Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/29BC840E002711EB8FA6A142C4F9AE02.roa
File: 29BC840E002711EB8FA6A142C4F9AE02.roa (raw, json)
Hash identifier: RVujGjgRtNml2s4B1MbyglZHc1wuuQ8z+GSwbNfvR2o=
Subject key identifier: 7D:7D:D2:C6:02:9C:04:65:D4:A8:17:70:83:FF:65:9F:46:4E:26:1C
Certificate issuer: /CN=A91397C2/serialNumber=D3D15AEE9A4F8AE5C281108A7D2D3AD81D4E79CD
Certificate serial: 07CB
Authority key identifier: D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/29BC840E002711EB8FA6A142C4F9AE02.roa
Signing time: Mon 24 Mar 2025 21:31:44 +0000
ROA not before: Mon 24 Mar 2025 21:31:44 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 134176
IP address blocks: 43.240.14.0/24 maxlen: 24
103.51.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1995 (0x7cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91397C2
Validity
Not Before: Mar 24 21:31:44 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67e1cf40-d1b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ed:21:bc:44:fe:fb:fa:9b:b3:c2:0c:b0:48:
37:61:e9:e2:98:0c:30:75:e3:f8:22:0d:b8:ba:6e:
65:03:14:07:0c:c7:fd:7b:a9:fb:f6:96:ce:9d:ae:
4f:2a:fe:a8:13:fc:5a:cb:70:33:30:26:bc:3b:8c:
0c:bb:1f:7e:61:a2:38:3a:d7:08:78:40:c6:f3:45:
3d:ea:97:19:85:b6:1f:56:ad:12:bb:67:04:dc:95:
7c:54:d5:60:c8:d0:2b:91:7c:2a:50:c5:38:6c:9f:
8e:93:c2:ec:ba:94:81:92:43:da:40:9a:e7:de:fb:
33:73:91:88:90:f6:86:10:49:03:30:cb:28:e2:5d:
ab:8c:2a:42:f2:d0:b0:c5:89:33:5f:c8:a3:b1:73:
86:ac:07:8a:b5:92:28:25:7b:1e:aa:be:f0:aa:8a:
35:87:ab:e6:a2:c2:9b:27:37:65:15:02:d8:06:19:
13:04:ee:9b:1c:b6:14:c9:ba:ab:04:2e:03:1f:d6:
e9:e3:5d:e9:40:61:c2:1b:de:b9:9a:3d:0e:cd:7d:
2c:b4:df:59:d8:4f:52:5e:fd:05:c1:36:33:06:ac:
92:63:54:96:ce:aa:7c:98:54:d4:a7:c3:49:6f:91:
93:25:d5:37:f9:07:40:64:48:38:e3:c2:d2:77:9f:
c3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:7D:D2:C6:02:9C:04:65:D4:A8:17:70:83:FF:65:9F:46:4E:26:1C
X509v3 Authority Key Identifier:
keyid:D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/29BC840E002711EB8FA6A142C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.14.0/24
103.51.146.0/24
Signature Algorithm: sha256WithRSAEncryption
21:39:4f:c6:a4:b3:c8:d5:77:c9:a8:0a:e7:50:4e:5c:51:7c:
2d:09:79:43:a7:8f:66:db:9f:4e:7b:7f:f5:79:58:5e:06:88:
0c:33:44:39:de:31:50:09:bb:7e:2b:e6:e1:20:5c:7e:b9:28:
84:c8:a4:19:4f:9d:d4:14:1c:43:8e:b7:af:1c:08:53:cb:49:
df:21:1c:b1:10:21:88:58:e5:f1:7a:16:7b:e3:c5:ee:21:a5:
25:5f:c8:fe:84:8c:5f:ea:96:3b:f0:65:63:77:cf:f5:24:fb:
00:8e:1f:01:7f:0c:93:d2:f6:ff:e4:e3:bb:11:d3:51:0b:e4:
10:8b:1a:0d:30:d9:e3:1d:ab:a8:17:a4:d2:58:ba:bb:bb:78:
77:2a:9f:5b:f4:86:03:f8:03:cb:ac:68:4c:ab:07:a0:af:35:
23:99:ed:81:e3:80:44:f3:21:af:eb:84:e4:78:ba:9c:09:3e:
27:23:fd:47:22:09:da:9d:62:1a:65:69:1f:40:ca:bc:ae:4f:
84:a7:1f:78:df:55:23:3c:0f:9d:24:03:2b:67:6b:44:1a:49:
2f:b8:db:1e:f6:67:7e:02:01:de:cf:65:74:32:aa:88:3a:6e:
fc:61:ae:c1:0a:98:bc:c8:94:db:00:5a:97:fd:8c:9b:38:d2:
15:b1:b4:82
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICB8swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mzk3QzIxMTAvBgNVBAUTKEQzRDE1QUVFOUE0RjhBRTVDMjgxMTA4QTdEMkQzQUQ4
MUQ0RTc5Q0QwHhcNMjUwMzI0MjEzMTQ0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UxY2Y0MC1kMWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAue0hvET++/qbs8IMsEg3YenimAwwdeP4Ig24um5lAxQHDMf9e6n79pbOna5P
Kv6oE/xay3AzMCa8O4wMux9+YaI4OtcIeEDG80U96pcZhbYfVq0Su2cE3JV8VNVg
yNArkXwqUMU4bJ+Ok8LsupSBkkPaQJrn3vszc5GIkPaGEEkDMMso4l2rjCpC8tCw
xYkzX8ijsXOGrAeKtZIoJXseqr7wqoo1h6vmosKbJzdlFQLYBhkTBO6bHLYUybqr
BC4DH9bp413pQGHCG965mj0OzX0stN9Z2E9SXv0FwTYzBqySY1SWzqp8mFTUp8NJ
b5GTJdU3+QdAZEg448LSd5/DuwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFH190sYC
nARl1KgXcIP/ZZ9GTiYcMB8GA1UdIwQYMBaAFNPRWu6aT4rlwoEQin0tOtgdTnnN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTdDMi80RTQyNkRFOEZC
RUExMUVBOTQwQTFEMTlDNEY5QUUwMi8wOUZhN3BwUGl1WENnUkNLZlMwNjJCMU9l
YzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzA5RmE3cHBQaXVYQ2dSQ0tmUzA2MkIxT2VjMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mzk3QzIvNEU0MjZERThGQkVBMTFFQTk0MEExRDE5QzRGOUFFMDIvMjlCQzg0MEUw
MDI3MTFFQjhGQTZBMTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr8A4DBABnM5IwDQYJKoZIhvcNAQELBQADggEBACE5T8ak
s8jVd8moCudQTlxRfC0JeUOnj2bbn057f/V5WF4GiAwzRDneMVAJu34r5uEgXH65
KITIpBlPndQUHEOOt68cCFPLSd8hHLEQIYhY5fF6Fnvjxe4hpSVfyP6EjF/qljvw
ZWN3z/Uk+wCOHwF/DJPS9v/k47sR01EL5BCLGg0w2eMdq6gXpNJYuru7eHcqn1v0
hgP4A8usaEyrB6CvNSOZ7YHjgETzIa/rhOR4upwJPicj/UciCdqdYhplaR9Ayryu
T4SnH3jfVSM8D50kAytna0QaSS+42x72Z34CAd7PZXQyqog6bvxhrsEKmLzIlNsA
Wpf9jJs40hWxtII=
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:46:57 2025 by rpki-client