Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9127DE3/4E1EEABAFC3711EFB1C07286C4F9AE02/AA99F49CFC3711EFA9688687C4F9AE02.roa
File: AA99F49CFC3711EFA9688687C4F9AE02.roa (raw, json)
Hash identifier: zfjkzPAZbDp4JpjN4ePtNi0tOHT/uT0JPO+MhXtdLAM=
Subject key identifier: C2:75:A9:9A:1D:77:41:EF:22:15:78:A4:28:EC:25:D4:94:4C:60:76
Certificate issuer: /CN=A9127DE3/serialNumber=D79FE0B09CA44A846692838FC42BCF43D2A32AD2
Certificate serial: 02
Authority key identifier: D7:9F:E0:B0:9C:A4:4A:84:66:92:83:8F:C4:2B:CF:43:D2:A3:2A:D2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/15_gsJykSoRmkoOPxCvPQ9KjKtI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9127DE3/4E1EEABAFC3711EFB1C07286C4F9AE02/AA99F49CFC3711EFA9688687C4F9AE02.roa
Signing time: Sat 08 Mar 2025 16:09:09 +0000
ROA not before: Sat 08 Mar 2025 16:09:09 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 135027
IP address blocks: 103.219.62.0/23 maxlen: 24
103.251.134.0/24 maxlen: 24
103.251.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9127DE3
Validity
Not Before: Mar 8 16:09:09 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67cc6ba4-f60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e2:83:72:15:f5:b6:23:da:83:41:2f:2a:c0:
73:f2:0a:70:c3:54:c2:c8:b6:59:30:bb:36:a3:db:
53:fc:ba:08:3f:42:e3:07:fd:ab:0e:64:ec:f4:4c:
3e:9f:3b:b1:7b:91:a6:7c:af:10:f4:50:27:1b:8d:
60:85:25:84:5a:62:ae:da:dd:dd:75:12:d8:e3:80:
88:0b:3e:db:1b:6e:4e:23:2c:6a:70:0e:1b:97:b2:
de:d4:ec:b3:23:a2:6c:51:95:9f:2f:21:85:7f:f4:
da:32:69:e8:10:30:6c:0b:d1:7c:bd:2a:c8:30:9e:
68:05:6e:5d:07:1d:e2:d6:b4:de:63:8e:df:70:76:
1e:b4:5e:77:f0:46:ea:ef:f4:ba:da:08:7d:fc:92:
3b:e8:ad:b2:32:fc:4e:db:c0:dc:eb:95:67:2c:8e:
4d:c6:b0:c8:3c:2f:13:5d:68:48:f4:59:97:bb:f0:
0f:35:56:a4:4d:c8:c0:53:ce:0e:2e:3e:9a:47:89:
d0:78:48:05:c0:ba:9c:e1:26:b5:7f:80:5d:b5:bd:
46:3a:24:98:bd:03:7d:73:17:46:12:b2:5f:04:63:
35:8c:49:d6:30:1d:8b:9a:7e:25:de:93:10:65:fb:
88:27:f7:a8:ce:cb:88:f4:6a:c4:46:b6:0f:a5:2f:
4d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:75:A9:9A:1D:77:41:EF:22:15:78:A4:28:EC:25:D4:94:4C:60:76
X509v3 Authority Key Identifier:
keyid:D7:9F:E0:B0:9C:A4:4A:84:66:92:83:8F:C4:2B:CF:43:D2:A3:2A:D2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9127DE3/4E1EEABAFC3711EFB1C07286C4F9AE02/15_gsJykSoRmkoOPxCvPQ9KjKtI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/15_gsJykSoRmkoOPxCvPQ9KjKtI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127DE3/4E1EEABAFC3711EFB1C07286C4F9AE02/AA99F49CFC3711EFA9688687C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.219.62.0/23
