Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/1AD64F18D23411EAAFD6AA3AC4F9AE02.roa
File: 1AD64F18D23411EAAFD6AA3AC4F9AE02.roa (raw, json)
Hash identifier: C40oyBiTxjQqMGzoY7zwrfSLtJR/TE6dpDn0DYUL1uI=
Subject key identifier: 91:DE:7D:83:DA:3B:E5:67:28:1A:3C:1A:FB:9C:91:CF:1A:AB:04:23
Certificate issuer: /CN=A91B1185/serialNumber=FE3CD37CEC0E382307B4F9D5FFD57E97F121F053
Certificate serial: 1635
Authority key identifier: FE:3C:D3:7C:EC:0E:38:23:07:B4:F9:D5:FF:D5:7E:97:F1:21:F0:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/1AD64F18D23411EAAFD6AA3AC4F9AE02.roa
Signing time: Tue 18 Feb 2025 17:34:45 +0000
ROA not before: Tue 18 Feb 2025 17:34:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198381
IP address blocks: 103.27.23.0/24 maxlen: 24
175.111.8.0/24 maxlen: 24
175.111.9.0/24 maxlen: 24
175.111.10.0/23 maxlen: 23
175.111.12.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5685 (0x1635)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B1185
Validity
Not Before: Feb 18 17:34:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67b4c4b5-7c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:cd:6b:65:5a:7b:bb:81:77:07:03:a5:b7:85:
32:fa:26:f3:fb:98:c6:be:f4:a6:05:30:13:c4:fb:
5f:e6:e5:97:00:e8:2d:35:74:2e:11:a0:45:45:22:
d6:c8:fd:b2:39:e9:82:66:ec:43:08:4f:27:97:45:
57:41:4e:35:29:d8:c0:09:64:d7:a1:46:f2:79:98:
b3:b7:d9:39:b8:6b:7d:b7:22:f0:c0:83:08:7f:30:
21:a3:c1:c8:f1:9f:6a:93:9e:65:2d:24:3a:e8:1b:
68:fa:73:94:61:01:fd:e3:a7:f2:e5:fc:ff:16:cc:
96:2d:16:55:a8:ed:24:fe:d0:01:8a:a6:73:fa:50:
e9:9f:2a:5e:83:99:dc:41:7c:89:8c:a1:8f:ec:1f:
a9:b1:57:20:b4:42:44:6b:26:83:4b:0a:88:6c:6d:
72:18:3d:12:f9:a2:43:ae:db:62:43:66:37:a8:e5:
0f:91:c0:12:99:f4:6f:31:7c:ce:0a:e9:13:57:a5:
a4:30:15:cc:e7:d2:5a:fc:f9:83:73:00:dc:27:c2:
73:64:7a:da:cb:2f:6e:20:c6:d3:30:6b:99:91:0d:
72:47:25:9c:0c:7c:70:7f:b8:51:2e:97:0f:38:06:
fe:27:b4:b3:77:68:c1:e5:9d:06:39:99:4c:94:b4:
fc:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DE:7D:83:DA:3B:E5:67:28:1A:3C:1A:FB:9C:91:CF:1A:AB:04:23
X509v3 Authority Key Identifier:
keyid:FE:3C:D3:7C:EC:0E:38:23:07:B4:F9:D5:FF:D5:7E:97:F1:21:F0:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/1AD64F18D23411EAAFD6AA3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.27.23.0/24
175.111.8.0-175.111.13.255
Signature Algorithm: sha256WithRSAEncryption
5a:e4:ac:09:bd:10:19:3f:78:51:ca:1d:21:e0:13:3a:36:6c:
