Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE7DF/6D552D70277A11EDA6B1A826C4F9AE02/AAF361C0D18B11EF810E8B66C4F9AE02.roa
File: AAF361C0D18B11EF810E8B66C4F9AE02.roa (raw, json)
Hash identifier: SPHOOqF1bgvzw9UBVa77krOeq2ngEgOV4Vao4IWDQgo=
Subject key identifier: 96:44:E0:B2:F8:D1:DF:8B:10:A1:03:30:5B:65:69:90:C6:C3:07:8D
Certificate issuer: /CN=A91FE7DF/serialNumber=E7F7DD40928298EC9ECA6446A184A359A3ED5DFE
Certificate serial: 01F7
Authority key identifier: E7:F7:DD:40:92:82:98:EC:9E:CA:64:46:A1:84:A3:59:A3:ED:5D:FE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5_fdQJKCmOyeymRGoYSjWaPtXf4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE7DF/6D552D70277A11EDA6B1A826C4F9AE02/AAF361C0D18B11EF810E8B66C4F9AE02.roa
Signing time: Mon 13 Jan 2025 08:52:08 +0000
ROA not before: Mon 13 Jan 2025 08:52:08 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 206888
IP address blocks: 103.205.240.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 503 (0x1f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE7DF/serialNumber=E7F7DD40928298EC9ECA6446A184A359A3ED5DFE
Validity
Not Before: Jan 13 08:52:08 2025 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=6784d437-3b8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b4:b8:59:a2:37:dd:30:12:f6:6d:26:3b:a3:
f0:ba:a9:04:2b:66:99:fd:72:b1:b0:89:47:9a:9a:
cb:b9:70:a9:b0:e1:95:08:ad:ce:03:b0:ce:26:39:
17:13:2b:f8:f7:68:be:4a:83:a6:43:c9:b6:5f:02:
ce:e0:43:20:85:fd:58:cc:83:48:53:4d:60:ee:f0:
a4:79:9f:e9:17:54:7f:9c:13:19:6d:bb:12:f3:61:
0c:77:c4:1c:0b:e9:d6:71:4c:99:b0:9c:7a:48:fd:
04:de:37:f6:09:d3:47:50:05:ce:17:cb:ee:f9:f7:
f1:f3:64:4b:a2:73:d3:78:73:33:05:60:04:7c:5e:
09:74:45:11:49:0e:27:e2:4c:cc:f8:f2:b6:0b:6b:
6c:31:57:ef:83:46:8b:8e:59:6e:47:09:f3:16:3e:
ec:e1:2c:8b:57:88:4b:75:c6:c8:b5:82:82:12:9d:
0b:aa:82:78:f3:e4:40:4b:66:a3:e6:fc:4b:29:61:
c6:36:95:8b:e1:54:43:0d:9b:a6:4a:d5:73:55:49:
f5:16:b9:d6:45:00:32:a5:1b:b2:b6:63:b8:07:c9:
0e:96:2d:43:40:c0:3e:58:22:28:cd:35:c3:c4:86:
a4:a1:26:d3:7f:43:67:f8:ae:29:c7:fd:2e:e9:08:
df:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:44:E0:B2:F8:D1:DF:8B:10:A1:03:30:5B:65:69:90:C6:C3:07:8D
X509v3 Authority Key Identifier:
keyid:E7:F7:DD:40:92:82:98:EC:9E:CA:64:46:A1:84:A3:59:A3:ED:5D:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE7DF/6D552D70277A11EDA6B1A826C4F9AE02/5_fdQJKCmOyeymRGoYSjWaPtXf4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5_fdQJKCmOyeymRGoYSjWaPtXf4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE7DF/6D552D70277A11EDA6B1A826C4F9AE02/AAF361C0D18B11EF810E8B66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.205.240.0/22
