Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ABEAC/1CD146B0FD1111ECAD8B5228C4F9AE02/7F64C44645A511ED93E3C45BC4F9AE02.roa
File: 7F64C44645A511ED93E3C45BC4F9AE02.roa (raw, json)
Hash identifier: Bg1GhaBWG9ZnbioiTw4VxZi4hDCzIRIbJ2r9iNJxCVE=
Subject key identifier: 2D:AB:CF:1A:4A:DA:40:A4:1C:1D:85:1B:D5:B7:BD:88:E2:22:F7:8F
Certificate issuer: /CN=A91ABEAC/serialNumber=8F5D5E5879A75158F2CFFB32ADD94471F974183F
Certificate serial: 022B
Authority key identifier: 8F:5D:5E:58:79:A7:51:58:F2:CF:FB:32:AD:D9:44:71:F9:74:18:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/j11eWHmnUVjyz_syrdlEcfl0GD8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ABEAC/1CD146B0FD1111ECAD8B5228C4F9AE02/7F64C44645A511ED93E3C45BC4F9AE02.roa
Signing time: Tue 01 Oct 2024 02:16:22 +0000
ROA not before: Tue 01 Oct 2024 02:16:22 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 58704
IP address blocks: 103.20.140.0/22 maxlen: 24
2405:2f00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 555 (0x22b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ABEAC/serialNumber=8F5D5E5879A75158F2CFFB32ADD94471F974183F
Validity
Not Before: Oct 1 02:16:22 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66fb5b75-14f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:03:56:58:92:e3:ff:c7:31:49:bc:d4:23:61:
0e:3e:29:6e:e0:ea:75:bb:cb:22:f2:83:ba:61:7b:
e5:27:3c:a7:5f:a8:2f:12:0d:c7:3e:e2:4b:ac:8d:
ad:e0:6c:38:50:ec:60:b9:9e:b3:3c:94:2c:b6:b5:
f2:de:0c:a9:e9:f9:63:82:19:11:d2:35:3a:9d:43:
8e:13:e5:91:a1:1a:bd:86:f2:c1:9f:c5:d5:92:be:
e3:1a:da:e6:d2:cc:14:a1:7a:35:b1:2f:f5:2c:e9:
16:80:67:00:8a:81:0d:69:36:24:2f:99:4c:91:9e:
44:6c:11:72:04:ff:d9:ab:e3:d3:cf:b3:1e:51:31:
01:ba:2d:46:47:c8:b6:21:c7:f6:8e:e9:da:34:29:
b7:10:39:1f:4f:58:b2:7f:26:44:3a:fe:de:9f:7c:
bd:fb:84:9a:8d:6f:d3:54:1d:f3:43:64:e5:9d:3d:
af:ff:54:7a:57:76:0f:aa:17:b5:85:47:d4:18:a3:
6f:ce:bc:d3:a3:17:63:04:12:10:fc:ba:cd:4d:c9:
7d:36:93:76:1f:90:34:c2:ee:bc:ef:21:54:9f:60:
3a:d0:51:e0:25:b1:a0:b3:f8:35:13:a6:c9:03:7c:
b9:c7:c4:2e:36:1b:69:2b:98:d0:7f:e9:d5:73:17:
f7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:AB:CF:1A:4A:DA:40:A4:1C:1D:85:1B:D5:B7:BD:88:E2:22:F7:8F
X509v3 Authority Key Identifier:
keyid:8F:5D:5E:58:79:A7:51:58:F2:CF:FB:32:AD:D9:44:71:F9:74:18:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ABEAC/1CD146B0FD1111ECAD8B5228C4F9AE02/j11eWHmnUVjyz_syrdlEcfl0GD8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/j11eWHmnUVjyz_syrdlEcfl0GD8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ABEAC/1CD146B0FD1111ECAD8B5228C4F9AE02/7F64C44645A511ED93E3C45BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.140.0/22
