Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/4EB9FBD63CDE11EAB553996BC4F9AE02.roa
File: 4EB9FBD63CDE11EAB553996BC4F9AE02.roa (raw, json)
Hash identifier: 5Pl69Ojf2kmCxfLr0FSueU3iqe1LbesPtFydiCfx1IQ=
Subject key identifier: 0F:9E:D3:61:1F:3D:63:02:95:AF:11:CF:00:B2:9C:EF:EE:B5:3F:C3
Certificate issuer: /CN=A91C2E87/serialNumber=5A4A1A1F2D924DE85555C71D3DB66B9BB0E43643
Certificate serial: 0BD1
Authority key identifier: 5A:4A:1A:1F:2D:92:4D:E8:55:55:C7:1D:3D:B6:6B:9B:B0:E4:36:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WkoaHy2STehVVccdPbZrm7DkNkM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/4EB9FBD63CDE11EAB553996BC4F9AE02.roa
Signing time: Wed 08 Jan 2025 19:07:57 +0000
ROA not before: Wed 08 Jan 2025 19:07:57 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 58715
IP address blocks: 103.124.250.0/23 maxlen: 23
103.124.250.0/24 maxlen: 24
103.124.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3025 (0xbd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C2E87/serialNumber=5A4A1A1F2D924DE85555C71D3DB66B9BB0E43643
Validity
Not Before: Jan 8 19:07:57 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677ecd0d-b0cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8a:93:99:9d:09:1d:b7:b0:cd:05:9e:7d:88:
fc:47:c8:92:3a:04:4e:16:74:b2:be:a0:ce:16:ee:
11:69:a5:8f:34:e0:fd:67:67:1a:b2:c8:de:32:c2:
1c:4c:e8:d7:78:ba:e5:5d:43:e1:41:2a:dd:bc:75:
89:23:e5:95:57:b3:37:50:14:bf:a2:d2:78:cb:e0:
8d:df:89:8b:df:c3:cd:d6:10:e4:3e:86:9d:0a:cc:
c1:dd:83:ee:5e:ac:28:7d:12:92:49:6d:af:67:59:
89:97:27:c9:d7:9d:5a:5b:20:2e:6c:5f:ea:43:67:
b6:41:51:cd:d2:c7:73:83:21:2c:02:ac:1d:6e:3d:
77:71:98:ed:d2:4e:3c:e2:9e:8d:e2:a5:47:e3:01:
00:05:95:dd:ac:e5:dc:5d:52:56:af:04:71:f3:c1:
e1:98:00:e1:7c:2a:ca:23:52:a1:e9:6c:d7:b3:fd:
2d:a1:f9:43:74:da:a7:c5:ff:ec:3f:89:0d:be:10:
66:93:e5:dd:0a:ab:c5:e7:96:90:63:19:64:58:0e:
98:2d:eb:13:06:ff:6c:91:2e:54:3a:8c:39:fa:a1:
1b:88:3a:af:d8:01:dd:74:f9:3a:f4:65:9c:c5:31:
56:0b:9e:2a:c3:0b:45:f5:55:21:7a:a1:33:c9:0d:
88:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9E:D3:61:1F:3D:63:02:95:AF:11:CF:00:B2:9C:EF:EE:B5:3F:C3
X509v3 Authority Key Identifier:
keyid:5A:4A:1A:1F:2D:92:4D:E8:55:55:C7:1D:3D:B6:6B:9B:B0:E4:36:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/WkoaHy2STehVVccdPbZrm7DkNkM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WkoaHy2STehVVccdPbZrm7DkNkM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/4EB9FBD63CDE11EAB553996BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.124.250.0/23
