Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0CF4/9AE9A9121FA511EABE9D1575C4F9AE02/949F398CDC6F11EABFEF2548C4F9AE02.roa
File: 949F398CDC6F11EABFEF2548C4F9AE02.roa (raw, json)
Hash identifier: JKN99SL1qpZZYm8JW/0SbU0c9K8PYY5zTB3QwwglAC0=
Subject key identifier: BD:C9:27:93:BD:0F:23:53:A6:72:11:EF:9E:7A:CF:E9:CB:6B:45:7D
Certificate issuer: /CN=A91F0CF4/serialNumber=FD25BA961101B5CE6014993CE7488FDB6F08A423
Certificate serial: 0768
Authority key identifier: FD:25:BA:96:11:01:B5:CE:60:14:99:3C:E7:48:8F:DB:6F:08:A4:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_SW6lhEBtc5gFJk850iP228IpCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F0CF4/9AE9A9121FA511EABE9D1575C4F9AE02/949F398CDC6F11EABFEF2548C4F9AE02.roa
Signing time: Thu 20 Jun 2024 20:11:47 +0000
ROA not before: Thu 20 Jun 2024 20:11:47 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 136907
IP address blocks: 103.215.0.0/24 maxlen: 24
103.215.1.0/24 maxlen: 24
103.215.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1896 (0x768)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F0CF4
Validity
Not Before: Jun 20 20:11:47 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66748d03-38ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:db:a5:0a:2d:64:07:55:2a:8d:44:93:61:59:
a2:31:fa:ba:f8:9d:61:e7:3d:2b:56:13:c9:4a:cf:
ca:12:28:47:08:00:2e:79:a7:eb:08:c7:57:5e:5d:
e6:6c:8b:db:77:e7:5e:ab:96:9a:54:d9:84:e5:a3:
20:17:9c:b7:7f:a0:7b:1b:b7:17:a0:29:7d:4a:0a:
8b:ee:29:e0:4d:a0:f6:93:6e:bc:a4:a1:8c:fd:ab:
de:6f:e2:dc:30:91:b6:11:5b:e5:65:c0:fa:ed:3d:
c7:1c:1f:10:d5:f7:64:6f:de:5a:2b:f1:c7:b7:c7:
46:6f:f4:a4:92:24:63:80:7c:c2:52:e1:6f:cb:1e:
d9:95:27:8f:ac:e7:0d:65:5d:4a:3b:06:97:33:e7:
73:27:78:bf:57:9b:68:cd:9a:21:e9:75:87:ad:ba:
00:31:ed:a4:f6:9a:66:ce:96:24:98:7a:8f:a0:6d:
a0:69:2a:38:d5:1a:a6:9f:a4:e3:78:9e:9a:da:e7:
eb:c4:8c:88:f9:60:a6:38:34:5d:b4:c1:f9:f9:f1:
e2:43:95:fb:1e:3b:67:53:d3:e6:e7:ca:d8:03:77:
92:17:a9:94:73:01:97:72:14:93:6c:09:99:57:9c:
20:ce:0f:d0:a7:10:ee:07:75:38:81:3f:88:fa:37:
b9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:C9:27:93:BD:0F:23:53:A6:72:11:EF:9E:7A:CF:E9:CB:6B:45:7D
X509v3 Authority Key Identifier:
keyid:FD:25:BA:96:11:01:B5:CE:60:14:99:3C:E7:48:8F:DB:6F:08:A4:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F0CF4/9AE9A9121FA511EABE9D1575C4F9AE02/_SW6lhEBtc5gFJk850iP228IpCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_SW6lhEBtc5gFJk850iP228IpCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0CF4/9AE9A9121FA511EABE9D1575C4F9AE02/949F398CDC6F11EABFEF2548C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.215.0.0/23
