Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8F57/4C59F966FEBA11E99ED9824CC4F9AE02/21997AB0FEBC11E9B0463650C4F9AE02.roa
File: 21997AB0FEBC11E9B0463650C4F9AE02.roa (raw, json)
Hash identifier: UjvCEDYZnGIMs7cUk//riKADIcRlVC/6WW+32mEJgZ8=
Subject key identifier: BE:71:64:ED:3D:72:85:DF:6F:13:FE:FA:4B:45:5C:57:FD:50:DB:36
Certificate issuer: /CN=A91D8F57/serialNumber=4FED3D3721A78AB20486CDAF34A3AE6917D87CBE
Certificate serial: 0C2B
Authority key identifier: 4F:ED:3D:37:21:A7:8A:B2:04:86:CD:AF:34:A3:AE:69:17:D8:7C:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T-09NyGnirIEhs2vNKOuaRfYfL4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D8F57/4C59F966FEBA11E99ED9824CC4F9AE02/21997AB0FEBC11E9B0463650C4F9AE02.roa
Signing time: Tue 28 Jan 2025 18:16:48 +0000
ROA not before: Tue 28 Jan 2025 18:16:48 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 137257
IP address blocks: 103.106.64.0/23 maxlen: 24
2402:3cc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3115 (0xc2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D8F57/serialNumber=4FED3D3721A78AB20486CDAF34A3AE6917D87CBE
Validity
Not Before: Jan 28 18:16:48 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67991f10-b4be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b1:35:ec:f9:d3:7f:80:76:75:b6:a7:9c:44:
69:dd:b2:5e:d8:6c:7c:0c:de:c8:62:e6:ca:3e:0e:
ed:09:ed:b2:0d:e7:4d:81:c5:3c:50:65:60:52:5a:
43:77:6f:fc:22:90:e0:f6:29:ee:a9:30:9d:bc:6a:
11:55:20:05:88:2a:b6:86:65:21:4c:13:f5:56:c5:
7c:83:0e:7f:52:58:96:3c:9b:b4:01:d7:0a:04:f4:
9a:be:02:71:ee:8f:39:06:7b:b6:a3:ce:59:66:53:
c1:db:89:16:2e:f3:19:2f:b5:b8:05:a8:fc:bd:4d:
b3:24:2d:aa:97:19:91:f3:93:26:8e:3b:ea:fb:2c:
b1:70:5c:0e:0d:9b:cb:57:ae:bb:b3:7d:5b:95:68:
c9:c8:de:33:e1:ff:7d:af:fe:c1:b0:84:96:b3:d4:
ca:96:2e:52:d3:eb:8d:4b:e6:36:c2:04:31:58:d3:
30:c0:f9:c0:2a:66:36:80:64:14:93:07:9c:0b:38:
a4:8f:68:34:be:f7:b7:bd:1d:75:50:2a:b1:e3:d7:
85:b2:47:6f:d1:25:80:0e:65:a0:fa:64:45:89:66:
ca:5c:ef:8d:fa:58:25:c7:0c:03:fa:19:2a:78:1f:
05:16:19:16:5a:37:70:13:64:73:d6:c8:82:b6:1f:
1a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:71:64:ED:3D:72:85:DF:6F:13:FE:FA:4B:45:5C:57:FD:50:DB:36
X509v3 Authority Key Identifier:
keyid:4F:ED:3D:37:21:A7:8A:B2:04:86:CD:AF:34:A3:AE:69:17:D8:7C:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D8F57/4C59F966FEBA11E99ED9824CC4F9AE02/T-09NyGnirIEhs2vNKOuaRfYfL4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T-09NyGnirIEhs2vNKOuaRfYfL4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8F57/4C59F966FEBA11E99ED9824CC4F9AE02/21997AB0FEBC11E9B0463650C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.64.0/23
