Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F7BE4/A06305C2511111E98C4BF10FC4F9AE02/DB63DD0C511311E998B6E814C4F9AE02.roa
File: DB63DD0C511311E998B6E814C4F9AE02.roa (raw, json)
Hash identifier: Mh1zi5YD9Zt1qZTGwDKJ/p09AgZsGk5KhqRaFO5mGTY=
Subject key identifier: 42:92:2C:D0:4B:7E:BC:63:15:A2:AC:1B:4F:B5:28:90:95:BE:A2:0F
Certificate issuer: /CN=A91F7BE4/serialNumber=1E6B3944B6788E90E997D8A8E8067C5969B8898C
Certificate serial: 0F91
Authority key identifier: 1E:6B:39:44:B6:78:8E:90:E9:97:D8:A8:E8:06:7C:59:69:B8:89:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hms5RLZ4jpDpl9io6AZ8WWm4iYw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F7BE4/A06305C2511111E98C4BF10FC4F9AE02/DB63DD0C511311E998B6E814C4F9AE02.roa
Signing time: Thu 26 Dec 2024 17:35:43 +0000
ROA not before: Thu 26 Dec 2024 17:35:43 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 137206
IP address blocks: 103.104.228.0/24 maxlen: 24
103.138.52.0/24 maxlen: 24
2001:df3:5900::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3985 (0xf91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F7BE4
Validity
Not Before: Dec 26 17:35:43 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=676d93ef-4b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:f7:c9:b6:e4:9f:2e:3f:92:df:d4:2a:f4:cc:
9f:99:e6:5d:d0:05:c0:19:9e:ef:14:b1:ad:c3:4b:
66:47:da:21:29:34:44:25:2b:f9:5a:f5:57:24:28:
8e:ee:dd:18:73:ae:97:4a:02:30:73:36:07:ca:74:
18:15:03:ca:ab:21:b6:ed:61:fd:aa:52:22:5d:ce:
a5:d6:b9:34:8f:76:e0:ea:fa:eb:88:d1:18:01:b9:
a1:6b:b9:14:e3:92:56:75:6d:21:12:8f:9e:da:c6:
a8:dc:87:0d:86:eb:c8:d6:c8:e1:32:b3:86:1e:0c:
86:0d:27:09:16:3c:5c:2b:db:72:2c:ee:bc:ee:7a:
f7:61:62:a0:77:c1:d3:e7:5e:7b:fa:2e:50:51:a4:
46:36:d6:22:d1:f3:a3:41:b3:56:42:f6:3e:29:58:
4e:18:4e:8d:10:1f:2f:6e:2b:59:29:8b:fc:e1:f2:
99:55:da:bc:24:c2:6b:9f:f4:ff:f8:3b:57:da:7f:
f3:21:96:7f:4c:87:1c:56:13:0d:0e:c9:46:9e:e2:
f3:cb:3e:0a:69:bf:01:3a:db:2c:ad:96:40:3d:d3:
37:19:e0:13:31:5c:ce:29:1e:bd:4c:5c:4b:49:65:
3d:b6:12:91:74:59:69:69:05:db:00:f2:ca:f2:3f:
36:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:92:2C:D0:4B:7E:BC:63:15:A2:AC:1B:4F:B5:28:90:95:BE:A2:0F
X509v3 Authority Key Identifier:
keyid:1E:6B:39:44:B6:78:8E:90:E9:97:D8:A8:E8:06:7C:59:69:B8:89:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F7BE4/A06305C2511111E98C4BF10FC4F9AE02/Hms5RLZ4jpDpl9io6AZ8WWm4iYw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hms5RLZ4jpDpl9io6AZ8WWm4iYw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F7BE4/A06305C2511111E98C4BF10FC4F9AE02/DB63DD0C511311E998B6E814C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.228.0/24
