Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE9F1/EE695FE6875D11EE8F489913C4F9AE02/398B4EEE875E11EEBCAB2514C4F9AE02.roa
File: 398B4EEE875E11EEBCAB2514C4F9AE02.roa (raw, json)
Hash identifier: uXbJ5eievhRi1JcELWkz+fcnXhb/y0aWhBNoVIZNw4s=
Subject key identifier: C3:D5:BE:74:53:B5:12:A2:98:5B:6D:DE:D5:53:12:33:3D:B9:A6:EF
Certificate issuer: /CN=A91CE9F1/serialNumber=1A7B3ECF44633E1EA24C90617AD397455E74E6B2
Certificate serial: E4
Authority key identifier: 1A:7B:3E:CF:44:63:3E:1E:A2:4C:90:61:7A:D3:97:45:5E:74:E6:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gns-z0RjPh6iTJBhetOXRV505rI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE9F1/EE695FE6875D11EE8F489913C4F9AE02/398B4EEE875E11EEBCAB2514C4F9AE02.roa
Signing time: Wed 29 Jan 2025 03:56:57 +0000
ROA not before: Wed 29 Jan 2025 03:56:57 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 150714
IP address blocks: 103.66.140.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 228 (0xe4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE9F1/serialNumber=1A7B3ECF44633E1EA24C90617AD397455E74E6B2
Validity
Not Before: Jan 29 03:56:57 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=6799a709-b549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fa:b0:bc:11:d9:b8:ba:5a:99:5b:f7:7e:16:
4e:4d:23:8e:86:bd:06:8e:a7:35:a7:99:b8:43:74:
ba:2f:a0:81:64:f9:ae:b9:9d:47:bb:47:ce:e1:93:
c6:f2:a5:1b:57:74:2e:06:34:58:8a:ee:0b:3e:e6:
26:f7:22:14:51:28:34:3c:d8:b0:42:a0:99:e3:5a:
dd:ac:ba:f6:88:e3:92:ea:80:e4:06:d2:af:c7:1d:
05:9d:1b:7e:ec:d8:73:b7:20:b4:e6:73:51:bb:9e:
ac:cf:82:ab:19:09:5c:16:af:56:ff:f9:dd:a4:7f:
21:f5:ff:35:9a:ec:da:15:d0:38:6a:d7:4c:27:97:
90:9e:a2:5e:1d:68:e7:55:ad:e1:23:88:9d:f3:ad:
57:df:80:62:9c:00:e7:18:6c:db:0b:57:78:44:0b:
fe:ca:d8:c5:6a:7a:f2:22:15:ca:d6:31:87:02:77:
50:74:1f:fb:dc:60:b5:51:ea:80:a2:e8:ce:b6:0c:
b0:5e:6f:44:81:0f:73:a1:59:2f:4e:38:b9:b4:56:
09:28:6b:0b:ca:52:74:b3:f1:9f:0a:8c:89:99:95:
c4:2f:8d:1c:09:36:f8:b3:9e:19:c5:b5:69:1f:cf:
8b:0a:f8:32:d1:25:81:ed:75:42:af:a2:c1:6c:1b:
10:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D5:BE:74:53:B5:12:A2:98:5B:6D:DE:D5:53:12:33:3D:B9:A6:EF
X509v3 Authority Key Identifier:
keyid:1A:7B:3E:CF:44:63:3E:1E:A2:4C:90:61:7A:D3:97:45:5E:74:E6:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE9F1/EE695FE6875D11EE8F489913C4F9AE02/Gns-z0RjPh6iTJBhetOXRV505rI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gns-z0RjPh6iTJBhetOXRV505rI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE9F1/EE695FE6875D11EE8F489913C4F9AE02/398B4EEE875E11EEBCAB2514C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.140.0/23
