Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/C8BDA37CF68A11EFB7F91E24C4F9AE02.roa
File: C8BDA37CF68A11EFB7F91E24C4F9AE02.roa (raw, json)
Hash identifier: aRDWwCB81f6X4Sbu5aqqdwftigSG3lRUiRjjd/98tJw=
Subject key identifier: 40:91:B1:65:45:4C:C9:6E:CF:8C:AF:93:25:40:93:2B:CF:61:06:F7
Certificate issuer: /CN=A9196D9E/serialNumber=3D2D93AC8B10865817D9A74CC81A030D7D35D074
Certificate serial: F6
Authority key identifier: 3D:2D:93:AC:8B:10:86:58:17:D9:A7:4C:C8:1A:03:0D:7D:35:D0:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PS2TrIsQhlgX2adMyBoDDX010HQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/C8BDA37CF68A11EFB7F91E24C4F9AE02.roa
Signing time: Sat 01 Mar 2025 10:49:01 +0000
ROA not before: Sat 01 Mar 2025 10:49:01 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 131236
IP address blocks: 43.242.184.0/22 maxlen: 22
103.38.72.0/22 maxlen: 22
2001:df0:6400::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 246 (0xf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9196D9E
Validity
Not Before: Mar 1 10:49:01 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67c2e61c-9c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cb:27:71:c4:f6:e2:36:5e:3e:23:12:34:73:
12:bb:f1:bb:2a:8d:4f:76:60:7b:fd:ea:78:6b:ca:
45:6d:18:aa:50:41:15:d9:1b:5b:53:4a:08:a1:f3:
5d:b9:be:25:93:3d:c6:47:25:89:b3:11:65:68:54:
8e:fd:7f:e1:5d:99:f4:ed:6c:54:7e:02:f4:64:47:
f4:15:46:f5:85:c8:40:86:4a:b8:eb:4d:f3:6c:dd:
1e:a7:a7:c2:c2:c3:76:4b:9b:61:74:9e:63:84:92:
a1:b2:52:7c:6f:3d:78:20:c5:62:72:a2:17:07:3d:
51:7e:4d:5b:bc:80:52:76:c9:c4:33:1e:c6:f2:71:
b9:15:83:95:ea:c6:a9:20:3d:67:d5:97:bf:6c:c6:
e2:98:1e:2d:a2:34:70:53:2e:d4:fb:41:14:41:ff:
38:78:8d:70:32:9d:f3:44:25:3e:2f:f8:39:cd:51:
fd:d7:6d:91:28:1a:f7:43:82:bd:70:30:2c:da:17:
3a:ee:5c:95:d6:0f:94:8c:6b:22:9e:8b:0e:c1:e8:
f2:a5:0e:34:2a:16:63:f0:b3:36:45:2e:d7:86:91:
60:f6:81:14:d4:31:fa:33:5f:25:ab:19:df:9a:e2:
d6:2a:0b:95:98:38:37:c2:82:2c:9a:fa:17:df:e5:
76:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:91:B1:65:45:4C:C9:6E:CF:8C:AF:93:25:40:93:2B:CF:61:06:F7
X509v3 Authority Key Identifier:
keyid:3D:2D:93:AC:8B:10:86:58:17:D9:A7:4C:C8:1A:03:0D:7D:35:D0:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/PS2TrIsQhlgX2adMyBoDDX010HQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PS2TrIsQhlgX2adMyBoDDX010HQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/C8BDA37CF68A11EFB7F91E24C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.242.184.0/22
103.38.72.0/22
IPv6:
2001:df0:6400::/48
