Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F7334/7A4049DA744B11ECB9AA8D74C4F9AE02/0B7C7B7C751311ECA43F7D3BC4F9AE02.roa
File: 0B7C7B7C751311ECA43F7D3BC4F9AE02.roa (raw, json)
Hash identifier: Q81s5XKL5iVaVaoWayTQR37y4XfCEhNVP+1tJwtC+bU=
Subject key identifier: 30:01:35:27:11:4F:23:A9:D0:ED:4E:89:70:DB:EC:E0:91:A0:BC:08
Certificate issuer: /CN=A91F7334/serialNumber=8CCE4E46195D15704FB562932E0AB62A0EB98A26
Certificate serial: 03CB
Authority key identifier: 8C:CE:4E:46:19:5D:15:70:4F:B5:62:93:2E:0A:B6:2A:0E:B9:8A:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jM5ORhldFXBPtWKTLgq2Kg65iiY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F7334/7A4049DA744B11ECB9AA8D74C4F9AE02/0B7C7B7C751311ECA43F7D3BC4F9AE02.roa
Signing time: Sun 19 Jan 2025 00:13:50 +0000
ROA not before: Sun 19 Jan 2025 00:13:50 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 136140
IP address blocks: 103.81.102.0/24 maxlen: 24
203.19.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 971 (0x3cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F7334/serialNumber=8CCE4E46195D15704FB562932E0AB62A0EB98A26
Validity
Not Before: Jan 19 00:13:50 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=678c43be-2fc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:85:66:ca:68:6e:dd:a0:0b:d4:65:14:bb:ec:
1b:ad:b9:d9:5a:7d:7c:1e:3d:06:0e:41:b7:11:74:
27:31:b7:de:85:f7:e1:00:cb:77:eb:b0:72:3a:fd:
7a:98:1e:98:50:fa:8a:8b:84:b0:e1:ff:9c:e4:0d:
89:38:a1:37:87:7f:4f:5f:44:9e:ae:75:af:2b:eb:
31:0d:76:f3:b0:6f:f9:ca:b8:d4:1f:a3:8c:e4:ca:
39:b1:97:fe:17:0e:54:78:80:95:93:da:e5:95:17:
17:51:dd:d5:0f:83:01:b0:94:73:40:a6:55:86:d9:
e8:15:8a:de:05:76:22:ce:b4:95:78:23:59:b1:f1:
c4:f2:0a:69:1b:6d:bc:98:a2:66:da:00:a7:c1:42:
b4:93:ed:4e:72:19:c9:dc:f5:a4:a5:d9:5a:0a:14:
f9:fd:44:f0:60:a8:e4:01:74:6d:cf:15:44:be:6c:
6b:14:19:54:9d:7e:bd:aa:26:65:3a:df:6c:b1:37:
c0:03:e6:47:44:e7:65:44:e0:4e:47:53:ce:be:51:
0e:5c:00:19:67:e8:97:72:30:ee:ff:8d:de:02:86:
7c:30:f1:39:64:1a:ea:46:0d:4e:8f:08:78:fc:14:
61:3b:34:60:3c:c0:0d:a4:0f:c6:05:d4:f7:5d:22:
09:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:01:35:27:11:4F:23:A9:D0:ED:4E:89:70:DB:EC:E0:91:A0:BC:08
X509v3 Authority Key Identifier:
keyid:8C:CE:4E:46:19:5D:15:70:4F:B5:62:93:2E:0A:B6:2A:0E:B9:8A:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F7334/7A4049DA744B11ECB9AA8D74C4F9AE02/jM5ORhldFXBPtWKTLgq2Kg65iiY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jM5ORhldFXBPtWKTLgq2Kg65iiY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F7334/7A4049DA744B11ECB9AA8D74C4F9AE02/0B7C7B7C751311ECA43F7D3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.81.102.0/24
