Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD3FB/4212BC9E02BB11EBB3D4040BC4F9AE02/2037569602BD11EBB333DA0FC4F9AE02.roa
File: 2037569602BD11EBB333DA0FC4F9AE02.roa (raw, json)
Hash identifier: wrP/aiUubLvMy2sDZxNt1LMzFgR4k2obYAa+c5WHPY8=
Subject key identifier: 9F:A0:16:09:3B:1C:C3:BA:66:D9:07:33:CC:CF:33:A6:33:E0:7F:06
Certificate issuer: /CN=A91DD3FB/serialNumber=3D1F7FB146410A3C335B33C4982A73638BE5409E
Certificate serial: 077E
Authority key identifier: 3D:1F:7F:B1:46:41:0A:3C:33:5B:33:C4:98:2A:73:63:8B:E5:40:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PR9_sUZBCjwzWzPEmCpzY4vlQJ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DD3FB/4212BC9E02BB11EBB3D4040BC4F9AE02/2037569602BD11EBB333DA0FC4F9AE02.roa
Signing time: Wed 26 Feb 2025 22:20:36 +0000
ROA not before: Wed 26 Feb 2025 22:20:36 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 133943
IP address blocks: 103.49.38.0/24 maxlen: 24
103.49.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1918 (0x77e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD3FB
Validity
Not Before: Feb 26 22:20:36 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67bf93b4-25de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:34:80:94:06:18:99:6a:97:6b:38:7e:4a:57:
5a:2e:04:38:32:ff:1f:a1:c8:e9:87:fa:f8:87:ed:
53:76:98:76:73:08:dd:75:90:61:00:c7:63:be:c4:
7c:3d:20:f8:a1:f5:d0:6c:ec:d7:f0:16:e9:76:67:
5c:f2:73:c7:93:22:5c:ca:c2:54:a6:7d:df:2e:3b:
c3:19:e8:c1:e3:84:6f:ea:8d:a6:19:55:4f:cd:13:
fe:6b:d5:7b:57:67:ea:2d:53:df:4a:49:aa:88:c0:
f5:76:46:dd:6f:67:1f:79:c8:ce:d2:31:00:4d:a7:
c5:53:93:c8:ff:84:de:ae:43:d1:cd:45:8e:44:3b:
1b:2d:03:62:bf:5b:a3:a6:63:dd:ac:b4:9f:1d:9b:
cc:d0:98:2c:f8:e0:c8:19:44:0d:60:bc:71:2d:6a:
33:73:7f:54:de:80:ce:5b:11:9b:b8:7a:66:b0:66:
f2:5b:07:8a:7d:0f:3e:b7:fc:c4:98:72:d1:90:63:
27:6a:75:5b:a3:a6:f1:62:a4:95:ac:38:1b:f4:65:
0a:1e:7f:64:9c:a7:8d:b5:ac:d5:0b:18:81:ff:e6:
3c:1a:cc:7e:92:dc:7a:62:99:52:2c:34:ca:02:e5:
41:5c:dc:fd:a9:15:31:25:e4:f0:54:f6:3d:33:db:
67:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:A0:16:09:3B:1C:C3:BA:66:D9:07:33:CC:CF:33:A6:33:E0:7F:06
X509v3 Authority Key Identifier:
keyid:3D:1F:7F:B1:46:41:0A:3C:33:5B:33:C4:98:2A:73:63:8B:E5:40:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DD3FB/4212BC9E02BB11EBB3D4040BC4F9AE02/PR9_sUZBCjwzWzPEmCpzY4vlQJ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PR9_sUZBCjwzWzPEmCpzY4vlQJ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD3FB/4212BC9E02BB11EBB3D4040BC4F9AE02/2037569602BD11EBB333DA0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.49.38.0/23
