Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4E62/702A028CC99F11EEA8158E79C4F9AE02/12331DA8098111F0B807472DC4F9AE02.roa
File: 12331DA8098111F0B807472DC4F9AE02.roa (raw, json)
Hash identifier: nXu+ugMit/v+Ok/7yKTPVTxNvwRTB2sLsBSTwkKiYCs=
Subject key identifier: 36:38:29:79:44:DE:EB:FE:EA:80:DB:A4:D1:16:2B:BC:4D:51:90:A7
Certificate issuer: /CN=A91C4E62/serialNumber=6580910B55FAE5FF60F71EB2070470A1262E343B
Certificate serial: F6
Authority key identifier: 65:80:91:0B:55:FA:E5:FF:60:F7:1E:B2:07:04:70:A1:26:2E:34:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZYCRC1X65f9g9x6yBwRwoSYuNDs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C4E62/702A028CC99F11EEA8158E79C4F9AE02/12331DA8098111F0B807472DC4F9AE02.roa
Signing time: Tue 25 Mar 2025 13:57:21 +0000
ROA not before: Tue 25 Mar 2025 13:57:21 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 150446
IP address blocks: 103.42.62.0/24 maxlen: 24
103.42.63.0/24 maxlen: 24
2401:ede0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 246 (0xf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C4E62
Validity
Not Before: Mar 25 13:57:21 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67e2b641-68d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b2:25:58:60:ae:a1:e2:cc:59:bd:9f:12:82:
83:34:25:b7:b0:d1:cf:54:6f:8e:90:c7:06:c7:f9:
88:35:4e:be:cd:1e:80:d7:67:26:42:31:e0:55:56:
02:3e:ad:07:1b:14:0f:1c:f2:96:6d:87:ea:25:6c:
14:70:23:88:1e:20:79:93:fd:37:01:ed:fb:64:06:
83:51:06:33:d6:9e:64:cc:89:38:da:65:eb:46:1c:
3d:1a:87:ee:38:ec:a5:c3:43:32:b4:5d:01:1d:92:
fe:56:e7:25:fe:a1:90:a6:5e:e4:0f:73:97:cb:61:
11:37:8c:9f:fe:d1:f4:af:c5:4a:c4:01:8b:2d:67:
99:47:fb:64:29:40:d5:7a:d9:4f:27:43:ad:af:dc:
c2:77:0c:f1:97:9d:75:3e:40:98:4d:3e:87:31:02:
92:a1:d9:45:54:8a:4b:21:aa:7c:0f:b1:2b:bc:0c:
7c:ba:4d:09:d8:c5:47:f3:80:3e:dc:16:dc:91:14:
70:80:6c:7a:74:22:93:6d:f8:2f:6a:6e:6a:e0:74:
4e:83:5a:e1:9e:d1:b3:67:59:e6:45:94:71:ae:1b:
d2:f0:c8:42:29:ab:bf:12:b2:aa:b9:8a:ab:ab:72:
ab:b6:c1:61:73:4b:04:44:85:59:07:93:a3:d9:a0:
1c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:38:29:79:44:DE:EB:FE:EA:80:DB:A4:D1:16:2B:BC:4D:51:90:A7
X509v3 Authority Key Identifier:
keyid:65:80:91:0B:55:FA:E5:FF:60:F7:1E:B2:07:04:70:A1:26:2E:34:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C4E62/702A028CC99F11EEA8158E79C4F9AE02/ZYCRC1X65f9g9x6yBwRwoSYuNDs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZYCRC1X65f9g9x6yBwRwoSYuNDs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4E62/702A028CC99F11EEA8158E79C4F9AE02/12331DA8098111F0B807472DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.42.62.0/23
