Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/D93EA75AEE5C11E995881B1BC4F9AE02.roa
File: D93EA75AEE5C11E995881B1BC4F9AE02.roa (raw, json)
Hash identifier: yyuVGHEHdjgOJV3OL5d2WHtm2S0Tu6t1QPxDqH/At3U=
Subject key identifier: 9D:BE:7F:C9:5F:62:CA:80:18:D0:00:B5:EA:BD:D2:E8:C8:D7:A4:77
Certificate issuer: /CN=A91E7363/serialNumber=A897C04DE12F0A6F59C1AD1509F0B209FA5438B3
Certificate serial: 34B5
Authority key identifier: A8:97:C0:4D:E1:2F:0A:6F:59:C1:AD:15:09:F0:B2:09:FA:54:38:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/D93EA75AEE5C11E995881B1BC4F9AE02.roa
Signing time: Fri 31 Jan 2025 14:50:29 +0000
ROA not before: Fri 31 Jan 2025 14:50:29 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 45489
IP address blocks: 103.87.124.0/23 maxlen: 24
203.96.160.0/22 maxlen: 22
2001:df4:1b00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13493 (0x34b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7363
Validity
Not Before: Jan 31 14:50:29 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679ce334-34cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e6:75:e2:2b:df:fc:75:f8:e2:6b:92:f8:06:
90:3b:e5:ef:2e:40:8c:b9:c0:c0:a5:42:b6:60:fe:
1b:e3:95:6e:ba:ed:f5:28:25:96:3f:2e:69:d6:d8:
b2:f8:fe:73:e2:2d:e5:83:d1:f9:98:13:49:d1:bd:
2d:e3:99:ab:cc:93:78:16:fe:01:2f:78:ff:cd:37:
ac:5c:64:86:eb:58:86:66:f9:f5:89:f7:c5:54:a6:
80:42:96:89:30:94:96:79:5e:e2:a5:8d:1b:fb:78:
1c:8a:85:31:d6:07:dd:ed:a5:fb:b3:30:0e:ea:27:
5f:ba:7e:c6:5b:e3:79:03:7c:a9:56:0b:d5:a1:a3:
59:26:b3:70:24:0d:02:fd:13:e9:b1:76:9b:78:65:
4a:08:aa:56:e2:5f:f1:ec:22:e2:b0:81:d5:35:01:
7a:a1:74:44:28:d6:0a:6d:e1:a8:bf:7c:97:85:fd:
ef:e5:5b:1b:17:f7:5a:9b:8e:e6:e4:d3:d1:d8:dd:
b4:4f:26:8b:4e:d1:26:9b:f2:83:90:9c:a7:66:ab:
80:9f:46:b6:90:32:b4:ab:9a:02:78:2b:29:6d:fb:
bf:64:a8:02:1c:ea:61:0c:a7:bb:9e:ce:22:95:47:
bb:a9:8c:9a:3b:80:31:d4:a5:23:bd:e4:fa:b6:7f:
aa:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:BE:7F:C9:5F:62:CA:80:18:D0:00:B5:EA:BD:D2:E8:C8:D7:A4:77
X509v3 Authority Key Identifier:
keyid:A8:97:C0:4D:E1:2F:0A:6F:59:C1:AD:15:09:F0:B2:09:FA:54:38:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/D93EA75AEE5C11E995881B1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.87.124.0/23
203.96.160.0/22
IPv6:
2001:df4:1b00::/48
Signature Algorithm: sha256WithRSAEncryption
40:77:e9:e9:3e:69:1f:f6:0b:24:48:fe:c1:5f:71:2a:a2:93:
84:17:ea:6d:bc:eb:85:03:b2:9a:3e:5c:b3:f7:e2:c9:75:99:
