Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/4F4A22E23CDE11EAB553996BC4F9AE02.roa
File: 4F4A22E23CDE11EAB553996BC4F9AE02.roa (raw, json)
Hash identifier: 5dNjtUvyRJQ8rKds7M86B2djQAg4WheDaP9EfyZTla8=
Subject key identifier: 1F:FC:62:8C:46:C5:E3:48:ED:27:2C:2E:22:40:81:79:A9:54:6C:5D
Certificate issuer: /CN=A91C2E87/serialNumber=5A4A1A1F2D924DE85555C71D3DB66B9BB0E43643
Certificate serial: 0BD2
Authority key identifier: 5A:4A:1A:1F:2D:92:4D:E8:55:55:C7:1D:3D:B6:6B:9B:B0:E4:36:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WkoaHy2STehVVccdPbZrm7DkNkM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/4F4A22E23CDE11EAB553996BC4F9AE02.roa
Signing time: Wed 08 Jan 2025 19:07:58 +0000
ROA not before: Wed 08 Jan 2025 19:07:58 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 63969
IP address blocks: 103.124.250.0/23 maxlen: 23
103.124.250.0/24 maxlen: 24
103.124.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3026 (0xbd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C2E87
Validity
Not Before: Jan 8 19:07:58 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677ecd0e-0d43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:17:9f:86:28:d3:d1:b5:54:72:37:6b:6f:02:
8b:88:af:2f:c7:66:f0:35:ca:42:4f:e8:c6:c3:c9:
93:d3:48:40:96:22:f5:d7:b7:70:72:c4:74:1a:40:
58:71:3a:2e:e5:ff:0e:f8:5e:f1:1a:4a:b0:2a:41:
86:cb:40:92:bb:ab:92:e4:84:b5:0f:f0:a0:ca:f2:
fc:96:03:c1:73:5a:c3:a2:2c:27:62:3e:b4:c5:cf:
db:6a:df:c8:57:e8:f3:a2:39:02:79:3e:d3:29:29:
4f:c4:26:ee:d8:fb:c8:10:3b:ec:b4:6a:9f:7a:1d:
c8:51:26:c4:17:a7:04:97:99:7f:33:68:dc:8b:cc:
a0:f2:f7:fc:10:1e:d4:96:3d:34:a2:18:d4:37:ca:
24:93:be:62:70:d7:4a:ac:b7:ae:fb:24:ec:6a:9a:
5a:ec:fe:46:a7:e1:70:1b:32:b7:f9:ea:75:ff:30:
54:38:6a:cf:36:97:b0:e2:52:ab:22:48:8a:d8:a8:
eb:5e:e2:3b:d0:ab:f4:0b:02:e1:22:86:24:6b:1e:
ba:86:4a:39:47:93:3e:88:1e:05:af:c2:88:8e:b6:
48:99:d1:79:90:30:ca:f1:fd:36:a2:98:49:0e:85:
c1:80:ea:01:9b:b8:44:d0:67:75:49:b3:a1:96:c8:
c6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:FC:62:8C:46:C5:E3:48:ED:27:2C:2E:22:40:81:79:A9:54:6C:5D
X509v3 Authority Key Identifier:
keyid:5A:4A:1A:1F:2D:92:4D:E8:55:55:C7:1D:3D:B6:6B:9B:B0:E4:36:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/WkoaHy2STehVVccdPbZrm7DkNkM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WkoaHy2STehVVccdPbZrm7DkNkM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/4F4A22E23CDE11EAB553996BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.124.250.0/23
