Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA6A1/315B7E08FF7B11EDA62DF10EC4F9AE02/1DDE652A03C211EEB2272068C4F9AE02.roa
File: 1DDE652A03C211EEB2272068C4F9AE02.roa (raw, json)
Hash identifier: 3jNUoCccmrM56z8z19CQSeUZl708g7HitdvgnX+ByM8=
Subject key identifier: C4:29:CF:E3:A0:06:2C:AB:F8:A4:E5:4D:6C:CB:0B:05:35:57:F1:5A
Certificate issuer: /CN=A91EA6A1/serialNumber=CDD7CC5994E3404E6C23AE942A59218B57C5C131
Certificate serial: 0128
Authority key identifier: CD:D7:CC:59:94:E3:40:4E:6C:23:AE:94:2A:59:21:8B:57:C5:C1:31
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zdfMWZTjQE5sI66UKlkhi1fFwTE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA6A1/315B7E08FF7B11EDA62DF10EC4F9AE02/1DDE652A03C211EEB2272068C4F9AE02.roa
Signing time: Mon 09 Dec 2024 03:06:32 +0000
ROA not before: Mon 09 Dec 2024 03:06:32 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 137418
IP address blocks: 103.197.201.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 296 (0x128)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA6A1/serialNumber=CDD7CC5994E3404E6C23AE942A59218B57C5C131
Validity
Not Before: Dec 9 03:06:32 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67565eb8-f626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f5:b3:f3:14:49:a9:fa:ae:5f:ef:33:f6:ac:
b8:1e:bb:09:3c:b7:63:99:cf:67:71:25:90:6f:50:
aa:f2:e8:8c:6d:d4:f9:eb:6a:58:71:84:f1:6f:de:
95:be:f0:84:1c:b6:29:fd:57:35:63:5d:d6:bb:b3:
5b:12:4d:bb:91:5d:dc:ec:6a:df:b7:78:26:67:8b:
0b:f5:e3:3d:36:13:2e:b8:ca:74:2a:63:b6:33:71:
0f:36:9c:3d:53:04:a4:b4:12:36:98:14:fe:98:16:
c1:37:c9:9c:fa:4b:f3:62:52:12:81:46:fd:06:1b:
e6:6f:5d:34:ef:ba:bf:23:f8:57:d0:28:47:4e:67:
e6:4a:a3:b1:01:a5:02:28:7b:46:e8:61:e0:fc:fd:
b9:fa:0a:dd:83:68:f5:f4:87:b1:74:f3:92:fd:ec:
1d:4e:00:54:a5:e3:79:1c:26:ff:3b:82:0b:22:4a:
de:73:67:f9:41:88:c3:0a:32:c2:10:42:82:2b:20:
a7:fa:0d:4a:35:1d:fe:e6:a4:b2:d1:3c:66:25:80:
38:f4:8e:6c:3a:c0:98:82:23:fd:cf:9a:28:4a:6d:
ac:28:67:8d:78:73:24:41:3d:70:9d:be:c4:8f:d2:
cf:9b:c3:05:f9:33:97:be:fc:09:ff:ad:24:61:e8:
5e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:29:CF:E3:A0:06:2C:AB:F8:A4:E5:4D:6C:CB:0B:05:35:57:F1:5A
X509v3 Authority Key Identifier:
keyid:CD:D7:CC:59:94:E3:40:4E:6C:23:AE:94:2A:59:21:8B:57:C5:C1:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA6A1/315B7E08FF7B11EDA62DF10EC4F9AE02/zdfMWZTjQE5sI66UKlkhi1fFwTE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zdfMWZTjQE5sI66UKlkhi1fFwTE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA6A1/315B7E08FF7B11EDA62DF10EC4F9AE02/1DDE652A03C211EEB2272068C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.197.201.0/24
