEFhfp21
RWTYEzIQbISpjBQQXTOFMB8GA1UdIwQYMBaAFIxs+6vOh7oZogp7h/KGUttbSn1S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQTM5Qy85RDU4NEQ2OEUx
RkYxMUVFQjJBMUNFMjRDNEY5QUUwMi9qR3o3cTg2SHVobWlDbnVIOG9aUzIxdEtm
VkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pHejdxODZIdWhtaUNudUg4b1pTMjF0S2ZWSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkEzOUMvOUQ1ODRENjhFMUZGMTFFRUIyQTFDRTI0QzRGOUFFMDIvRjJGOTkzM0FF
MUZGMTFFRTlBNUQ4QzI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnkw4wDQYJKoZIhvcNAQELBQADggEBAAPEbzK23FtR181U
ipLGIFgUcmN1I6zOnXbXuhtbmgh9zFOnrp0G7cli+ysyhWUP9zRpJEPP5cz7pk9O
sJ0scNM8z+8pag1zskA9eRdvAUIkxOaGYHfA8HgQI2cCxabSHFay67gO9bfFz54q
NYd181tz0jvEbsg/01VVu1OJus9BJV7JU87QX/oIqF9bUlKgtBsilpILRvL4HuOR
mgYQtP34TqfK/hXRrtFpem4qi/O0ln+t3YHa5H5XF0fAK6g29h5mrFfi9JWM5uB8
bZdZA32msBys9gujG+tCpIDLucy4EOIrar0j61vkKeiwjalz3TM06q08kcqJWD/9
pJcNCsU=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:17:05 2025 by rpki-client