Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/DDF31C5EC0B211EEBAD8C90CC4F9AE02.roa
File: DDF31C5EC0B211EEBAD8C90CC4F9AE02.roa (raw, json)
Hash identifier: YVeQZ34mIfHMnmjxjCGhbAOi/xnmN4mZihcC5C4pwo4=
Subject key identifier: E4:3B:D1:70:AA:2B:2C:75:EB:95:81:8C:BE:D9:84:6E:65:DA:DB:A1
Certificate issuer: /CN=A9158E8E/serialNumber=5F2E5E62932BB50A85FF2F9A5F31B2BADD5F34AC
Certificate serial: 035E
Authority key identifier: 5F:2E:5E:62:93:2B:B5:0A:85:FF:2F:9A:5F:31:B2:BA:DD:5F:34:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/DDF31C5EC0B211EEBAD8C90CC4F9AE02.roa
Signing time: Fri 31 Jan 2025 01:15:08 +0000
ROA not before: Fri 31 Jan 2025 01:15:08 +0000
ROA not after: Mon 02 Jun 2025 00:00:00 +0000
asID: 141431
IP address blocks: 103.159.78.0/24 maxlen: 24
103.159.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 862 (0x35e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158E8E/serialNumber=5F2E5E62932BB50A85FF2F9A5F31B2BADD5F34AC
Validity
Not Before: Jan 31 01:15:08 2025 GMT
Not After : Jun 2 00:00:00 2025 GMT
Subject: CN=679c241c-7c24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:05:05:63:1d:f9:be:8e:02:e7:3a:61:ef:af:
41:30:b8:4f:36:0a:67:c1:f1:c7:30:8e:3c:8e:c6:
62:27:b8:dc:35:61:9d:08:13:99:a4:ee:cb:7f:24:
fa:0f:ee:a9:a9:28:f6:1d:a3:13:63:7a:9d:5e:b1:
9c:2f:fe:62:70:01:a3:b8:72:df:9b:7c:d2:1e:45:
c3:92:18:60:4f:1d:fb:3c:33:ad:50:6e:cc:1d:1d:
66:25:e6:89:e7:eb:e7:25:ee:7f:29:6c:07:c2:71:
fa:b8:9d:7d:44:2e:ec:78:26:c4:a6:45:df:bd:ff:
63:f6:7f:e7:2e:9a:e2:30:bd:9b:80:95:24:03:65:
6e:a2:17:3d:13:1d:5a:8e:a2:a0:f8:6c:e9:2f:c2:
41:29:73:d7:8b:91:34:d1:40:e6:cd:b0:fc:2e:c8:
55:d2:c0:ae:b1:3b:ba:02:75:e5:6e:57:30:4b:ab:
53:5a:d2:39:fd:bc:02:75:46:42:67:aa:1d:a9:ae:
6d:b1:fc:09:3e:01:e0:b4:a2:7c:b9:27:f7:23:63:
07:02:94:12:0b:7c:df:c5:45:c3:95:66:fd:a1:ba:
1a:e9:44:43:40:4a:f6:dd:b8:f8:68:23:a5:a9:f2:
be:01:38:5a:84:a8:24:2a:56:f8:f9:f3:5f:70:60:
54:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:3B:D1:70:AA:2B:2C:75:EB:95:81:8C:BE:D9:84:6E:65:DA:DB:A1
X509v3 Authority Key Identifier:
keyid:5F:2E:5E:62:93:2B:B5:0A:85:FF:2F:9A:5F:31:B2:BA:DD:5F:34:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/DDF31C5EC0B211EEBAD8C90CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.78.0/23
Signature Algorithm: sha256WithRSAEncryption
88:0f:cb:c3:1a:63:a3:b7:3d:5a:3d:10:a5:b3:d4:0e:b8:f8:
ca:e2:9b:e6:6f:e9:f7:46:a2:40:5a:45:dd:87:87:ab:b0:b1:
