Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/A2F461C0FE4711EFA12A966AC4F9AE02.roa
File: A2F461C0FE4711EFA12A966AC4F9AE02.roa (raw, json)
Hash identifier: VN4pAPbIBDybYSe2h8DnGTVdj6/DGLesFKMNXxWTLrc=
Subject key identifier: C7:CB:2E:E5:C4:E4:38:6A:25:51:86:69:56:6E:8F:1C:B8:EE:31:9D
Certificate issuer: /CN=A91F3C87/serialNumber=EF9FE381DA3D42EB7C4E0D049CCAE7228E28FB4B
Certificate serial: 0191
Authority key identifier: EF:9F:E3:81:DA:3D:42:EB:7C:4E:0D:04:9C:CA:E7:22:8E:28:FB:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/A2F461C0FE4711EFA12A966AC4F9AE02.roa
Signing time: Tue 11 Mar 2025 07:08:30 +0000
ROA not before: Tue 11 Mar 2025 07:08:30 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 20473
IP address blocks: 43.224.149.0/24 maxlen: 24
43.224.150.0/24 maxlen: 24
43.224.151.0/24 maxlen: 24
103.43.173.0/24 maxlen: 24
103.43.174.0/24 maxlen: 24
103.43.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 401 (0x191)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F3C87
Validity
Not Before: Mar 11 07:08:30 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67cfe16e-ba72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:58:be:e5:be:b9:99:ab:e9:65:a8:0b:1d:97:
c3:0e:72:ac:64:7c:35:a9:35:22:fb:e0:fa:88:66:
f4:e4:e8:e0:a1:90:ac:58:91:81:03:3b:00:a0:36:
28:66:32:45:88:5e:6d:50:7c:fa:25:df:76:09:fb:
89:6c:a6:a8:a7:14:40:25:3e:28:0f:9a:b5:be:4b:
bb:c5:d9:bb:b6:df:82:2b:82:27:79:fc:d5:45:df:
c6:35:72:dd:24:92:d2:f3:ba:f3:f6:da:8d:fd:44:
5c:e5:34:46:d2:7b:d7:a1:d3:d4:45:8f:7e:e2:51:
5b:c3:28:88:c8:55:12:a8:cd:d3:05:2a:6d:92:10:
d8:84:1f:95:d2:ec:c8:2f:be:78:21:c3:4d:85:89:
b6:62:09:82:1a:0a:6f:53:0d:ef:3f:21:29:95:42:
97:63:1b:42:1c:d2:c0:42:37:c0:ae:16:c4:c6:37:
7f:0e:cd:f1:7b:63:cf:ee:f6:5b:1f:95:83:be:02:
6c:72:aa:e0:8f:7b:22:1b:36:60:c2:eb:5f:a7:11:
e2:dc:7d:97:bb:55:15:5e:23:bb:ef:0f:1e:38:3a:
a2:7e:75:64:91:95:c5:40:b4:de:29:6d:08:bd:6c:
02:ae:d0:18:0a:c1:df:07:37:c2:0b:73:6a:4d:f9:
f9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:CB:2E:E5:C4:E4:38:6A:25:51:86:69:56:6E:8F:1C:B8:EE:31:9D
X509v3 Authority Key Identifier:
keyid:EF:9F:E3:81:DA:3D:42:EB:7C:4E:0D:04:9C:CA:E7:22:8E:28:FB:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/75_jgdo9Qut8Tg0EnMrnIo4o-0s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/A2F461C0FE4711EFA12A966AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.149.0-43.224.151.255
103.43.173.0-103.43.175.255
Signature Algorithm: sha256WithRSAEncryption
