Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF039/25676DF045BB11EAA648771EC4F9AE02/6D49440845BC11EAB591BD20C4F9AE02.roa
File: 6D49440845BC11EAB591BD20C4F9AE02.roa (raw, json)
Hash identifier: d1emA2UMoO8VznsV+Ait8FlVXTOyXdepIAgXYTBBJeI=
Subject key identifier: EE:DE:3F:AC:38:9D:54:16:76:AF:F3:91:51:C1:B9:BE:64:6D:59:23
Certificate issuer: /CN=A91BF039/serialNumber=4BC562956D07D06FAADC923388B98660F7287C9A
Certificate serial: 0ABD
Authority key identifier: 4B:C5:62:95:6D:07:D0:6F:AA:DC:92:33:88:B9:86:60:F7:28:7C:9A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S8VilW0H0G-q3JIziLmGYPcofJo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BF039/25676DF045BB11EAA648771EC4F9AE02/6D49440845BC11EAB591BD20C4F9AE02.roa
Signing time: Fri 24 Jan 2025 19:38:16 +0000
ROA not before: Fri 24 Jan 2025 19:38:16 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 137252
IP address blocks: 103.106.32.0/22 maxlen: 24
2402:3940::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2749 (0xabd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BF039
Validity
Not Before: Jan 24 19:38:16 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6793ec28-dc05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:86:b5:53:73:b5:22:46:aa:a6:6a:87:78:f1:
51:85:9f:2e:e3:e3:73:03:45:0e:ec:14:0c:d0:7b:
c0:cb:7a:2d:4b:14:98:28:7f:a5:f6:e1:4d:c0:36:
b0:37:dc:15:88:68:0f:c8:9b:b1:46:03:6f:49:c1:
b7:e7:bc:5b:9a:67:bb:29:60:0f:83:77:8f:81:a2:
98:42:37:f6:e4:78:ee:23:b7:2e:07:b1:bf:24:2d:
c5:d4:93:2d:37:27:68:c0:92:33:61:8c:f8:6f:ec:
52:51:5b:ba:d9:44:ed:2d:d3:b7:d7:74:0f:9a:dd:
3a:1f:27:4f:cc:71:e4:25:6c:20:83:d1:1d:67:b6:
85:0e:29:26:84:f8:54:b0:1e:c2:1f:dd:ed:f5:f5:
36:9d:e6:34:21:d0:8b:1e:e9:5c:2f:87:4e:f2:5f:
91:24:51:0c:7c:a9:34:5b:d5:68:51:69:18:cc:5b:
f1:f3:e4:b0:66:5f:8a:fd:57:f4:72:dd:70:4d:3c:
6b:3d:f5:e1:3c:71:79:91:3d:9e:02:52:6a:c3:ca:
b1:71:0c:70:02:f0:b3:e6:ff:25:06:3e:fb:1f:ca:
5c:db:2a:cd:fd:9c:e5:d0:26:26:5d:7b:59:76:41:
b0:17:86:a7:9e:90:d6:a3:e0:2a:12:3f:12:d4:8c:
d5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:DE:3F:AC:38:9D:54:16:76:AF:F3:91:51:C1:B9:BE:64:6D:59:23
X509v3 Authority Key Identifier:
keyid:4B:C5:62:95:6D:07:D0:6F:AA:DC:92:33:88:B9:86:60:F7:28:7C:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BF039/25676DF045BB11EAA648771EC4F9AE02/S8VilW0H0G-q3JIziLmGYPcofJo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S8VilW0H0G-q3JIziLmGYPcofJo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF039/25676DF045BB11EAA648771EC4F9AE02/6D49440845BC11EAB591BD20C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.32.0/22