Signature Algorithm: sha256WithRSAEncryption
a8:2f:48:3d:3b:31:08:54:2d:9e:ae:82:0c:d7:4a:0d:30:b6:
1f:2a:00:e5:df:32:a9:3d:4e:55:0c:c2:e1:71:4a:6b:fb:0f:
9b:90:12:71:d1:9c:ea:e6:92:13:8b:6d:3a:ae:c2:8c:7e:0b:
3a:02:a5:bd:be:c8:d8:29:a4:70:3f:4a:c3:91:7d:28:88:b6:
84:72:19:9b:3b:24:b8:3e:f8:88:d7:f0:73:01:0c:8f:5c:91:
fd:e4:1d:f9:7d:e3:61:25:4e:91:68:95:a4:89:c0:2b:ea:38:
3c:ae:35:65:f6:16:26:4f:74:30:e1:f8:eb:c1:23:d6:a5:89:
27:44:12:34:c5:35:53:f1:94:27:cb:15:75:97:08:7f:a7:d1:
eb:0d:d7:f7:07:51:f7:e1:c4:72:26:8c:71:29:8e:1f:b6:46:
fe:fb:e7:76:ab:0c:86:a7:e6:39:13:0e:63:e2:79:af:89:a9:
67:be:4a:6c:bf:f6:76:03:7f:ee:9d:4a:d4:8a:97:98:3c:a8:
3e:b6:b3:8b:68:8f:47:f4:01:67:13:1c:18:d8:30:37:af:4d:
30:4e:40:6e:6f:ce:d7:aa:ec:52:63:35:56:af:2d:98:56:36:
68:30:91:df:89:11:b5:3e:79:d2:70:46:41:be:ca:66:24:07:
29:7f:bc:a6
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICAPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTZEOUUxMTAvBgNVBAUTKDNEMkQ5M0FDOEIxMDg2NTgxN0Q5QTc0Q0M4MUEwMzBE
N0QzNUQwNzQwHhcNMjUwMzAxMTA0OTAxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MyZTYxYy05YzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu8snccT24jZePiMSNHMSu/G7Ko1PdmB7/ep4a8pFbRiqUEEV2RtbU0oIofNd
ub4lkz3GRyWJsxFlaFSO/X/hXZn07WxUfgL0ZEf0FUb1hchAhkq4603zbN0ep6fC
wsN2S5thdJ5jhJKhslJ8bz14IMVicqIXBz1Rfk1bvIBSdsnEMx7G8nG5FYOV6sap
ID1n1Ze/bMbimB4tojRwUy7U+0EUQf84eI1wMp3zRCU+L/g5zVH9122RKBr3Q4K9
cDAs2hc67lyV1g+UjGsinosOwejypQ40KhZj8LM2RS7XhpFg9oEU1DH6M18lqxnf
muLWKguVmDg3woIsmvoX3+V2ywIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFECRsWVF
TMluz4yvkyVAkyvPYQb3MB8GA1UdIwQYMBaAFD0tk6yLEIZYF9mnTMgaAw19NdB0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NkQ5RS83N0JCOTg0QzdE
NjExMUVFQjQ2M0M4NUFDNEY5QUUwMi9QUzJUcklzUWhsZ1gyYWRNeUJvRERYMDEw
SFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BTMlRySXNRaGxnWDJhZE15Qm9ERFgwMTBIUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTZEOUUvNzdCQjk4NEM3RDYxMTFFRUI0NjNDODVBQzRGOUFFMDIvQzhCREEzN0NG
NjhBMTFFRkI3RjkxRTI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAIr8rgDBAJnJkgwDwQCAAIwCQMHACABDfBkADANBgkqhkiG
9w0BAQsFAAOCAQEAqC9IPTsxCFQtnq6CDNdKDTC2HyoA5d8yqT1OVQzC4XFKa/sP
m5AScdGc6uaSE4ttOq7CjH4LOgKlvb7I2CmkcD9Kw5F9KIi2hHIZmzskuD74iNfw
cwEMj1yR/eQd+X3jYSVOkWiVpInAK+o4PK41ZfYWJk90MOH468Ej1qWJJ0QSNMU1
U/GUJ8sVdZcIf6fR6w3X9wdR9+HEciaMcSmOH7ZG/vvndqsMhqfmORMOY+J5r4mp
Z75KbL/2dgN/7p1K1IqXmDyoPrazi2iPR/QBZxMcGNgwN69NME5Abm/O16rsUmM1
Vq8tmFY2aDCR34kRtT550nBGQb7KZiQHKX+8pg==
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:13:51 2025 by rpki-client