Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3B91/A365336E3E2411EC9B55E152C4F9AE02/A71C6AA6C0A711EE97A2E984C4F9AE02.roa
File: A71C6AA6C0A711EE97A2E984C4F9AE02.roa (raw, json)
Hash identifier: rFwN+SF9461uZLERr0sJ+qKXXO8E4boiupW7Ykdk4aI=
Subject key identifier: 44:46:CE:57:E8:13:18:E0:46:05:0F:57:22:CC:86:3A:03:E7:04:CE
Certificate issuer: /CN=A91A3B91/serialNumber=AD102ED0289DC4E4FADE70B34D7660CA0D2BBD2B
Certificate serial: 0462
Authority key identifier: AD:10:2E:D0:28:9D:C4:E4:FA:DE:70:B3:4D:76:60:CA:0D:2B:BD:2B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rRAu0CidxOT63nCzTXZgyg0rvSs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A3B91/A365336E3E2411EC9B55E152C4F9AE02/A71C6AA6C0A711EE97A2E984C4F9AE02.roa
Signing time: Fri 31 Jan 2025 00:44:28 +0000
ROA not before: Fri 31 Jan 2025 00:44:28 +0000
ROA not after: Mon 02 Jun 2025 00:00:00 +0000
asID: 148998
IP address blocks: 103.175.234.0/23 maxlen: 23
103.175.234.0/24 maxlen: 24
103.175.235.0/24 maxlen: 24
2001:df7:ff80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1122 (0x462)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A3B91/serialNumber=AD102ED0289DC4E4FADE70B34D7660CA0D2BBD2B
Validity
Not Before: Jan 31 00:44:28 2025 GMT
Not After : Jun 2 00:00:00 2025 GMT
Subject: CN=679c1cec-e73e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6d:52:2a:cf:0e:de:ee:65:b9:64:01:94:5d:
6f:10:e1:0a:e9:92:d3:d5:28:aa:21:52:77:e3:fe:
ce:9f:67:11:ce:e7:59:e0:9b:da:d0:e5:99:3a:d5:
98:b5:9a:73:2d:f8:eb:e8:d5:09:3e:02:91:aa:74:
56:77:87:79:38:f2:98:8f:2e:a1:62:08:29:43:ec:
1f:eb:98:13:3a:be:13:03:aa:19:92:16:38:a3:ed:
d0:21:20:cd:77:a8:56:50:66:7b:29:3a:25:37:67:
e1:18:ce:d6:36:50:e0:56:f3:1b:9b:05:eb:0f:97:
37:83:d2:df:20:c5:cc:a9:05:ab:fa:f7:e8:f5:8b:
a6:eb:34:f2:24:20:62:c6:0d:5a:8d:af:d3:36:49:
75:2f:62:c6:df:7b:0b:5c:7f:2a:3c:80:e9:d2:c7:
e2:b7:36:83:9f:19:45:9b:af:da:58:5f:da:f5:48:
ae:61:89:48:c7:87:0e:58:dd:c9:94:7e:cc:9a:27:
1b:d5:05:4c:b2:d1:56:34:e0:a3:19:01:21:8d:2e:
ef:e9:62:3c:c2:e5:8e:fe:fe:bf:c4:6a:32:5e:d0:
91:6a:eb:c4:c6:df:50:3d:11:6c:2c:ee:f9:56:72:
c4:a1:ac:b6:4e:ea:86:61:21:34:f1:e1:79:ff:e9:
20:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:46:CE:57:E8:13:18:E0:46:05:0F:57:22:CC:86:3A:03:E7:04:CE
X509v3 Authority Key Identifier:
keyid:AD:10:2E:D0:28:9D:C4:E4:FA:DE:70:B3:4D:76:60:CA:0D:2B:BD:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A3B91/A365336E3E2411EC9B55E152C4F9AE02/rRAu0CidxOT63nCzTXZgyg0rvSs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rRAu0CidxOT63nCzTXZgyg0rvSs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3B91/A365336E3E2411EC9B55E152C4F9AE02/A71C6AA6C0A711EE97A2E984C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.175.234.0/23
