Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/F097281C169A11EF8927EC2DC4F9AE02.roa
File: F097281C169A11EF8927EC2DC4F9AE02.roa (raw, json)
Hash identifier: w3Ln1KV8lxVl5Uw2YRQh7wulnVukzVJfQnsYtJXybYU=
Subject key identifier: 12:D3:D2:BA:7E:D4:7F:8D:CE:74:C0:F7:EE:A9:0F:9C:21:BC:60:B0
Certificate issuer: /CN=A91C7C04/serialNumber=0AE222EC5E17A6E632B559D49C5B1EF332DA43CB
Certificate serial: 06A7
Authority key identifier: 0A:E2:22:EC:5E:17:A6:E6:32:B5:59:D4:9C:5B:1E:F3:32:DA:43:CB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CuIi7F4XpuYytVnUnFse8zLaQ8s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/F097281C169A11EF8927EC2DC4F9AE02.roa
Signing time: Thu 23 Jan 2025 03:11:27 +0000
ROA not before: Thu 23 Jan 2025 03:11:27 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 62468
IP address blocks: 43.251.116.0/23 maxlen: 24
103.42.180.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1703 (0x6a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7C04/serialNumber=0AE222EC5E17A6E632B559D49C5B1EF332DA43CB
Validity
Not Before: Jan 23 03:11:27 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6791b35e-1403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:af:05:13:b9:36:4b:04:34:97:1c:ed:8c:ad:
45:a8:a7:b8:7e:a2:36:56:76:5a:40:dc:85:03:a4:
39:73:39:56:56:c1:9c:4d:e8:79:47:60:6a:ee:b9:
a5:c8:87:72:ef:c3:91:9b:98:82:bf:2d:d3:3a:af:
c0:76:94:b4:31:25:a0:ea:8c:79:f5:ae:9e:c6:3f:
9d:78:10:83:96:48:ea:d2:f4:be:4d:cd:9f:28:65:
29:6c:69:87:a2:ef:90:20:9c:76:ef:75:fb:16:cb:
91:46:7c:4c:63:d0:ce:ce:af:a9:72:b3:7b:70:c6:
57:36:7b:21:17:9f:2a:97:a9:da:23:e6:6a:92:c8:
1b:e8:e6:cd:7a:d8:e0:31:51:04:94:d4:b7:8e:25:
b3:a7:41:e9:05:2c:f5:a7:cb:df:83:9d:57:4c:c6:
21:f4:bc:eb:3b:f0:48:49:53:ab:4f:bf:a2:8e:b9:
86:c4:3b:4e:f8:ef:21:0d:b1:0f:7e:94:79:1f:46:
f8:a3:89:82:5e:3b:eb:72:05:41:81:ec:51:0e:e8:
49:b4:f1:d6:ee:eb:79:19:85:1d:32:7a:62:14:81:
ad:f5:b1:e8:ce:bc:26:db:73:a0:bc:c6:51:64:03:
b1:53:17:78:6a:44:33:48:90:6a:96:81:af:1d:44:
f6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:D3:D2:BA:7E:D4:7F:8D:CE:74:C0:F7:EE:A9:0F:9C:21:BC:60:B0
X509v3 Authority Key Identifier:
keyid:0A:E2:22:EC:5E:17:A6:E6:32:B5:59:D4:9C:5B:1E:F3:32:DA:43:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/CuIi7F4XpuYytVnUnFse8zLaQ8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CuIi7F4XpuYytVnUnFse8zLaQ8s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/F097281C169A11EF8927EC2DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.251.116.0/23
103.42.180.0/22
