Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5FCD/0BE0FFE0780E11E78334C521C4F9AE02/08CD5AD2DA2B11EBA1C6AA3CC4F9AE02.roa
File: 08CD5AD2DA2B11EBA1C6AA3CC4F9AE02.roa (raw, json)
Hash identifier: 18yGqSgC4OjskRlJV7bTeEZSgygKIsdz22IPs64qVtw=
Subject key identifier: 7E:79:DA:B4:7A:2A:E3:7C:DE:A4:BD:CC:63:80:55:D0:9B:16:FB:4E
Certificate issuer: /CN=A91E5FCD/serialNumber=273AAAE2E3BE994FC2833F85712923CD417B7FAD
Certificate serial: 0539
Authority key identifier: 27:3A:AA:E2:E3:BE:99:4F:C2:83:3F:85:71:29:23:CD:41:7B:7F:AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jzqq4uO-mU_Cgz-FcSkjzUF7f60.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E5FCD/0BE0FFE0780E11E78334C521C4F9AE02/08CD5AD2DA2B11EBA1C6AA3CC4F9AE02.roa
Signing time: Wed 04 Dec 2024 16:24:24 +0000
ROA not before: Wed 04 Dec 2024 16:24:24 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 136807
IP address blocks: 103.205.39.0/24 maxlen: 24
2001:df0:3b00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1337 (0x539)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5FCD/serialNumber=273AAAE2E3BE994FC2833F85712923CD417B7FAD
Validity
Not Before: Dec 4 16:24:24 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67508238-5687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:60:42:b2:a0:f3:37:d8:c3:40:c2:77:8e:8e:
74:59:ee:21:c8:30:37:73:88:10:3e:74:51:d4:f2:
ec:08:dc:9a:9c:6a:7e:46:d0:93:8e:7b:97:ff:9e:
cb:06:0c:18:7b:f5:f0:68:2b:ba:10:f3:64:9a:a3:
7e:74:27:f4:33:1d:03:8b:f6:38:9d:cc:08:83:c3:
d1:40:91:fe:d1:90:91:8e:75:bc:7f:e2:86:91:13:
ec:43:6b:cf:2c:6c:cd:c8:c4:53:30:d2:c2:0c:d0:
ae:2c:ef:d1:29:b5:a9:3e:25:1c:cb:54:61:63:60:
2b:53:c3:93:84:43:0f:f2:4e:5f:0c:9c:cf:fe:66:
24:4e:94:87:81:58:c1:c0:94:25:66:44:83:37:60:
74:5f:44:e8:a5:e2:04:77:36:e2:81:3f:74:73:1a:
ec:e9:9b:95:14:67:a0:0e:c0:df:38:1a:26:57:ce:
e7:d0:7d:9f:0b:87:86:ea:2c:b6:e1:78:3d:ae:88:
29:54:7a:cb:b0:78:d2:7f:d9:52:08:90:27:7f:82:
56:6f:ff:b6:e8:09:3f:ac:47:12:b6:19:b6:98:4a:
c9:3b:a0:ca:88:39:52:03:33:37:19:85:0b:eb:4d:
e4:85:63:cd:76:71:6a:71:0a:46:0b:3c:bf:56:01:
40:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:79:DA:B4:7A:2A:E3:7C:DE:A4:BD:CC:63:80:55:D0:9B:16:FB:4E
X509v3 Authority Key Identifier:
keyid:27:3A:AA:E2:E3:BE:99:4F:C2:83:3F:85:71:29:23:CD:41:7B:7F:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E5FCD/0BE0FFE0780E11E78334C521C4F9AE02/Jzqq4uO-mU_Cgz-FcSkjzUF7f60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jzqq4uO-mU_Cgz-FcSkjzUF7f60.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5FCD/0BE0FFE0780E11E78334C521C4F9AE02/08CD5AD2DA2B11EBA1C6AA3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.205.39.0/24
