Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A64F6/E1CF3C5690DB11EEB9CD2A76C4F9AE02/005C6D6EC17A11EEB919C476C4F9AE02.roa
File: 005C6D6EC17A11EEB919C476C4F9AE02.roa (raw, json)
Hash identifier: VQyak9S3rqjmq1eWDpbqLTY2ZUcqqjPeCQJPKCoBRvQ=
Subject key identifier: F5:A7:EB:78:66:E1:A2:BB:7A:87:CF:FE:02:1A:60:33:DA:45:34:D4
Certificate issuer: /CN=A91A64F6/serialNumber=8CC3043D4B46C48F126C06E82970EBB48B6463C8
Certificate serial: EB
Authority key identifier: 8C:C3:04:3D:4B:46:C4:8F:12:6C:06:E8:29:70:EB:B4:8B:64:63:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jMMEPUtGxI8SbAboKXDrtItkY8g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A64F6/E1CF3C5690DB11EEB9CD2A76C4F9AE02/005C6D6EC17A11EEB919C476C4F9AE02.roa
Signing time: Mon 03 Feb 2025 04:28:41 +0000
ROA not before: Mon 03 Feb 2025 04:28:41 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133217
IP address blocks: 103.127.120.0/22 maxlen: 22
103.127.123.0/24 maxlen: 24
2404:1fc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 235 (0xeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A64F6
Validity
Not Before: Feb 3 04:28:41 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a045f9-2269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c3:48:cb:06:21:04:ce:2e:37:95:3a:17:1d:
5d:d9:48:29:85:05:67:36:42:c2:3f:21:78:89:06:
20:11:8d:55:3b:41:f4:1a:b0:45:84:8f:f7:9f:03:
f0:b0:dc:0b:ed:e2:83:ab:0b:06:be:0d:1d:31:99:
c2:67:5b:12:2b:0d:33:c8:6a:c4:85:55:3d:5b:9c:
f3:9c:44:8d:35:3c:fb:1f:0c:ae:08:90:16:67:8c:
ff:9e:17:8d:42:72:84:df:8a:e1:7d:5c:b4:61:6a:
d9:04:1b:73:99:88:47:63:f6:8d:63:9d:89:25:be:
d1:4a:a5:46:d6:6f:5c:fa:99:16:8c:de:89:1f:9a:
fa:e0:73:01:7d:28:63:38:84:66:2a:a0:ee:3b:b7:
df:6f:d1:ba:c5:f3:e6:89:5f:e1:9e:3e:a0:23:d9:
a7:44:da:f5:56:57:6e:c8:4e:bd:37:ae:ca:06:c5:
55:c1:7c:4c:48:14:dc:ba:b1:18:08:5d:e1:25:06:
d0:02:c3:cb:80:ed:cf:f9:db:c6:d9:db:d1:65:57:
f4:2d:bb:37:9a:e9:2a:00:f5:84:e2:f3:fa:d9:ca:
52:86:dc:28:93:df:a8:12:30:65:84:26:e3:77:fd:
64:1a:7d:73:4a:54:86:20:f1:84:99:1a:ad:0c:b0:
de:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A7:EB:78:66:E1:A2:BB:7A:87:CF:FE:02:1A:60:33:DA:45:34:D4
X509v3 Authority Key Identifier:
keyid:8C:C3:04:3D:4B:46:C4:8F:12:6C:06:E8:29:70:EB:B4:8B:64:63:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A64F6/E1CF3C5690DB11EEB9CD2A76C4F9AE02/jMMEPUtGxI8SbAboKXDrtItkY8g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jMMEPUtGxI8SbAboKXDrtItkY8g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A64F6/E1CF3C5690DB11EEB9CD2A76C4F9AE02/005C6D6EC17A11EEB919C476C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.127.120.0/22
