Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F75E9/E694FC4AFBD711EABFEE5246C4F9AE02/B3A2D41A071211F0B9531F0DC4F9AE02.roa
File: B3A2D41A071211F0B9531F0DC4F9AE02.roa (raw, json)
Hash identifier: 0UTI8vBXyFaaaPE8GDLKNFY+lSRTHbfC3s12YcpVQog=
Subject key identifier: F2:3F:69:CD:91:94:AE:D8:12:6E:5B:2E:37:BA:5D:AC:B5:F8:2C:30
Certificate issuer: /CN=A91F75E9/serialNumber=BB5ABB59F317AB7CE95541CA5AC52F217FE95931
Certificate serial: 07AF
Authority key identifier: BB:5A:BB:59:F3:17:AB:7C:E9:55:41:CA:5A:C5:2F:21:7F:E9:59:31
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1q7WfMXq3zpVUHKWsUvIX_pWTE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F75E9/E694FC4AFBD711EABFEE5246C4F9AE02/B3A2D41A071211F0B9531F0DC4F9AE02.roa
Signing time: Sat 22 Mar 2025 11:42:16 +0000
ROA not before: Sat 22 Mar 2025 11:42:16 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 141189
IP address blocks: 103.156.26.0/23 maxlen: 23
103.156.26.0/24 maxlen: 24
103.156.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1967 (0x7af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F75E9
Validity
Not Before: Mar 22 11:42:16 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67dea217-3701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b3:64:e2:1d:72:03:ab:a3:b7:4d:de:5b:64:
c6:ac:79:42:20:06:c5:64:b7:f2:80:b7:8a:32:65:
ad:2e:39:7a:2b:da:c3:93:f8:33:55:e3:da:42:22:
8e:d1:06:16:66:12:09:49:b2:10:ab:a0:45:ff:2c:
42:67:8e:15:7f:84:e4:d6:6e:33:d1:9a:60:44:13:
ed:c9:67:f1:e5:c4:0c:c6:17:86:9d:3d:c0:93:05:
2c:d1:c1:78:03:ae:aa:49:b0:30:d9:74:b2:72:7f:
d8:46:77:4a:2e:c4:71:15:09:e5:b3:fd:fc:43:56:
15:89:a2:cb:34:fb:0e:f2:4e:be:1e:1a:a8:8f:54:
b6:72:4b:43:67:c9:b8:b2:45:a8:3d:2f:a5:c7:99:
c3:b4:6b:6a:14:ea:47:0c:9e:75:a9:83:08:c1:47:
43:f1:1e:ac:df:83:32:6d:68:32:fa:f5:84:2b:26:
1c:01:d9:46:e4:67:17:ae:44:b9:fe:24:94:40:43:
8b:99:09:c9:c2:4f:37:e3:6e:62:ea:1c:c4:61:35:
a2:11:52:e3:d8:78:1b:55:04:61:79:dd:44:ce:6c:
08:0a:c3:bd:a2:70:9d:0c:97:f3:8b:aa:30:fe:7a:
84:d7:18:0a:29:bb:fc:ff:7e:59:90:fe:1e:c3:e4:
d0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:3F:69:CD:91:94:AE:D8:12:6E:5B:2E:37:BA:5D:AC:B5:F8:2C:30
X509v3 Authority Key Identifier:
keyid:BB:5A:BB:59:F3:17:AB:7C:E9:55:41:CA:5A:C5:2F:21:7F:E9:59:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F75E9/E694FC4AFBD711EABFEE5246C4F9AE02/u1q7WfMXq3zpVUHKWsUvIX_pWTE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1q7WfMXq3zpVUHKWsUvIX_pWTE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F75E9/E694FC4AFBD711EABFEE5246C4F9AE02/B3A2D41A071211F0B9531F0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.26.0/23
