Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/091435C84FA911EFB86F4D40C4F9AE02.roa
File: 091435C84FA911EFB86F4D40C4F9AE02.roa (raw, json)
Hash identifier: e5jgIESXFxNT6NU+78fDrpwylXFQS920y6o/aeQL2pY=
Subject key identifier: 8B:25:3A:A9:58:B3:CC:CD:8C:03:95:9B:BE:FB:8E:EA:2F:78:0A:15
Certificate issuer: /CN=A91E0CE8/serialNumber=06C627D9C312C7B47D1C3A53B44755A10A68487C
Certificate serial: 1636
Authority key identifier: 06:C6:27:D9:C3:12:C7:B4:7D:1C:3A:53:B4:47:55:A1:0A:68:48:7C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BsYn2cMSx7R9HDpTtEdVoQpoSHw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/091435C84FA911EFB86F4D40C4F9AE02.roa
Signing time: Mon 02 Dec 2024 17:04:45 +0000
ROA not before: Mon 02 Dec 2024 17:04:45 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 139021
IP address blocks: 43.224.152.0/22 maxlen: 24
103.43.188.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5686 (0x1636)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E0CE8/serialNumber=06C627D9C312C7B47D1C3A53B44755A10A68487C
Validity
Not Before: Dec 2 17:04:45 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=674de8ad-4ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:7e:07:1e:71:d4:74:d0:b9:88:d1:4c:c0:bf:
ce:c3:ee:1f:bc:2a:69:ed:a5:34:94:73:a7:3c:72:
a5:1b:fc:c6:63:da:85:fc:f3:10:e3:ed:73:3d:fe:
60:bc:d8:54:00:5f:c7:9e:ee:1d:17:bf:5f:5f:14:
e0:4b:2a:62:e7:0a:c0:b1:b2:56:6c:9a:72:27:a3:
3e:20:07:90:d2:39:5a:54:74:d7:d9:9d:46:b1:5d:
89:81:a9:60:5a:a9:4c:b7:2e:ad:88:db:a7:e0:21:
0a:33:47:71:65:30:34:27:1c:7d:59:3d:b5:69:44:
93:27:b7:20:ef:14:1c:8e:6a:4f:e9:50:df:63:a9:
1e:cf:00:c3:49:e0:11:b0:de:0d:0b:33:69:62:b9:
32:9a:30:96:4c:5e:71:02:33:d9:f5:13:8c:01:47:
76:5f:95:68:61:cc:ff:f3:c1:61:d2:c6:99:b1:a8:
8e:3d:ea:a9:9d:f3:d8:2e:5e:45:ef:19:7a:5f:7e:
98:9b:39:2b:d0:78:55:c6:ce:14:9a:3a:a5:ba:93:
7d:7b:b4:90:19:2a:45:eb:5b:0c:95:08:b6:2a:1f:
2f:6f:01:cd:3d:97:f9:b1:a6:a9:90:cb:6f:dc:57:
b7:2b:f5:e1:0d:92:ab:3b:b1:ee:78:66:ae:3f:3c:
af:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:25:3A:A9:58:B3:CC:CD:8C:03:95:9B:BE:FB:8E:EA:2F:78:0A:15
X509v3 Authority Key Identifier:
keyid:06:C6:27:D9:C3:12:C7:B4:7D:1C:3A:53:B4:47:55:A1:0A:68:48:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/BsYn2cMSx7R9HDpTtEdVoQpoSHw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BsYn2cMSx7R9HDpTtEdVoQpoSHw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/091435C84FA911EFB86F4D40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.152.0/22
103.43.188.0/22
