Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/427B58D0654F11EF9C952771C4F9AE02.roa
File: 427B58D0654F11EF9C952771C4F9AE02.roa (raw, json)
Hash identifier: 1umNSn7YgLsuESe1N65wPu0GgTnv/ZWnctVvdgciWFs=
Subject key identifier: 68:DB:1B:8D:86:DD:68:6E:4D:33:C8:4D:EB:5D:C1:05:65:4A:F7:D9
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 2808
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/427B58D0654F11EF9C952771C4F9AE02.roa
Signing time: Wed 26 Mar 2025 18:30:18 +0000
ROA not before: Wed 26 Mar 2025 18:30:18 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 152918
IP address blocks: 27.100.39.0/24 maxlen: 24
103.196.21.0/24 maxlen: 24
103.217.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10248 (0x2808)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D
Validity
Not Before: Mar 26 18:30:18 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67e447ba-f136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4e:1c:4a:fa:a5:0a:62:97:04:da:9e:ed:c2:
5e:9f:f6:97:d6:f7:80:19:33:e8:ff:92:3b:a1:85:
e5:5b:1e:aa:c3:18:21:e2:32:21:93:26:8f:0e:24:
af:78:7b:52:96:f3:85:ce:cb:1d:7b:f2:91:6e:26:
c9:2b:7f:c6:fc:f5:fd:23:ec:1c:34:77:02:af:b5:
dd:ed:00:69:f0:a3:d8:aa:21:fc:c2:73:80:7f:a1:
4d:e5:19:04:7c:9c:62:db:7d:b3:e5:18:9b:23:e5:
a3:78:8e:01:c6:cc:67:83:24:80:58:7f:58:ba:36:
83:67:f7:b3:eb:63:3e:5d:e6:79:e2:a9:4e:86:2a:
16:3b:49:94:2b:f6:7a:89:9e:1a:2a:6e:d4:0d:43:
99:a4:c6:1d:a1:83:61:44:a9:e0:01:94:c9:6b:6a:
1d:9d:70:f5:51:a8:69:b4:c7:4f:3b:22:1d:e4:cc:
f3:82:96:68:73:78:11:e0:1c:69:ed:bd:d9:59:a4:
19:09:45:08:16:50:8f:70:5d:fa:d5:c9:86:a5:f9:
35:5d:f4:40:08:83:71:d9:e7:01:b2:0b:fd:0d:1f:
d2:2f:e1:e5:4e:eb:09:31:1e:60:3e:88:c1:9b:52:
4e:22:ec:89:b2:6c:40:73:84:97:e2:e6:0d:db:69:
d2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:DB:1B:8D:86:DD:68:6E:4D:33:C8:4D:EB:5D:C1:05:65:4A:F7:D9
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/427B58D0654F11EF9C952771C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.100.39.0/24
103.196.21.0/24
103.217.255.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:76:bc:f0:b3:6f:f5:f4:be:59:46:42:26:79:f9:bb:17:f0:
30:2e:e7:30:c0:8b:05:ac:e2:c9:a1:d8:76:76:c4:ff:30:91:
62:4f:04:a4:c7:3b:c4:64:8b:48:ac:da:03:8c:9a:e6:ba:d2:
cb:c6:96:27:66:2f:56:1a:95:9b:c1:11:05:7b:86:c2:06:c6:
11:8d:74:e2:78:bf:9a:53:74:e6:ab:3f:b7:ed:70:d5:0a:74:
bd:66:8c:bf:23:97:99:b9:3e:bd:82:4e:86:e5:49:70:b8:f0:
eb:8b:b5:e1:3c:b0:24:6e:2d:04:ee:8a:b4:71:08:34:0b:6d:
4b:a0:24:dc:2f:18:a3:24:12:ca:25:f3:59:3a:de:7d:d8:60:
88:fc:8d:3f:72:9f:d6:b4:d0:73:9d:56:56:69:68:d3:dd:07:
23:a8:81:76:22:e3:37:d8:56:03:47:18:92:d8:89:1b:e1:aa:
4b:93:07:62:b7:9d:0c:8a:29:80:83:18:88:ea:e4:71:5d:d7:
f7:11:42:16:ab:3d:bb:7f:92:9f:e9:5b:45:64:4a:9c:31:90:
0c:8f:fc:ad:ba:27:d7:39:10:bf:27:71:af:db:31:47:78:8d:
c0:b3:4f:af:e8:3a:03:3d:fc:fd:c1:85:da:25:a6:de:83:30:
b7:ef:0b:77
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICKAgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjUwMzI2MTgzMDE4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U0NDdiYS1mMTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv04cSvqlCmKXBNqe7cJen/aX1veAGTPo/5I7oYXlWx6qwxgh4jIhkyaPDiSv
eHtSlvOFzssde/KRbibJK3/G/PX9I+wcNHcCr7Xd7QBp8KPYqiH8wnOAf6FN5RkE
fJxi232z5RibI+WjeI4BxsxngySAWH9YujaDZ/ez62M+XeZ54qlOhioWO0mUK/Z6
iZ4aKm7UDUOZpMYdoYNhRKngAZTJa2odnXD1UahptMdPOyId5MzzgpZoc3gR4Bxp
7b3ZWaQZCUUIFlCPcF361cmGpfk1XfRACINx2ecBsgv9DR/SL+HlTusJMR5gPojB
m1JOIuyJsmxAc4SX4uYN22nSiQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGjbG42G
3WhuTTPITetdwQVlSvfZMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvNDI3QjU4RDA2
NTRGMTFFRjlDOTUyNzcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAbZCcDBABnxBUDBABn2f8wDQYJKoZIhvcNAQELBQADggEB
AD52vPCzb/X0vllGQiZ5+bsX8DAu5zDAiwWs4smh2HZ2xP8wkWJPBKTHO8Rki0is
2gOMmua60svGlidmL1YalZvBEQV7hsIGxhGNdOJ4v5pTdOarP7ftcNUKdL1mjL8j
l5m5Pr2CToblSXC48OuLteE8sCRuLQTuirRxCDQLbUugJNwvGKMkEsol81k63n3Y
YIj8jT9yn9a00HOdVlZpaNPdByOogXYi4zfYVgNHGJLYiRvhqkuTB2K3nQyKKYCD
GIjq5HFd1/cRQharPbt/kp/pW0VkSpwxkAyP/K26J9c5EL8nca/bMUd4jcCzT6/o
OgM9/P3Bhdolpt6DMLfvC3c=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:06:50 2025 by rpki-client