b5:af:72:dd:01:4d:57:02:b3:05:ea:c0:82:c1:aa:85:25:9f:
81:21:1e:6b:4b:d9:62:e9:4e:ed:a7:6d:1a:54:a1:58:ba:ba:
b8:57:b5:9b:c7:0f:a0:54:2e:7b:f2:09:53:f3:a4:ff:fb:15:
fe:dc:b2:a5:fc:e7:af:98:92:ed:25:a7:ce:3d:32:05:56:f7:
b0:e3:03:43:2e:b2:d5:7b:da:80:d3:12:45:4a:28:75:c7:8a:
3a:bf:9e:3f:76:ec:73:e7:6a:bb:43:4c:fd:d5:a2:f5:a2:76:
eb:50:a2:06:b3:4a:80:09:c5:2c:dd:e6:0e:60:8d:b2:f1:ce:
4d:a1:d1:5c:f2:ad:8a:54:89:a6:47:6b:a6:b0:f8:ad:73:b2:
54:38:3c:e8:ba:ce:d5:ea:0d:91:26:69:f1:28:09:fa:93:3f:
bb:c3:dc:df:14:86:db:1d:62:24:41:4a:cd:91:fd:37:7e:b1:
1e:24:63:b4:b4:c2:2b:d0:8e:17:f7:36:2f:65:39:14:f4:f0:
7c:3a:be:bb:b5:84:35:fa:a3:fd:76:9c:0d:a2:46:37:e3:9c:
1d:f9:e5:e4
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICNLUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTczNjMxMTAvBgNVBAUTKEE4OTdDMDRERTEyRjBBNkY1OUMxQUQxNTA5RjBCMjA5
RkE1NDM4QjMwHhcNMjUwMTMxMTQ1MDI5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljZTMzNC0zNGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5uZ14ivf/HX44muS+AaQO+XvLkCMucDApUK2YP4b45Vuuu31KCWWPy5p1tiy
+P5z4i3lg9H5mBNJ0b0t45mrzJN4Fv4BL3j/zTesXGSG61iGZvn1iffFVKaAQpaJ
MJSWeV7ipY0b+3gcioUx1gfd7aX7szAO6idfun7GW+N5A3ypVgvVoaNZJrNwJA0C
/RPpsXabeGVKCKpW4l/x7CLisIHVNQF6oXREKNYKbeGov3yXhf3v5VsbF/dam47m
5NPR2N20TyaLTtEmm/KDkJynZquAn0a2kDK0q5oCeCspbfu/ZKgCHOphDKe7ns4i
lUe7qYyaO4Ax1KUjveT6tn+qzQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFJ2+f8lf
YsqAGNAAteq90ujI16R3MB8GA1UdIwQYMBaAFKiXwE3hLwpvWcGtFQnwsgn6VDiz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzM2My9GRjhCNEI2QzFE
ODQxMUUyOENEMzNEREIwOEIwMkNEMi9xSmZBVGVFdkNtOVp3YTBWQ2ZDeUNmcFVP
TE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FKZkFUZUV2Q205WndhMFZDZkN5Q2ZwVU9MTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTczNjMvRkY4QjRCNkMxRDg0MTFFMjhDRDMzRERCMDhCMDJDRDIvRDkzRUE3NUFF
RTVDMTFFOTk1ODgxQjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAFnV3wDBALLYKAwDwQCAAIwCQMHACABDfQbADANBgkqhkiG
9w0BAQsFAAOCAQEAQHfp6T5pH/YLJEj+wV9xKqKThBfqbbzrhQOymj5cs/fiyXWZ
ta9y3QFNVwKzBerAgsGqhSWfgSEea0vZYulO7adtGlShWLq6uFe1m8cPoFQue/IJ
U/Ok//sV/tyypfznr5iS7SWnzj0yBVb3sOMDQy6y1XvagNMSRUoodceKOr+eP3bs
c+dqu0NM/dWi9aJ261CiBrNKgAnFLN3mDmCNsvHOTaHRXPKtilSJpkdrprD4rXOy
VDg86LrO1eoNkSZp8SgJ+pM/u8Pc3xSG2x1iJEFKzZH9N36xHiRjtLTCK9COF/c2
L2U5FPTwfDq+u7WENfqj/XacDaJGN+OcHfnl5A==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:37:07 2025 by rpki-client