Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/87D45318994C11EC82BA3978C4F9AE02.roa
File: 87D45318994C11EC82BA3978C4F9AE02.roa (raw, json)
Hash identifier: /AMe5fWdVkNbiDNAX3rxonqHX2GWCAFeTm3WBDEgams=
Subject key identifier: 01:DD:9A:9F:1A:30:48:67:62:77:D4:46:27:CF:E8:83:E8:FC:BB:60
Certificate issuer: /CN=A91B1185/serialNumber=FE3CD37CEC0E382307B4F9D5FFD57E97F121F053
Certificate serial: 1634
Authority key identifier: FE:3C:D3:7C:EC:0E:38:23:07:B4:F9:D5:FF:D5:7E:97:F1:21:F0:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/87D45318994C11EC82BA3978C4F9AE02.roa
Signing time: Tue 18 Feb 2025 17:34:44 +0000
ROA not before: Tue 18 Feb 2025 17:34:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198247
IP address blocks: 103.27.21.0/24 maxlen: 24
175.111.2.0/24 maxlen: 24
175.111.7.0/24 maxlen: 24
175.111.14.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5684 (0x1634)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B1185
Validity
Not Before: Feb 18 17:34:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67b4c4b4-de44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b7:88:d6:85:51:04:dd:34:ac:a4:a4:52:80:
25:27:02:c9:71:09:7b:1a:8e:6b:a2:55:e3:51:b4:
c8:bd:97:df:01:ba:13:fd:33:dd:27:08:92:ac:24:
4c:64:71:ba:75:0f:90:fd:9c:e6:e5:6b:cd:46:37:
33:db:f5:6f:2a:d5:d7:63:e0:ab:44:fd:b9:39:b9:
2b:86:94:db:7c:06:f4:ec:a2:2a:74:df:20:4c:96:
64:44:86:61:76:a8:c7:b6:cc:94:b3:e7:e4:02:11:
07:12:f1:95:b7:70:36:24:69:f8:24:07:49:bb:44:
9c:6a:bf:53:d5:54:2d:2a:19:92:3e:ab:a1:c1:57:
7c:93:f7:d2:2e:0e:da:04:69:0c:5e:98:4a:54:d0:
12:9f:55:06:ea:a5:f3:24:98:5b:ae:d7:b6:cb:82:
c1:06:70:9b:e4:c7:da:68:37:66:c7:3e:03:b3:d9:
0d:4e:86:52:cc:5c:52:51:bf:17:9e:ef:92:89:a2:
41:53:43:c4:43:e5:ed:f6:a1:b5:91:af:be:90:79:
07:86:e8:7b:af:41:4e:e4:41:ac:c9:7d:30:8f:92:
61:ea:1a:4e:d8:66:72:0d:ae:5f:0d:81:b2:56:82:
4e:23:ce:5a:de:31:ac:d8:6e:6b:17:86:98:97:93:
65:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:DD:9A:9F:1A:30:48:67:62:77:D4:46:27:CF:E8:83:E8:FC:BB:60
X509v3 Authority Key Identifier:
keyid:FE:3C:D3:7C:EC:0E:38:23:07:B4:F9:D5:FF:D5:7E:97:F1:21:F0:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/87D45318994C11EC82BA3978C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.27.21.0/24
175.111.2.0/24
175.111.7.0/24
175.111.14.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:90:43:4e:ca:9b:23:d2:20:03:2d:5d:f8:1e:28:36:64:79:
