Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/2B535080E79B11EFB484D12EC4F9AE02.roa
File: 2B535080E79B11EFB484D12EC4F9AE02.roa (raw, json)
Hash identifier: +PPRjQ3J4z4+zUgLthK+tXOzNPu/Nlu703fNrOIAz9U=
Subject key identifier: 96:68:82:3F:8C:B7:93:A1:A5:25:BC:E0:DA:2E:49:84:FC:EF:ED:33
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 27E7
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/2B535080E79B11EFB484D12EC4F9AE02.roa
Signing time: Mon 10 Feb 2025 10:38:30 +0000
ROA not before: Mon 10 Feb 2025 10:38:30 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 206264
IP address blocks: 103.217.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10215 (0x27e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D
Validity
Not Before: Feb 10 10:38:30 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67a9d726-92e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:38:7a:e6:99:82:06:aa:13:70:22:bc:68:05:
53:38:fd:e7:20:f0:17:f0:78:ec:b7:7a:f0:e1:3a:
a3:b5:eb:23:27:11:f0:f0:8e:11:c5:c6:b6:69:2d:
3a:af:fa:e5:4a:b4:98:2c:84:85:73:cb:65:e6:b3:
6a:d7:27:67:52:c3:e9:57:7a:15:3d:01:07:c4:96:
80:1c:96:9d:8d:82:04:b6:7d:5c:24:59:6a:a5:16:
21:de:c1:c4:bf:f8:35:2f:9a:ca:ec:b8:a5:fe:5e:
62:20:13:9e:cf:b5:90:fe:5a:71:30:97:43:f2:8b:
b1:5c:ec:66:c8:ba:1e:8c:7c:3b:7e:df:66:35:3f:
06:5d:69:59:17:e5:c5:ae:b9:07:4f:46:6f:5d:73:
e4:37:6f:2e:4b:67:1d:f3:d9:96:a0:36:3d:71:9a:
3e:3a:db:bf:68:03:7c:c5:24:65:81:d1:21:a5:7c:
f1:e8:28:b5:62:f0:59:66:bd:d1:9b:19:9e:76:31:
3d:fc:f6:a9:ae:fb:95:3d:13:e8:0e:59:6a:47:44:
c9:97:92:f2:57:87:94:e1:ad:00:19:5a:a2:e4:d5:
5e:76:98:94:4d:5f:65:a7:4f:01:7f:53:2c:78:3f:
64:35:58:fd:19:76:13:b1:ef:c0:41:3b:af:09:da:
91:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:68:82:3F:8C:B7:93:A1:A5:25:BC:E0:DA:2E:49:84:FC:EF:ED:33
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/2B535080E79B11EFB484D12EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.217.252.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:7b:d2:57:72:ab:73:3b:7d:b5:65:a1:3f:5b:73:03:77:97:
80:14:c8:17:a5:7d:0f:77:52:a2:e9:bd:d3:ad:6e:a8:03:71:
1a:1d:26:7c:11:d0:75:0f:46:a7:d7:7e:d6:c5:d0:34:50:b7:
42:8f:81:fb:8a:45:be:27:9e:25:75:50:84:4f:32:2b:8d:2c:
bd:25:26:f4:7a:67:e6:56:d0:fc:19:14:41:2f:d6:55:32:50:
49:75:71:f2:3c:35:f0:a1:80:c4:7b:a5:95:cd:6b:ef:93:08:
85:65:1f:b8:b0:36:6f:5c:f1:b4:f1:92:80:d9:ad:a5:c3:4b:
5f:76:64:3a:b9:ae:07:19:e2:42:29:ff:67:4f:ec:3c:d7:f4:
c9:9d:25:f5:f1:fe:21:2e:89:13:9b:c3:51:1b:7e:17:16:63:
71:50:66:fe:72:95:f8:82:b6:1b:95:e5:64:3c:dd:97:ac:4a:
cd:cf:ee:07:ce:28:60:31:1d:2f:b0:03:21:de:7c:0d:14:da:
3c:b2:49:65:2b:40:fe:c5:97:03:c4:5e:58:bb:ee:09:e3:9b:
72:b0:30:e6:91:99:87:d8:50:0f:56:eb:5d:f3:ea:8f:0e:11:
07:28:b0:1b:22:e6:d8:ab:53:a0:90:68:1d:bb:63:9e:6b:0b:
a1:7e:51:dc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJ+cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjUwMjEwMTAzODMwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E5ZDcyNi05MmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApDh65pmCBqoTcCK8aAVTOP3nIPAX8Hjst3rw4TqjtesjJxHw8I4Rxca2aS06
r/rlSrSYLISFc8tl5rNq1ydnUsPpV3oVPQEHxJaAHJadjYIEtn1cJFlqpRYh3sHE
v/g1L5rK7Lil/l5iIBOez7WQ/lpxMJdD8ouxXOxmyLoejHw7ft9mNT8GXWlZF+XF
rrkHT0ZvXXPkN28uS2cd89mWoDY9cZo+Otu/aAN8xSRlgdEhpXzx6Ci1YvBZZr3R
mxmedjE9/PaprvuVPRPoDllqR0TJl5LyV4eU4a0AGVqi5NVedpiUTV9lp08Bf1Ms
eD9kNVj9GXYTse/AQTuvCdqRHwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJZogj+M
t5OhpSW84NouSYT87+0zMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvMkI1MzUwODBF
NzlCMTFFRkI0ODREMTJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn2fwwDQYJKoZIhvcNAQELBQADggEBAMR70ldyq3M7fbVl
oT9bcwN3l4AUyBelfQ93UqLpvdOtbqgDcRodJnwR0HUPRqfXftbF0DRQt0KPgfuK
Rb4nniV1UIRPMiuNLL0lJvR6Z+ZW0PwZFEEv1lUyUEl1cfI8NfChgMR7pZXNa++T
CIVlH7iwNm9c8bTxkoDZraXDS192ZDq5rgcZ4kIp/2dP7DzX9MmdJfXx/iEuiROb
w1EbfhcWY3FQZv5ylfiCthuV5WQ83ZesSs3P7gfOKGAxHS+wAyHefA0U2jyySWUr
QP7FlwPEXli77gnjm3KwMOaRmYfYUA9W613z6o8OEQcosBsi5tirU6CQaB27Y55r
C6F+Udw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:08:31 2025 by rpki-client