IPv6:
2405:2f00::/32
Signature Algorithm: sha256WithRSAEncryption
62:bf:11:5e:fa:ab:14:a1:b3:41:6d:11:2b:cc:4c:d6:0b:ef:
7c:7d:76:51:ac:2a:2c:26:12:94:eb:ba:44:27:77:30:0e:46:
aa:f3:ad:ab:de:da:1d:ca:b7:ee:4f:cc:7b:78:8e:ea:e5:b4:
8b:5d:76:ad:80:bd:04:39:08:5f:b3:15:9b:86:22:d7:d4:ff:
b4:06:10:d7:63:f5:a9:d9:b8:b1:b3:35:ab:e6:e2:18:ef:ee:
e5:29:98:c6:20:e3:27:56:56:a8:cd:af:19:09:12:ce:59:f4:
1b:16:eb:1d:8e:29:a2:d4:0a:f1:88:3c:5a:10:b9:c2:60:ba:
fd:4a:00:4f:d3:aa:3b:03:60:48:e4:9f:af:a6:e0:a4:e5:eb:
c2:a7:f8:90:38:b8:30:4c:3b:c0:5b:49:47:33:e1:78:3f:10:
d4:d5:4f:f1:fb:c0:6b:33:5d:f8:18:b7:db:23:6d:50:34:2d:
c3:98:5d:11:8d:7b:e0:52:eb:6f:c5:07:4e:3a:84:c8:68:c9:
92:df:40:b5:2e:41:62:b1:e5:9d:0a:37:67:03:e6:e0:12:6e:
6e:a7:a8:66:3d:ab:eb:40:b4:73:8d:d0:ad:b8:d8:88:71:a8:
2b:99:9d:df:ea:d2:cc:89:ab:97:47:c2:f4:c0:85:45:57:47:
73:ee:d5:71
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAiswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUJFQUMxMTAvBgNVBAUTKDhGNUQ1RTU4NzlBNzUxNThGMkNGRkIzMkFERDk0NDcx
Rjk3NDE4M0YwHhcNMjQxMDAxMDIxNjIyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZiNWI3NS0xNGYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8QNWWJLj/8cxSbzUI2EOPilu4Op1u8si8oO6YXvlJzynX6gvEg3HPuJLrI2t
4Gw4UOxguZ6zPJQstrXy3gyp6fljghkR0jU6nUOOE+WRoRq9hvLBn8XVkr7jGtrm
0swUoXo1sS/1LOkWgGcAioENaTYkL5lMkZ5EbBFyBP/Zq+PTz7MeUTEBui1GR8i2
Icf2junaNCm3EDkfT1iyfyZEOv7en3y9+4SajW/TVB3zQ2TlnT2v/1R6V3YPqhe1
hUfUGKNvzrzToxdjBBIQ/LrNTcl9NpN2H5A0wu687yFUn2A60FHgJbGgs/g1E6bJ
A3y5x8QuNhtpK5jQf+nVcxf3owIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFC2rzxpK
2kCkHB2FG9W3vYjiIvePMB8GA1UdIwQYMBaAFI9dXlh5p1FY8s/7Mq3ZRHH5dBg/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQkVBQy8xQ0QxNDZCMEZE
MTExMUVDQUQ4QjUyMjhDNEY5QUUwMi9qMTFlV0htblVWanl6X3N5cmRsRWNmbDBH
RDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2oxMWVXSG1uVVZqeXpfc3lyZGxFY2ZsMEdEOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUJFQUMvMUNEMTQ2QjBGRDExMTFFQ0FEOEI1MjI4QzRGOUFFMDIvN0Y2NEM0NDY0
NUE1MTFFRDkzRTNDNDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnFIwwDQQCAAIwBwMFACQFLwAwDQYJKoZIhvcNAQELBQAD
ggEBAGK/EV76qxShs0FtESvMTNYL73x9dlGsKiwmEpTrukQndzAORqrzrave2h3K
t+5PzHt4jurltItddq2AvQQ5CF+zFZuGItfU/7QGENdj9anZuLGzNavm4hjv7uUp
mMYg4ydWVqjNrxkJEs5Z9BsW6x2OKaLUCvGIPFoQucJguv1KAE/TqjsDYEjkn6+m
4KTl68Kn+JA4uDBMO8BbSUcz4Xg/ENTVT/H7wGszXfgYt9sjbVA0LcOYXRGNe+BS
62/FB046hMhoyZLfQLUuQWKx5Z0KN2cD5uASbm6nqGY9q+tAtHON0K242IhxqCuZ
nd/q0syJq5dHwvTAhUVXR3Pu1XE=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:10:31 2025 by rpki-client