80:ab:92:de:4d:b0:40:69:68:3e:ef:53:08:0f:2e:d9:8d:d5:
7e:22:cf:8c:9e:e1:51:ba:c8:d0:5b:a4:c4:32:0a:58:ea:91:
7f:f9:7b:e9:eb:9b:ac:d9:c7:ef:f6:40:13:26:9b:12:bb:0a:
a3:7e:de:d7:ab:1c:20:69:68:11:14:d8:58:9b:11:87:b2:e8:
69:cd:66:fd:72:65:cf:1a:69:53:68:8f:83:76:1a:96:c3:17:
6e:86:50:09:9d:9e:d6:f0:87:c5:83:8d:91:95:4e:cd:a6:0f:
6a:64:5b:4f:eb:55:3d:77:5c:57:70:82:e0:c1:3a:2b:cd:6d:
41:7f:67:b8:d6:22:b7:a0:76:13:72:d6:c4:df:0c:d0:dc:41:
9f:de:58:36:1d:23:8a:32:71:c6:31:87:b7:eb:15:f7:82:f5:
96:99:e7:be:b1:ad:b6:d4:28:f9:c2:4f:55:39:a4:b6:bc:f0:
a5:9c:6b:82:5f:55:17:f1:74:2c:7f:7a:9d:24:4e:8d:e3:64:
d9:60:39:7e:48:25:2a:de:0a:14:ac:76:0e:aa:c9:56:a6:4b:
f1:17:c8:b1:e3:e3:5d:a1:67:c1:6f:b1:3c:c2:58:76:c3:af:
f1:bd:a2:a4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFjQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjExODUxMTAvBgNVBAUTKEZFM0NEMzdDRUMwRTM4MjMwN0I0RjlENUZGRDU3RTk3
RjEyMUYwNTMwHhcNMjUwMjE4MTczNDQ0WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0YzRiNC1kZTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxLeI1oVRBN00rKSkUoAlJwLJcQl7Go5rolXjUbTIvZffAboT/TPdJwiSrCRM
ZHG6dQ+Q/Zzm5WvNRjcz2/VvKtXXY+CrRP25ObkrhpTbfAb07KIqdN8gTJZkRIZh
dqjHtsyUs+fkAhEHEvGVt3A2JGn4JAdJu0Scar9T1VQtKhmSPquhwVd8k/fSLg7a
BGkMXphKVNASn1UG6qXzJJhbrte2y4LBBnCb5MfaaDdmxz4Ds9kNToZSzFxSUb8X
nu+SiaJBU0PEQ+Xt9qG1ka++kHkHhuh7r0FO5EGsyX0wj5Jh6hpO2GZyDa5fDYGy
VoJOI85a3jGs2G5rF4aYl5Nl0wIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFAHdmp8a
MEhnYnfURifP6IPo/LtgMB8GA1UdIwQYMBaAFP4803zsDjgjB7T51f/VfpfxIfBT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMTE4NS8zRUE5REQzQTE2
MjMxMUU4OTJDNEE5NDBDNEY5QUUwMi9fanpUZk93T09DTUh0UG5WXzlWLWxfRWg4
Rk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19qelRmT3dPT0NNSHRQblZfOVYtbF9FaDhGTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjExODUvM0VBOUREM0ExNjIzMTFFODkyQzRBOTQwQzRGOUFFMDIvODdENDUzMTg5
OTRDMTFFQzgyQkEzOTc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABnGxUDBACvbwIDBACvbwcDBAGvbw4wDQYJKoZIhvcNAQEL
BQADggEBAE6QQ07KmyPSIAMtXfgeKDZkeYCrkt5NsEBpaD7vUwgPLtmN1X4iz4ye
4VG6yNBbpMQyCljqkX/5e+nrm6zZx+/2QBMmmxK7CqN+3terHCBpaBEU2FibEYey
6GnNZv1yZc8aaVNoj4N2GpbDF26GUAmdntbwh8WDjZGVTs2mD2pkW0/rVT13XFdw
guDBOivNbUF/Z7jWIregdhNy1sTfDNDcQZ/eWDYdI4oyccYxh7frFfeC9ZaZ576x
rbbUKPnCT1U5pLa88KWca4JfVRfxdCx/ep0kTo3jZNlgOX5IJSreChSsdg6qyVam
S/EXyLHj412hZ8FvsTzCWHbDr/G9oqQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:23:27 2025 by rpki-client