Signature Algorithm: sha256WithRSAEncryption
91:a2:09:5f:f8:fe:85:a5:3f:5f:19:4d:29:fa:2b:6b:d2:94:
53:de:bc:2c:c7:96:22:7e:14:b1:46:a3:b7:aa:ad:16:e1:3c:
67:9b:d0:61:fe:d4:5c:99:27:2d:3b:66:b3:7d:cc:b1:5c:d6:
33:fd:e4:57:13:3c:d0:23:b0:22:c3:27:d5:67:b4:dd:ee:7b:
17:55:28:63:bc:32:d1:d2:f2:c4:20:59:67:9c:ca:b0:18:9b:
15:6d:3f:b4:da:45:13:f9:7e:19:2f:a7:8d:6d:27:59:05:fc:
20:26:40:4e:37:80:f7:c4:87:82:7f:39:ea:2d:89:cf:ee:c8:
6a:08:a8:4e:bb:37:2a:97:67:6e:51:92:ef:e2:a2:6d:6f:7c:
62:c8:99:90:8e:ea:94:22:f0:e2:b0:fc:ec:5b:de:84:4e:85:
b7:df:00:d4:11:2a:63:04:3e:89:ea:e2:0e:68:73:b5:22:e9:
2c:31:ff:77:81:50:9c:69:5a:84:0f:34:38:f9:f1:97:ef:14:
75:b4:58:05:ef:0d:09:da:48:76:3b:ef:ae:d5:2b:48:9e:e2:
9f:42:00:79:2d:13:70:5c:f6:c8:81:23:89:ab:b1:b5:0d:74:
dc:21:0c:6e:83:52:5e:95:ef:81:2a:99:04:18:8f:e6:d4:55:
ea:f9:31:3d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC9IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzJFODcxMTAvBgNVBAUTKDVBNEExQTFGMkQ5MjRERTg1NTU1QzcxRDNEQjY2QjlC
QjBFNDM2NDMwHhcNMjUwMTA4MTkwNzU4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdlY2QwZS0wZDQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvhefhijT0bVUcjdrbwKLiK8vx2bwNcpCT+jGw8mT00hAliL117dwcsR0GkBY
cTou5f8O+F7xGkqwKkGGy0CSu6uS5IS1D/CgyvL8lgPBc1rDoiwnYj60xc/bat/I
V+jzojkCeT7TKSlPxCbu2PvIEDvstGqfeh3IUSbEF6cEl5l/M2jci8yg8vf8EB7U
lj00ohjUN8okk75icNdKrLeu+yTsappa7P5Gp+FwGzK3+ep1/zBUOGrPNpew4lKr
IkiK2KjrXuI70Kv0CwLhIoYkax66hko5R5M+iB4Fr8KIjrZImdF5kDDK8f02ophJ
DoXBgOoBm7hE0Gd1SbOhlsjG9wIDAQABo4IClTCCApEwHQYDVR0OBBYEFB/8YoxG
xeNI7ScsLiJAgXmpVGxdMB8GA1UdIwQYMBaAFFpKGh8tkk3oVVXHHT22a5uw5DZD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkU4Ny9BOUYzQzZFRTEy
OUYxMUVBQUIyNzIwMkZDNEY5QUUwMi9Xa29hSHkyU1RlaFZWY2NkUGJacm03RGtO
a00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1drb2FIeTJTVGVoVlZjY2RQYlpybTdEa05rTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzJFODcvQTlGM0M2RUUxMjlGMTFFQUFCMjcyMDJGQzRGOUFFMDIvNEY0QTIyRTIz
Q0RFMTFFQUI1NTM5OTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnfPowDQYJKoZIhvcNAQELBQADggEBAJGiCV/4/oWlP18Z
TSn6K2vSlFPevCzHliJ+FLFGo7eqrRbhPGeb0GH+1FyZJy07ZrN9zLFc1jP95FcT
PNAjsCLDJ9VntN3uexdVKGO8MtHS8sQgWWecyrAYmxVtP7TaRRP5fhkvp41tJ1kF
/CAmQE43gPfEh4J/Oeotic/uyGoIqE67NyqXZ25Rku/iom1vfGLImZCO6pQi8OKw
/Oxb3oROhbffANQRKmMEPonq4g5oc7Ui6Swx/3eBUJxpWoQPNDj58ZfvFHW0WAXv
DQnaSHY7767VK0ie4p9CAHktE3Bc9siBI4mrsbUNdNwhDG6DUl6V74EqmQQYj+bU
Ver5MT0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:34:24 2025 by rpki-client