Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D31B0/15CF5A8801B611EDB1A4D282C4F9AE02/7BB181E201BA11EDA4103D0DC4F9AE02.roa
File: 7BB181E201BA11EDA4103D0DC4F9AE02.roa (raw, json)
Hash identifier: lORLBE7+FfhOwINAGtcBHyopu2FbSYXSTs4IIjqvS/U=
Subject key identifier: E4:84:03:25:65:15:01:63:43:DC:91:BD:CF:C5:F6:3E:E0:C3:33:D7
Certificate issuer: /CN=A91D31B0/serialNumber=BC638E57CA7B92144FBA713AD6DB64E6D0AD4991
Certificate serial: 022A
Authority key identifier: BC:63:8E:57:CA:7B:92:14:4F:BA:71:3A:D6:DB:64:E6:D0:AD:49:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vGOOV8p7khRPunE61ttk5tCtSZE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D31B0/15CF5A8801B611EDB1A4D282C4F9AE02/7BB181E201BA11EDA4103D0DC4F9AE02.roa
Signing time: Thu 17 Oct 2024 02:05:33 +0000
ROA not before: Thu 17 Oct 2024 02:05:33 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 18229
IP address blocks: 103.146.40.0/24 maxlen: 24
103.146.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 554 (0x22a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D31B0
Validity
Not Before: Oct 17 02:05:33 2024 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=671070ed-af7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2d:8c:7a:97:81:10:d2:5f:29:8c:c0:ea:65:
bc:2a:0b:2d:1c:eb:d1:1c:b7:0b:a7:b4:9e:31:59:
00:b6:98:d7:cf:ee:53:3b:fb:22:9f:9c:87:1c:9b:
c9:57:ca:87:5e:fa:f0:69:54:72:1b:4a:48:da:d4:
e7:eb:9b:41:4d:e3:c7:2f:54:a8:c3:31:38:8f:b6:
f4:13:08:30:9a:e8:c5:4e:52:74:5b:96:6a:69:73:
95:ff:a9:49:61:46:3a:c2:e1:f1:11:77:b5:70:9b:
36:b2:4a:5d:71:86:3a:41:dd:98:f3:d3:0d:e8:88:
5d:07:79:41:7b:37:03:03:bd:04:67:d6:ed:b0:92:
37:cd:11:67:43:2e:7a:fe:e0:67:b1:9a:ae:10:44:
27:a3:d7:cc:eb:47:c8:b3:f7:f3:b1:1c:a9:8c:88:
d3:10:03:34:d2:5c:48:6e:d9:ed:3e:f5:98:1e:fc:
5f:8f:4b:b1:6d:19:fe:2b:3b:70:c5:e9:36:47:94:
97:37:8d:c6:36:ae:2b:0b:d8:68:7b:e6:cd:dd:fa:
36:e4:4d:aa:42:f6:47:3d:27:f4:43:26:05:32:cc:
ee:98:3a:26:dd:47:50:a8:18:82:ed:dd:29:5f:8c:
68:50:77:c0:17:b5:aa:d8:44:41:de:ef:10:17:ea:
7b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:84:03:25:65:15:01:63:43:DC:91:BD:CF:C5:F6:3E:E0:C3:33:D7
X509v3 Authority Key Identifier:
keyid:BC:63:8E:57:CA:7B:92:14:4F:BA:71:3A:D6:DB:64:E6:D0:AD:49:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D31B0/15CF5A8801B611EDB1A4D282C4F9AE02/vGOOV8p7khRPunE61ttk5tCtSZE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vGOOV8p7khRPunE61ttk5tCtSZE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D31B0/15CF5A8801B611EDB1A4D282C4F9AE02/7BB181E201BA11EDA4103D0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.146.40.0/23