Signature Algorithm: sha256WithRSAEncryption
03:c2:e3:26:05:88:d3:ae:d9:5a:fa:60:e4:fb:d9:5b:ed:ca:
ae:58:71:17:77:b3:0a:a6:43:30:0e:9e:cd:d4:39:75:21:f1:
39:21:5e:6e:b1:a3:7e:75:e3:af:9d:1d:51:6a:9a:4a:aa:68:
52:36:60:99:62:b4:01:19:de:00:8d:e7:3d:05:05:a4:c8:62:
66:e8:eb:9a:be:79:dc:a8:99:20:44:b3:9e:4a:51:d2:3e:1c:
23:57:c4:ed:8b:9f:f5:11:87:06:22:33:51:46:4e:69:c0:dc:
cb:a6:00:76:75:a9:d3:06:0a:2b:86:85:53:2c:88:cd:fa:c8:
40:e6:a7:e5:e6:82:20:de:20:da:08:4f:ed:7c:fe:b9:6d:86:
98:8a:df:53:6e:a7:f1:af:91:ea:53:f2:05:33:45:83:c3:3e:
ec:02:c7:e4:9f:8f:3e:1c:97:80:28:e7:fc:2a:cb:11:74:e3:
3c:0c:72:c1:86:59:ba:34:d6:7e:21:df:c8:c1:c2:32:eb:b8:
cf:74:81:39:81:24:9d:83:57:09:66:6b:37:ed:a0:0a:fb:66:
20:c0:bc:38:19:6d:c3:3f:3b:46:ae:64:c3:7b:95:f3:b1:55:
14:f2:92:17:19:73:a1:bf:26:94:2a:4c:f4:b8:b7:f0:6b:39:
e2:d2:12:cc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAfcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkU3REYxMTAvBgNVBAUTKEU3RjdERDQwOTI4Mjk4RUM5RUNBNjQ0NkExODRBMzU5
QTNFRDVERkUwHhcNMjUwMTEzMDg1MjA4WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg0ZDQzNy0zYjhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxbS4WaI33TAS9m0mO6PwuqkEK2aZ/XKxsIlHmprLuXCpsOGVCK3OA7DOJjkX
Eyv492i+SoOmQ8m2XwLO4EMghf1YzINIU01g7vCkeZ/pF1R/nBMZbbsS82EMd8Qc
C+nWcUyZsJx6SP0E3jf2CdNHUAXOF8vu+ffx82RLonPTeHMzBWAEfF4JdEURSQ4n
4kzM+PK2C2tsMVfvg0aLjlluRwnzFj7s4SyLV4hLdcbItYKCEp0LqoJ48+RAS2aj
5vxLKWHGNpWL4VRDDZumStVzVUn1FrnWRQAypRuytmO4B8kOli1DQMA+WCIozTXD
xIakoSbTf0Nn+K4px/0u6Qjf9wIDAQABo4IClTCCApEwHQYDVR0OBBYEFJZE4LL4
0d+LEKEDMFtlaZDGwweNMB8GA1UdIwQYMBaAFOf33UCSgpjsnspkRqGEo1mj7V3+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTdERi82RDU1MkQ3MDI3
N0ExMUVEQTZCMUE4MjZDNEY5QUUwMi81X2ZkUUpLQ21PeWV5bVJHb1lTaldhUHRY
ZjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVfZmRRSktDbU95ZXltUkdvWVNqV2FQdFhmNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkU3REYvNkQ1NTJENzAyNzdBMTFFREE2QjFBODI2QzRGOUFFMDIvQUFGMzYxQzBE
MThCMTFFRjgxMEU4QjY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnzfAwDQYJKoZIhvcNAQELBQADggEBAAPC4yYFiNOu2Vr6
YOT72Vvtyq5YcRd3swqmQzAOns3UOXUh8TkhXm6xo35146+dHVFqmkqqaFI2YJli
tAEZ3gCN5z0FBaTIYmbo65q+edyomSBEs55KUdI+HCNXxO2Ln/URhwYiM1FGTmnA
3MumAHZ1qdMGCiuGhVMsiM36yEDmp+XmgiDeINoIT+18/rlthpiK31Nup/GvkepT
8gUzRYPDPuwCx+Sfjz4cl4Ao5/wqyxF04zwMcsGGWbo01n4h38jBwjLruM90gTmB
JJ2DVwlmazftoAr7ZiDAvDgZbcM/O0auZMN7lfOxVRTykhcZc6G/JpQqTPS4t/Br
OeLSEsw=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:04:34 2025 by rpki-client