1d:53:35:59:f7:c1:60:b1:b0:6f:af:3d:86:31:0b:6c:34:13:
8b:1e:1a:ca:56:8b:1c:38:a3:cc:b7:0a:64:fc:02:c3:90:05:
22:8a:66:db:03:ad:5a:86:33:07:a6:53:0f:27:f4:53:49:20:
04:96:89:f7:a5:6c:d4:9f:a0:7c:89:4e:77:3b:8f:31:e1:04:
be:1a:c7:b0:3c:ae:6b:4d:6d:4c:fc:88:62:a0:35:ea:15:6e:
1d:0f:4f:85:e4:e5:b1:4b:8e:2f:51:d4:1e:da:8e:d2:49:a3:
bf:c6:05:ba:70:81:0d:05:b6:cf:26:bb:14:7a:89:1a:da:c1:
dd:42:92:dc:88:bd:34:a3:25:47:06:e4:aa:09:c5:49:1c:7a:
8b:2b:73:d9:8b:a5:ac:6e:4c:28:6b:df:40:35:20:83:74:74:
26:82:f2:6b:2e:5e:13:fc:72:ac:6b:0b:52:9d:50:67:be:52:
e2:00:74:be:58:94:85:9c:79:c0:b8:04:9a:93:8b:4a:3f:0b:
9d:c2:b3:66:67:5c:c5:d4:ff:d9:f5:cb:46:5e:6e:99:a3:5a:
b1:3d:64:39:56:fa:86:b5:06:65:c5:2e:7f:b8:4b:7c:fc:92:
82:0b:da:43:e9:6d:e4:8a:cc:21:a0:d0:a2:84:69:b7:a0:e2:
b6:a9:b9:d3
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICAZEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjNDODcxMTAvBgNVBAUTKEVGOUZFMzgxREEzRDQyRUI3QzRFMEQwNDlDQ0FFNzIy
OEUyOEZCNEIwHhcNMjUwMzExMDcwODMwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmZTE2ZS1iYTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnli+5b65mavpZagLHZfDDnKsZHw1qTUi++D6iGb05OjgoZCsWJGBAzsAoDYo
ZjJFiF5tUHz6Jd92CfuJbKaopxRAJT4oD5q1vku7xdm7tt+CK4InefzVRd/GNXLd
JJLS87rz9tqN/URc5TRG0nvXodPURY9+4lFbwyiIyFUSqM3TBSptkhDYhB+V0uzI
L754IcNNhYm2YgmCGgpvUw3vPyEplUKXYxtCHNLAQjfArhbExjd/Ds3xe2PP7vZb
H5WDvgJscqrgj3siGzZgwutfpxHi3H2Xu1UVXiO77w8eODqifnVkkZXFQLTeKW0I
vWwCrtAYCsHfBzfCC3NqTfn5RwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFMfLLuXE
5DhqJVGGaVZujxy47jGdMB8GA1UdIwQYMBaAFO+f44HaPULrfE4NBJzK5yKOKPtL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0M4Ny9FNzgyODU0RUVG
MEIxMUVEODFERDJENzJDNEY5QUUwMi83NV9qZ2RvOVF1dDhUZzBFbk1ybklvNG8t
MHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzc1X2pnZG85UXV0OFRnMEVuTXJuSW80by0wcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjNDODcvRTc4Mjg1NEVFRjBCMTFFRDgxREQyRDcyQzRGOUFFMDIvQTJGNDYxQzBG
RTQ3MTFFRkExMkE5NjZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwwDAMEACvglQMEAyvgkDAMAwQAZyutAwQEZyugMA0GCSqGSIb3
DQEBCwUAA4IBAQAdUzVZ98FgsbBvrz2GMQtsNBOLHhrKVoscOKPMtwpk/ALDkAUi
imbbA61ahjMHplMPJ/RTSSAElon3pWzUn6B8iU53O48x4QS+GsewPK5rTW1M/Ihi
oDXqFW4dD0+F5OWxS44vUdQe2o7SSaO/xgW6cIENBbbPJrsUeoka2sHdQpLciL00
oyVHBuSqCcVJHHqLK3PZi6Wsbkwoa99ANSCDdHQmgvJrLl4T/HKsawtSnVBnvlLi
AHS+WJSFnHnAuASak4tKPwudwrNmZ1zF1P/Z9ctGXm6Zo1qxPWQ5VvqGtQZlxS5/
uEt8/JKCC9pD6W3kiswhoNCihGm3oOK2qbnT
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:24:49 2025 by rpki-client