Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C3083/A0CF059A2E6011E7B7473E70C4F9AE02/AF7700B2B52A11EAB9426C7DC4F9AE02.roa
File: AF7700B2B52A11EAB9426C7DC4F9AE02.roa (raw, json)
Hash identifier: EBfpSajs+p8kmDGMcsROIkdAjLRuCAc9bxp8aA0ImwI=
Subject key identifier: 56:98:9D:86:93:53:E2:47:CA:4E:27:AB:6B:B8:2F:D5:A4:1A:4C:DA
Certificate issuer: /CN=A91C3083/serialNumber=B7AA537383214D648E633BCC420D3BD6861678FD
Certificate serial: 1AEA
Authority key identifier: B7:AA:53:73:83:21:4D:64:8E:63:3B:CC:42:0D:3B:D6:86:16:78:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t6pTc4MhTWSOYzvMQg071oYWeP0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C3083/A0CF059A2E6011E7B7473E70C4F9AE02/AF7700B2B52A11EAB9426C7DC4F9AE02.roa
Signing time: Mon 10 Feb 2025 16:33:54 +0000
ROA not before: Mon 10 Feb 2025 16:33:54 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133854
IP address blocks: 103.81.204.0/24 maxlen: 24
103.81.205.0/24 maxlen: 24
103.81.206.0/24 maxlen: 24
202.144.200.0/24 maxlen: 24
202.144.202.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6890 (0x1aea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C3083
Validity
Not Before: Feb 10 16:33:54 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67aa2a71-d317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2e:d3:bc:a2:c6:20:92:5b:9e:9b:ff:07:b2:
96:37:d4:1e:47:20:ba:66:47:4b:36:7d:9e:9c:02:
eb:e6:e0:c5:80:6c:df:5c:8c:35:1f:70:3a:ee:2c:
7e:42:b8:93:c1:c0:f1:47:09:cc:47:c7:76:c3:89:
90:5f:34:db:65:ff:84:3b:ed:45:3a:f5:32:d2:cf:
81:d8:fb:9c:78:52:a5:01:0f:27:0d:fb:39:f1:12:
5d:7f:f6:aa:ff:71:d9:37:0e:b8:cf:1b:e6:d8:a5:
5b:40:bb:a9:8f:db:81:60:30:bf:ff:45:d9:92:cf:
de:82:8d:7b:dc:1b:13:8e:3d:99:41:d3:65:2e:7a:
20:d5:1f:e8:05:ae:10:92:d0:13:38:b9:21:e3:53:
45:ea:05:92:d0:10:99:e2:d6:3e:25:f0:47:21:96:
35:47:0f:f3:ec:a0:b2:da:cf:24:4c:b1:95:17:4b:
9c:62:eb:fb:28:75:11:15:6c:04:a8:ee:00:7f:01:
a1:b9:01:27:91:e4:b3:a8:0b:f0:63:18:68:18:08:
66:12:2f:e4:3f:f6:54:fc:84:26:d7:60:8a:d2:ca:
5f:ea:7b:c6:cd:c3:10:07:a1:de:82:8c:bc:d0:3e:
b1:7f:e2:d1:c6:4b:43:27:7a:8f:d8:cb:4a:9a:e3:
1a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:98:9D:86:93:53:E2:47:CA:4E:27:AB:6B:B8:2F:D5:A4:1A:4C:DA
X509v3 Authority Key Identifier:
keyid:B7:AA:53:73:83:21:4D:64:8E:63:3B:CC:42:0D:3B:D6:86:16:78:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C3083/A0CF059A2E6011E7B7473E70C4F9AE02/t6pTc4MhTWSOYzvMQg071oYWeP0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t6pTc4MhTWSOYzvMQg071oYWeP0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C3083/A0CF059A2E6011E7B7473E70C4F9AE02/AF7700B2B52A11EAB9426C7DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.81.204.0-103.81.206.255