Signature Algorithm: sha256WithRSAEncryption
21:b9:bf:a2:c7:4e:ba:89:93:1c:dc:f9:7e:b9:01:4f:8d:1c:
69:22:69:a8:6b:8f:d4:90:8f:ce:a3:ee:cb:fd:92:c5:27:54:
26:0c:a5:52:22:f6:4e:c4:82:95:86:63:f2:fa:58:3e:94:5c:
ce:c8:08:b2:03:87:dc:d4:4d:77:c2:8e:c1:7a:30:f3:91:40:
77:5f:b9:1b:a7:72:d0:d6:c4:5e:43:8f:bd:47:5b:fb:20:1c:
09:b5:75:35:32:8f:3e:e7:d1:eb:64:ac:d1:ee:1e:bf:f0:bb:
3e:15:76:8b:77:87:7b:12:cf:71:da:23:91:52:2f:6b:f2:1b:
67:50:d1:c0:4d:c5:1f:c7:3a:44:ff:cc:a6:fd:b2:98:05:68:
dd:c2:f6:86:1d:b2:89:74:95:07:8d:c1:ca:76:c9:46:b6:d3:
02:72:a9:84:68:17:a5:54:af:1b:30:22:7b:d9:65:59:15:ab:
2d:4e:40:9e:67:d8:f1:95:84:0c:6f:69:5d:f1:e8:a5:8d:91:
8f:dd:e8:11:e6:2b:49:b0:da:1d:f3:99:a7:ec:75:3d:c6:29:
43:05:c2:37:a0:0e:32:45:ca:fa:a2:49:e6:be:22:04:53:6f:
53:d2:0b:19:11:c8:97:2f:4c:ac:a7:84:ff:c8:14:3c:ab:93:
97:06:c4:88
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICASgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE2QTExMTAvBgNVBAUTKENERDdDQzU5OTRFMzQwNEU2QzIzQUU5NDJBNTkyMThC
NTdDNUMxMzEwHhcNMjQxMjA5MDMwNjMyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU2NWViOC1mNjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3/Wz8xRJqfquX+8z9qy4HrsJPLdjmc9ncSWQb1Cq8uiMbdT562pYcYTxb96V
vvCEHLYp/Vc1Y13Wu7NbEk27kV3c7Grft3gmZ4sL9eM9NhMuuMp0KmO2M3EPNpw9
UwSktBI2mBT+mBbBN8mc+kvzYlISgUb9Bhvmb10077q/I/hX0ChHTmfmSqOxAaUC
KHtG6GHg/P25+grdg2j19IexdPOS/ewdTgBUpeN5HCb/O4ILIkrec2f5QYjDCjLC
EEKCKyCn+g1KNR3+5qSy0TxmJYA49I5sOsCYgiP9z5ooSm2sKGeNeHMkQT1wnb7E
j9LPm8MF+TOXvvwJ/60kYeheKwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMQpz+Og
Biyr+KTlTWzLCwU1V/FaMB8GA1UdIwQYMBaAFM3XzFmU40BObCOulCpZIYtXxcEx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTZBMS8zMTVCN0UwOEZG
N0IxMUVEQTYyREYxMEVDNEY5QUUwMi96ZGZNV1pUalFFNXNJNjZVS2xraGkxZkZ3
VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pkZk1XWlRqUUU1c0k2NlVLbGtoaTFmRndURS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE2QTEvMzE1QjdFMDhGRjdCMTFFREE2MkRGMTBFQzRGOUFFMDIvMURERTY1MkEw
M0MyMTFFRUIyMjcyMDY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnxckwDQYJKoZIhvcNAQELBQADggEBACG5v6LHTrqJkxzc
+X65AU+NHGkiaahrj9SQj86j7sv9ksUnVCYMpVIi9k7EgpWGY/L6WD6UXM7ICLID
h9zUTXfCjsF6MPORQHdfuRunctDWxF5Dj71HW/sgHAm1dTUyjz7n0etkrNHuHr/w
uz4Vdot3h3sSz3HaI5FSL2vyG2dQ0cBNxR/HOkT/zKb9spgFaN3C9oYdsol0lQeN
wcp2yUa20wJyqYRoF6VUrxswInvZZVkVqy1OQJ5n2PGVhAxvaV3x6KWNkY/d6BHm
K0mw2h3zmafsdT3GKUMFwjegDjJFyvqiSea+IgRTb1PSCxkRyJcvTKynhP/IFDyr
k5cGxIg=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:57:12 2025 by rpki-client