Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/3AA556009A8411EFB791ED77C4F9AE02.roa
File: 3AA556009A8411EFB791ED77C4F9AE02.roa (raw, json)
Hash identifier: vJqvl3p3GZGjPo1+bFOu/lz3UGNmQtiNtsOQmfP7QoU=
Subject key identifier: EC:B7:39:82:21:AD:FD:C3:2A:F2:D3:D0:9F:C6:F5:18:98:EC:2A:C3
Certificate issuer: /CN=A91397C2/serialNumber=D3D15AEE9A4F8AE5C281108A7D2D3AD81D4E79CD
Certificate serial: 07CD
Authority key identifier: D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/3AA556009A8411EFB791ED77C4F9AE02.roa
Signing time: Mon 24 Mar 2025 21:31:46 +0000
ROA not before: Mon 24 Mar 2025 21:31:46 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 136897
IP address blocks: 103.39.110.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1997 (0x7cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91397C2
Validity
Not Before: Mar 24 21:31:46 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67e1cf42-6f38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:48:a9:40:3b:7a:62:5c:58:88:bb:f4:19:15:
2e:9c:8e:65:eb:b6:73:6c:8b:28:f8:1c:6e:43:e0:
c3:33:02:38:7d:01:8e:4c:01:ee:77:9f:58:fe:84:
1e:68:02:40:00:0b:75:0a:2f:8f:f8:71:3b:93:99:
e5:ad:08:f5:cc:90:8b:66:28:57:99:1a:75:a6:46:
d2:7d:a3:76:6c:48:b8:60:83:37:f9:ec:d2:67:6c:
dd:b5:2e:d0:8f:da:5a:bd:68:36:fd:82:a2:37:5c:
0b:c6:a2:37:06:e8:13:5d:27:64:51:16:d2:09:bc:
9f:c9:c2:5f:89:b2:3d:10:6a:0c:2d:93:37:59:ba:
dc:88:41:e9:02:30:35:8d:7a:ee:9c:32:ea:18:4c:
5e:00:dc:e7:e4:67:1e:7d:75:d8:2e:3c:83:3f:27:
a9:a2:33:75:de:f8:46:b2:8e:0f:13:62:b0:cb:b9:
a2:04:91:b1:59:86:80:d4:9a:0b:42:19:29:36:99:
f6:72:59:a8:56:bf:01:8b:a2:21:6e:37:48:89:a7:
e7:3e:7a:2f:fd:80:f0:ff:ac:f4:bc:d7:f0:ad:f0:
7c:14:15:b7:ef:5b:b1:bb:eb:18:a8:17:35:68:1f:
74:65:56:2d:b3:cf:b6:74:c0:2a:77:ca:4d:1a:19:
d1:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B7:39:82:21:AD:FD:C3:2A:F2:D3:D0:9F:C6:F5:18:98:EC:2A:C3
X509v3 Authority Key Identifier:
keyid:D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/3AA556009A8411EFB791ED77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.39.110.0/24
Signature Algorithm: sha256WithRSAEncryption
96:33:05:e5:1d:08:05:2e:49:a1:c6:6c:d1:39:1f:e3:fb:28:
d9:3a:a4:68:4a:f7:94:1e:ab:d6:3e:2a:71:38:3c:4b:41:04:
ee:1d:5b:95:c5:0f:68:b8:2e:b6:e1:9b:56:62:85:1a:e4:45:
04:49:28:23:3b:59:26:c2:58:52:30:43:a1:d2:7b:a5:00:50:
5d:75:ce:26:24:02:35:1b:17:3e:e4:7c:18:af:9b:db:8a:93:
28:ff:2e:a0:db:2e:d2:fc:ac:08:22:9b:d6:6a:18:2d:e8:85:
a0:ee:88:e9:a8:ca:08:c9:6a:22:cf:2d:c6:63:77:bc:2a:c7:
31:f0:2a:f8:25:02:d6:9c:a3:97:7a:24:42:2f:5e:e8:ac:68:
6e:64:02:71:02:13:a8:76:88:d2:49:5c:02:94:3a:1f:c5:f6:
ec:60:18:65:3b:3b:22:a9:c9:11:b0:3d:00:fc:6a:5f:dc:98:
ef:20:5f:4e:e4:41:5d:70:53:28:6c:ae:2b:5c:b0:a7:26:2c:
19:a7:54:75:46:f3:9f:c3:8e:f9:11:a8:32:3f:0c:59:1a:03:
d8:12:5c:01:51:09:a7:1a:97:9c:bf:c3:71:33:05:b8:23:f3:
f7:ae:22:5d:c9:11:32:82:b2:3b:b7:c6:2c:55:36:64:e1:cb:
4a:97:b7:dc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB80wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mzk3QzIxMTAvBgNVBAUTKEQzRDE1QUVFOUE0RjhBRTVDMjgxMTA4QTdEMkQzQUQ4
MUQ0RTc5Q0QwHhcNMjUwMzI0MjEzMTQ2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UxY2Y0Mi02ZjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvEipQDt6YlxYiLv0GRUunI5l67ZzbIso+BxuQ+DDMwI4fQGOTAHud59Y/oQe
aAJAAAt1Ci+P+HE7k5nlrQj1zJCLZihXmRp1pkbSfaN2bEi4YIM3+ezSZ2zdtS7Q
j9pavWg2/YKiN1wLxqI3BugTXSdkURbSCbyfycJfibI9EGoMLZM3WbrciEHpAjA1
jXrunDLqGExeANzn5GcefXXYLjyDPyepojN13vhGso4PE2Kwy7miBJGxWYaA1JoL
QhkpNpn2clmoVr8Bi6IhbjdIiafnPnov/YDw/6z0vNfwrfB8FBW371uxu+sYqBc1
aB90ZVYts8+2dMAqd8pNGhnRwQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOy3OYIh
rf3DKvLT0J/G9RiY7CrDMB8GA1UdIwQYMBaAFNPRWu6aT4rlwoEQin0tOtgdTnnN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTdDMi80RTQyNkRFOEZC
RUExMUVBOTQwQTFEMTlDNEY5QUUwMi8wOUZhN3BwUGl1WENnUkNLZlMwNjJCMU9l
YzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzA5RmE3cHBQaXVYQ2dSQ0tmUzA2MkIxT2VjMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mzk3QzIvNEU0MjZERThGQkVBMTFFQTk0MEExRDE5QzRGOUFFMDIvM0FBNTU2MDA5
QTg0MTFFRkI3OTFFRDc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnJ24wDQYJKoZIhvcNAQELBQADggEBAJYzBeUdCAUuSaHG
bNE5H+P7KNk6pGhK95Qeq9Y+KnE4PEtBBO4dW5XFD2i4Lrbhm1ZihRrkRQRJKCM7
WSbCWFIwQ6HSe6UAUF11ziYkAjUbFz7kfBivm9uKkyj/LqDbLtL8rAgim9ZqGC3o
haDuiOmoygjJaiLPLcZjd7wqxzHwKvglAtaco5d6JEIvXuisaG5kAnECE6h2iNJJ
XAKUOh/F9uxgGGU7OyKpyRGwPQD8al/cmO8gX07kQV1wUyhsritcsKcmLBmnVHVG
85/DjvkRqDI/DFkaA9gSXAFRCacal5y/w3EzBbgj8/euIl3JETKCsju3xixVNmTh
y0qXt9w=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:16:29 2025 by rpki-client