103.138.52.0/24
IPv6:
2001:df3:5900::/48
Signature Algorithm: sha256WithRSAEncryption
08:12:ba:4c:b3:62:2f:d8:de:b5:26:ea:0b:90:14:c1:4d:b7:
78:31:cd:ac:fa:4a:87:9d:59:11:9a:85:29:6d:e6:82:69:50:
89:0f:ef:97:c3:39:4f:e2:43:d9:c1:2b:f9:3f:8d:59:4f:cc:
53:d2:8c:26:58:dc:57:d2:e8:ed:48:63:96:a4:d5:44:f0:45:
e8:c0:b6:f9:13:97:84:94:28:a6:9e:96:97:c8:70:42:df:c0:
41:b3:a1:77:df:d4:87:c5:3d:97:7f:73:61:3f:d5:a8:62:3c:
15:82:4d:d0:27:cd:fb:81:82:1e:8e:a0:a4:2c:dc:d8:21:59:
d4:0d:fb:49:d9:80:d6:b1:e5:64:04:97:71:3c:94:c7:6c:5d:
c9:86:5b:73:48:13:7d:bd:4e:62:de:fd:fa:77:6a:28:78:1b:
a7:77:4c:14:51:1e:8b:0f:fe:58:e2:b8:72:6f:62:5d:6d:63:
68:70:d8:dd:79:15:05:7e:3a:7a:d3:96:d4:f2:0d:06:14:3d:
46:d2:74:9f:00:96:1e:5d:fd:31:55:4a:48:8a:70:fc:62:5b:
66:c3:d1:ca:3b:03:0c:65:e5:f3:7c:76:8a:ce:69:94:fa:ef:
6b:7d:30:4b:22:21:29:06:0b:80:d2:ce:e2:e8:79:1c:04:ad:
ad:af:ba:eb
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICD5EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjdCRTQxMTAvBgNVBAUTKDFFNkIzOTQ0QjY3ODhFOTBFOTk3RDhBOEU4MDY3QzU5
NjlCODg5OEMwHhcNMjQxMjI2MTczNTQzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZkOTNlZi00YjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA/PfJtuSfLj+S39Qq9MyfmeZd0AXAGZ7vFLGtw0tmR9ohKTREJSv5WvVXJCiO
7t0Yc66XSgIwczYHynQYFQPKqyG27WH9qlIiXc6l1rk0j3bg6vrriNEYAbmha7kU
45JWdW0hEo+e2sao3IcNhuvI1sjhMrOGHgyGDScJFjxcK9tyLO687nr3YWKgd8HT
5157+i5QUaRGNtYi0fOjQbNWQvY+KVhOGE6NEB8vbitZKYv84fKZVdq8JMJrn/T/
+DtX2n/zIZZ/TIccVhMNDslGnuLzyz4Kab8BOtssrZZAPdM3GeATMVzOKR69TFxL
SWU9thKRdFlpaQXbAPLK8j82FQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFEKSLNBL
frxjFaKsG0+1KJCVvqIPMB8GA1UdIwQYMBaAFB5rOUS2eI6Q6ZfYqOgGfFlpuImM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGN0JFNC9BMDYzMDVDMjUx
MTExMUU5OEM0QkYxMEZDNEY5QUUwMi9IbXM1UkxaNGpwRHBsOWlvNkFaOFdXbTRp
WXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0htczVSTFo0anBEcGw5aW82QVo4V1dtNGlZdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjdCRTQvQTA2MzA1QzI1MTExMTFFOThDNEJGMTBGQzRGOUFFMDIvREI2M0REMEM1
MTEzMTFFOTk4QjZFODE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnaOQDBABnijQwDwQCAAIwCQMHACABDfNZADANBgkqhkiG
9w0BAQsFAAOCAQEACBK6TLNiL9jetSbqC5AUwU23eDHNrPpKh51ZEZqFKW3mgmlQ
iQ/vl8M5T+JD2cEr+T+NWU/MU9KMJljcV9Lo7UhjlqTVRPBF6MC2+ROXhJQopp6W
l8hwQt/AQbOhd9/Uh8U9l39zYT/VqGI8FYJN0CfN+4GCHo6gpCzc2CFZ1A37SdmA
1rHlZASXcTyUx2xdyYZbc0gTfb1OYt79+ndqKHgbp3dMFFEeiw/+WOK4cm9iXW1j
aHDY3XkVBX46etOW1PINBhQ9RtJ0nwCWHl39MVVKSIpw/GJbZsPRyjsDDGXl83x2
is5plPrva30wSyIhKQYLgNLO4uh5HAStra+66w==
-----END CERTIFICATE-----
Generated at Fri Apr 11 15:15:46 2025 by rpki-client