IPv6:
2001:df7:ff80::/48
Signature Algorithm: sha256WithRSAEncryption
31:a1:ed:00:f1:d1:44:56:fa:2b:57:17:53:41:01:85:52:44:
29:e1:6f:d0:a5:69:40:f3:8f:d6:cb:3b:8e:33:22:f6:74:3f:
f7:09:35:54:63:69:7b:39:ea:9c:89:ae:25:2e:b7:d2:cf:08:
8b:d7:69:21:93:aa:0e:96:b4:aa:d6:55:92:53:10:e7:95:f8:
69:95:cc:14:4a:ba:99:fb:54:1c:8f:1c:08:a1:ed:fc:32:10:
0a:4e:2e:79:61:f2:a6:45:f3:60:c6:f2:f8:ce:b4:3b:da:47:
29:07:26:2a:8c:71:5a:30:47:8d:df:85:30:98:2a:b7:a3:e0:
43:b4:9e:80:75:82:a0:94:68:e0:d4:47:54:ad:74:ce:ed:55:
52:e7:55:40:77:3b:06:f6:13:34:6b:ba:d8:17:d7:fa:1a:88:
a0:75:11:75:7f:4f:88:ac:31:8c:11:05:7f:01:44:e1:c1:d4:
b1:9a:fc:4d:c1:ea:2c:bc:24:02:3c:e3:8a:3e:4a:07:55:09:
18:b9:29:53:1b:05:60:92:4f:46:ca:a0:54:46:93:72:d5:a4:
92:ad:c1:87:be:bb:5d:57:88:00:9e:5e:2f:ad:39:02:67:84:
15:ff:6a:d6:19:2e:8c:04:20:59:91:9e:30:db:d0:72:cc:bc:
e4:ca:26:a4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBGIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTNCOTExMTAvBgNVBAUTKEFEMTAyRUQwMjg5REM0RTRGQURFNzBCMzRENzY2MENB
MEQyQkJEMkIwHhcNMjUwMTMxMDA0NDI4WhcNMjUwNjAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljMWNlYy1lNzNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzW1SKs8O3u5luWQBlF1vEOEK6ZLT1SiqIVJ34/7On2cRzudZ4Jva0OWZOtWY
tZpzLfjr6NUJPgKRqnRWd4d5OPKYjy6hYggpQ+wf65gTOr4TA6oZkhY4o+3QISDN
d6hWUGZ7KTolN2fhGM7WNlDgVvMbmwXrD5c3g9LfIMXMqQWr+vfo9Yum6zTyJCBi
xg1aja/TNkl1L2LG33sLXH8qPIDp0sfitzaDnxlFm6/aWF/a9UiuYYlIx4cOWN3J
lH7Mmicb1QVMstFWNOCjGQEhjS7v6WI8wuWO/v6/xGoyXtCRauvExt9QPRFsLO75
VnLEoay2TuqGYSE08eF5/+kguwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFERGzlfo
ExjgRgUPVyLMhjoD5wTOMB8GA1UdIwQYMBaAFK0QLtAoncTk+t5ws012YMoNK70r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBM0I5MS9BMzY1MzM2RTNF
MjQxMUVDOUI1NUUxNTJDNEY5QUUwMi9yUkF1MENpZHhPVDYzbkN6VFhaZ3lnMHJ2
U3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JSQXUwQ2lkeE9UNjNuQ3pUWFpneWcwcnZTcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTNCOTEvQTM2NTMzNkUzRTI0MTFFQzlCNTVFMTUyQzRGOUFFMDIvQTcxQzZBQTZD
MEE3MTFFRTk3QTJFOTg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnr+owDwQCAAIwCQMHACABDff/gDANBgkqhkiG9w0BAQsF
AAOCAQEAMaHtAPHRRFb6K1cXU0EBhVJEKeFv0KVpQPOP1ss7jjMi9nQ/9wk1VGNp
eznqnImuJS630s8Ii9dpIZOqDpa0qtZVklMQ55X4aZXMFEq6mftUHI8cCKHt/DIQ
Ck4ueWHypkXzYMby+M60O9pHKQcmKoxxWjBHjd+FMJgqt6PgQ7SegHWCoJRo4NRH
VK10zu1VUudVQHc7BvYTNGu62BfX+hqIoHURdX9PiKwxjBEFfwFE4cHUsZr8TcHq
LLwkAjzjij5KB1UJGLkpUxsFYJJPRsqgVEaTctWkkq3Bh767XVeIAJ5eL605AmeE
Ff9q1hkujAQgWZGeMNvQcsy85MompA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 15:40:24 2025 by rpki-client