Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/AC641C88B96B11ECB44AC533C4F9AE02.roa
File: AC641C88B96B11ECB44AC533C4F9AE02.roa (raw, json)
Hash identifier: s3xebHa/jipF1DOC4szye5Ddv89P0OTkiIBe/5lBHnw=
Subject key identifier: 4C:CB:7E:DB:6A:BA:2F:9B:B7:4A:E6:69:47:19:35:DA:BE:24:EF:9C
Certificate issuer: /CN=A91E3D04/serialNumber=DFC23E3D905D0E83681219596D08229A694FAF13
Certificate serial: 0E01
Authority key identifier: DF:C2:3E:3D:90:5D:0E:83:68:12:19:59:6D:08:22:9A:69:4F:AF:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38I-PZBdDoNoEhlZbQgimmlPrxM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/AC641C88B96B11ECB44AC533C4F9AE02.roa
Signing time: Thu 20 Mar 2025 17:56:35 +0000
ROA not before: Thu 20 Mar 2025 17:56:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 142129
IP address blocks: 103.137.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3585 (0xe01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E3D04
Validity
Not Before: Mar 20 17:56:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67dc56d3-f2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e6:aa:b2:ff:f1:6d:b0:21:a8:c2:e6:a9:3c:
f8:0d:87:f7:17:01:3a:e3:27:95:be:19:7f:a4:3a:
ab:48:62:75:25:bb:94:3b:6b:07:d7:1b:ed:76:c2:
ba:41:99:4f:9e:cb:5d:d9:5a:f8:8c:4d:6e:f1:67:
a7:29:5e:20:d5:9c:a7:d5:f4:6d:d1:4d:4a:01:4d:
46:9d:92:d7:92:c8:05:96:5b:46:b0:41:05:7e:47:
24:de:a2:79:2b:ee:08:bd:d7:95:76:ea:0f:67:1e:
53:b9:79:5b:0e:f0:c4:7f:26:20:05:c7:22:25:d3:
0d:0b:50:3c:76:b8:90:aa:e8:f5:7b:24:9e:89:3d:
42:ff:fe:12:cd:46:73:a9:b3:8f:02:79:07:9b:41:
b1:f2:dd:62:75:7e:11:da:6e:d3:a4:0c:05:54:80:
bf:ee:97:11:ea:2f:01:4d:cd:a0:da:00:42:66:69:
b5:44:37:da:e6:86:48:42:46:cb:26:e8:35:3a:78:
5d:d6:3a:39:0b:09:57:3b:95:93:30:ca:99:37:dd:
40:87:de:9a:6e:3e:ce:c1:af:38:3d:3d:8f:37:3a:
fb:b9:af:ec:b5:b4:9b:fe:33:f0:0a:e0:26:df:41:
4c:d5:99:c9:04:84:13:5b:f0:b5:e8:ea:5b:75:e2:
37:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:CB:7E:DB:6A:BA:2F:9B:B7:4A:E6:69:47:19:35:DA:BE:24:EF:9C
X509v3 Authority Key Identifier:
keyid:DF:C2:3E:3D:90:5D:0E:83:68:12:19:59:6D:08:22:9A:69:4F:AF:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38I-PZBdDoNoEhlZbQgimmlPrxM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/AC641C88B96B11ECB44AC533C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.223.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:ad:d6:a1:49:c0:87:ec:ae:ee:2b:73:f6:9d:e3:35:9e:79:
