Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/BDC1AB0AFDA611E88FA5E26DC4F9AE02.roa
File: BDC1AB0AFDA611E88FA5E26DC4F9AE02.roa (raw, json)
Hash identifier: SB9Ipu4AFekvf7xWy+dJxrZfjpqZ4b1Xx/G1XVRpODY=
Subject key identifier: A3:E5:CE:0C:D4:3B:B6:15:CA:9F:E0:A3:47:D9:D1:FE:47:4F:44:DF
Certificate issuer: /CN=A91DCB25/serialNumber=61CB9085F02FF8FA45E732F580340F4249E00CA2
Certificate serial: 1144
Authority key identifier: 61:CB:90:85:F0:2F:F8:FA:45:E7:32:F5:80:34:0F:42:49:E0:0C:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YcuQhfAv-PpF5zL1gDQPQkngDKI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/BDC1AB0AFDA611E88FA5E26DC4F9AE02.roa
Signing time: Wed 22 Jan 2025 17:25:26 +0000
ROA not before: Wed 22 Jan 2025 17:25:26 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 134926
IP address blocks: 103.127.28.0/24 maxlen: 24
103.127.29.0/24 maxlen: 24
103.127.30.0/24 maxlen: 24
103.127.31.0/24 maxlen: 24
2404:17c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4420 (0x1144)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DCB25
Validity
Not Before: Jan 22 17:25:26 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67912a06-6394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:09:dd:90:ba:f1:c5:a5:fa:da:9d:d8:02:1b:
0a:92:50:f3:7f:d5:ad:93:8f:b4:2b:52:95:ab:46:
56:4d:1a:8a:86:b9:f4:2a:c1:79:d5:0c:54:68:0c:
cf:93:19:a0:dc:a2:23:20:e9:d7:c6:c5:f3:a3:8f:
5e:b9:d2:70:33:00:7f:79:8c:c6:82:0a:d1:1b:93:
d5:24:28:9e:f3:c3:c4:00:3b:9b:a2:88:43:82:fb:
3c:21:0d:fa:64:6e:ac:a2:3b:d8:26:3f:38:b1:3e:
8e:63:04:f5:b9:d7:33:7a:31:ad:df:c1:ba:b0:dc:
c9:49:6f:5a:fa:4e:06:ae:e2:61:8c:36:6b:e0:a5:
69:1a:53:94:47:8d:54:c3:5e:6d:6b:4b:db:3b:4c:
52:e8:b1:85:0b:3d:58:4f:3d:5a:11:36:51:9f:f1:
6e:42:e9:25:f6:b5:3d:57:8b:d2:1e:1b:d7:13:62:
c3:ac:72:cf:f8:f8:5a:bf:b7:23:fe:ac:c0:45:c3:
97:c1:bb:64:7a:35:d0:cc:43:81:85:48:68:3c:24:
ed:3a:20:d8:1a:90:ec:d8:45:8a:b4:0e:35:0c:8f:
ad:ba:09:d7:ca:ea:c9:56:8a:f9:77:1e:31:bf:d2:
9e:1f:0b:e1:f1:e5:5d:9c:2d:54:a1:45:76:03:d1:
74:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E5:CE:0C:D4:3B:B6:15:CA:9F:E0:A3:47:D9:D1:FE:47:4F:44:DF
X509v3 Authority Key Identifier:
keyid:61:CB:90:85:F0:2F:F8:FA:45:E7:32:F5:80:34:0F:42:49:E0:0C:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/YcuQhfAv-PpF5zL1gDQPQkngDKI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YcuQhfAv-PpF5zL1gDQPQkngDKI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/BDC1AB0AFDA611E88FA5E26DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.127.28.0/22
IPv6:
2404:17c0::/32