Signature Algorithm: sha256WithRSAEncryption
38:49:07:22:10:ab:55:f8:2e:e2:97:4d:8e:9f:dc:27:4e:67:
38:cf:dc:d9:aa:e1:1e:f8:bf:e0:ad:f4:67:ba:9d:19:ed:d1:
cf:a1:70:2f:3d:48:75:95:b2:83:1d:9e:92:9c:fe:95:35:6a:
fb:bb:27:09:36:9a:d5:ce:db:25:84:48:c2:6b:ce:f5:bd:33:
9f:f7:d3:e3:ae:4c:fa:1c:8d:62:9a:80:d5:7a:bf:58:47:42:
c3:dd:44:07:67:98:18:94:49:1b:30:e8:5d:c1:2c:1a:2c:d7:
77:ff:01:ce:66:65:da:e5:65:6a:dd:6f:9b:1f:32:28:79:ee:
33:c6:ce:6d:5f:50:7c:47:8d:e6:91:84:30:15:4d:fb:aa:e6:
51:fb:fb:0e:f2:86:51:7f:7f:b3:1b:4f:d3:d3:e4:82:ce:88:
06:58:a0:94:33:c8:34:79:55:56:ec:50:91:ea:f1:4f:04:2b:
d4:fd:37:da:a3:a9:bc:4c:21:db:23:88:eb:b0:b9:2d:4a:bd:
4f:ed:44:c6:49:c4:8b:62:df:93:8c:5e:f3:4f:59:1d:3c:f1:
50:e0:3f:e8:46:ac:14:b6:1c:c3:78:b9:e8:7b:d8:51:93:5d:
8c:f0:9b:39:4e:58:60:5a:78:eb:0f:74:13:db:7f:08:bc:f8:
04:e6:3a:cd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC9EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzJFODcxMTAvBgNVBAUTKDVBNEExQTFGMkQ5MjRERTg1NTU1QzcxRDNEQjY2QjlC
QjBFNDM2NDMwHhcNMjUwMTA4MTkwNzU3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdlY2QwZC1iMGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnoqTmZ0JHbewzQWefYj8R8iSOgROFnSyvqDOFu4RaaWPNOD9Z2cassjeMsIc
TOjXeLrlXUPhQSrdvHWJI+WVV7M3UBS/otJ4y+CN34mL38PN1hDkPoadCszB3YPu
XqwofRKSSW2vZ1mJlyfJ151aWyAubF/qQ2e2QVHN0sdzgyEsAqwdbj13cZjt0k48
4p6N4qVH4wEABZXdrOXcXVJWrwRx88HhmADhfCrKI1Kh6WzXs/0toflDdNqnxf/s
P4kNvhBmk+XdCqvF55aQYxlkWA6YLesTBv9skS5UOow5+qEbiDqv2AHddPk69GWc
xTFWC54qwwtF9VUheqEzyQ2IgwIDAQABo4IClTCCApEwHQYDVR0OBBYEFA+e02Ef
PWMCla8RzwCynO/utT/DMB8GA1UdIwQYMBaAFFpKGh8tkk3oVVXHHT22a5uw5DZD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkU4Ny9BOUYzQzZFRTEy
OUYxMUVBQUIyNzIwMkZDNEY5QUUwMi9Xa29hSHkyU1RlaFZWY2NkUGJacm03RGtO
a00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1drb2FIeTJTVGVoVlZjY2RQYlpybTdEa05rTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzJFODcvQTlGM0M2RUUxMjlGMTFFQUFCMjcyMDJGQzRGOUFFMDIvNEVCOUZCRDYz
Q0RFMTFFQUI1NTM5OTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnfPowDQYJKoZIhvcNAQELBQADggEBADhJByIQq1X4LuKX
TY6f3CdOZzjP3Nmq4R74v+Ct9Ge6nRnt0c+hcC89SHWVsoMdnpKc/pU1avu7Jwk2
mtXO2yWESMJrzvW9M5/30+OuTPocjWKagNV6v1hHQsPdRAdnmBiUSRsw6F3BLBos
13f/Ac5mZdrlZWrdb5sfMih57jPGzm1fUHxHjeaRhDAVTfuq5lH7+w7yhlF/f7Mb
T9PT5ILOiAZYoJQzyDR5VVbsUJHq8U8EK9T9N9qjqbxMIdsjiOuwuS1KvU/tRMZJ
xIti35OMXvNPWR088VDgP+hGrBS2HMN4ueh72FGTXYzwmzlOWGBaeOsPdBPbfwi8
+ATmOs0=
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:47:21 2025 by rpki-client