Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7842/76A8C6BA8E6511ECA6EEEB70C4F9AE02/622B3AEAD91411EF9940471AC4F9AE02.roa
File: 622B3AEAD91411EF9940471AC4F9AE02.roa (raw, json)
Hash identifier: q51gHdBYG+mFAHDh24P09p42ENPRR4e2b1fq2dGY3KM=
Subject key identifier: 5C:48:AD:7B:89:0A:4E:29:58:42:B3:B5:29:EE:F2:7B:71:28:57:D8
Certificate issuer: /CN=A91A7842/serialNumber=975BB9418256814A052DAF54F70A1ADC536FDF9B
Certificate serial: 0383
Authority key identifier: 97:5B:B9:41:82:56:81:4A:05:2D:AF:54:F7:0A:1A:DC:53:6F:DF:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l1u5QYJWgUoFLa9U9woa3FNv35s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7842/76A8C6BA8E6511ECA6EEEB70C4F9AE02/622B3AEAD91411EF9940471AC4F9AE02.roa
Signing time: Wed 22 Jan 2025 22:58:24 +0000
ROA not before: Wed 22 Jan 2025 22:58:24 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 149013
IP address blocks: 103.176.84.0/24 maxlen: 24
2001:df0:bc0::/48 maxlen: 48
2001:df0:bc0:84::/64 maxlen: 64
2001:df0:bc0:85::/64 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 899 (0x383)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7842
Validity
Not Before: Jan 22 22:58:24 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67917810-a545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:74:a5:ec:f5:8f:3b:53:3e:28:c2:58:0c:92:
33:50:a0:f6:75:03:2f:45:0f:7c:68:2e:d0:e4:51:
c6:3b:ba:3f:d0:67:2d:68:cf:f2:40:dd:68:96:0f:
ae:4b:db:73:4a:db:14:a4:e3:29:39:a9:2a:8d:89:
e8:d2:90:22:8e:16:1a:0b:49:3f:8c:57:e3:37:27:
f6:12:f0:e0:21:2d:74:0e:d3:d7:4a:0b:f4:d5:94:
e4:f8:04:aa:9c:bc:54:f8:23:e5:29:a2:94:0d:10:
bf:0b:df:8a:b4:6d:85:b6:97:09:0d:0b:26:6c:31:
34:b1:c7:0a:6d:9b:0b:b0:0b:91:40:92:0a:c2:23:
8e:94:40:9f:7c:98:d2:89:9c:29:a5:24:2c:43:df:
c7:25:d1:9e:0d:63:3c:51:fe:c7:cb:78:44:b1:2a:
56:09:4b:92:f7:b7:45:b3:ac:ec:d2:17:5f:fd:ad:
1f:a5:d4:9b:0b:ae:e5:ee:be:ef:6c:5d:83:66:7d:
bf:1e:59:15:6d:cf:0c:39:9e:82:bd:8a:8c:1a:cc:
f4:f4:59:38:e2:c1:0c:bf:24:4c:fd:3c:6f:99:12:
b6:cc:89:fa:79:9c:2d:0e:02:b7:b6:53:77:81:03:
b0:44:5c:9f:f0:14:97:a4:6a:d2:c0:22:5b:63:41:
65:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:48:AD:7B:89:0A:4E:29:58:42:B3:B5:29:EE:F2:7B:71:28:57:D8
X509v3 Authority Key Identifier:
keyid:97:5B:B9:41:82:56:81:4A:05:2D:AF:54:F7:0A:1A:DC:53:6F:DF:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7842/76A8C6BA8E6511ECA6EEEB70C4F9AE02/l1u5QYJWgUoFLa9U9woa3FNv35s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l1u5QYJWgUoFLa9U9woa3FNv35s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7842/76A8C6BA8E6511ECA6EEEB70C4F9AE02/622B3AEAD91411EF9940471AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.84.0/24