103.251.134.0/23
Signature Algorithm: sha256WithRSAEncryption
27:c1:96:05:78:7f:2c:aa:c6:96:20:f1:ae:2f:10:7d:2a:44:
91:95:7b:77:d9:96:9f:69:c8:2b:f2:be:84:ca:f0:55:ae:c4:
06:60:72:14:4e:42:48:b0:be:2e:3d:c8:be:3c:e2:45:c7:a8:
9f:54:ef:db:ed:2f:2a:51:0f:23:8b:41:3c:00:cd:06:1e:ec:
9c:02:8e:4a:a0:ef:f6:2a:87:3a:44:07:8c:56:14:e2:5e:4f:
9d:1c:2a:b3:71:07:5a:6e:6f:e3:a7:86:99:c9:92:f8:a4:4b:
ba:2f:e5:6d:3f:81:f6:da:f1:23:e7:d8:dc:8e:9b:95:84:5b:
92:76:14:d8:7d:7a:38:19:25:01:3e:4b:98:22:09:37:42:b3:
75:04:20:55:09:be:7f:59:e5:00:5d:ac:c4:e5:f3:b0:f5:d8:
7f:3c:0b:19:1e:63:cd:0b:31:24:73:69:66:84:ab:1d:9a:e4:
e8:9a:1c:29:8e:02:9d:fb:ce:32:8f:9f:07:22:fb:06:0e:a4:
38:b7:46:ee:fb:a0:d6:53:a1:ea:f7:05:13:3a:3e:f3:9a:0d:
ce:7d:9e:61:62:04:1e:0b:14:ac:e8:3a:f6:c0:21:c0:a1:6b:
34:92:dd:92:bd:47:28:46:18:75:98:5e:4a:db:c8:7d:ba:76:
34:e3:53:b5
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
N0RFMzExMC8GA1UEBRMoRDc5RkUwQjA5Q0E0NEE4NDY2OTI4MzhGQzQyQkNGNDNE
MkEzMkFEMjAeFw0yNTAzMDgxNjA5MDlaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3Y2M2YmE0LWY2MGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDX4oNyFfW2I9qDQS8qwHPyCnDDVMLItlkwuzaj21P8ugg/QuMH/asOZOz0TD6f
O7F7kaZ8rxD0UCcbjWCFJYRaYq7a3d11EtjjgIgLPtsbbk4jLGpwDhuXst7U7LMj
omxRlZ8vIYV/9NoyaegQMGwL0Xy9KsgwnmgFbl0HHeLWtN5jjt9wdh60XnfwRurv
9LraCH38kjvorbIy/E7bwNzrlWcsjk3GsMg8LxNdaEj0WZe78A81VqRNyMBTzg4u
PppHidB4SAXAupzhJrV/gF21vUY6JJi9A31zF0YSsl8EYzWMSdYwHYuafiXekxBl
+4gn96jOy4j0asRGtg+lL035AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUwnWpmh13
Qe8iFXikKOwl1JRMYHYwHwYDVR0jBBgwFoAU15/gsJykSoRmkoOPxCvPQ9KjKtIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI3REUzLzRFMUVFQUJBRkMz
NzExRUZCMUMwNzI4NkM0RjlBRTAyLzE1X2dzSnlrU29SbWtvT1B4Q3ZQUTlLakt0
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMTVfZ3NKeWtTb1Jta29PUHhDdlBROUtqS3RJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
N0RFMy80RTFFRUFCQUZDMzcxMUVGQjFDMDcyODZDNEY5QUUwMi9BQTk5RjQ5Q0ZD
MzcxMUVGQTk2ODg2ODdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAWfbPgMEAWf7hjANBgkqhkiG9w0BAQsFAAOCAQEAJ8GWBXh/
LKrGliDxri8QfSpEkZV7d9mWn2nIK/K+hMrwVa7EBmByFE5CSLC+Lj3IvjziRceo
n1Tv2+0vKlEPI4tBPADNBh7snAKOSqDv9iqHOkQHjFYU4l5PnRwqs3EHWm5v46eG
mcmS+KRLui/lbT+B9trxI+fY3I6blYRbknYU2H16OBklAT5LmCIJN0KzdQQgVQm+
f1nlAF2sxOXzsPXYfzwLGR5jzQsxJHNpZoSrHZrk6JocKY4CnfvOMo+fByL7Bg6k
OLdG7vug1lOh6vcFEzo+85oNzn2eYWIEHgsUrOg69sAhwKFrNJLdkr1HKEYYdZhe
StvIfbp2NONTtQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:19:15 2025 by rpki-client