Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/DA655484CF0811EF9CF05B4FC4F9AE02.roa
File: DA655484CF0811EF9CF05B4FC4F9AE02.roa (raw, json)
Hash identifier: OtFmSPwV6EFHA0PFmeCzNbPWu4B2WoMirQl5I+it6TQ=
Subject key identifier: E7:24:1F:73:1D:12:1B:B1:6C:BF:5E:3E:4B:2F:73:8B:AB:4B:54:B9
Certificate issuer: /CN=A91688D4/serialNumber=9C8AE3DC7B05B385396790CA7323D3A0906FED82
Certificate serial: 0489
Authority key identifier: 9C:8A:E3:DC:7B:05:B3:85:39:67:90:CA:73:23:D3:A0:90:6F:ED:82
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIrj3HsFs4U5Z5DKcyPToJBv7YI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/DA655484CF0811EF9CF05B4FC4F9AE02.roa
Signing time: Fri 10 Jan 2025 04:10:40 +0000
ROA not before: Fri 10 Jan 2025 04:10:40 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 151734
IP address blocks: 103.73.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1161 (0x489)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91688D4/serialNumber=9C8AE3DC7B05B385396790CA7323D3A0906FED82
Validity
Not Before: Jan 10 04:10:40 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67809dc0-6d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:71:f1:39:91:82:9b:a4:58:be:86:6e:94:7a:
f5:92:54:d4:31:97:9e:18:d9:ef:81:c9:eb:af:89:
73:46:dc:71:1f:2a:7f:d4:b7:57:dc:16:55:63:ef:
9a:d1:2c:29:1e:34:0a:70:0c:7f:6c:86:eb:c3:97:
f3:3b:ba:0b:12:3b:1c:46:3b:1f:2f:26:25:30:3b:
51:eb:f9:36:19:5f:21:5e:e8:51:ea:24:9f:35:8f:
17:af:15:74:6c:85:bf:1b:dd:23:2e:ef:6e:20:5d:
47:0e:f5:26:38:32:dc:78:33:c2:27:e8:e0:36:8d:
62:7a:42:8c:8d:da:ad:3e:26:b5:f3:80:9f:44:f9:
a4:72:1e:c6:6c:0c:34:b6:7b:2a:8f:ae:9d:e0:41:
5a:1b:e1:8d:9f:89:20:fe:9a:f2:c1:c4:8b:a2:77:
76:3a:9c:6a:b4:95:7e:b9:15:7c:68:56:b1:0d:ff:
fa:e9:bb:b3:93:ae:0c:b0:fe:56:6d:7f:63:d1:25:
d5:dc:a1:b5:4f:70:0f:13:f3:2c:ba:96:0a:c0:6a:
e1:3a:8e:a0:01:75:32:fc:bb:bb:a0:18:ed:63:94:
bf:c0:af:67:b5:ac:77:d6:ff:c6:62:0c:42:c4:10:
17:8f:1b:cb:aa:3f:90:ab:0d:3e:f4:82:cb:2f:8e:
3c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:24:1F:73:1D:12:1B:B1:6C:BF:5E:3E:4B:2F:73:8B:AB:4B:54:B9
X509v3 Authority Key Identifier:
keyid:9C:8A:E3:DC:7B:05:B3:85:39:67:90:CA:73:23:D3:A0:90:6F:ED:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/nIrj3HsFs4U5Z5DKcyPToJBv7YI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIrj3HsFs4U5Z5DKcyPToJBv7YI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/DA655484CF0811EF9CF05B4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.73.222.0/24
