Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D7D87/18F6373012D611EF84E3641EC4F9AE02/745A41CC2FA311EFBCD3546DC4F9AE02.roa
File: 745A41CC2FA311EFBCD3546DC4F9AE02.roa (raw, json)
Hash identifier: CPD742iiES9rbPbeCK1WZoSS8qfszA2mvXUnwvIYEO4=
Subject key identifier: A9:94:4D:56:41:89:A9:3F:F4:5F:0F:35:21:F3:E7:71:7E:77:DC:AD
Certificate issuer: /CN=A91D7D87/serialNumber=A43183ECC650B8570D68F7D412A4F0014DA8B9C4
Certificate serial: BA
Authority key identifier: A4:31:83:EC:C6:50:B8:57:0D:68:F7:D4:12:A4:F0:01:4D:A8:B9:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pDGD7MZQuFcNaPfUEqTwAU2oucQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D7D87/18F6373012D611EF84E3641EC4F9AE02/745A41CC2FA311EFBCD3546DC4F9AE02.roa
Signing time: Thu 27 Mar 2025 05:43:00 +0000
ROA not before: Thu 27 Mar 2025 05:43:00 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 18013
IP address blocks: 103.135.145.0/24 maxlen: 24
103.231.84.0/24 maxlen: 24
103.231.85.0/24 maxlen: 24
103.231.86.0/24 maxlen: 24
150.242.37.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186 (0xba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D7D87
Validity
Not Before: Mar 27 05:43:00 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e4e564-346c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d9:b7:be:a9:88:e6:87:ff:e7:a6:6e:b1:f9:
97:3e:ce:57:95:84:b8:dc:5f:7b:c8:d3:36:e1:ad:
48:e0:99:64:fd:21:14:00:d0:6b:64:8c:c6:9a:70:
d3:a1:40:6e:61:d6:3c:3e:94:68:85:3d:5d:35:23:
2d:5e:e6:5d:d7:cc:cb:6c:33:90:75:30:82:10:0d:
71:f2:26:f4:62:32:b8:2c:42:79:7e:d8:21:2d:a0:
4e:2d:9c:b0:e2:4d:40:2b:f6:1a:0b:92:7d:13:28:
cd:38:83:4a:cd:a8:86:81:81:50:e7:59:ca:6e:22:
21:5c:00:bf:ea:a1:36:5d:90:58:ee:7b:08:67:d8:
2f:14:b5:05:54:86:76:ab:e6:5f:e9:a0:5c:27:1b:
ab:a9:d3:76:6b:36:f2:da:a3:b1:76:1b:f4:e3:4b:
92:8c:e6:52:cb:16:56:96:6f:49:28:54:ea:5c:c0:
fd:49:db:5a:4c:f1:dc:4c:08:8f:d4:f6:43:d9:fd:
93:03:11:05:fd:f0:58:54:ab:64:57:98:22:79:21:
f1:e3:d5:db:ac:eb:cb:45:8b:67:68:f0:30:01:cb:
e2:fb:2f:c4:85:60:ae:29:e0:92:9d:c8:8c:9e:fe:
72:93:37:3d:fd:fa:bd:c9:5c:84:4e:b5:6c:21:1b:
f6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:94:4D:56:41:89:A9:3F:F4:5F:0F:35:21:F3:E7:71:7E:77:DC:AD
X509v3 Authority Key Identifier:
keyid:A4:31:83:EC:C6:50:B8:57:0D:68:F7:D4:12:A4:F0:01:4D:A8:B9:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D7D87/18F6373012D611EF84E3641EC4F9AE02/pDGD7MZQuFcNaPfUEqTwAU2oucQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pDGD7MZQuFcNaPfUEqTwAU2oucQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D7D87/18F6373012D611EF84E3641EC4F9AE02/745A41CC2FA311EFBCD3546DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.135.145.0/24