26:d7:eb:98:84:dc:4a:99:e5:9e:ac:f9:df:2d:55:64:d7:37:
19:c4:03:ff:24:6d:d1:13:61:48:fa:51:3e:cc:58:e6:a9:5f:
8e:c8:84:48:69:e6:ff:0f:5b:dc:b3:0c:6b:3b:d5:cd:8f:ff:
81:c3:fe:a4:6a:49:bb:7a:1b:10:95:b6:96:52:58:63:e2:8d:
71:1f:48:a0:a8:02:a8:8e:68:8c:9b:7b:34:78:c3:a3:4d:2e:
74:6b:e9:ca:66:50:c7:b8:3f:dc:e1:7c:2a:61:61:94:ab:73:
2e:71:36:a9:46:bb:f2:c7:2e:78:8a:e0:e6:52:74:29:eb:38:
51:63:e7:7e:50:14:00:07:0d:70:ef:0d:15:53:a5:46:55:01:
20:94:73:46:cd:a2:43:5e:14:fb:00:95:ea:18:7a:0f:a4:74:
ea:62:61:26:fa:ae:d7:df:e3:1c:1c:26:4f:34:67:29:5d:fa:
ce:8e:f3:8f:b0:86:ac:75:96:88:e9:7c:93:70:3a:1e:07:42:
31:80:10:6b:dc:35:98:3c:18:dd:4c:17:17:62:f9:f6:9f:c0:
8b:5e:16:08:5e:b7:fa:1d:b4:07:86:a5:20:c8:ea:6e:7e:90:
0a:be:c1:6d
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICFjUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjExODUxMTAvBgNVBAUTKEZFM0NEMzdDRUMwRTM4MjMwN0I0RjlENUZGRDU3RTk3
RjEyMUYwNTMwHhcNMjUwMjE4MTczNDQ1WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0YzRiNS03YzEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm81rZVp7u4F3BwOlt4Uy+ibz+5jGvvSmBTATxPtf5uWXAOgtNXQuEaBFRSLW
yP2yOemCZuxDCE8nl0VXQU41KdjACWTXoUbyeZizt9k5uGt9tyLwwIMIfzAho8HI
8Z9qk55lLSQ66Bto+nOUYQH946fy5fz/FsyWLRZVqO0k/tABiqZz+lDpnypeg5nc
QXyJjKGP7B+psVcgtEJEayaDSwqIbG1yGD0S+aJDrttiQ2Y3qOUPkcASmfRvMXzO
CukTV6WkMBXM59Ja/PmDcwDcJ8JzZHrayy9uIMbTMGuZkQ1yRyWcDHxwf7hRLpcP
OAb+J7Szd2jB5Z0GOZlMlLT8UwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFJHefYPa
O+VnKBo8Gvuckc8aqwQjMB8GA1UdIwQYMBaAFP4803zsDjgjB7T51f/VfpfxIfBT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMTE4NS8zRUE5REQzQTE2
MjMxMUU4OTJDNEE5NDBDNEY5QUUwMi9fanpUZk93T09DTUh0UG5WXzlWLWxfRWg4
Rk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19qelRmT3dPT0NNSHRQblZfOVYtbF9FaDhGTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjExODUvM0VBOUREM0ExNjIzMTFFODkyQzRBOTQwQzRGOUFFMDIvMUFENjRGMThE
MjM0MTFFQUFGRDZBQTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBABnGxcwDAMEA69vCAMEAa9vDDANBgkqhkiG9w0BAQsFAAOC
AQEAWuSsCb0QGT94UcodIeATOjZsJtfrmITcSpnlnqz53y1VZNc3GcQD/yRt0RNh
SPpRPsxY5qlfjsiESGnm/w9b3LMMazvVzY//gcP+pGpJu3obEJW2llJYY+KNcR9I
oKgCqI5ojJt7NHjDo00udGvpymZQx7g/3OF8KmFhlKtzLnE2qUa78scueIrg5lJ0
Kes4UWPnflAUAAcNcO8NFVOlRlUBIJRzRs2iQ14U+wCV6hh6D6R06mJhJvqu19/j
HBwmTzRnKV36zo7zj7CGrHWWiOl8k3A6HgdCMYAQa9w1mDwY3UwXF2L59p/Ai14W
CF63+h20B4alIMjqbn6QCr7BbQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:39:16 2025 by rpki-client