Signature Algorithm: sha256WithRSAEncryption
34:ba:9f:10:6e:a5:37:25:e4:f3:b0:17:73:5a:2d:be:ee:64:
0a:4e:2b:b2:7d:75:6e:3f:46:47:5d:b5:01:1c:4c:23:6c:05:
f8:b9:d9:82:ac:9a:3c:a6:c3:9f:72:a3:51:6c:9f:da:d0:ce:
0e:ad:0a:5d:64:4f:58:d7:e8:d1:65:89:62:70:c5:8a:d1:d5:
57:71:51:55:2b:88:5e:8b:00:da:ad:4f:f8:7d:0c:94:43:30:
64:5f:28:44:7d:fd:e2:24:ff:68:fb:24:c2:ec:32:d3:cb:94:
34:c7:c9:2c:a4:93:75:23:0c:a4:25:7c:e0:38:01:df:be:38:
4a:cf:72:a7:3f:07:cb:af:49:72:4a:ef:05:96:8a:1a:60:18:
96:c6:a2:7b:b0:63:25:80:79:16:15:91:c5:ff:3d:8c:74:7a:
c7:1e:75:8d:d7:e7:d9:97:99:90:93:f4:fe:61:86:07:6c:a4:
60:66:f7:d8:dc:ab:17:a4:e3:8b:a9:de:92:de:bc:a8:53:97:
33:f2:12:1e:3f:fa:b4:8c:7c:af:39:2a:b5:0a:52:e1:9b:ce:
87:ae:a7:ba:42:3f:e5:56:83:4c:0b:3b:f5:60:6b:01:80:ff:
f7:f3:f4:23:a4:8d:28:85:a3:cb:1e:96:c3:32:2b:9d:26:f9:
44:14:23:f3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAiowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDMxQjAxMTAvBgNVBAUTKEJDNjM4RTU3Q0E3QjkyMTQ0RkJBNzEzQUQ2REI2NEU2
RDBBRDQ5OTEwHhcNMjQxMDE3MDIwNTMzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzEwNzBlZC1hZjdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0y2MepeBENJfKYzA6mW8KgstHOvRHLcLp7SeMVkAtpjXz+5TO/sin5yHHJvJ
V8qHXvrwaVRyG0pI2tTn65tBTePHL1SowzE4j7b0EwgwmujFTlJ0W5ZqaXOV/6lJ
YUY6wuHxEXe1cJs2skpdcYY6Qd2Y89MN6IhdB3lBezcDA70EZ9btsJI3zRFnQy56
/uBnsZquEEQno9fM60fIs/fzsRypjIjTEAM00lxIbtntPvWYHvxfj0uxbRn+Kztw
xek2R5SXN43GNq4rC9hoe+bN3fo25E2qQvZHPSf0QyYFMszumDom3UdQqBiC7d0p
X4xoUHfAF7Wq2ERB3u8QF+p78QIDAQABo4IClTCCApEwHQYDVR0OBBYEFOSEAyVl
FQFjQ9yRvc/F9j7gwzPXMB8GA1UdIwQYMBaAFLxjjlfKe5IUT7pxOtbbZObQrUmR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzFCMC8xNUNGNUE4ODAx
QjYxMUVEQjFBNEQyODJDNEY5QUUwMi92R09PVjhwN2toUlB1bkU2MXR0azV0Q3RT
WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZHT09WOHA3a2hSUHVuRTYxdHRrNXRDdFNaRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDMxQjAvMTVDRjVBODgwMUI2MTFFREIxQTREMjgyQzRGOUFFMDIvN0JCMTgxRTIw
MUJBMTFFREE0MTAzRDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnkigwDQYJKoZIhvcNAQELBQADggEBADS6nxBupTcl5POw
F3NaLb7uZApOK7J9dW4/RkddtQEcTCNsBfi52YKsmjymw59yo1Fsn9rQzg6tCl1k
T1jX6NFliWJwxYrR1VdxUVUriF6LANqtT/h9DJRDMGRfKER9/eIk/2j7JMLsMtPL
lDTHySykk3UjDKQlfOA4Ad++OErPcqc/B8uvSXJK7wWWihpgGJbGonuwYyWAeRYV
kcX/PYx0escedY3X59mXmZCT9P5hhgdspGBm99jcqxek44up3pLevKhTlzPyEh4/
+rSMfK85KrUKUuGbzoeup7pCP+VWg0wLO/VgawGA//fz9COkjSiFo8selsMyK50m
+UQUI/M=
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:30:31 2025 by rpki-client