Signature Algorithm: sha256WithRSAEncryption
77:b0:3b:83:94:73:4a:29:78:6c:08:24:fe:a0:8f:2d:3b:4c:
69:45:09:16:2b:cc:71:43:0d:b8:5f:17:f7:5d:f9:3b:34:13:
91:7e:be:d1:b9:e2:01:7b:2a:27:4f:6f:4f:86:db:92:9c:5b:
e7:99:a2:46:e0:10:0b:99:52:98:73:3b:4e:32:25:eb:8b:c3:
72:81:ef:71:b4:87:fe:8d:e1:84:d0:17:74:6b:c4:05:81:97:
5c:58:b3:e7:c8:8b:10:66:de:09:cd:0b:2c:83:32:b1:4d:0e:
3c:d0:37:4b:55:43:57:30:09:79:81:8d:5d:7e:ad:52:85:eb:
dd:ef:38:f0:9a:f0:e0:b4:51:51:f2:69:50:c6:33:33:03:de:
13:bc:da:05:36:0f:1f:8b:9f:32:ef:fc:00:bf:15:9b:d6:bb:
a5:d7:03:14:1d:24:25:04:fb:76:5d:74:a9:67:65:00:e3:b1:
cd:38:73:b7:0e:93:c3:a8:fb:d6:55:a7:9b:f3:94:60:77:2f:
cf:07:7e:7c:cd:a3:66:98:9b:85:4b:46:b7:40:48:c6:8e:e4:
78:4d:99:60:43:c4:64:84:e0:5a:43:c0:e0:94:94:d1:2d:b2:
68:59:5d:3a:29:bd:51:c0:50:25:12:ff:7f:8e:d5:b1:0a:e5:
cf:eb:4b:bb
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBqcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzdDMDQxMTAvBgNVBAUTKDBBRTIyMkVDNUUxN0E2RTYzMkI1NTlENDlDNUIxRUYz
MzJEQTQzQ0IwHhcNMjUwMTIzMDMxMTI3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxYjM1ZS0xNDAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp68FE7k2SwQ0lxztjK1FqKe4fqI2VnZaQNyFA6Q5czlWVsGcTeh5R2Bq7rml
yIdy78ORm5iCvy3TOq/AdpS0MSWg6ox59a6exj+deBCDlkjq0vS+Tc2fKGUpbGmH
ou+QIJx273X7FsuRRnxMY9DOzq+pcrN7cMZXNnshF58ql6naI+Zqksgb6ObNetjg
MVEElNS3jiWzp0HpBSz1p8vfg51XTMYh9LzrO/BISVOrT7+ijrmGxDtO+O8hDbEP
fpR5H0b4o4mCXjvrcgVBgexRDuhJtPHW7ut5GYUdMnpiFIGt9bHozrwm23OgvMZR
ZAOxUxd4akQzSJBqloGvHUT2NwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBLT0rp+
1H+NznTA9+6pD5whvGCwMB8GA1UdIwQYMBaAFAriIuxeF6bmMrVZ1JxbHvMy2kPL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0MwNC9BMERCMzU1MjVG
QjQxMUVCQUI3QzZBMjNDNEY5QUUwMi9DdUlpN0Y0WHB1WXl0Vm5VbkZzZTh6TGFR
OHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0N1SWk3RjRYcHVZeXRWblVuRnNlOHpMYVE4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdDMDQvQTBEQjM1NTI1RkI0MTFFQkFCN0M2QTIzQzRGOUFFMDIvRjA5NzI4MUMx
NjlBMTFFRjg5MjdFQzJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAEr+3QDBAJnKrQwDQYJKoZIhvcNAQELBQADggEBAHewO4OU
c0opeGwIJP6gjy07TGlFCRYrzHFDDbhfF/dd+Ts0E5F+vtG54gF7KidPb0+G25Kc
W+eZokbgEAuZUphzO04yJeuLw3KB73G0h/6N4YTQF3RrxAWBl1xYs+fIixBm3gnN
CyyDMrFNDjzQN0tVQ1cwCXmBjV1+rVKF693vOPCa8OC0UVHyaVDGMzMD3hO82gU2
Dx+LnzLv/AC/FZvWu6XXAxQdJCUE+3ZddKlnZQDjsc04c7cOk8Oo+9ZVp5vzlGB3
L88HfnzNo2aYm4VLRrdASMaO5HhNmWBDxGSE4FpDwOCUlNEtsmhZXTopvVHAUCUS
/3+O1bEK5c/rS7s=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:19:09 2025 by rpki-client