Signature Algorithm: sha256WithRSAEncryption
33:a0:a3:7b:c7:9e:74:d4:25:1e:23:95:c7:fd:08:56:d5:a2:
9e:28:9a:2a:36:68:e4:42:1f:26:08:4d:6f:d4:1d:cd:32:58:
f5:07:fe:b2:f5:eb:b5:fc:c3:06:fe:f8:ff:5b:84:84:58:97:
c0:c1:2a:e1:3f:7c:65:ba:46:e8:ee:f3:76:c1:cd:bb:3a:37:
67:96:23:94:36:e9:03:49:4a:41:8b:88:bc:1f:99:a8:a7:d3:
cd:f5:e1:89:50:91:83:c5:14:05:27:9f:89:9e:48:cf:f3:8b:
f0:f5:24:6e:6e:82:a7:78:bd:87:ca:48:60:e3:58:cb:a9:1f:
e3:32:4d:75:a4:65:68:8d:55:dc:22:08:8b:83:67:d4:a9:fc:
ee:3e:7c:2b:f4:09:de:db:de:3c:1e:af:e3:75:eb:85:ba:2f:
b6:90:ed:bd:77:8f:f3:b4:03:b5:d6:4e:f8:18:a0:4a:98:7a:
d1:7c:ac:c2:70:be:ce:9c:b4:60:bb:3d:e0:4d:4a:4f:40:a3:
de:36:a7:c3:83:93:59:8b:95:1b:d6:f4:b8:69:85:1a:d6:ee:
3c:ab:0c:34:38:81:db:16:fc:c3:da:64:7f:0d:9f:91:10:f9:
61:10:e3:b5:ce:03:6e:f6:c7:3c:b0:4f:cb:48:ed:2d:ce:38:
9d:df:d8:ac
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICEUQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RENCMjUxMTAvBgNVBAUTKDYxQ0I5MDg1RjAyRkY4RkE0NUU3MzJGNTgwMzQwRjQy
NDlFMDBDQTIwHhcNMjUwMTIyMTcyNTI2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxMmEwNi02Mzk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyQndkLrxxaX62p3YAhsKklDzf9Wtk4+0K1KVq0ZWTRqKhrn0KsF51QxUaAzP
kxmg3KIjIOnXxsXzo49eudJwMwB/eYzGggrRG5PVJCie88PEADuboohDgvs8IQ36
ZG6sojvYJj84sT6OYwT1udczejGt38G6sNzJSW9a+k4GruJhjDZr4KVpGlOUR41U
w15ta0vbO0xS6LGFCz1YTz1aETZRn/FuQukl9rU9V4vSHhvXE2LDrHLP+Phav7cj
/qzARcOXwbtkejXQzEOBhUhoPCTtOiDYGpDs2EWKtA41DI+tugnXyurJVor5dx4x
v9KeHwvh8eVdnC1UoUV2A9F0HQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFKPlzgzU
O7YVyp/go0fZ0f5HT0TfMB8GA1UdIwQYMBaAFGHLkIXwL/j6Recy9YA0D0JJ4Ayi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0IyNS8yQzYwREZEOEZE
QTUxMUU4ODg1OUMwNkJDNEY5QUUwMi9ZY3VRaGZBdi1QcEY1ekwxZ0RRUFFrbmdE
S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ljdVFoZkF2LVBwRjV6TDFnRFFQUWtuZ0RLSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RENCMjUvMkM2MERGRDhGREE1MTFFODg4NTlDMDZCQzRGOUFFMDIvQkRDMUFCMEFG
REE2MTFFODhGQTVFMjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnfxwwDQQCAAIwBwMFACQEF8AwDQYJKoZIhvcNAQELBQAD
ggEBADOgo3vHnnTUJR4jlcf9CFbVop4omio2aORCHyYITW/UHc0yWPUH/rL167X8
wwb++P9bhIRYl8DBKuE/fGW6Ruju83bBzbs6N2eWI5Q26QNJSkGLiLwfmain0831
4YlQkYPFFAUnn4meSM/zi/D1JG5ugqd4vYfKSGDjWMupH+MyTXWkZWiNVdwiCIuD
Z9Sp/O4+fCv0Cd7b3jwer+N164W6L7aQ7b13j/O0A7XWTvgYoEqYetF8rMJwvs6c
tGC7PeBNSk9Ao942p8ODk1mLlRvW9LhphRrW7jyrDDQ4gdsW/MPaZH8Nn5EQ+WEQ
47XOA272xzywT8tI7S3OOJ3f2Kw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:28:31 2025 by rpki-client