IPv6:
2402:3cc0::/32
Signature Algorithm: sha256WithRSAEncryption
bb:b7:24:1c:37:d5:04:1a:f3:5b:35:fd:23:f8:c2:f5:88:9a:
75:cd:02:db:3a:6c:79:ea:19:ff:6d:f5:0b:29:72:be:8b:64:
8b:61:67:e3:6c:89:9f:4a:a4:bb:92:4f:7f:f5:37:c8:24:98:
b3:54:de:7f:f7:59:bd:cc:02:32:87:a6:e6:49:13:e1:1d:02:
50:b0:c5:85:38:c6:7c:18:e5:63:59:f0:10:01:db:3a:53:0c:
85:e3:46:a0:2e:55:65:80:83:c1:a6:39:ec:be:d5:b9:f5:b4:
dc:7e:89:d2:d2:6a:10:cd:b0:57:1e:b7:2b:5a:7f:fb:27:59:
21:be:59:5a:6e:e3:e5:84:3a:44:77:f8:58:ef:63:70:a5:cb:
ab:b4:09:b6:dd:b2:cb:5f:99:5a:0b:26:39:ca:83:c9:ec:de:
64:0d:8c:5d:cc:22:76:2b:e1:0c:4a:9d:b9:a8:cd:b1:eb:04:
40:44:c3:c0:d6:20:76:85:09:ed:ef:9a:d2:3a:d0:d3:bd:08:
6e:e8:b0:e6:c6:fe:7a:85:a4:ea:90:a4:b4:de:61:2f:08:2a:
c7:e5:aa:b8:52:0f:64:81:e5:ac:12:bc:5a:cc:72:be:de:05:
9a:1b:23:90:5b:cf:3a:f0:23:ec:6c:fb:09:4f:c4:aa:8f:31:
9c:2e:88:91
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDCswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDhGNTcxMTAvBgNVBAUTKDRGRUQzRDM3MjFBNzhBQjIwNDg2Q0RBRjM0QTNBRTY5
MTdEODdDQkUwHhcNMjUwMTI4MTgxNjQ4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk5MWYxMC1iNGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1rE17PnTf4B2dbannERp3bJe2Gx8DN7IYubKPg7tCe2yDedNgcU8UGVgUlpD
d2/8IpDg9inuqTCdvGoRVSAFiCq2hmUhTBP1VsV8gw5/UliWPJu0AdcKBPSavgJx
7o85Bnu2o85ZZlPB24kWLvMZL7W4Baj8vU2zJC2qlxmR85Mmjjvq+yyxcFwODZvL
V667s31blWjJyN4z4f99r/7BsISWs9TKli5S0+uNS+Y2wgQxWNMwwPnAKmY2gGQU
kwecCzikj2g0vve3vR11UCqx49eFskdv0SWADmWg+mRFiWbKXO+N+lglxwwD+hkq
eB8FFhkWWjdwE2Rz1siCth8ajwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFL5xZO09
coXfbxP++ktFXFf9UNs2MB8GA1UdIwQYMBaAFE/tPTchp4qyBIbNrzSjrmkX2Hy+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOEY1Ny80QzU5Rjk2NkZF
QkExMUU5OUVEOTgyNENDNEY5QUUwMi9ULTA5TnlHbmlySUVoczJ2TktPdWFSZllm
TDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1QtMDlOeUduaXJJRWhzMnZOS091YVJmWWZMNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDhGNTcvNEM1OUY5NjZGRUJBMTFFOTlFRDk4MjRDQzRGOUFFMDIvMjE5OTdBQjBG
RUJDMTFFOUIwNDYzNjUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnakAwDQQCAAIwBwMFACQCPMAwDQYJKoZIhvcNAQELBQAD
ggEBALu3JBw31QQa81s1/SP4wvWImnXNAts6bHnqGf9t9Qspcr6LZIthZ+NsiZ9K
pLuST3/1N8gkmLNU3n/3Wb3MAjKHpuZJE+EdAlCwxYU4xnwY5WNZ8BAB2zpTDIXj
RqAuVWWAg8GmOey+1bn1tNx+idLSahDNsFcetytaf/snWSG+WVpu4+WEOkR3+Fjv
Y3Cly6u0CbbdsstfmVoLJjnKg8ns3mQNjF3MInYr4QxKnbmozbHrBEBEw8DWIHaF
Ce3vmtI60NO9CG7osObG/nqFpOqQpLTeYS8IKsflqrhSD2SB5awSvFrMcr7eBZob
I5BbzzrwI+xs+wlPxKqPMZwuiJE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:51:26 2025 by rpki-client