Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/624086E2E99611EA930A5B74C4F9AE02.roa
File: 624086E2E99611EA930A5B74C4F9AE02.roa (raw, json)
Hash identifier: ZdmpHgIkxt7GWbnQ6LOR1kcULfHlPHaLzEsc6YKJVc0=
Subject key identifier: 97:C8:A7:BB:52:43:A7:3D:D3:DC:97:05:AD:8E:90:45:12:22:32:12
Certificate issuer: /CN=A91F85CD/serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532
Certificate serial: 07E9
Authority key identifier: E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/624086E2E99611EA930A5B74C4F9AE02.roa
Signing time: Tue 18 Mar 2025 21:12:16 +0000
ROA not before: Tue 18 Mar 2025 21:12:16 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 138005
IP address blocks: 103.244.56.0/24 maxlen: 24
103.244.57.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2025 (0x7e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F85CD
Validity
Not Before: Mar 18 21:12:16 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67d9e1b0-d7a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f6:b8:9a:e4:9c:3d:ca:f0:9b:94:e5:fd:e0:
a6:f0:f2:39:9c:cc:30:bb:0d:25:0f:28:c8:5d:f2:
f3:34:77:83:b0:1d:f3:2a:e6:99:cd:00:86:e2:93:
2b:05:d2:cc:78:dd:41:ef:b0:7f:ba:74:d3:7b:87:
36:01:36:e9:5e:64:f2:d8:d0:5c:a0:5a:9b:1b:c6:
f3:0b:80:0e:5b:8d:d6:eb:8a:bf:bb:c9:ab:52:4b:
2d:6b:b2:2a:76:33:ae:ec:39:cb:7e:7e:32:63:46:
6a:f7:e1:b3:1b:26:13:db:40:98:0b:63:13:14:ff:
84:da:55:51:89:9e:be:fc:1f:c6:c8:4b:1e:4e:88:
23:39:41:e0:a8:2b:85:36:3e:8d:d7:7d:55:62:8c:
87:a0:cc:f2:0a:b4:9a:93:ff:44:dd:53:9f:36:e4:
aa:d5:ed:50:d3:04:51:f8:6e:49:d6:70:a3:8a:0d:
88:f3:93:42:fe:6d:60:f5:a8:e8:48:be:19:8c:26:
95:fd:a2:75:0d:bb:e0:97:7d:c0:40:00:17:2e:38:
84:bd:8f:d0:5c:4d:7d:a5:60:2f:94:ec:03:ae:76:
ac:50:36:c5:c8:6b:96:67:60:43:f9:a2:90:ae:d2:
da:0b:d5:cb:20:78:c9:e2:19:e0:53:cd:1e:7d:25:
97:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C8:A7:BB:52:43:A7:3D:D3:DC:97:05:AD:8E:90:45:12:22:32:12
X509v3 Authority Key Identifier:
keyid:E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/624086E2E99611EA930A5B74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.244.56.0/23
Signature Algorithm: sha256WithRSAEncryption
21:bf:90:80:00:1a:18:7a:70:ae:2d:4c:ed:22:71:90:23:c2:
5e:e9:57:f4:69:7d:ca:63:09:e9:ef:96:c4:a6:a2:a5:b8:a4:
40:70:ed:9d:43:5b:e3:54:b0:10:de:d8:f4:f8:bd:bd:74:52:
c0:ed:5c:b0:e1:2e:cc:34:e7:cd:c3:8e:cf:35:7b:df:0e:93:
be:37:db:33:7f:d8:78:82:72:b5:38:09:36:92:2e:bb:b3:0b:
d9:a0:25:ed:86:13:b6:73:42:9f:55:f5:85:20:7d:a4:c5:8c:
f1:f3:3b:58:80:e5:b2:cc:68:3f:c1:07:7b:c0:8a:64:b0:f4:
46:a4:5c:ac:ef:63:ac:0f:fe:69:87:c8:6f:cc:db:6d:1f:8d:
35:95:9d:67:c3:c4:9c:ec:f9:6c:59:0e:52:c3:ab:e3:29:81:
42:09:1c:4c:e3:02:27:00:16:0c:9f:a8:37:5d:c8:1d:3a:bc:
79:ef:ab:a2:50:2e:e1:89:4c:eb:7b:2f:ef:ec:59:fe:a5:88:
53:36:a4:da:d9:c1:d6:12:28:71:92:44:cd:8e:c1:1b:b6:71:
3a:00:e6:d1:13:cd:6f:67:1b:cb:90:68:7e:57:83:be:33:1c:
1b:65:61:f2:5f:a1:04:6d:d7:45:5a:39:48:95:b9:88:f2:f7:
5f:3b:55:5c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB+kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjg1Q0QxMTAvBgNVBAUTKEUyMTFDRDg1RTA3MjU1MEUzM0U0Q0M4NkE2M0ZCQ0RG
QUQxRDM1MzIwHhcNMjUwMzE4MjExMjE2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q5ZTFiMC1kN2E5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvva4muScPcrwm5Tl/eCm8PI5nMwwuw0lDyjIXfLzNHeDsB3zKuaZzQCG4pMr
BdLMeN1B77B/unTTe4c2ATbpXmTy2NBcoFqbG8bzC4AOW43W64q/u8mrUksta7Iq
djOu7DnLfn4yY0Zq9+GzGyYT20CYC2MTFP+E2lVRiZ6+/B/GyEseTogjOUHgqCuF
Nj6N131VYoyHoMzyCrSak/9E3VOfNuSq1e1Q0wRR+G5J1nCjig2I85NC/m1g9ajo
SL4ZjCaV/aJ1Dbvgl33AQAAXLjiEvY/QXE19pWAvlOwDrnasUDbFyGuWZ2BD+aKQ
rtLaC9XLIHjJ4hngU80efSWXQQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJfIp7tS
Q6c909yXBa2OkEUSIjISMB8GA1UdIwQYMBaAFOIRzYXgclUOM+TMhqY/vN+tHTUy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODVDRC84QTUwNTU4OERE
MTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZRNHo1TXlHcGotODM2MGRO
VEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRoSE5oZUJ5VlE0ejVNeUdwai04MzYwZE5USS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjg1Q0QvOEE1MDU1ODhERDE5MTFFQTk0RDI2MDExQzRGOUFFMDIvNjI0MDg2RTJF
OTk2MTFFQTkzMEE1Qjc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn9DgwDQYJKoZIhvcNAQELBQADggEBACG/kIAAGhh6cK4t
TO0icZAjwl7pV/RpfcpjCenvlsSmoqW4pEBw7Z1DW+NUsBDe2PT4vb10UsDtXLDh
Lsw0583Djs81e98Ok7432zN/2HiCcrU4CTaSLruzC9mgJe2GE7ZzQp9V9YUgfaTF
jPHzO1iA5bLMaD/BB3vAimSw9EakXKzvY6wP/mmHyG/M220fjTWVnWfDxJzs+WxZ
DlLDq+MpgUIJHEzjAicAFgyfqDddyB06vHnvq6JQLuGJTOt7L+/sWf6liFM2pNrZ
wdYSKHGSRM2OwRu2cToA5tETzW9nG8uQaH5Xg74zHBtlYfJfoQRt10VaOUiVuYjy
9187VVw=
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:08:12 2025 by rpki-client