48:05:86:f0:cf:68:8a:40:5d:bc:e6:45:70:04:c1:f7:8f:85:
2d:c7:58:bb:2d:9b:40:85:2c:b6:d7:8c:36:eb:62:7a:76:e5:
de:40:fa:1c:5b:86:6c:a9:d6:6f:2f:98:fb:ba:b6:70:ba:b1:
73:38:9c:c4:bf:28:a3:e0:0f:d7:5a:b4:85:9a:06:a9:b9:52:
0f:13:69:b9:75:2f:c7:33:10:eb:39:58:b9:81:8c:51:3c:4f:
00:03:e4:20:92:f4:06:7d:08:e6:da:4a:de:01:3f:1e:fe:b9:
1f:f3:0f:95:4e:13:49:1a:7e:65:0d:59:cb:22:c8:66:1e:df:
ae:0e:8b:39:41:9b:12:23:09:00:4b:c7:6e:8f:3d:4a:45:52:
df:a3:d0:59:26:0e:4d:52:ff:77:4e:de:ad:d3:e2:aa:fa:aa:
d4:9e:18:d3:ba:e8:5d:d0:6c:81:ac:8f:cb:c9:1a:82:47:1d:
da:08:35:2c:7d:d8:0c:e2:b8:d8:4f:c5:89:df:cb:52:58:f0:
c8:58:bd:ee:ab:67:54:9f:45:2d:03:d5:89:da:2d:0d:c8:82:
0c:a2:f4:67:7e:eb:20:1b:f8:05:ea:ad:c0:ce:39:0c:74:8e:
21:69:92:70
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDgEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTNEMDQxMTAvBgNVBAUTKERGQzIzRTNEOTA1RDBFODM2ODEyMTk1OTZEMDgyMjlB
Njk0RkFGMTMwHhcNMjUwMzIwMTc1NjM1WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjNTZkMy1mMmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzeaqsv/xbbAhqMLmqTz4DYf3FwE64yeVvhl/pDqrSGJ1JbuUO2sH1xvtdsK6
QZlPnstd2Vr4jE1u8WenKV4g1Zyn1fRt0U1KAU1GnZLXksgFlltGsEEFfkck3qJ5
K+4IvdeVduoPZx5TuXlbDvDEfyYgBcciJdMNC1A8driQquj1eySeiT1C//4SzUZz
qbOPAnkHm0Gx8t1idX4R2m7TpAwFVIC/7pcR6i8BTc2g2gBCZmm1RDfa5oZIQkbL
Jug1Onhd1jo5CwlXO5WTMMqZN91Ah96abj7Owa84PT2PNzr7ua/stbSb/jPwCuAm
30FM1ZnJBIQTW/C16OpbdeI3XQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEzLfttq
ui+bt0rmaUcZNdq+JO+cMB8GA1UdIwQYMBaAFN/CPj2QXQ6DaBIZWW0IIpppT68T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0QwNC83QTE3RkU4RUFE
RDkxMUU5Qjc0MDlBNzJDNEY5QUUwMi8zOEktUFpCZERvTm9FaGxaYlFnaW1tbFBy
eE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzM4SS1QWkJkRG9Ob0VobFpiUWdpbW1sUHJ4TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTNEMDQvN0ExN0ZFOEVBREQ5MTFFOUI3NDA5QTcyQzRGOUFFMDIvQUM2NDFDODhC
OTZCMTFFQ0I0NEFDNTMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnid8wDQYJKoZIhvcNAQELBQADggEBAKqt1qFJwIfsru4r
c/ad4zWeeUgFhvDPaIpAXbzmRXAEwfePhS3HWLstm0CFLLbXjDbrYnp25d5A+hxb
hmyp1m8vmPu6tnC6sXM4nMS/KKPgD9datIWaBqm5Ug8Tabl1L8czEOs5WLmBjFE8
TwAD5CCS9AZ9CObaSt4BPx7+uR/zD5VOE0kafmUNWcsiyGYe364OizlBmxIjCQBL
x26PPUpFUt+j0FkmDk1S/3dO3q3T4qr6qtSeGNO66F3QbIGsj8vJGoJHHdoINSx9
2AziuNhPxYnfy1JY8MhYve6rZ1SfRS0D1YnaLQ3Iggyi9Gd+6yAb+AXqrcDOOQx0
jiFpknA=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:34:25 2025 by rpki-client