Signature Algorithm: sha256WithRSAEncryption
51:c4:5d:32:d2:59:14:86:da:42:d9:68:81:9a:92:7e:9f:6a:
84:53:91:50:62:ac:ca:22:55:8e:91:77:3e:92:c0:6c:6d:60:
06:3b:73:99:f1:67:02:6a:ef:65:74:19:64:0c:13:75:6c:f5:
a1:5e:42:9c:23:17:64:c4:51:a2:69:67:9d:40:ae:4c:40:d7:
fb:62:6d:e9:62:a0:06:be:02:6d:f7:83:6b:0f:60:a2:04:fc:
97:aa:8d:8b:b1:c9:b4:2f:83:5d:fa:f0:40:0e:1c:ac:09:bb:
74:26:0f:76:4e:f4:46:2d:ad:3d:4f:e2:51:c1:8f:4b:cd:14:
42:6c:45:f1:f6:27:7d:14:4b:e3:33:bf:e3:6f:11:72:54:5c:
52:ec:2c:a3:c7:d8:bc:9c:25:58:06:8d:3a:24:01:02:d9:63:
6a:92:dc:aa:d4:99:ef:41:b7:cb:44:a4:ca:ad:f3:35:a7:1e:
63:fb:1d:a9:55:91:de:8b:ee:6b:00:87:69:92:cc:0b:57:90:
b6:91:9f:82:2a:d8:e0:ad:38:8c:99:5e:9b:1f:e8:47:cf:95:
17:46:1f:86:25:13:1b:e1:1b:bc:d7:a4:df:8f:6f:81:a9:bd:
09:db:4d:4a:fa:9e:a1:d2:2e:b9:5b:bc:2b:07:65:b1:e9:67:
1d:86:b2:eb
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICFjYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTBDRTgxMTAvBgNVBAUTKDA2QzYyN0Q5QzMxMkM3QjQ3RDFDM0E1M0I0NDc1NUEx
MEE2ODQ4N0MwHhcNMjQxMjAyMTcwNDQ1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkZThhZC00ZmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA634HHnHUdNC5iNFMwL/Ow+4fvCpp7aU0lHOnPHKlG/zGY9qF/PMQ4+1zPf5g
vNhUAF/Hnu4dF79fXxTgSypi5wrAsbJWbJpyJ6M+IAeQ0jlaVHTX2Z1GsV2Jgalg
WqlMty6tiNun4CEKM0dxZTA0Jxx9WT21aUSTJ7cg7xQcjmpP6VDfY6kezwDDSeAR
sN4NCzNpYrkymjCWTF5xAjPZ9ROMAUd2X5VoYcz/88Fh0saZsaiOPeqpnfPYLl5F
7xl6X36Ymzkr0HhVxs4UmjqlupN9e7SQGSpF61sMlQi2Kh8vbwHNPZf5saapkMtv
3Fe3K/XhDZKrO7HueGauPzyv6QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIslOqlY
s8zNjAOVm777juoveAoVMB8GA1UdIwQYMBaAFAbGJ9nDEse0fRw6U7RHVaEKaEh8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMENFOC85MDBEMjY0NjA2
NkExMUU4QjlCQUY2ODJDNEY5QUUwMi9Cc1luMmNNU3g3UjlIRHBUdEVkVm9RcG9T
SHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JzWW4yY01TeDdSOUhEcFR0RWRWb1Fwb1NIdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTBDRTgvOTAwRDI2NDYwNjZBMTFFOEI5QkFGNjgyQzRGOUFFMDIvMDkxNDM1Qzg0
RkE5MTFFRkI4NkY0RDQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr4JgDBAJnK7wwDQYJKoZIhvcNAQELBQADggEBAFHEXTLS
WRSG2kLZaIGakn6faoRTkVBirMoiVY6Rdz6SwGxtYAY7c5nxZwJq72V0GWQME3Vs
9aFeQpwjF2TEUaJpZ51ArkxA1/tibelioAa+Am33g2sPYKIE/JeqjYuxybQvg136
8EAOHKwJu3QmD3ZO9EYtrT1P4lHBj0vNFEJsRfH2J30US+Mzv+NvEXJUXFLsLKPH
2LycJVgGjTokAQLZY2qS3KrUme9Bt8tEpMqt8zWnHmP7HalVkd6L7msAh2mSzAtX
kLaRn4Iq2OCtOIyZXpsf6EfPlRdGH4YlExvhG7zXpN+Pb4GpvQnbTUr6nqHSLrlb
vCsHZbHpZx2Gsus=
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:28:57 2025 by rpki-client