IPv6:
2001:df0:3b00::/48
Signature Algorithm: sha256WithRSAEncryption
54:b7:98:60:7c:ac:dd:5e:36:c1:78:00:65:55:3a:91:d6:a1:
f6:43:4c:b4:91:41:44:6d:2c:a1:74:de:aa:0c:4c:aa:36:0e:
88:b5:4d:1b:0c:5c:cc:94:9a:85:12:b5:4a:42:fd:57:ee:ce:
27:ff:19:55:41:27:6d:c8:03:c2:8a:a3:90:4f:14:ec:ac:8e:
08:73:d5:7b:2b:9c:a9:76:0b:2e:07:71:6a:20:ab:c1:94:7e:
d5:4a:f3:d5:1d:22:1a:8a:8d:e9:0f:dd:12:80:f2:3c:80:43:
43:a2:0d:39:ac:e7:54:bf:cf:3e:1b:99:86:cf:2f:3b:f8:16:
d0:fa:2d:61:44:de:07:70:09:0f:7a:18:73:b5:7a:a8:7e:c7:
91:c2:07:45:ef:b8:b0:6f:ef:33:08:21:33:99:c9:5a:fc:42:
fa:95:e4:92:f7:72:30:05:48:67:bd:5c:53:02:67:b4:43:c7:
62:bd:d1:21:3f:80:40:c9:f4:c8:03:e7:17:70:0e:e3:34:0e:
08:87:83:b6:61:87:9c:5b:ba:59:cf:af:04:69:7f:dc:ce:13:
d2:84:a9:e8:d6:fc:7a:04:28:02:53:a3:f9:cd:eb:0f:3c:ad:
a6:d9:61:73:e2:f2:fa:34:7b:b4:a2:0e:05:e7:5c:e0:cc:e9:
7c:2b:6a:3f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBTkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTVGQ0QxMTAvBgNVBAUTKDI3M0FBQUUyRTNCRTk5NEZDMjgzM0Y4NTcxMjkyM0NE
NDE3QjdGQUQwHhcNMjQxMjA0MTYyNDI0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwODIzOC01Njg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyWBCsqDzN9jDQMJ3jo50We4hyDA3c4gQPnRR1PLsCNyanGp+RtCTjnuX/57L
BgwYe/XwaCu6EPNkmqN+dCf0Mx0Di/Y4ncwIg8PRQJH+0ZCRjnW8f+KGkRPsQ2vP
LGzNyMRTMNLCDNCuLO/RKbWpPiUcy1RhY2ArU8OThEMP8k5fDJzP/mYkTpSHgVjB
wJQlZkSDN2B0X0TopeIEdzbigT90cxrs6ZuVFGegDsDfOBomV87n0H2fC4eG6iy2
4Xg9rogpVHrLsHjSf9lSCJAnf4JWb/+26Ak/rEcSthm2mErJO6DKiDlSAzM3GYUL
603khWPNdnFqcQpGCzy/VgFAQQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFH552rR6
KuN83qS9zGOAVdCbFvtOMB8GA1UdIwQYMBaAFCc6quLjvplPwoM/hXEpI81Be3+t
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUZDRC8wQkUwRkZFMDc4
MEUxMUU3ODMzNEM1MjFDNEY5QUUwMi9KenFxNHVPLW1VX0Nnei1GY1NranpVRjdm
NjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0p6cXE0dU8tbVVfQ2d6LUZjU2tqelVGN2Y2MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTVGQ0QvMEJFMEZGRTA3ODBFMTFFNzgzMzRDNTIxQzRGOUFFMDIvMDhDRDVBRDJE
QTJCMTFFQkExQzZBQTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnzScwDwQCAAIwCQMHACABDfA7ADANBgkqhkiG9w0BAQsF
AAOCAQEAVLeYYHys3V42wXgAZVU6kdah9kNMtJFBRG0soXTeqgxMqjYOiLVNGwxc
zJSahRK1SkL9V+7OJ/8ZVUEnbcgDwoqjkE8U7KyOCHPVeyucqXYLLgdxaiCrwZR+
1Urz1R0iGoqN6Q/dEoDyPIBDQ6INOaznVL/PPhuZhs8vO/gW0PotYUTeB3AJD3oY
c7V6qH7HkcIHRe+4sG/vMwghM5nJWvxC+pXkkvdyMAVIZ71cUwJntEPHYr3RIT+A
QMn0yAPnF3AO4zQOCIeDtmGHnFu6Wc+vBGl/3M4T0oSp6Nb8egQoAlOj+c3rDzyt
ptlhc+Ly+jR7tKIOBedc4MzpfCtqPw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:31:51 2025 by rpki-client