IPv6:
2401:ede0::/32
Signature Algorithm: sha256WithRSAEncryption
1d:d8:13:6c:83:4e:27:c6:14:ab:e3:4a:19:0e:d9:d0:38:eb:
68:10:75:7d:23:08:53:b4:8d:b5:28:f1:a1:7f:b4:30:81:c7:
29:80:14:db:28:74:59:ee:08:e3:2f:59:c3:67:3b:3e:2e:cb:
59:b9:63:63:a5:ec:a8:49:0b:a3:c4:97:b3:0f:01:01:86:59:
f1:10:9b:76:5a:f1:8d:bb:49:c7:fa:a9:82:16:bb:1d:2f:ce:
28:ce:fb:7a:cf:23:4b:f7:08:d0:cf:1b:f0:5f:a7:1a:71:70:
07:5e:7f:b8:41:96:4f:89:d1:3b:5f:f5:40:0c:f4:e0:78:18:
06:4f:07:05:66:7b:c9:37:4c:dc:be:4d:35:43:fc:8b:24:69:
f7:eb:38:49:c1:84:42:b6:86:9b:37:12:df:16:dc:4e:64:81:
0e:51:ac:ff:a2:4d:aa:29:1a:15:52:8c:dc:95:c8:c9:23:0c:
06:e9:2e:d9:c4:8c:bb:c7:c8:7a:12:64:5c:88:0d:2f:d3:c1:
a4:70:a9:71:e9:95:5a:70:9b:ce:5f:6f:a3:49:b7:ac:08:46:
5c:9f:70:7f:08:9a:77:5f:cb:77:00:f8:8e:c2:c9:18:a3:66:
ab:43:92:98:3f:17:b8:87:8f:32:4f:77:18:56:16:fa:6f:c9:
4f:58:05:18
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzRFNjIxMTAvBgNVBAUTKDY1ODA5MTBCNTVGQUU1RkY2MEY3MUVCMjA3MDQ3MEEx
MjYyRTM0M0IwHhcNMjUwMzI1MTM1NzIxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UyYjY0MS02OGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzLIlWGCuoeLMWb2fEoKDNCW3sNHPVG+OkMcGx/mINU6+zR6A12cmQjHgVVYC
Pq0HGxQPHPKWbYfqJWwUcCOIHiB5k/03Ae37ZAaDUQYz1p5kzIk42mXrRhw9Gofu
OOylw0MytF0BHZL+Vucl/qGQpl7kD3OXy2ERN4yf/tH0r8VKxAGLLWeZR/tkKUDV
etlPJ0Otr9zCdwzxl511PkCYTT6HMQKSodlFVIpLIap8D7ErvAx8uk0J2MVH84A+
3BbckRRwgGx6dCKTbfgvam5q4HROg1rhntGzZ1nmRZRxrhvS8MhCKau/ErKquYqr
q3KrtsFhc0sERIVZB5Oj2aAcFwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDY4KXlE
3uv+6oDbpNEWK7xNUZCnMB8GA1UdIwQYMBaAFGWAkQtV+uX/YPcesgcEcKEmLjQ7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEU2Mi83MDJBMDI4Q0M5
OUYxMUVFQTgxNThFNzlDNEY5QUUwMi9aWUNSQzFYNjVmOWc5eDZ5QndSd29TWXVO
RHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pZQ1JDMVg2NWY5Zzl4NnlCd1J3b1NZdU5Ecy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzRFNjIvNzAyQTAyOENDOTlGMTFFRUE4MTU4RTc5QzRGOUFFMDIvMTIzMzFEQTgw
OTgxMTFGMEI4MDc0NzJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnKj4wDQQCAAIwBwMFACQB7eAwDQYJKoZIhvcNAQELBQAD
ggEBAB3YE2yDTifGFKvjShkO2dA462gQdX0jCFO0jbUo8aF/tDCBxymAFNsodFnu
COMvWcNnOz4uy1m5Y2Ol7KhJC6PEl7MPAQGGWfEQm3Za8Y27Scf6qYIWux0vzijO
+3rPI0v3CNDPG/BfpxpxcAdef7hBlk+J0Ttf9UAM9OB4GAZPBwVme8k3TNy+TTVD
/IskaffrOEnBhEK2hps3Et8W3E5kgQ5RrP+iTaopGhVSjNyVyMkjDAbpLtnEjLvH
yHoSZFyIDS/TwaRwqXHplVpwm85fb6NJt6wIRlyfcH8Imndfy3cA+I7CyRijZqtD
kpg/F7iHjzJPdxhWFvpvyU9YBRg=
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:26:14 2025 by rpki-client