Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9193D85/915325203FC911E9979BB83BC4F9AE02/AB2D69A4217A11EA9AB7211BC4F9AE02.roa
File: AB2D69A4217A11EA9AB7211BC4F9AE02.roa (raw, json)
Hash identifier: hPa4OatTYIMb+8b6uDB3EXHHSfu/EbUrHJIf5q9LY6E=
Subject key identifier: 2F:D2:10:6A:75:94:9E:CE:9A:60:BF:B3:85:78:2C:06:59:B5:BF:FB
Certificate issuer: /CN=A9193D85/serialNumber=BB07ED464B280D57FA771841F77F52EA7D507927
Certificate serial: 1027
Authority key identifier: BB:07:ED:46:4B:28:0D:57:FA:77:18:41:F7:7F:52:EA:7D:50:79:27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uwftRksoDVf6dxhB939S6n1QeSc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9193D85/915325203FC911E9979BB83BC4F9AE02/AB2D69A4217A11EA9AB7211BC4F9AE02.roa
Signing time: Thu 06 Mar 2025 17:35:50 +0000
ROA not before: Thu 06 Mar 2025 17:35:50 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 139884
IP address blocks: 103.136.40.0/23 maxlen: 23
103.136.40.0/24 maxlen: 24
103.136.41.0/24 maxlen: 24
103.136.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4135 (0x1027)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9193D85
Validity
Not Before: Mar 6 17:35:50 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c9dcf6-b78b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:81:45:9c:22:ea:c7:5f:04:6f:97:5a:e6:26:
71:98:53:06:81:fa:57:44:83:9d:86:20:53:fe:0a:
6c:0b:bc:68:b1:02:84:d5:1d:0c:08:cc:aa:5e:a8:
03:73:65:b3:68:00:5d:95:b6:fd:d0:d5:67:28:fc:
aa:df:7c:be:9f:32:a0:51:eb:40:5f:60:bd:96:bf:
60:04:11:c1:5e:8a:32:6e:5c:21:a9:10:4f:cb:6a:
e3:46:7c:4c:8d:ab:6b:21:88:d3:30:11:1d:cf:8c:
fa:b4:60:42:72:24:8e:3e:60:32:ff:a5:a6:dd:b3:
54:2d:4f:4f:cc:92:2a:ac:4a:23:ac:fb:ae:40:97:
a0:3f:0a:4f:e0:a0:02:0b:df:44:bf:19:4f:2a:75:
99:3c:bd:4f:72:1d:2f:bd:09:25:66:46:2a:65:ad:
86:26:3e:b8:7b:f1:2b:47:15:b2:12:7e:12:5a:81:
75:ae:00:d6:72:3c:f9:58:42:07:be:fe:c7:a5:7f:
0f:dd:f2:8a:65:35:06:4b:ae:68:d1:8d:d0:40:34:
c2:20:3f:15:e7:9a:74:3d:b8:f2:e8:ba:99:83:d3:
7b:73:b9:68:c0:8b:77:16:b4:d6:a3:7e:7a:2f:cb:
b4:65:4e:70:d6:c0:e9:b3:90:d4:a7:24:30:ae:53:
ea:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D2:10:6A:75:94:9E:CE:9A:60:BF:B3:85:78:2C:06:59:B5:BF:FB
X509v3 Authority Key Identifier:
keyid:BB:07:ED:46:4B:28:0D:57:FA:77:18:41:F7:7F:52:EA:7D:50:79:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9193D85/915325203FC911E9979BB83BC4F9AE02/uwftRksoDVf6dxhB939S6n1QeSc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uwftRksoDVf6dxhB939S6n1QeSc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9193D85/915325203FC911E9979BB83BC4F9AE02/AB2D69A4217A11EA9AB7211BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.40.0-103.136.42.255