Signature Algorithm: sha256WithRSAEncryption
52:90:c3:99:52:4d:a8:08:a8:4c:38:8b:24:c0:88:44:c9:8e:
4e:37:93:03:5f:e5:d1:67:31:a2:97:1d:da:be:b6:c3:98:f4:
33:b0:f3:91:31:f5:28:f6:c0:19:3d:a1:3f:a3:43:80:ca:63:
ce:d9:e9:95:a3:14:a7:c8:43:09:d8:71:16:ef:01:5c:c0:c4:
8d:02:48:f7:42:3e:6d:eb:82:25:d3:86:58:9f:21:82:cf:2d:
35:a9:6d:a5:ae:23:d2:ca:5e:d3:9f:9a:ae:f0:26:f2:01:dd:
ff:32:3f:fa:7a:40:60:e5:bc:6d:f1:88:08:35:38:96:2a:41:
ca:cc:fd:62:f1:52:d2:2b:6c:2c:0d:4e:49:cc:4c:ae:e2:f4:
18:12:43:e6:1f:48:a7:61:a5:57:21:91:63:55:0f:1e:43:5a:
55:8b:bb:f5:e2:dd:30:f9:87:05:b0:67:fa:48:49:78:f2:0f:
1a:a7:2c:fe:63:11:5d:42:32:d9:85:64:7a:8a:68:e9:b5:e9:
65:35:15:c2:fa:12:f1:9e:7c:f3:8d:d8:54:6a:7e:24:d5:4c:
ef:22:bd:80:72:8d:28:66:c5:51:2b:a9:f2:b9:50:3c:bd:e4:
20:43:0d:35:d8:37:a8:e8:b6:43:2d:63:df:55:49:d8:5f:f5:
a3:66:06:f7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBIkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njg4RDQxMTAvBgNVBAUTKDlDOEFFM0RDN0IwNUIzODUzOTY3OTBDQTczMjNEM0Ew
OTA2RkVEODIwHhcNMjUwMTEwMDQxMDQwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzgwOWRjMC02ZDhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvXHxOZGCm6RYvoZulHr1klTUMZeeGNnvgcnrr4lzRtxxHyp/1LdX3BZVY++a
0SwpHjQKcAx/bIbrw5fzO7oLEjscRjsfLyYlMDtR6/k2GV8hXuhR6iSfNY8XrxV0
bIW/G90jLu9uIF1HDvUmODLceDPCJ+jgNo1iekKMjdqtPia184CfRPmkch7GbAw0
tnsqj66d4EFaG+GNn4kg/prywcSLond2OpxqtJV+uRV8aFaxDf/66buzk64MsP5W
bX9j0SXV3KG1T3APE/MsupYKwGrhOo6gAXUy/Lu7oBjtY5S/wK9ntax31v/GYgxC
xBAXjxvLqj+Qqw0+9ILLL448jQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOckH3Md
EhuxbL9ePksvc4urS1S5MB8GA1UdIwQYMBaAFJyK49x7BbOFOWeQynMj06CQb+2C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODhENC8yRjU4RTQ3MjJF
NTAxMUVDQTA0QjZDMjVDNEY5QUUwMi9uSXJqM0hzRnM0VTVaNURLY3lQVG9KQnY3
WUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25JcmozSHNGczRVNVo1REtjeVBUb0pCdjdZSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njg4RDQvMkY1OEU0NzIyRTUwMTFFQ0EwNEI2QzI1QzRGOUFFMDIvREE2NTU0ODRD
RjA4MTFFRjlDRjA1QjRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnSd4wDQYJKoZIhvcNAQELBQADggEBAFKQw5lSTagIqEw4
iyTAiETJjk43kwNf5dFnMaKXHdq+tsOY9DOw85Ex9Sj2wBk9oT+jQ4DKY87Z6ZWj
FKfIQwnYcRbvAVzAxI0CSPdCPm3rgiXThlifIYLPLTWpbaWuI9LKXtOfmq7wJvIB
3f8yP/p6QGDlvG3xiAg1OJYqQcrM/WLxUtIrbCwNTknMTK7i9BgSQ+YfSKdhpVch
kWNVDx5DWlWLu/Xi3TD5hwWwZ/pISXjyDxqnLP5jEV1CMtmFZHqKaOm16WU1FcL6
EvGefPON2FRqfiTVTO8ivYByjShmxVErqfK5UDy95CBDDTXYN6jotkMtY99VSdhf
9aNmBvc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:08:12 2025 by rpki-client