Signature Algorithm: sha256WithRSAEncryption
25:d6:79:ac:d5:43:d6:9a:54:cc:c7:3b:a4:4a:f7:75:07:61:
a2:e4:24:e0:60:67:99:2c:ae:ba:54:81:00:eb:0a:2a:9a:60:
f1:e0:58:76:cc:1a:fb:41:2c:83:60:65:c8:ce:0b:f5:fc:6d:
99:dd:78:1a:5f:f8:89:fe:c2:4c:4f:03:28:83:0a:cd:19:d2:
f4:c8:8c:f3:b8:3d:68:db:8d:37:1b:de:09:f5:bd:ad:1a:72:
6d:41:4a:66:c8:40:aa:6f:83:6f:5e:8a:15:5f:a3:23:0f:16:
32:c4:3e:82:63:9a:ec:32:22:78:cf:f5:b7:e4:4e:f2:fb:67:
7c:24:f2:40:81:ed:27:26:ed:76:b3:25:83:71:d9:a7:f6:20:
99:16:42:ad:17:d0:92:59:ed:2e:c3:87:78:5d:b9:03:bf:f6:
ed:05:67:42:13:6d:39:35:1b:d2:3d:9d:e7:4d:32:d3:d8:8f:
bf:15:8c:a4:e7:7a:08:ea:f4:6c:ef:a7:41:32:b3:1f:29:3d:
80:71:9a:5a:b8:ef:74:66:9d:4a:9f:8f:ea:15:33:03:d9:ec:
85:79:39:6f:b4:86:33:9b:70:f7:e8:72:9a:09:66:9a:05:93:
43:e5:db:d5:40:48:a2:c3:9f:05:e0:ee:33:7a:6d:40:a4:de:
ec:34:54:21
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjc1RTkxMTAvBgNVBAUTKEJCNUFCQjU5RjMxN0FCN0NFOTU1NDFDQTVBQzUyRjIx
N0ZFOTU5MzEwHhcNMjUwMzIyMTE0MjE2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RlYTIxNy0zNzAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4rNk4h1yA6ujt03eW2TGrHlCIAbFZLfygLeKMmWtLjl6K9rDk/gzVePaQiKO
0QYWZhIJSbIQq6BF/yxCZ44Vf4Tk1m4z0ZpgRBPtyWfx5cQMxheGnT3AkwUs0cF4
A66qSbAw2XSycn/YRndKLsRxFQnls/38Q1YViaLLNPsO8k6+Hhqoj1S2cktDZ8m4
skWoPS+lx5nDtGtqFOpHDJ51qYMIwUdD8R6s34MybWgy+vWEKyYcAdlG5GcXrkS5
/iSUQEOLmQnJwk83425i6hzEYTWiEVLj2HgbVQRhed1EzmwICsO9onCdDJfzi6ow
/nqE1xgKKbv8/35ZkP4ew+TQgQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPI/ac2R
lK7YEm5bLje6Xay1+CwwMB8GA1UdIwQYMBaAFLtau1nzF6t86VVBylrFLyF/6Vkx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzVFOS9FNjk0RkM0QUZC
RDcxMUVBQkZFRTUyNDZDNEY5QUUwMi91MXE3V2ZNWHEzenBWVUhLV3NVdklYX3BX
VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxcTdXZk1YcTN6cFZVSEtXc1V2SVhfcFdURS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjc1RTkvRTY5NEZDNEFGQkQ3MTFFQUJGRUU1MjQ2QzRGOUFFMDIvQjNBMkQ0MUEw
NzEyMTFGMEI5NTMxRjBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnBowDQYJKoZIhvcNAQELBQADggEBACXWeazVQ9aaVMzH
O6RK93UHYaLkJOBgZ5ksrrpUgQDrCiqaYPHgWHbMGvtBLINgZcjOC/X8bZndeBpf
+In+wkxPAyiDCs0Z0vTIjPO4PWjbjTcb3gn1va0acm1BSmbIQKpvg29eihVfoyMP
FjLEPoJjmuwyInjP9bfkTvL7Z3wk8kCB7Scm7XazJYNx2af2IJkWQq0X0JJZ7S7D
h3hduQO/9u0FZ0ITbTk1G9I9nedNMtPYj78VjKTnegjq9Gzvp0Eysx8pPYBxmlq4
73RmnUqfj+oVMwPZ7IV5OW+0hjObcPfocpoJZpoFk0Pl29VASKLDnwXg7jN6bUCk
3uw0VCE=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:30:22 2025 by rpki-client