Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/AB9E7432714911EEBF95153CC4F9AE02.roa
File: AB9E7432714911EEBF95153CC4F9AE02.roa (raw, json)
Hash identifier: lgOGf6vXQs55zxCogd+pRQs87jNu5Yd5pLF5QPR8QMk=
Subject key identifier: DA:3C:81:E4:C3:E4:45:4F:13:21:A4:20:4F:84:48:6C:14:98:95:18
Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60
Certificate serial: 2178
Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/AB9E7432714911EEBF95153CC4F9AE02.roa
Signing time: Tue 04 Mar 2025 16:33:11 +0000
ROA not before: Tue 04 Mar 2025 16:33:11 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 134743
IP address blocks: 45.253.128.0/23 maxlen: 24
103.103.104.0/22 maxlen: 24
103.197.212.0/23 maxlen: 24
103.223.136.0/23 maxlen: 24
2405:9f80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8568 (0x2178)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FDD4D
Validity
Not Before: Mar 4 16:33:11 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c72b47-8067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5a:1e:25:f7:f0:0e:69:71:4b:fd:89:bd:58:
c8:31:ae:65:7d:b5:7e:42:77:d8:69:5a:13:99:08:
26:73:b2:88:4f:32:98:dc:8e:6c:04:63:05:ce:55:
29:8e:79:97:e1:0b:6b:57:92:5a:dc:21:98:a9:f6:
e2:e8:9e:83:2a:c7:ab:66:3a:7a:2f:96:69:d3:0e:
ad:d5:38:86:b0:5e:ac:74:6b:0b:c9:de:17:a8:6a:
2f:52:e3:5e:6e:20:23:c6:f6:6f:7f:73:74:56:2c:
f6:3c:2c:62:cb:d4:97:1d:02:18:ea:c0:4a:79:d1:
25:04:3c:2a:3c:6f:a2:b0:4d:1c:67:b9:48:8a:88:
7f:a0:71:32:ac:86:2b:c7:70:c3:6a:58:d7:0c:60:
07:9a:40:66:ae:8b:0d:f7:55:8d:7e:34:17:d9:15:
36:54:af:4a:2c:72:b6:fb:73:01:03:70:c9:66:14:
57:76:cf:61:b0:42:02:a8:fd:52:30:01:29:f1:70:
1f:a1:e0:67:e3:69:d1:bf:3a:75:86:fc:ba:e5:8a:
4c:97:79:66:f8:64:8f:0d:d9:c9:f4:9d:76:20:dd:
ab:d9:50:43:4d:94:69:d1:de:9d:66:a9:e4:5e:6a:
f4:cc:f0:10:fe:a9:6f:43:2d:15:ad:89:3c:c0:17:
28:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:3C:81:E4:C3:E4:45:4F:13:21:A4:20:4F:84:48:6C:14:98:95:18
X509v3 Authority Key Identifier:
keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/AB9E7432714911EEBF95153CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.253.128.0/23
103.103.104.0/22
103.197.212.0/23
103.223.136.0/23
IPv6:
2405:9f80::/32
Signature Algorithm: sha256WithRSAEncryption
b6:59:d7:3f:bd:bc:fa:71:91:48:1d:7a:2c:24:c2:49:23:42:
ca:5a:6a:97:d2:84:51:9d:2d:06:7d:b4:d9:3c:c3:e3:49:0b:
c2:e2:1f:16:09:b7:7f:70:03:2f:52:54:f9:11:ec:a0:f5:dd:
48:44:83:ed:49:4f:ff:76:c9:c1:d6:df:75:b6:54:93:92:78:
22:c6:92:d2:d1:69:6c:83:f4:60:44:77:ea:ee:00:8c:95:48:
23:7c:56:d8:85:78:5b:16:2f:29:ba:d2:d2:97:6c:76:35:6d:
68:18:53:61:cf:17:9a:1b:f7:fc:9b:c5:5d:47:e3:4a:db:83:
05:f9:15:0f:b6:6c:1c:00:4d:0b:52:de:ab:b0:26:44:4c:53:
b3:98:34:44:a7:b7:51:e8:7a:d9:89:7d:18:b5:f9:c5:57:9a:
90:75:86:0f:ec:76:63:23:54:62:d9:d4:55:cb:94:2e:b2:5f:
23:f4:26:bb:ff:9a:6e:f9:9c:6c:3a:3b:1e:79:e4:99:b1:f7:
17:b2:19:4c:91:03:bc:b7:96:fb:a3:f5:9a:19:16:ed:4d:67:
dd:e7:af:7e:ba:a1:9b:23:01:c9:28:0f:44:89:7b:c2:7a:44:
47:23:72:c6:fe:4c:6a:9c:2c:6a:b3:66:71:92:17:5b:c2:ea:
88:bb:32:30
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICIXgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF
QTNFNDFFNjAwHhcNMjUwMzA0MTYzMzExWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3MmI0Ny04MDY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1VoeJffwDmlxS/2JvVjIMa5lfbV+QnfYaVoTmQgmc7KITzKY3I5sBGMFzlUp
jnmX4QtrV5Ja3CGYqfbi6J6DKserZjp6L5Zp0w6t1TiGsF6sdGsLyd4XqGovUuNe
biAjxvZvf3N0Viz2PCxiy9SXHQIY6sBKedElBDwqPG+isE0cZ7lIioh/oHEyrIYr
x3DDaljXDGAHmkBmrosN91WNfjQX2RU2VK9KLHK2+3MBA3DJZhRXds9hsEICqP1S
MAEp8XAfoeBn42nRvzp1hvy65YpMl3lm+GSPDdnJ9J12IN2r2VBDTZRp0d6dZqnk
Xmr0zPAQ/qlvQy0VrYk8wBcouwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFNo8geTD
5EVPEyGkIE+ESGwUmJUYMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB
NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI
bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkRENEQvQkFFMTA4QzRFQTYwMTFFNTg4MTU3NzBDQzRGOUFFMDIvQUI5RTc0MzI3
MTQ5MTFFRUJGOTUxNTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAEt/YADBAJnZ2gDBAFnxdQDBAFn34gwDQQCAAIwBwMFACQF
n4AwDQYJKoZIhvcNAQELBQADggEBALZZ1z+9vPpxkUgdeiwkwkkjQspaapfShFGd
LQZ9tNk8w+NJC8LiHxYJt39wAy9SVPkR7KD13UhEg+1JT/92ycHW33W2VJOSeCLG
ktLRaWyD9GBEd+ruAIyVSCN8VtiFeFsWLym60tKXbHY1bWgYU2HPF5ob9/ybxV1H
40rbgwX5FQ+2bBwATQtS3quwJkRMU7OYNESnt1HoetmJfRi1+cVXmpB1hg/sdmMj
VGLZ1FXLlC6yXyP0Jrv/mm75nGw6Ox555Jmx9xeyGUyRA7y3lvuj9ZoZFu1NZ93n
r366oZsjAckoD0SJe8J6REcjcsb+TGqcLGqzZnGSF1vC6oi7MjA=
-----END CERTIFICATE-----
Generated at Thu Apr 10 10:48:56 2025 by rpki-client