IPv6:
2404:1fc0::/32
Signature Algorithm: sha256WithRSAEncryption
b4:a6:b1:46:c0:b8:99:db:fa:5e:0e:61:13:1a:b9:af:ef:46:
8b:81:2d:30:88:57:07:79:6f:6b:1e:31:49:33:81:32:4c:55:
7a:9f:73:a8:0d:74:9e:1d:c8:36:c4:89:33:e1:7d:d4:fd:c3:
dc:49:3e:3f:7b:f8:df:67:8a:f3:74:d1:10:d2:85:61:65:18:
ce:d0:74:91:3c:13:91:a5:81:d3:41:72:6b:ce:de:07:91:60:
8c:45:66:91:cd:5b:87:28:19:cc:86:e3:f6:ea:54:70:8f:e7:
f6:9d:6f:9b:25:ac:63:34:8f:9e:72:ab:12:9d:45:82:6c:7b:
4b:af:1e:46:c9:31:e0:59:0c:27:79:79:ff:9d:6d:15:78:c4:
04:40:3e:43:46:e3:7b:b2:f5:8d:b2:a1:08:36:51:25:7a:6c:
07:62:23:75:9a:8c:26:de:74:e5:62:84:c5:92:d6:72:19:aa:
e3:6e:95:44:ae:fa:e1:ba:a4:ad:47:ab:7f:3d:49:d1:6b:c3:
83:33:37:b8:28:55:88:94:6d:6b:7d:d2:3b:81:23:c9:a2:cf:
0c:0e:6c:28:40:18:c4:be:fb:e1:08:99:1a:38:f5:38:65:64:
03:f7:aa:65:74:83:c8:cb:56:7a:ed:6d:74:b3:3f:ca:12:bf:
ba:ac:fa:54
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAOswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTY0RjYxMTAvBgNVBAUTKDhDQzMwNDNENEI0NkM0OEYxMjZDMDZFODI5NzBFQkI0
OEI2NDYzQzgwHhcNMjUwMjAzMDQyODQxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EwNDVmOS0yMjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv8NIywYhBM4uN5U6Fx1d2UgphQVnNkLCPyF4iQYgEY1VO0H0GrBFhI/3nwPw
sNwL7eKDqwsGvg0dMZnCZ1sSKw0zyGrEhVU9W5zznESNNTz7HwyuCJAWZ4z/nheN
QnKE34rhfVy0YWrZBBtzmYhHY/aNY52JJb7RSqVG1m9c+pkWjN6JH5r64HMBfShj
OIRmKqDuO7ffb9G6xfPmiV/hnj6gI9mnRNr1VlduyE69N67KBsVVwXxMSBTcurEY
CF3hJQbQAsPLgO3P+dvG2dvRZVf0Lbs3mukqAPWE4vP62cpShtwok9+oEjBlhCbj
d/1kGn1zSlSGIPGEmRqtDLDe5QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPWn63hm
4aK7eofP/gIaYDPaRTTUMB8GA1UdIwQYMBaAFIzDBD1LRsSPEmwG6Clw67SLZGPI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjRGNi9FMUNGM0M1Njkw
REIxMUVFQjlDRDJBNzZDNEY5QUUwMi9qTU1FUFV0R3hJOFNiQWJvS1hEcnRJdGtZ
OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pNTUVQVXRHeEk4U2JBYm9LWERydEl0a1k4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTY0RjYvRTFDRjNDNTY5MERCMTFFRUI5Q0QyQTc2QzRGOUFFMDIvMDA1QzZENkVD
MTdBMTFFRUI5MTlDNDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnf3gwDQQCAAIwBwMFACQEH8AwDQYJKoZIhvcNAQELBQAD
ggEBALSmsUbAuJnb+l4OYRMaua/vRouBLTCIVwd5b2seMUkzgTJMVXqfc6gNdJ4d
yDbEiTPhfdT9w9xJPj97+N9nivN00RDShWFlGM7QdJE8E5GlgdNBcmvO3geRYIxF
ZpHNW4coGcyG4/bqVHCP5/adb5slrGM0j55yqxKdRYJse0uvHkbJMeBZDCd5ef+d
bRV4xARAPkNG43uy9Y2yoQg2USV6bAdiI3WajCbedOVihMWS1nIZquNulUSu+uG6
pK1Hq389SdFrw4MzN7goVYiUbWt90juBI8mizwwObChAGMS+++EImRo49ThlZAP3
qmV0g8jLVnrtbXSzP8oSv7qs+lQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:25:02 2025 by rpki-client