202.144.200.0/24
202.144.202.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:f2:d6:a4:ca:65:d5:bf:59:8f:cc:c0:c6:e0:cb:c4:63:63:
05:55:ac:8f:fd:96:f4:10:64:f9:91:b8:7c:1a:7a:1d:25:fb:
9e:4e:d5:66:85:33:b0:ff:a0:f6:cf:22:f6:45:75:47:5a:94:
c3:01:4d:e0:bc:c9:85:55:d3:b2:95:f0:eb:9d:1c:53:8b:f2:
51:9c:eb:1c:a6:08:c2:a2:50:e2:ec:fb:03:2b:7d:76:0f:6d:
32:61:ca:b6:be:6f:01:63:79:21:5a:89:32:f7:53:00:8b:0d:
09:2e:4c:42:20:f7:f4:31:5b:d0:71:db:0b:02:2a:ba:e3:55:
3f:92:a0:f7:b6:60:5d:5c:cb:83:5f:4d:b1:a3:4f:5c:fa:8e:
e3:01:b4:5a:b7:b3:62:7c:8e:1c:59:23:88:6f:77:f2:cd:de:
bc:7d:55:71:6b:de:bc:4d:d9:5b:c7:ae:78:bd:cb:44:ee:74:
ee:46:71:fb:94:91:09:23:e7:61:98:a6:e0:ca:4d:26:39:81:
fe:e9:bb:28:a8:83:ec:0d:fd:11:90:fe:8f:91:82:09:46:96:
7e:4b:50:b4:de:78:ed:ff:02:90:10:23:77:7c:d7:29:5d:5c:
71:ee:9f:2b:d8:84:f5:00:c7:55:35:71:a3:66:62:df:72:35:
69:05:78:b5
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICGuowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzMwODMxMTAvBgNVBAUTKEI3QUE1MzczODMyMTRENjQ4RTYzM0JDQzQyMEQzQkQ2
ODYxNjc4RkQwHhcNMjUwMjEwMTYzMzU0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FhMmE3MS1kMzE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApy7TvKLGIJJbnpv/B7KWN9QeRyC6ZkdLNn2enALr5uDFgGzfXIw1H3A67ix+
QriTwcDxRwnMR8d2w4mQXzTbZf+EO+1FOvUy0s+B2PuceFKlAQ8nDfs58RJdf/aq
/3HZNw64zxvm2KVbQLupj9uBYDC//0XZks/ego173BsTjj2ZQdNlLnog1R/oBa4Q
ktATOLkh41NF6gWS0BCZ4tY+JfBHIZY1Rw/z7KCy2s8kTLGVF0ucYuv7KHURFWwE
qO4AfwGhuQEnkeSzqAvwYxhoGAhmEi/kP/ZU/IQm12CK0spf6nvGzcMQB6Hegoy8
0D6xf+LRxktDJ3qP2MtKmuMaqQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFFaYnYaT
U+JHyk4nq2u4L9WkGkzaMB8GA1UdIwQYMBaAFLeqU3ODIU1kjmM7zEINO9aGFnj9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzA4My9BMENGMDU5QTJF
NjAxMUU3Qjc0NzNFNzBDNEY5QUUwMi90NnBUYzRNaFRXU09ZenZNUWcwNzFvWVdl
UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Q2cFRjNE1oVFdTT1l6dk1RZzA3MW9ZV2VQMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzMwODMvQTBDRjA1OUEyRTYwMTFFN0I3NDczRTcwQzRGOUFFMDIvQUY3NzAwQjJC
NTJBMTFFQUI5NDI2QzdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEAmdRzAMEAGdRzgMEAMqQyAMEAMqQyjANBgkqhkiG9w0B
AQsFAAOCAQEALfLWpMpl1b9Zj8zAxuDLxGNjBVWsj/2W9BBk+ZG4fBp6HSX7nk7V
ZoUzsP+g9s8i9kV1R1qUwwFN4LzJhVXTspXw650cU4vyUZzrHKYIwqJQ4uz7Ayt9
dg9tMmHKtr5vAWN5IVqJMvdTAIsNCS5MQiD39DFb0HHbCwIquuNVP5Kg97ZgXVzL
g19NsaNPXPqO4wG0WrezYnyOHFkjiG938s3evH1VcWvevE3ZW8eueL3LRO507kZx
+5SRCSPnYZim4MpNJjmB/um7KKiD7A39EZD+j5GCCUaWfktQtN547f8CkBAjd3zX
KV1cce6fK9iE9QDHVTVxo2Zi33I1aQV4tQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:18:44 2025 by rpki-client