Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919AAA0/228396BA95F411EBB31B8F66C4F9AE02/8D54D41CFF4A11EBB2CFB65CC4F9AE02.roa
File: 8D54D41CFF4A11EBB2CFB65CC4F9AE02.roa (raw, json)
Hash identifier: IySlzgFnWkP7TsDdopcASX0s9EjyawqZzPr968OhJ/U=
Subject key identifier: 09:4D:01:08:19:72:3F:D6:8E:38:26:1C:19:F9:27:6D:32:34:EC:C1
Certificate issuer: /CN=A919AAA0/serialNumber=2AD526DFD9C7E90CA30C31FCA4E182501B700753
Certificate serial: 05F9
Authority key identifier: 2A:D5:26:DF:D9:C7:E9:0C:A3:0C:31:FC:A4:E1:82:50:1B:70:07:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KtUm39nH6QyjDDH8pOGCUBtwB1M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919AAA0/228396BA95F411EBB31B8F66C4F9AE02/8D54D41CFF4A11EBB2CFB65CC4F9AE02.roa
Signing time: Mon 02 Dec 2024 23:02:04 +0000
ROA not before: Mon 02 Dec 2024 23:02:04 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 55933
IP address blocks: 103.145.60.0/24 maxlen: 24
103.145.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1529 (0x5f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919AAA0/serialNumber=2AD526DFD9C7E90CA30C31FCA4E182501B700753
Validity
Not Before: Dec 2 23:02:04 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=674e3c6c-533e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:bc:b4:81:9e:6a:b5:cd:19:42:c6:8a:9d:3d:
a8:95:e5:a4:8d:fb:dc:ed:98:53:d1:3f:37:e6:af:
9f:0d:21:5b:60:00:2a:0e:3d:de:9f:ec:e0:e9:5a:
80:86:4a:b6:7d:8e:76:12:d9:05:52:33:c0:22:bf:
fe:04:eb:4a:10:fd:9b:39:0d:fb:d1:03:9e:d1:45:
a1:be:e3:15:56:58:f6:d1:6c:65:f3:35:cd:8b:c7:
84:32:01:ca:a8:9e:95:09:70:9d:f8:a2:48:cb:12:
0e:8d:b3:95:ca:04:05:8c:c1:28:d3:42:df:6b:53:
a7:fd:c0:f4:f6:0b:c9:13:a0:a2:f0:92:81:93:b6:
ac:b6:7f:ae:a4:42:24:50:e7:f7:aa:e0:22:03:7c:
03:eb:72:60:19:ad:55:70:60:3b:56:6f:57:e8:bc:
a0:c7:7d:37:af:67:a5:14:9f:89:ff:bf:6a:82:3f:
ce:8f:76:39:0e:26:ac:34:9e:0e:aa:0a:06:93:3f:
7a:89:07:07:9b:57:d0:0e:f4:e1:fa:30:08:4e:bf:
da:cd:72:3a:c1:c6:a4:cc:a1:39:c5:50:03:0a:32:
c5:9d:65:26:d4:15:07:1e:eb:55:47:da:4d:27:bd:
1d:80:d0:16:29:a8:fe:51:c7:9c:ab:64:85:66:70:
08:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:4D:01:08:19:72:3F:D6:8E:38:26:1C:19:F9:27:6D:32:34:EC:C1
X509v3 Authority Key Identifier:
keyid:2A:D5:26:DF:D9:C7:E9:0C:A3:0C:31:FC:A4:E1:82:50:1B:70:07:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919AAA0/228396BA95F411EBB31B8F66C4F9AE02/KtUm39nH6QyjDDH8pOGCUBtwB1M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KtUm39nH6QyjDDH8pOGCUBtwB1M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919AAA0/228396BA95F411EBB31B8F66C4F9AE02/8D54D41CFF4A11EBB2CFB65CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.145.60.0/23