IPv6:
2402:3940::/32
Signature Algorithm: sha256WithRSAEncryption
9a:14:c9:6f:f2:9a:be:86:20:c0:40:e6:9a:29:4e:70:1a:18:
9f:78:5a:10:50:07:0e:0f:a3:a8:51:3d:13:08:5b:e6:e5:c8:
c1:cf:3b:7f:db:c1:28:41:46:bc:fe:6c:53:ff:86:09:52:94:
70:e7:d4:03:1d:a5:4c:d0:13:f3:7a:e3:2f:48:81:0d:0b:d8:
19:2b:5d:30:ab:dd:da:02:00:2e:28:a1:a2:0c:6a:c3:d4:1f:
f1:6d:9d:bf:1e:65:6e:c8:15:2b:ff:c3:89:3b:c5:b7:a4:00:
40:63:86:48:66:97:84:99:f5:03:1c:05:71:52:41:18:d0:9f:
2e:a5:03:58:05:c0:b8:db:13:ea:47:19:1f:79:cd:1b:86:82:
d0:92:31:ed:c3:ae:46:37:ea:32:b5:77:b5:10:75:1f:03:49:
c3:9a:85:b7:ac:da:ab:d5:ce:3c:c5:bc:15:e6:71:e8:ee:80:
4b:a8:9e:8a:f4:22:bb:3b:c1:56:5f:75:4b:7d:41:83:a9:a6:
e3:5e:e0:34:38:45:40:bc:d3:9b:73:02:36:c2:99:75:69:c8:
9e:e6:38:0a:41:fb:3b:90:00:0b:d4:d2:0d:41:7f:22:0d:d2:
f9:19:eb:f1:6b:63:d5:83:af:87:07:85:05:29:45:a4:76:cb:
b2:5e:0f:74
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCr0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkYwMzkxMTAvBgNVBAUTKDRCQzU2Mjk1NkQwN0QwNkZBQURDOTIzMzg4Qjk4NjYw
RjcyODdDOUEwHhcNMjUwMTI0MTkzODE2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkzZWMyOC1kYzA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6oa1U3O1IkaqpmqHePFRhZ8u4+NzA0UO7BQM0HvAy3otSxSYKH+l9uFNwDaw
N9wViGgPyJuxRgNvScG357xbmme7KWAPg3ePgaKYQjf25HjuI7cuB7G/JC3F1JMt
NydowJIzYYz4b+xSUVu62UTtLdO313QPmt06HydPzHHkJWwgg9EdZ7aFDikmhPhU
sB7CH93t9fU2neY0IdCLHulcL4dO8l+RJFEMfKk0W9VoUWkYzFvx8+SwZl+K/Vf0
ct1wTTxrPfXhPHF5kT2eAlJqw8qxcQxwAvCz5v8lBj77H8pc2yrN/Zzl0CYmXXtZ
dkGwF4annpDWo+AqEj8S1IzVhQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFO7eP6w4
nVQWdq/zkVHBub5kbVkjMB8GA1UdIwQYMBaAFEvFYpVtB9BvqtySM4i5hmD3KHya
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjAzOS8yNTY3NkRGMDQ1
QkIxMUVBQTY0ODc3MUVDNEY5QUUwMi9TOFZpbFcwSDBHLXEzSkl6aUxtR1lQY29m
Sm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1M4VmlsVzBIMEctcTNKSXppTG1HWVBjb2ZKby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkYwMzkvMjU2NzZERjA0NUJCMTFFQUE2NDg3NzFFQzRGOUFFMDIvNkQ0OTQ0MDg0
NUJDMTFFQUI1OTFCRDIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnaiAwDQQCAAIwBwMFACQCOUAwDQYJKoZIhvcNAQELBQAD
ggEBAJoUyW/ymr6GIMBA5popTnAaGJ94WhBQBw4Po6hRPRMIW+blyMHPO3/bwShB
Rrz+bFP/hglSlHDn1AMdpUzQE/N64y9IgQ0L2BkrXTCr3doCAC4ooaIMasPUH/Ft
nb8eZW7IFSv/w4k7xbekAEBjhkhml4SZ9QMcBXFSQRjQny6lA1gFwLjbE+pHGR95
zRuGgtCSMe3DrkY36jK1d7UQdR8DScOahbes2qvVzjzFvBXmcejugEuonor0Irs7
wVZfdUt9QYOppuNe4DQ4RUC805tzAjbCmXVpyJ7mOApB+zuQAAvU0g1BfyIN0vkZ
6/FrY9WDr4cHhQUpRaR2y7JeD3Q=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:12:19 2025 by rpki-client