Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/24DD519CEEA311EFA5EDDD76C4F9AE02.roa
File: 24DD519CEEA311EFA5EDDD76C4F9AE02.roa (raw, json)
Hash identifier: +mEj5z+agEcnRzWZMjR0oYobGLfQGCXmi+n1VzU085s=
Subject key identifier: 60:07:CF:AA:19:D1:91:27:42:EE:20:5E:52:75:23:0F:0F:AF:0B:23
Certificate issuer: /CN=A91AA444/serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B
Certificate serial: D4
Authority key identifier: 73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/24DD519CEEA311EFA5EDDD76C4F9AE02.roa
Signing time: Wed 19 Feb 2025 09:23:14 +0000
ROA not before: Wed 19 Feb 2025 09:23:14 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 45250
IP address blocks: 103.75.78.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212 (0xd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AA444
Validity
Not Before: Feb 19 09:23:14 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67b5a302-792f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:87:ee:2f:ab:1e:a3:8f:5d:00:45:0c:bc:0d:
8f:1d:c1:5e:44:9a:05:14:23:9f:b9:dc:bb:3a:f1:
45:82:55:87:df:44:0a:24:56:61:4c:49:35:a7:14:
88:a9:4d:99:c4:cb:09:c5:18:2a:f3:58:a3:3a:40:
aa:36:a7:d2:ba:be:86:00:b5:66:55:ce:d7:ee:42:
d6:95:93:6a:d2:fc:cf:14:92:b7:94:e8:1c:29:49:
08:e0:d8:93:53:30:90:1e:20:ef:bd:ec:eb:c9:c1:
25:79:fd:ea:bc:1f:d3:3c:2e:25:21:75:6b:53:04:
c3:94:f9:f9:3a:b8:5c:cd:e7:a9:10:5e:13:a7:17:
67:f7:f5:3e:95:c7:82:63:5b:71:9e:f6:6c:a1:69:
87:c9:be:ef:cc:2d:3c:99:80:b7:f0:18:87:59:a0:
10:1c:53:a4:cc:62:f7:cc:8c:28:48:4a:c9:b2:70:
2a:e0:c8:b5:3e:59:ca:83:ad:5c:61:b6:d6:4b:56:
dd:63:96:6f:68:5b:ec:6c:bb:57:29:7f:9c:57:64:
ab:a7:40:9c:70:b8:b8:89:8c:3d:81:59:7a:05:86:
be:a1:3b:bc:fa:34:1c:c9:63:62:ab:25:50:61:41:
4f:67:b4:ad:95:ca:92:b5:e5:89:1d:b1:19:03:6f:
b2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:07:CF:AA:19:D1:91:27:42:EE:20:5E:52:75:23:0F:0F:AF:0B:23
X509v3 Authority Key Identifier:
keyid:73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/24DD519CEEA311EFA5EDDD76C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.75.78.0/23
Signature Algorithm: sha256WithRSAEncryption
45:a9:8a:d3:86:06:15:b3:56:04:23:c8:41:81:b4:65:9d:e0:
ba:cf:c8:72:a4:c1:d2:54:76:e0:2a:2c:15:ad:36:40:e2:72:
84:65:3e:dd:28:51:8c:a1:8e:53:ff:39:26:19:ce:80:2c:8f:
92:91:bb:9e:56:19:1b:79:3a:9d:45:b6:7f:c8:fa:1b:1b:73:
7f:ca:88:4b:32:2a:34:83:ca:9b:b4:09:55:66:7a:2c:fe:6f:
b7:8b:65:40:8b:50:73:51:ce:5e:0e:a8:7b:07:24:74:5c:c7:
a9:63:04:18:75:4d:30:55:5e:58:a3:90:48:d7:75:25:17:03:
35:97:58:94:64:46:1f:05:68:89:7a:f3:75:8a:63:96:5a:13:
ff:4b:57:a0:62:fc:a9:70:5a:ff:24:1c:46:73:0b:39:e3:5b:
22:09:21:76:bd:7d:04:15:8c:f1:bc:88:94:a7:40:8b:63:0e:
dd:1d:6c:42:3a:d5:7d:17:31:56:4d:78:2e:2f:32:a8:9c:f5:
9a:44:e0:7b:18:cb:da:8b:69:15:7a:d0:8f:f2:4d:df:0a:87:
ea:c5:fd:3e:ed:fd:6c:75:3f:8c:83:63:9a:bb:cb:3c:44:20:
58:c1:0d:eb:03:c3:05:0e:1a:6a:95:b6:d6:a0:f5:a9:c6:3c:
5b:1a:bd:15
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICANQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUE0NDQxMTAvBgNVBAUTKDczMUU1N0IwREZERUE3OTFCQTRENUQ3MTk3MkRBODEw
NURDOTNFOEIwHhcNMjUwMjE5MDkyMzE0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I1YTMwMi03OTJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtIfuL6seo49dAEUMvA2PHcFeRJoFFCOfudy7OvFFglWH30QKJFZhTEk1pxSI
qU2ZxMsJxRgq81ijOkCqNqfSur6GALVmVc7X7kLWlZNq0vzPFJK3lOgcKUkI4NiT
UzCQHiDvvezrycElef3qvB/TPC4lIXVrUwTDlPn5OrhczeepEF4Tpxdn9/U+lceC
Y1txnvZsoWmHyb7vzC08mYC38BiHWaAQHFOkzGL3zIwoSErJsnAq4Mi1PlnKg61c
YbbWS1bdY5ZvaFvsbLtXKX+cV2Srp0CccLi4iYw9gVl6BYa+oTu8+jQcyWNiqyVQ
YUFPZ7StlcqSteWJHbEZA2+yXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGAHz6oZ
0ZEnQu4gXlJ1Iw8PrwsjMB8GA1UdIwQYMBaAFHMeV7Df3qeRuk1dcZctqBBdyT6L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ0NC84RENFMjc0QUIx
MUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1RzZUVjF4bHkyb0VGM0pQ
b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2N4NVhzTl9lcDVHNlRWMXhseTJvRUYzSlBvcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUE0NDQvOERDRTI3NEFCMTFEMTFFRUEzMzYzMzE5QzRGOUFFMDIvMjRERDUxOUNF
RUEzMTFFRkE1RURERDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnS04wDQYJKoZIhvcNAQELBQADggEBAEWpitOGBhWzVgQj
yEGBtGWd4LrPyHKkwdJUduAqLBWtNkDicoRlPt0oUYyhjlP/OSYZzoAsj5KRu55W
GRt5Op1Ftn/I+hsbc3/KiEsyKjSDypu0CVVmeiz+b7eLZUCLUHNRzl4OqHsHJHRc
x6ljBBh1TTBVXlijkEjXdSUXAzWXWJRkRh8FaIl683WKY5ZaE/9LV6Bi/KlwWv8k
HEZzCznjWyIJIXa9fQQVjPG8iJSnQItjDt0dbEI61X0XMVZNeC4vMqic9ZpE4HsY
y9qLaRV60I/yTd8Kh+rF/T7t/Wx1P4yDY5q7yzxEIFjBDesDwwUOGmqVttag9anG
PFsavRU=
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:36:25 2025 by rpki-client