Signature Algorithm: sha256WithRSAEncryption
14:60:4b:1e:5c:9a:d1:85:91:83:c2:b5:a6:6d:a7:14:03:0e:
4f:30:bb:2f:0f:03:05:ae:2a:68:93:06:92:ec:d7:75:a0:57:
20:c6:8a:38:24:78:5d:ac:63:62:7e:49:aa:32:fb:bc:76:f9:
b0:31:ce:51:88:c3:11:fb:11:ee:5a:3a:af:e2:b0:36:1e:70:
fe:a6:d0:81:c5:74:0c:be:68:69:86:58:73:26:13:81:5f:8a:
a5:46:79:e0:65:68:7f:d8:99:79:49:31:28:40:b6:0c:a9:6d:
26:b1:24:47:c6:39:f4:3a:3c:8e:df:63:1e:c0:cb:3e:71:44:
01:16:e0:c0:97:8a:f0:39:aa:76:ee:ff:bc:74:d6:de:09:6d:
82:34:38:b3:10:a7:18:7c:cb:81:62:5e:f1:d4:c3:84:b9:6d:
43:1e:d5:78:79:f4:8f:37:8e:1e:bc:cf:52:28:0e:d9:dd:76:
63:fd:88:8c:bc:97:e8:cb:ad:b0:f9:87:db:3f:e0:47:05:37:
92:8f:2d:78:49:fd:b9:d7:c6:a3:f2:50:8a:80:76:00:38:f5:
aa:6d:63:14:03:e6:69:99:e5:94:13:3e:9c:29:a2:7a:57:87:
e4:fe:9b:b0:34:99:1f:10:6a:df:03:ec:64:fa:7b:d8:9c:6b:
53:a7:ed:dc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAOQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0U5RjExMTAvBgNVBAUTKDFBN0IzRUNGNDQ2MzNFMUVBMjRDOTA2MTdBRDM5NzQ1
NUU3NEU2QjIwHhcNMjUwMTI5MDM1NjU3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk5YTcwOS1iNTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn/qwvBHZuLpamVv3fhZOTSOOhr0Gjqc1p5m4Q3S6L6CBZPmuuZ1Hu0fO4ZPG
8qUbV3QuBjRYiu4LPuYm9yIUUSg0PNiwQqCZ41rdrLr2iOOS6oDkBtKvxx0FnRt+
7NhztyC05nNRu56sz4KrGQlcFq9W//ndpH8h9f81muzaFdA4atdMJ5eQnqJeHWjn
Va3hI4id861X34BinADnGGzbC1d4RAv+ytjFanryIhXK1jGHAndQdB/73GC1UeqA
oujOtgywXm9EgQ9zoVkvTji5tFYJKGsLylJ0s/GfCoyJmZXEL40cCTb4s54ZxbVp
H8+LCvgy0SWB7XVCr6LBbBsQwQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMPVvnRT
tRKimFtt3tVTEjM9uabvMB8GA1UdIwQYMBaAFBp7Ps9EYz4eokyQYXrTl0VedOay
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTlGMS9FRTY5NUZFNjg3
NUQxMUVFOEY0ODk5MTNDNEY5QUUwMi9HbnMtejBSalBoNmlUSkJoZXRPWFJWNTA1
ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ducy16MFJqUGg2aVRKQmhldE9YUlY1MDVySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0U5RjEvRUU2OTVGRTY4NzVEMTFFRThGNDg5OTEzQzRGOUFFMDIvMzk4QjRFRUU4
NzVFMTFFRUJDQUIyNTE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnQowwDQYJKoZIhvcNAQELBQADggEBABRgSx5cmtGFkYPC
taZtpxQDDk8wuy8PAwWuKmiTBpLs13WgVyDGijgkeF2sY2J+Saoy+7x2+bAxzlGI
wxH7Ee5aOq/isDYecP6m0IHFdAy+aGmGWHMmE4FfiqVGeeBlaH/YmXlJMShAtgyp
bSaxJEfGOfQ6PI7fYx7Ayz5xRAEW4MCXivA5qnbu/7x01t4JbYI0OLMQpxh8y4Fi
XvHUw4S5bUMe1Xh59I83jh68z1IoDtnddmP9iIy8l+jLrbD5h9s/4EcFN5KPLXhJ
/bnXxqPyUIqAdgA49aptYxQD5mmZ5ZQTPpwponpXh+T+m7A0mR8Qat8D7GT6e9ic
a1On7dw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:59:17 2025 by rpki-client