Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D65/1A0DA82A406111EAA2BCE512C4F9AE02/F84C1D9C406111EAA351F913C4F9AE02.roa
File: F84C1D9C406111EAA351F913C4F9AE02.roa (raw, json)
Hash identifier: 5LiWM6Uc0NAk4quWPQAO0eKUiNZCpnKkhzSAW+kUOSc=
Subject key identifier: F4:EC:03:24:F4:8F:38:4F:AB:FA:7D:D4:1E:6C:72:D5:75:5E:D7:DD
Certificate issuer: /CN=A9157D65/serialNumber=A77838D7F541C61DB069DABCE5D83709A7C2AE0D
Certificate serial: 0AD6
Authority key identifier: A7:78:38:D7:F5:41:C6:1D:B0:69:DA:BC:E5:D8:37:09:A7:C2:AE:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p3g41_VBxh2wadq85dg3CafCrg0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D65/1A0DA82A406111EAA2BCE512C4F9AE02/F84C1D9C406111EAA351F913C4F9AE02.roa
Signing time: Wed 08 Jan 2025 19:37:45 +0000
ROA not before: Wed 08 Jan 2025 19:37:45 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 138551
IP address blocks: 103.132.187.0/24 maxlen: 24
103.148.108.0/24 maxlen: 24
2001:df7:8500::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2774 (0xad6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D65
Validity
Not Before: Jan 8 19:37:45 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=677ed409-e06c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:14:76:d0:4f:1e:28:f9:53:59:2c:11:c2:97:
41:99:59:f3:b1:7d:ba:9c:af:0c:3a:d3:50:42:2d:
c5:06:3f:a6:47:b3:71:72:c4:0d:74:69:f8:24:13:
df:af:6c:eb:c9:2c:fb:45:51:58:b9:26:2f:e3:9c:
5c:d3:2b:37:15:f2:97:54:d7:89:19:23:70:3f:ef:
f6:08:03:9a:d8:fe:b5:65:bb:37:b3:71:a3:ba:95:
45:df:99:07:d6:b9:82:b5:46:fd:5f:84:30:2b:5f:
d5:da:e6:fd:25:b7:a0:52:1e:9b:e4:d6:89:db:f8:
62:00:65:a9:cf:f0:98:b4:2c:97:67:8f:4e:34:62:
02:ab:77:c7:f6:26:63:17:86:69:05:ca:c3:8d:2a:
43:19:42:c8:6f:48:6e:91:e6:bf:a8:90:58:eb:e1:
5d:99:53:b9:f2:b5:6a:68:01:2d:45:3e:4a:3c:c5:
9d:b6:99:4f:15:0a:0f:3d:6c:99:20:7f:44:56:7d:
e2:81:d0:15:56:49:75:d7:b4:6f:47:45:2d:c1:45:
1e:d5:fc:db:35:dc:69:b2:47:5f:7b:60:59:7b:fd:
aa:8b:98:61:c1:4f:ad:4b:b7:00:aa:36:7d:c0:13:
94:35:5f:c0:12:e7:ce:64:f0:42:81:fb:df:17:95:
4e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:EC:03:24:F4:8F:38:4F:AB:FA:7D:D4:1E:6C:72:D5:75:5E:D7:DD
X509v3 Authority Key Identifier:
keyid:A7:78:38:D7:F5:41:C6:1D:B0:69:DA:BC:E5:D8:37:09:A7:C2:AE:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D65/1A0DA82A406111EAA2BCE512C4F9AE02/p3g41_VBxh2wadq85dg3CafCrg0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p3g41_VBxh2wadq85dg3CafCrg0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D65/1A0DA82A406111EAA2BCE512C4F9AE02/F84C1D9C406111EAA351F913C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.132.187.0/24