203.19.158.0/24
Signature Algorithm: sha256WithRSAEncryption
62:b7:6f:e9:ba:70:f5:4a:ef:20:cc:2d:18:08:74:23:65:36:
f3:e8:a5:d9:66:61:ec:df:34:be:c7:06:ce:b8:6e:29:02:8a:
d7:7e:1a:e1:75:32:e4:c6:21:61:b8:d1:bd:7b:5c:34:0d:5f:
a6:60:3f:82:9f:f6:5f:2c:05:1b:c2:48:72:55:00:4b:ff:cd:
33:24:a5:01:8d:10:20:2d:76:6d:7f:bb:ac:d1:37:f4:06:f6:
99:aa:e6:82:69:23:82:ee:34:0f:1d:53:51:d8:35:fa:f3:9b:
ab:86:38:b6:f5:f7:0a:46:0b:68:ee:d0:e7:df:6e:92:89:d1:
e9:7f:16:d5:07:27:fa:02:09:45:cc:96:97:f0:93:c8:2d:39:
53:e1:a3:2d:56:e1:d6:df:19:62:8d:6d:49:b7:43:32:29:86:
3c:b7:57:d8:78:64:f0:e9:6a:14:f7:48:e5:0c:f1:34:29:65:
b6:e3:c6:37:0d:d2:3e:00:f2:1b:d4:63:80:b4:72:e9:d5:37:
8b:73:bf:3a:c9:d3:bb:cc:3f:af:a1:c6:89:08:2d:57:89:31:
17:e9:de:08:b1:a4:78:4f:47:f9:f9:5e:fb:54:1d:54:ec:27:
d2:5b:c7:54:e8:bb:b5:ad:d0:49:b2:85:a4:db:75:fe:bb:3f:
8a:49:5e:e8
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA8swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjczMzQxMTAvBgNVBAUTKDhDQ0U0RTQ2MTk1RDE1NzA0RkI1NjI5MzJFMEFCNjJB
MEVCOThBMjYwHhcNMjUwMTE5MDAxMzUwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhjNDNiZS0yZmMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA14Vmymhu3aAL1GUUu+wbrbnZWn18Hj0GDkG3EXQnMbfehffhAMt367ByOv16
mB6YUPqKi4Sw4f+c5A2JOKE3h39PX0SernWvK+sxDXbzsG/5yrjUH6OM5Mo5sZf+
Fw5UeICVk9rllRcXUd3VD4MBsJRzQKZVhtnoFYreBXYizrSVeCNZsfHE8gppG228
mKJm2gCnwUK0k+1OchnJ3PWkpdlaChT5/UTwYKjkAXRtzxVEvmxrFBlUnX69qiZl
Ot9ssTfAA+ZHROdlROBOR1POvlEOXAAZZ+iXcjDu/43eAoZ8MPE5ZBrqRg1Ojwh4
/BRhOzRgPMANpA/GBdT3XSIJlwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDABNScR
TyOp0O1OiXDb7OCRoLwIMB8GA1UdIwQYMBaAFIzOTkYZXRVwT7Viky4KtioOuYom
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzMzNC83QTQwNDlEQTc0
NEIxMUVDQjlBQThENzRDNEY5QUUwMi9qTTVPUmhsZEZYQlB0V0tUTGdxMktnNjVp
aVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pNNU9SaGxkRlhCUHRXS1RMZ3EyS2c2NWlpWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjczMzQvN0E0MDQ5REE3NDRCMTFFQ0I5QUE4RDc0QzRGOUFFMDIvMEI3QzdCN0M3
NTEzMTFFQ0E0M0Y3RDNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnUWYDBADLE54wDQYJKoZIhvcNAQELBQADggEBAGK3b+m6
cPVK7yDMLRgIdCNlNvPopdlmYezfNL7HBs64bikCitd+GuF1MuTGIWG40b17XDQN
X6ZgP4Kf9l8sBRvCSHJVAEv/zTMkpQGNECAtdm1/u6zRN/QG9pmq5oJpI4LuNA8d
U1HYNfrzm6uGOLb19wpGC2ju0OffbpKJ0el/FtUHJ/oCCUXMlpfwk8gtOVPhoy1W
4dbfGWKNbUm3QzIphjy3V9h4ZPDpahT3SOUM8TQpZbbjxjcN0j4A8hvUY4C0cunV
N4tzvzrJ07vMP6+hxokILVeJMRfp3gixpHhPR/n5XvtUHVTsJ9Jbx1Tou7Wt0Emy
haTbdf67P4pJXug=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:31:18 2025 by rpki-client