103.231.84.0-103.231.86.255
150.242.37.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:7d:c1:a4:e3:64:1f:6b:f3:56:45:6f:1a:ba:92:76:13:d1:
11:72:de:b0:a2:a5:86:2d:17:5b:67:e8:e3:ec:e5:be:41:fe:
7e:7a:4c:bb:73:5a:d5:08:47:36:b6:00:50:2a:9a:c9:d0:95:
89:ff:01:99:50:08:7b:08:15:71:a4:87:4c:96:e3:4c:0b:e7:
56:45:ba:eb:41:ac:09:9a:f2:b3:93:70:55:cb:5b:5a:93:d5:
88:b1:33:b9:fa:00:d6:88:6d:a5:be:0e:c0:19:d7:75:95:e6:
d6:76:54:00:d9:5d:6c:f8:64:4e:f0:44:8e:e7:7a:a5:77:bb:
16:d8:d9:0a:81:04:09:9b:5d:88:22:c8:90:59:5f:f3:0c:9f:
cc:f0:08:87:9b:86:39:0b:c0:c1:4e:08:74:e4:38:21:5f:be:
cd:cd:95:5a:ea:22:2d:f3:61:eb:ab:98:e3:08:bf:4c:af:9d:
ce:31:3c:f0:89:e7:a9:79:9c:e7:e3:ba:a5:9b:30:df:03:ea:
cb:2b:41:99:67:83:b2:70:b6:2c:ba:14:1d:df:85:f0:ad:87:
f1:02:11:3d:d4:66:1e:49:c9:ff:aa:14:5a:1f:48:d2:ab:e0:
c7:3b:00:2d:3a:36:5c:d7:0e:fc:ad:97:2e:b2:38:cc:69:be:
61:aa:8e:3b
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICALowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDdEODcxMTAvBgNVBAUTKEE0MzE4M0VDQzY1MEI4NTcwRDY4RjdENDEyQTRGMDAx
NERBOEI5QzQwHhcNMjUwMzI3MDU0MzAwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U0ZTU2NC0zNDZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwdm3vqmI5of/56ZusfmXPs5XlYS43F97yNM24a1I4Jlk/SEUANBrZIzGmnDT
oUBuYdY8PpRohT1dNSMtXuZd18zLbDOQdTCCEA1x8ib0YjK4LEJ5ftghLaBOLZyw
4k1AK/YaC5J9EyjNOINKzaiGgYFQ51nKbiIhXAC/6qE2XZBY7nsIZ9gvFLUFVIZ2
q+Zf6aBcJxurqdN2azby2qOxdhv040uSjOZSyxZWlm9JKFTqXMD9SdtaTPHcTAiP
1PZD2f2TAxEF/fBYVKtkV5gieSHx49XbrOvLRYtnaPAwAcvi+y/EhWCuKeCSnciM
nv5ykzc9/fq9yVyETrVsIRv2HwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFKmUTVZB
iak/9F8PNSHz53F+d9ytMB8GA1UdIwQYMBaAFKQxg+zGULhXDWj31BKk8AFNqLnE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEN0Q4Ny8xOEY2MzczMDEy
RDYxMUVGODRFMzY0MUVDNEY5QUUwMi9wREdEN01aUXVGY05hUGZVRXFUd0FVMm91
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BER0Q3TVpRdUZjTmFQZlVFcVR3QVUyb3VjUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDdEODcvMThGNjM3MzAxMkQ2MTFFRjg0RTM2NDFFQzRGOUFFMDIvNzQ1QTQxQ0My
RkEzMTFFRkJDRDM1NDZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBABnh5EwDAMEAmfnVAMEAGfnVgMEAJbyJTANBgkqhkiG9w0B
AQsFAAOCAQEApX3BpONkH2vzVkVvGrqSdhPREXLesKKlhi0XW2fo4+zlvkH+fnpM
u3Na1QhHNrYAUCqaydCVif8BmVAIewgVcaSHTJbjTAvnVkW660GsCZrys5NwVctb
WpPViLEzufoA1ohtpb4OwBnXdZXm1nZUANldbPhkTvBEjud6pXe7FtjZCoEECZtd
iCLIkFlf8wyfzPAIh5uGOQvAwU4IdOQ4IV++zc2VWuoiLfNh66uY4wi/TK+dzjE8
8InnqXmc5+O6pZsw3wPqyytBmWeDsnC2LLoUHd+F8K2H8QIRPdRmHknJ/6oUWh9I
0qvgxzsALTo2XNcO/K2XLrI4zGm+YaqOOw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:15:24 2025 by rpki-client