103.148.108.0/24
IPv6:
2001:df7:8500::/48
Signature Algorithm: sha256WithRSAEncryption
03:8a:54:f5:8e:6c:23:96:58:f3:fc:1c:4c:83:de:30:cb:3e:
16:fd:1e:ad:cd:09:d9:24:e9:12:a6:96:f7:fd:a5:e1:59:c5:
55:72:4b:bc:f9:f6:d8:8a:c0:cb:31:2f:a9:94:1e:68:72:9f:
1e:6e:1e:d0:8b:46:a2:8e:49:69:8b:6b:4e:6e:87:06:50:06:
1f:99:55:9d:d9:8c:06:d0:a3:a5:1b:a9:5c:8c:13:c3:2a:bc:
2f:1f:ef:51:d5:29:c8:62:9a:79:67:4e:c3:15:86:fd:a8:a5:
e5:16:42:49:1c:e8:41:6f:64:f1:ab:3c:ae:a8:67:72:0a:7c:
4a:17:f7:ef:4a:b6:ec:04:1b:b0:cb:56:31:80:1c:bf:e9:c7:
2a:5a:ca:8f:b7:83:00:e9:c3:73:6c:d4:fa:86:e3:e7:41:21:
25:f6:64:68:6b:19:6d:8f:b0:ab:83:10:7e:f7:d1:75:a4:41:
c1:03:d8:0d:99:fd:15:6d:dc:fa:bc:a5:7a:47:9a:19:64:c9:
d3:65:3d:24:0f:ca:92:aa:8a:a0:ef:01:c5:14:15:1b:69:34:
b0:bf:6c:a2:92:ae:b7:30:4b:d8:ad:3e:95:77:28:67:a5:e7:
c6:21:5d:c1:3c:d0:8c:28:9b:21:14:9e:0e:45:50:76:35:e0:
bf:85:f1:02
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICCtYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdENjUxMTAvBgNVBAUTKEE3NzgzOEQ3RjU0MUM2MURCMDY5REFCQ0U1RDgzNzA5
QTdDMkFFMEQwHhcNMjUwMTA4MTkzNzQ1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdlZDQwOS1lMDZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1xR20E8eKPlTWSwRwpdBmVnzsX26nK8MOtNQQi3FBj+mR7NxcsQNdGn4JBPf
r2zrySz7RVFYuSYv45xc0ys3FfKXVNeJGSNwP+/2CAOa2P61Zbs3s3GjupVF35kH
1rmCtUb9X4QwK1/V2ub9JbegUh6b5NaJ2/hiAGWpz/CYtCyXZ49ONGICq3fH9iZj
F4ZpBcrDjSpDGULIb0hukea/qJBY6+FdmVO58rVqaAEtRT5KPMWdtplPFQoPPWyZ
IH9EVn3igdAVVkl117RvR0UtwUUe1fzbNdxpskdfe2BZe/2qi5hhwU+tS7cAqjZ9
wBOUNV/AEufOZPBCgfvfF5VOhQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFPTsAyT0
jzhPq/p91B5sctV1XtfdMB8GA1UdIwQYMBaAFKd4ONf1QcYdsGnavOXYNwmnwq4N
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2NS8xQTBEQTgyQTQw
NjExMUVBQTJCQ0U1MTJDNEY5QUUwMi9wM2c0MV9WQnhoMndhZHE4NWRnM0NhZkNy
ZzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3AzZzQxX1ZCeGgyd2FkcTg1ZGczQ2FmQ3JnMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdENjUvMUEwREE4MkE0MDYxMTFFQUEyQkNFNTEyQzRGOUFFMDIvRjg0QzFEOUM0
MDYxMTFFQUEzNTFGOTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnhLsDBABnlGwwDwQCAAIwCQMHACABDfeFADANBgkqhkiG
9w0BAQsFAAOCAQEAA4pU9Y5sI5ZY8/wcTIPeMMs+Fv0erc0J2STpEqaW9/2l4VnF
VXJLvPn22IrAyzEvqZQeaHKfHm4e0ItGoo5JaYtrTm6HBlAGH5lVndmMBtCjpRup
XIwTwyq8Lx/vUdUpyGKaeWdOwxWG/ail5RZCSRzoQW9k8as8rqhncgp8Shf370q2
7AQbsMtWMYAcv+nHKlrKj7eDAOnDc2zU+obj50EhJfZkaGsZbY+wq4MQfvfRdaRB
wQPYDZn9FW3c+rylekeaGWTJ02U9JA/KkqqKoO8BxRQVG2k0sL9sopKutzBL2K0+
lXcoZ6XnxiFdwTzQjCibIRSeDkVQdjXgv4XxAg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:44:26 2025 by rpki-client