94:07:e6:44:fe:68:bf:16:92:41:04:da:48:5b:ab:32:f1:cd:
ad:58:ef:ac:d6:11:27:ce:32:0d:5e:d6:ca:c3:cc:f0:40:f1:
ef:5d:0f:8b:af:f3:d2:38:22:76:68:7d:25:af:cd:2a:ae:af:
26:07:cc:40:ca:8f:a8:d7:d3:9a:df:d6:87:4c:eb:1e:73:0c:
7f:ca:01:ba:7d:9f:c9:eb:17:76:58:cf:84:19:bb:62:94:7b:
ce:47:79:dc:44:c8:41:5a:5b:ca:25:88:96:51:f2:82:9b:21:
af:a7:55:6d:23:c2:34:57:1d:09:bd:87:32:0c:c0:79:18:74:
90:c2:e5:6d:2d:0b:1b:af:3f:d2:d1:dc:72:50:e9:f9:88:19:
96:eb:22:71:0e:bc:c8:f3:32:37:5f:c6:2b:71:52:bf:ad:d5:
a1:96:60:23:4c:bd:53:85:7a:86:53:2a:f6:f5:0e:72:0d:eb:
06:33:11:9d:3b:73:cb:76:f1:b0:9e:0d:66:e5:06:34:22:8a:
90:c0:5e:e9:be:e0:9e:38:f8:4b:c5:d5:4c:fc:be:9a:f9:3f:
f5:47:76:61
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA14wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NThFOEUxMTAvBgNVBAUTKDVGMkU1RTYyOTMyQkI1MEE4NUZGMkY5QTVGMzFCMkJB
REQ1RjM0QUMwHhcNMjUwMTMxMDExNTA4WhcNMjUwNjAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljMjQxYy03YzI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7QUFYx35vo4C5zph769BMLhPNgpnwfHHMI48jsZiJ7jcNWGdCBOZpO7LfyT6
D+6pqSj2HaMTY3qdXrGcL/5icAGjuHLfm3zSHkXDkhhgTx37PDOtUG7MHR1mJeaJ
5+vnJe5/KWwHwnH6uJ19RC7seCbEpkXfvf9j9n/nLpriML2bgJUkA2Vuohc9Ex1a
jqKg+GzpL8JBKXPXi5E00UDmzbD8LshV0sCusTu6AnXlblcwS6tTWtI5/bwCdUZC
Z6odqa5tsfwJPgHgtKJ8uSf3I2MHApQSC3zfxUXDlWb9oboa6URDQEr23bj4aCOl
qfK+AThahKgkKlb4+fNfcGBUgwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOQ70XCq
Kyx165WBjL7ZhG5l2tuhMB8GA1UdIwQYMBaAFF8uXmKTK7UKhf8vml8xsrrdXzSs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEU4RS8wNEZCQjhGMEFF
MEYxMUVDQTAyMDU2NjZDNEY5QUUwMi9YeTVlWXBNcnRRcUZfeS1hWHpHeXV0MWZO
S3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1h5NWVZcE1ydFFxRl95LWFYekd5dXQxZk5Ldy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThFOEUvMDRGQkI4RjBBRTBGMTFFQ0EwMjA1NjY2QzRGOUFFMDIvRERGMzFDNUVD
MEIyMTFFRUJBRDhDOTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnn04wDQYJKoZIhvcNAQELBQADggEBAIgPy8MaY6O3PVo9
EKWz1A64+Mrim+Zv6fdGokBaRd2Hh6uwsZQH5kT+aL8WkkEE2khbqzLxza1Y76zW
ESfOMg1e1srDzPBA8e9dD4uv89I4InZofSWvzSquryYHzEDKj6jX05rf1odM6x5z
DH/KAbp9n8nrF3ZYz4QZu2KUe85HedxEyEFaW8oliJZR8oKbIa+nVW0jwjRXHQm9
hzIMwHkYdJDC5W0tCxuvP9LR3HJQ6fmIGZbrInEOvMjzMjdfxitxUr+t1aGWYCNM
vVOFeoZTKvb1DnIN6wYzEZ07c8t28bCeDWblBjQiipDAXum+4J44+EvF1Uz8vpr5
P/VHdmE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:20:43 2025 by rpki-client