Signature Algorithm: sha256WithRSAEncryption
91:89:f8:92:5f:91:a9:9e:70:78:4b:eb:8d:04:a1:9f:77:b7:
32:14:78:69:77:a4:93:b1:cc:56:53:a1:8a:18:bd:b9:b1:42:
ee:eb:1e:4a:47:aa:c9:5b:64:89:39:f8:c8:5d:c6:26:fc:5d:
48:a2:36:43:c7:0c:36:ce:09:50:2d:1b:0e:e5:ba:a1:7b:b2:
c6:3a:b5:9b:8e:52:ca:37:f4:02:7d:6b:61:2e:cf:95:3d:3c:
aa:e4:4d:8b:a4:8a:08:85:b5:37:a6:8a:32:7e:98:5d:30:c0:
05:ea:67:4c:49:ff:f1:cc:24:da:16:a3:5f:57:a4:99:c4:2d:
6b:73:33:ab:f9:9b:50:3c:40:68:9a:34:68:f4:6a:99:35:e1:
0a:2d:c3:c7:62:a4:30:04:c6:f2:b7:e8:15:25:f7:6d:51:78:
9c:33:5d:93:64:fa:8b:6f:cb:d9:d8:e4:bb:5e:a9:1a:7d:ce:
00:b6:79:6e:2b:16:35:b4:0a:2d:c9:44:49:1c:82:43:5c:72:
78:93:14:f9:9c:cf:d4:a2:f2:56:69:b8:71:91:77:d3:64:94:
66:f5:e5:93:05:5a:bd:ba:f3:69:b2:a4:a2:6f:7c:99:e7:04:
ba:53:04:a5:c8:92:a4:45:e4:aa:80:41:72:95:a1:28:38:03:
1d:a1:59:b9
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICECcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTNEODUxMTAvBgNVBAUTKEJCMDdFRDQ2NEIyODBENTdGQTc3MTg0MUY3N0Y1MkVB
N0Q1MDc5MjcwHhcNMjUwMzA2MTczNTUwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M5ZGNmNi1iNzhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxIFFnCLqx18Eb5da5iZxmFMGgfpXRIOdhiBT/gpsC7xosQKE1R0MCMyqXqgD
c2WzaABdlbb90NVnKPyq33y+nzKgUetAX2C9lr9gBBHBXooyblwhqRBPy2rjRnxM
jatrIYjTMBEdz4z6tGBCciSOPmAy/6Wm3bNULU9PzJIqrEojrPuuQJegPwpP4KAC
C99EvxlPKnWZPL1Pch0vvQklZkYqZa2GJj64e/ErRxWyEn4SWoF1rgDWcjz5WEIH
vv7HpX8P3fKKZTUGS65o0Y3QQDTCID8V55p0Pbjy6LqZg9N7c7lowIt3FrTWo356
L8u0ZU5w1sDps5DUpyQwrlPqawIDAQABo4ICnTCCApkwHQYDVR0OBBYEFC/SEGp1
lJ7OmmC/s4V4LAZZtb/7MB8GA1UdIwQYMBaAFLsH7UZLKA1X+ncYQfd/Uup9UHkn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5M0Q4NS85MTUzMjUyMDNG
QzkxMUU5OTc5QkI4M0JDNEY5QUUwMi91d2Z0Umtzb0RWZjZkeGhCOTM5UzZuMVFl
U2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3V3ZnRSa3NvRFZmNmR4aEI5MzlTNm4xUWVTYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTNEODUvOTE1MzI1MjAzRkM5MTFFOTk3OUJCODNCQzRGOUFFMDIvQUIyRDY5QTQy
MTdBMTFFQTlBQjcyMTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEA2eIKAMEAGeIKjANBgkqhkiG9w0BAQsFAAOCAQEAkYn4
kl+RqZ5weEvrjQShn3e3MhR4aXekk7HMVlOhihi9ubFC7useSkeqyVtkiTn4yF3G
JvxdSKI2Q8cMNs4JUC0bDuW6oXuyxjq1m45Syjf0An1rYS7PlT08quRNi6SKCIW1
N6aKMn6YXTDABepnTEn/8cwk2hajX1ekmcQta3Mzq/mbUDxAaJo0aPRqmTXhCi3D
x2KkMATG8rfoFSX3bVF4nDNdk2T6i2/L2djku16pGn3OALZ5bisWNbQKLclESRyC
Q1xyeJMU+ZzP1KLyVmm4cZF302SUZvXlkwVavbrzabKkom98mecEulMEpciSpEXk
qoBBcpWhKDgDHaFZuQ==
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:34:32 2025 by rpki-client