Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDA00/7DD750DC1CE211EB9AAB4977C4F9AE02/1709C2B8168A11EF9AB3AC81C4F9AE02.roa
File: 1709C2B8168A11EF9AB3AC81C4F9AE02.roa (raw, json)
Hash identifier: 6lqtMCW8IvOvqGuBOjNcKUUrwCDyIhzNfX51lGH2eaU=
Subject key identifier: 1C:67:50:C8:F9:1E:78:2F:4B:A7:53:67:5C:6F:CD:92:CF:3C:E0:DE
Certificate issuer: /CN=A91FDA00/serialNumber=B1EEC59ED561A0DB3D7D40C30AF2AB6FED297A98
Certificate serial: 071B
Authority key identifier: B1:EE:C5:9E:D5:61:A0:DB:3D:7D:40:C3:0A:F2:AB:6F:ED:29:7A:98
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/se7FntVhoNs9fUDDCvKrb-0pepg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FDA00/7DD750DC1CE211EB9AAB4977C4F9AE02/1709C2B8168A11EF9AB3AC81C4F9AE02.roa
Signing time: Thu 28 Nov 2024 21:41:26 +0000
ROA not before: Thu 28 Nov 2024 21:41:26 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 134712
IP address blocks: 103.158.4.0/23 maxlen: 23
103.158.4.0/24 maxlen: 24
103.158.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1819 (0x71b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FDA00/serialNumber=B1EEC59ED561A0DB3D7D40C30AF2AB6FED297A98
Validity
Not Before: Nov 28 21:41:26 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6748e385-655e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1c:1c:21:53:2a:6b:db:d7:ab:f5:6d:6d:b9:
a3:d1:be:81:61:d6:c6:58:81:84:35:15:4c:be:f9:
f5:9d:59:6c:48:46:55:c6:43:e0:fa:f5:88:36:dc:
f4:78:5a:19:fa:28:de:cb:cf:8b:22:3c:2e:bd:0c:
99:d2:e7:a9:f8:e4:33:1b:20:75:ff:e6:5b:10:1b:
67:38:67:3f:35:f9:09:87:bd:49:b1:b7:18:4a:0c:
9b:af:11:b1:f9:07:59:a0:98:af:4e:eb:4a:14:ba:
6e:7a:06:bc:38:a2:06:c3:24:57:99:14:ae:f2:d7:
10:8c:81:b9:00:47:98:b8:f1:ce:a6:0c:78:2f:04:
28:29:e3:08:37:43:4c:2f:41:1f:93:5d:27:cb:ac:
a7:3f:44:0d:60:30:ec:a0:ba:3d:7d:61:57:1a:77:
10:64:a7:d3:ff:a3:dd:17:2d:4a:c6:89:4f:7a:47:
1d:24:ed:48:55:27:b6:94:43:27:32:14:3a:46:6e:
34:4e:a9:89:18:21:0e:23:c3:a1:78:34:ff:86:cf:
c7:8d:f3:53:74:11:22:21:ae:fe:67:29:82:7b:86:
7d:db:63:fc:24:4c:f5:65:c7:9f:e2:d4:7b:30:2a:
81:66:12:f0:b9:f8:5a:f0:2a:07:47:72:02:45:88:
37:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:67:50:C8:F9:1E:78:2F:4B:A7:53:67:5C:6F:CD:92:CF:3C:E0:DE
X509v3 Authority Key Identifier:
keyid:B1:EE:C5:9E:D5:61:A0:DB:3D:7D:40:C3:0A:F2:AB:6F:ED:29:7A:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FDA00/7DD750DC1CE211EB9AAB4977C4F9AE02/se7FntVhoNs9fUDDCvKrb-0pepg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/se7FntVhoNs9fUDDCvKrb-0pepg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDA00/7DD750DC1CE211EB9AAB4977C4F9AE02/1709C2B8168A11EF9AB3AC81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.4.0/23