IPv6:
2001:df0:bc0::/48
Signature Algorithm: sha256WithRSAEncryption
3c:3e:d4:51:5f:87:09:f7:01:61:07:ae:94:98:8a:66:e2:ae:
8f:c9:7e:53:8d:f0:93:31:db:d8:4e:4b:1c:87:1e:5a:a0:d0:
53:cf:44:61:83:0c:ac:98:9d:63:ce:24:dd:07:11:2b:4d:7b:
20:63:11:db:04:98:06:22:d7:7b:d4:c5:c4:5d:e6:ae:d6:81:
f0:83:cb:bb:c1:50:2d:43:28:ff:99:8a:c4:11:0f:01:bb:0e:
15:8b:6c:02:61:ff:74:2b:4c:be:c9:38:c2:ae:fc:fe:cc:d2:
04:45:3c:2e:92:34:12:82:d4:c0:74:8d:01:03:7d:fb:9e:7a:
51:24:2f:a4:86:48:16:d9:66:55:f3:35:5e:29:25:4a:2f:5d:
4b:d9:70:64:e4:98:d5:ba:3a:1b:6b:cd:67:2d:03:f6:37:50:
5e:d8:f5:35:fc:7e:60:04:dc:34:19:e8:55:f1:26:09:fb:e9:
04:68:ed:59:76:86:0d:50:7c:f8:8b:e3:7d:ed:06:22:2b:3c:
b3:12:73:7c:24:1e:03:1e:46:b3:4a:4b:dd:e8:76:45:91:50:
f7:dd:99:07:f9:a5:30:1f:6e:af:3e:72:20:e9:23:07:97:00:
63:55:b2:50:d6:fc:cd:ce:d4:f9:8d:7a:d5:e9:78:c6:b0:64:
67:26:8e:12
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICA4MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTc4NDIxMTAvBgNVBAUTKDk3NUJCOTQxODI1NjgxNEEwNTJEQUY1NEY3MEExQURD
NTM2RkRGOUIwHhcNMjUwMTIyMjI1ODI0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxNzgxMC1hNTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAynSl7PWPO1M+KMJYDJIzUKD2dQMvRQ98aC7Q5FHGO7o/0GctaM/yQN1olg+u
S9tzStsUpOMpOakqjYno0pAijhYaC0k/jFfjNyf2EvDgIS10DtPXSgv01ZTk+ASq
nLxU+CPlKaKUDRC/C9+KtG2FtpcJDQsmbDE0sccKbZsLsAuRQJIKwiOOlECffJjS
iZwppSQsQ9/HJdGeDWM8Uf7Hy3hEsSpWCUuS97dFs6zs0hdf/a0fpdSbC67l7r7v
bF2DZn2/HlkVbc8MOZ6CvYqMGsz09Fk44sEMvyRM/TxvmRK2zIn6eZwtDgK3tlN3
gQOwRFyf8BSXpGrSwCJbY0FlxQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFFxIrXuJ
Ck4pWEKztSnu8ntxKFfYMB8GA1UdIwQYMBaAFJdbuUGCVoFKBS2vVPcKGtxTb9+b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzg0Mi83NkE4QzZCQThF
NjUxMUVDQTZFRUVCNzBDNEY5QUUwMi9sMXU1UVlKV2dVb0ZMYTlVOXdvYTNGTnYz
NXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2wxdTVRWUpXZ1VvRkxhOVU5d29hM0ZOdjM1cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTc4NDIvNzZBOEM2QkE4RTY1MTFFQ0E2RUVFQjcwQzRGOUFFMDIvNjIyQjNBRUFE
OTE0MTFFRjk5NDA0NzFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnsFQwDwQCAAIwCQMHACABDfALwDANBgkqhkiG9w0BAQsF
AAOCAQEAPD7UUV+HCfcBYQeulJiKZuKuj8l+U43wkzHb2E5LHIceWqDQU89EYYMM
rJidY84k3QcRK017IGMR2wSYBiLXe9TFxF3mrtaB8IPLu8FQLUMo/5mKxBEPAbsO
FYtsAmH/dCtMvsk4wq78/szSBEU8LpI0EoLUwHSNAQN9+556USQvpIZIFtlmVfM1
XiklSi9dS9lwZOSY1bo6G2vNZy0D9jdQXtj1Nfx+YATcNBnoVfEmCfvpBGjtWXaG
DVB8+Ivjfe0GIis8sxJzfCQeAx5Gs0pL3eh2RZFQ992ZB/mlMB9urz5yIOkjB5cA
Y1WyUNb8zc7U+Y161el4xrBkZyaOEg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:05:05 2025 by rpki-client