Signature Algorithm: sha256WithRSAEncryption
48:4f:7c:94:a5:45:ab:43:6a:13:95:59:ed:7e:2c:13:5b:b5:
7d:69:9a:95:a7:ba:0e:c8:8a:d1:5a:59:75:63:bd:a9:9f:a7:
c3:f1:5b:36:e4:59:c8:91:81:d4:51:1b:5f:86:4f:25:80:20:
7d:e3:4d:d3:2d:fe:88:da:14:59:43:9e:3b:ab:a7:46:45:1e:
b8:1f:29:40:ad:1b:26:c1:cc:06:4b:4b:3e:f3:d9:4f:ad:ca:
bf:13:8d:0e:c5:0f:63:6d:53:ae:e0:f9:57:09:d4:40:94:83:
a2:d6:a7:0a:20:78:20:5a:38:3f:10:24:82:bf:3d:db:9d:d2:
78:69:52:b0:42:25:9f:21:8e:21:82:a2:fd:69:4d:7a:de:6b:
c2:ac:98:9a:ed:bb:96:14:6a:f8:6b:b7:7a:26:8f:bf:e0:65:
dc:f9:d6:15:b2:be:03:10:a1:34:9a:bc:1d:7a:ff:2f:a7:94:
f2:3f:f6:a0:ba:08:5c:31:ab:ef:12:de:0c:eb:f9:82:f1:d5:
ad:c9:90:4a:96:68:c7:af:74:07:c8:62:c4:a6:af:d1:4a:f8:
0a:cd:aa:48:df:ef:4e:cf:59:eb:9a:4f:1d:01:7f:3c:d6:e1:
ad:1c:fd:49:a9:ba:1f:b2:7c:02:d1:5c:64:3b:81:23:04:09:
cd:fa:b7:51
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB34wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REQzRkIxMTAvBgNVBAUTKDNEMUY3RkIxNDY0MTBBM0MzMzVCMzNDNDk4MkE3MzYz
OEJFNTQwOUUwHhcNMjUwMjI2MjIyMDM2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JmOTNiNC0yNWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzzSAlAYYmWqXazh+SldaLgQ4Mv8focjph/r4h+1Tdph2cwjddZBhAMdjvsR8
PSD4ofXQbOzX8Bbpdmdc8nPHkyJcysJUpn3fLjvDGejB44Rv6o2mGVVPzRP+a9V7
V2fqLVPfSkmqiMD1dkbdb2cfecjO0jEATafFU5PI/4TerkPRzUWORDsbLQNiv1uj
pmPdrLSfHZvM0Jgs+ODIGUQNYLxxLWozc39U3oDOWxGbuHpmsGbyWweKfQ8+t/zE
mHLRkGMnanVbo6bxYqSVrDgb9GUKHn9knKeNtazVCxiB/+Y8Gsx+ktx6YplSLDTK
AuVBXNz9qRUxJeTwVPY9M9tn1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFJ+gFgk7
HMO6ZtkHM8zPM6Yz4H8GMB8GA1UdIwQYMBaAFD0ff7FGQQo8M1szxJgqc2OL5UCe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDNGQi80MjEyQkM5RTAy
QkIxMUVCQjNENDA0MEJDNEY5QUUwMi9QUjlfc1VaQkNqd3pXelBFbUNwelk0dmxR
SjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BSOV9zVVpCQ2p3eld6UEVtQ3B6WTR2bFFKNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REQzRkIvNDIxMkJDOUUwMkJCMTFFQkIzRDQwNDBCQzRGOUFFMDIvMjAzNzU2OTYw
MkJEMTFFQkIzMzNEQTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnMSYwDQYJKoZIhvcNAQELBQADggEBAEhPfJSlRatDahOV
We1+LBNbtX1pmpWnug7IitFaWXVjvamfp8PxWzbkWciRgdRRG1+GTyWAIH3jTdMt
/ojaFFlDnjurp0ZFHrgfKUCtGybBzAZLSz7z2U+tyr8TjQ7FD2NtU67g+VcJ1ECU
g6LWpwogeCBaOD8QJIK/Pdud0nhpUrBCJZ8hjiGCov1pTXrea8KsmJrtu5YUavhr
t3omj7/gZdz51hWyvgMQoTSavB16/y+nlPI/9qC6CFwxq+8S3gzr+YLx1a3JkEqW
aMevdAfIYsSmr9FK+ArNqkjf707PWeuaTx0BfzzW4a0c/Umpuh+yfALRXGQ7gSME
Cc36t1E=
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:19:37 2025 by rpki-client