103.215.3.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:a6:0d:93:4f:03:54:e0:1b:f2:1f:1a:02:90:01:b6:a1:68:
d1:db:91:d1:d9:df:1b:40:99:58:60:a5:1f:08:92:52:84:59:
0b:c9:67:f1:43:d6:05:99:9c:83:c7:f6:84:78:25:53:ad:36:
f4:e0:7d:90:50:cb:73:8a:aa:ab:a0:79:ed:54:75:d3:58:50:
ce:2a:90:5e:d5:a2:11:5d:a7:ec:ae:c9:d5:a9:a4:5b:7c:17:
91:95:4b:53:df:db:ae:3b:fd:4e:2c:88:58:51:33:27:b9:c0:
ec:17:f8:43:76:62:3f:4d:05:9d:fe:08:da:9c:cb:0f:c9:80:
78:0c:33:23:e8:17:f4:92:05:f5:da:c3:4e:06:5a:de:62:8b:
80:11:1e:b7:e9:e0:63:fd:45:f6:14:b6:3b:67:c1:44:61:0c:
36:43:cb:c6:a7:c7:b4:f1:56:72:15:a1:4a:8d:4c:e1:eb:a4:
89:bc:9e:08:cc:4a:68:2d:41:95:f8:50:58:41:41:71:49:0f:
c6:98:30:54:ad:16:89:1d:04:9c:5f:07:e9:39:18:e4:ee:9f:
37:89:5a:53:ab:e7:7f:6a:0d:61:91:c9:92:4b:15:1e:2f:07:
eb:87:54:7c:b3:2d:09:a2:1e:aa:29:b2:4e:52:86:b8:38:f6:
36:e9:3d:7e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICB2gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjBDRjQxMTAvBgNVBAUTKEZEMjVCQTk2MTEwMUI1Q0U2MDE0OTkzQ0U3NDg4RkRC
NkYwOEE0MjMwHhcNMjQwNjIwMjAxMTQ3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc0OGQwMy0zOGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqtulCi1kB1UqjUSTYVmiMfq6+J1h5z0rVhPJSs/KEihHCAAueafrCMdXXl3m
bIvbd+deq5aaVNmE5aMgF5y3f6B7G7cXoCl9SgqL7ingTaD2k268pKGM/aveb+Lc
MJG2EVvlZcD67T3HHB8Q1fdkb95aK/HHt8dGb/SkkiRjgHzCUuFvyx7ZlSePrOcN
ZV1KOwaXM+dzJ3i/V5tozZoh6XWHrboAMe2k9ppmzpYkmHqPoG2gaSo41Rqmn6Tj
eJ6a2ufrxIyI+WCmODRdtMH5+fHiQ5X7HjtnU9Pm58rYA3eSF6mUcwGXchSTbAmZ
V5wgzg/QpxDuB3U4gT+I+je5uwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFL3JJ5O9
DyNTpnIR7556z+nLa0V9MB8GA1UdIwQYMBaAFP0lupYRAbXOYBSZPOdIj9tvCKQj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMENGNC85QUU5QTkxMjFG
QTUxMUVBQkU5RDE1NzVDNEY5QUUwMi9fU1c2bGhFQnRjNWdGSms4NTBpUDIyOElw
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19TVzZsaEVCdGM1Z0ZKazg1MGlQMjI4SXBDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjBDRjQvOUFFOUE5MTIxRkE1MTFFQUJFOUQxNTc1QzRGOUFFMDIvOTQ5RjM5OENE
QzZGMTFFQUJGRUYyNTQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFn1wADBABn1wMwDQYJKoZIhvcNAQELBQADggEBAKemDZNP
A1TgG/IfGgKQAbahaNHbkdHZ3xtAmVhgpR8IklKEWQvJZ/FD1gWZnIPH9oR4JVOt
NvTgfZBQy3OKqqugee1UddNYUM4qkF7VohFdp+yuydWppFt8F5GVS1Pf2647/U4s
iFhRMye5wOwX+EN2Yj9NBZ3+CNqcyw/JgHgMMyPoF/SSBfXaw04GWt5ii4ARHrfp
4GP9RfYUtjtnwURhDDZDy8anx7TxVnIVoUqNTOHrpIm8ngjMSmgtQZX4UFhBQXFJ
D8aYMFStFokdBJxfB+k5GOTunzeJWlOr539qDWGRyZJLFR4vB+uHVHyzLQmiHqop
sk5Shrg49jbpPX4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:21 2025 by rpki-client