Signature Algorithm: sha256WithRSAEncryption
90:83:aa:af:7f:14:8f:3e:45:55:a0:9a:27:1d:55:96:0d:d1:
95:76:42:c7:30:df:4e:bc:69:6d:7c:e9:56:47:e2:15:56:35:
59:fc:0a:76:6c:2c:24:f9:bb:ac:97:22:9f:2b:3b:4e:80:98:
3a:ed:62:89:2e:ca:af:fb:2d:9b:cc:3c:19:16:88:87:f5:c2:
3f:91:97:7e:93:a4:7a:2e:63:b1:16:87:c1:8b:20:8f:64:d6:
b6:55:2c:e6:b1:4b:09:4b:72:d7:ca:57:b7:37:2f:c1:ec:8c:
fa:b3:51:20:4b:1b:d1:9a:94:a3:19:28:80:8b:98:87:ec:57:
22:e9:cc:08:f2:5e:85:09:b4:fb:d2:e5:58:a9:ad:6b:99:31:
07:a7:b8:a2:19:32:f9:8c:c9:c4:40:12:99:3c:60:19:68:44:
18:9a:d4:5c:22:02:e7:f5:48:ae:88:8c:3b:cc:0a:89:67:60:
b8:6e:f0:14:b3:14:5b:77:e5:43:f9:cd:d2:60:08:5c:d0:ef:
32:e5:b3:7d:5e:b1:0b:09:cc:c3:02:c0:18:45:5e:0d:80:38:
94:47:08:47:78:00:31:7a:5d:85:93:90:2f:d5:d3:99:d1:3b:
22:b0:bd:88:0f:3b:1e:3c:f7:c2:fc:2e:13:d4:df:36:42:f4:
d7:5d:0e:f3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBfkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUFBQTAxMTAvBgNVBAUTKDJBRDUyNkRGRDlDN0U5MENBMzBDMzFGQ0E0RTE4MjUw
MUI3MDA3NTMwHhcNMjQxMjAyMjMwMjA0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlM2M2Yy01MzNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw7y0gZ5qtc0ZQsaKnT2oleWkjfvc7ZhT0T835q+fDSFbYAAqDj3en+zg6VqA
hkq2fY52EtkFUjPAIr/+BOtKEP2bOQ370QOe0UWhvuMVVlj20Wxl8zXNi8eEMgHK
qJ6VCXCd+KJIyxIOjbOVygQFjMEo00Lfa1On/cD09gvJE6Ci8JKBk7astn+upEIk
UOf3quAiA3wD63JgGa1VcGA7Vm9X6Lygx303r2elFJ+J/79qgj/Oj3Y5DiasNJ4O
qgoGkz96iQcHm1fQDvTh+jAITr/azXI6wcakzKE5xVADCjLFnWUm1BUHHutVR9pN
J70dgNAWKaj+Ucecq2SFZnAI/wIDAQABo4IClTCCApEwHQYDVR0OBBYEFAlNAQgZ
cj/WjjgmHBn5J20yNOzBMB8GA1UdIwQYMBaAFCrVJt/Zx+kMowwx/KThglAbcAdT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QUFBMC8yMjgzOTZCQTk1
RjQxMUVCQjMxQjhGNjZDNEY5QUUwMi9LdFVtMzluSDZReWpEREg4cE9HQ1VCdHdC
MU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0t0VW0zOW5INlF5akRESDhwT0dDVUJ0d0IxTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUFBQTAvMjI4Mzk2QkE5NUY0MTFFQkIzMUI4RjY2QzRGOUFFMDIvOEQ1NEQ0MUNG
RjRBMTFFQkIyQ0ZCNjVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnkTwwDQYJKoZIhvcNAQELBQADggEBAJCDqq9/FI8+RVWg
micdVZYN0ZV2Qscw3068aW186VZH4hVWNVn8CnZsLCT5u6yXIp8rO06AmDrtYoku
yq/7LZvMPBkWiIf1wj+Rl36TpHouY7EWh8GLII9k1rZVLOaxSwlLctfKV7c3L8Hs
jPqzUSBLG9GalKMZKICLmIfsVyLpzAjyXoUJtPvS5ViprWuZMQenuKIZMvmMycRA
Epk8YBloRBia1FwiAuf1SK6IjDvMColnYLhu8BSzFFt35UP5zdJgCFzQ7zLls31e
sQsJzMMCwBhFXg2AOJRHCEd4ADF6XYWTkC/V05nROyKwvYgPOx4898L8LhPU3zZC
9NddDvM=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:05:56 2025 by rpki-client