Signature Algorithm: sha256WithRSAEncryption
81:6f:c7:54:43:10:7d:25:b7:53:57:b9:1f:95:03:d3:2a:20:
26:00:e3:0a:44:a3:28:cf:cc:cd:db:42:b5:4e:6d:78:bc:ae:
84:2f:48:92:5d:1b:44:94:f8:7f:e1:4e:f2:56:50:7c:53:f7:
72:0a:b0:47:9b:ba:9d:c6:bb:54:e9:c6:21:ad:5e:30:a1:3a:
ef:4e:d3:6f:56:22:8a:de:ad:df:bc:f8:44:79:71:42:e2:79:
87:2d:f3:55:5b:14:29:ff:80:ca:df:f3:ef:09:03:53:67:76:
d7:80:e7:8f:c5:2d:0a:3a:2b:a9:10:bd:a3:4d:32:ce:1c:94:
e1:9a:c6:a8:7d:5a:d4:9f:9e:04:1f:0b:53:41:3b:0c:9b:57:
40:af:42:3a:9e:d7:01:16:dd:cc:38:7a:cf:39:5a:a0:d8:a4:
72:65:a8:6d:ca:ed:83:3d:3c:28:c7:f9:20:df:b4:95:ed:2b:
46:13:5a:9d:ec:17:72:8e:a2:41:b8:25:57:16:98:39:46:6b:
20:87:d4:ed:45:f3:b6:74:13:0e:ae:e4:0d:c1:52:ea:83:15:
5b:be:7e:3d:46:df:e2:25:4b:bf:bf:ed:54:88:50:43:06:f4:
84:47:0f:f5:24:f1:75:c8:38:fa:6f:98:14:60:0b:2f:b7:b4:
86:bf:fa:44
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBxswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkRBMDAxMTAvBgNVBAUTKEIxRUVDNTlFRDU2MUEwREIzRDdENDBDMzBBRjJBQjZG
RUQyOTdBOTgwHhcNMjQxMTI4MjE0MTI2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ4ZTM4NS02NTVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxRwcIVMqa9vXq/Vtbbmj0b6BYdbGWIGENRVMvvn1nVlsSEZVxkPg+vWINtz0
eFoZ+ijey8+LIjwuvQyZ0uep+OQzGyB1/+ZbEBtnOGc/NfkJh71JsbcYSgybrxGx
+QdZoJivTutKFLpuega8OKIGwyRXmRSu8tcQjIG5AEeYuPHOpgx4LwQoKeMIN0NM
L0Efk10ny6ynP0QNYDDsoLo9fWFXGncQZKfT/6PdFy1KxolPekcdJO1IVSe2lEMn
MhQ6Rm40TqmJGCEOI8OheDT/hs/HjfNTdBEiIa7+ZymCe4Z922P8JEz1Zcef4tR7
MCqBZhLwufha8CoHR3ICRYg3TQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBxnUMj5
HngvS6dTZ1xvzZLPPODeMB8GA1UdIwQYMBaAFLHuxZ7VYaDbPX1Awwryq2/tKXqY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREEwMC83REQ3NTBEQzFD
RTIxMUVCOUFBQjQ5NzdDNEY5QUUwMi9zZTdGbnRWaG9OczlmVUREQ3ZLcmItMHBl
cGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NlN0ZudFZob05zOWZVRERDdktyYi0wcGVwZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkRBMDAvN0RENzUwREMxQ0UyMTFFQjlBQUI0OTc3QzRGOUFFMDIvMTcwOUMyQjgx
NjhBMTFFRjlBQjNBQzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnngQwDQYJKoZIhvcNAQELBQADggEBAIFvx1RDEH0lt1NX
uR+VA9MqICYA4wpEoyjPzM3bQrVObXi8roQvSJJdG0SU+H/hTvJWUHxT93IKsEeb
up3Gu1TpxiGtXjChOu9O029WIorerd+8+ER5cULieYct81VbFCn/gMrf8+8JA1Nn
dteA54/FLQo6K6kQvaNNMs4clOGaxqh9WtSfngQfC1NBOwybV0CvQjqe1wEW3cw4
es85WqDYpHJlqG3K7YM9PCjH+SDftJXtK0YTWp3sF3KOokG4JVcWmDlGayCH1O1F
87Z0Ew6u5A3BUuqDFVu+fj1G3+IlS7+/7VSIUEMG9IRHD/Uk8XXIOPpvmBRgCy+3
tIa/+kQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:28:43 2025 by rpki-client