Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1DF8/EB831BD8013711EAB94D7D3CC4F9AE02/27FF72D68CAA11ED9E29993BC4F9AE02.roa
File: 27FF72D68CAA11ED9E29993BC4F9AE02.roa (raw, json)
Hash identifier: RjyZrJWRUKttU3m9sW1nw2QZuNPLtCfsGI+zPiJv+C4=
Subject key identifier: BF:5E:B5:3E:D9:F6:8F:BB:61:4D:F0:5F:71:D3:84:87:33:24:85:D7
Certificate issuer: /CN=A91C1DF8/serialNumber=5C436B916156B8B85267C48FB8973B89B493F581
Certificate serial: 06D2
Authority key identifier: 5C:43:6B:91:61:56:B8:B8:52:67:C4:8F:B8:97:3B:89:B4:93:F5:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XENrkWFWuLhSZ8SPuJc7ibST9YE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1DF8/EB831BD8013711EAB94D7D3CC4F9AE02/27FF72D68CAA11ED9E29993BC4F9AE02.roa
Signing time: Wed 26 Apr 2023 20:16:51 +0000
ROA not before: Wed 26 Apr 2023 20:16:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135045
IP address blocks: 103.112.164.0/23 maxlen: 23
103.112.164.0/24 maxlen: 24
103.112.165.0/24 maxlen: 24
103.112.166.0/23 maxlen: 23
103.112.166.0/24 maxlen: 24
103.112.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1746 (0x6d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1DF8, serialNumber=5C436B916156B8B85267C48FB8973B89B493F581
Validity
Not Before: Apr 26 20:16:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=644986b2-8152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:89:13:6a:f8:31:bb:07:32:d8:0c:77:36:1c:
7c:b7:09:4b:9b:f9:04:ad:c2:3d:fe:32:da:2a:f7:
4f:bd:e4:9c:5f:98:84:4a:ec:f4:27:4d:68:fd:fa:
38:87:81:7e:31:54:33:d3:a2:8c:b1:f3:d6:f2:27:
72:28:e9:9c:cc:26:9e:4d:8a:e4:e6:cb:56:28:fe:
7a:08:9a:a9:1e:b0:e6:22:41:a6:fd:16:ba:cf:7c:
75:43:da:4b:b4:05:a6:5b:c2:8b:ce:53:c8:31:2e:
9f:bb:b6:ed:60:c2:c3:ea:71:b9:1d:1a:0b:f8:45:
04:0d:f4:fc:30:5a:7d:e7:7d:4b:66:7d:52:00:b6:
70:f5:ac:f8:db:00:65:e8:e4:d6:69:a2:c5:9d:12:
b0:db:14:b5:94:06:02:1f:2d:90:13:2a:b3:90:3a:
db:2f:c7:b6:40:5b:6f:d5:32:95:a8:d2:ca:ed:c6:
2c:91:38:0a:18:ea:ed:c6:c2:ba:64:09:f0:79:35:
1e:84:93:21:83:d0:2a:08:2b:33:23:93:e8:46:ad:
5c:51:6e:94:dc:54:aa:94:16:f0:20:81:8d:e9:31:
21:79:3e:fc:c1:8d:1c:a6:ec:42:62:ca:59:0d:4e:
d9:a1:dc:ee:ca:bb:29:4c:81:a0:ff:ca:89:a1:b3:
b1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:5E:B5:3E:D9:F6:8F:BB:61:4D:F0:5F:71:D3:84:87:33:24:85:D7
X509v3 Authority Key Identifier:
keyid:5C:43:6B:91:61:56:B8:B8:52:67:C4:8F:B8:97:3B:89:B4:93:F5:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1DF8/EB831BD8013711EAB94D7D3CC4F9AE02/XENrkWFWuLhSZ8SPuJc7ibST9YE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XENrkWFWuLhSZ8SPuJc7ibST9YE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1DF8/EB831BD8013711EAB94D7D3CC4F9AE02/27FF72D68CAA11ED9E29993BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.164.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:4c:38:f0:0c:b4:43:5a:2f:10:57:43:4c:55:cd:9a:75:18:
fd:43:43:40:37:24:dc:8f:1a:f8:33:e0:b4:60:f6:9a:dd:eb:
13:d4:67:90:6d:07:35:e4:d5:a0:cd:16:48:08:37:26:b4:25:
0b:4b:63:29:a5:31:ba:2a:85:ad:c9:47:8c:ed:d1:64:cf:a4:
f4:20:c0:a0:2b:e3:4d:67:4d:ab:01:13:8b:11:ad:30:85:af:
9e:9a:15:44:1b:91:87:67:cb:37:47:13:8b:82:26:14:f3:c8:
21:a3:64:3b:6d:a4:f8:d8:2b:30:fb:70:51:c8:c9:54:b9:38:
37:3c:58:23:57:a6:f5:08:51:05:25:82:61:81:46:b8:6c:99:
0a:79:d4:2b:60:7a:95:b2:8f:77:a2:e8:6d:8b:5d:99:86:00:
f3:af:ec:82:6f:7c:c9:05:99:4e:e0:42:2b:65:37:9a:ca:27:
79:b4:eb:4b:44:db:fd:dc:28:82:3c:5d:e0:97:36:b5:f2:41:
4e:1e:99:75:a2:dc:e6:b6:41:4d:48:6b:86:e9:1e:7b:8e:3f:
38:33:3b:a4:7b:4e:9b:b5:3f:e9:4e:02:a0:7e:b8:2c:17:30:
73:30:5e:c3:a4:0e:31:10:cb:f3:e7:a0:0a:03:bb:e2:78:36:
39:53:f1:bd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBtIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFERjgxMTAvBgNVBAUTKDVDNDM2QjkxNjE1NkI4Qjg1MjY3QzQ4RkI4OTczQjg5
QjQ5M0Y1ODEwHhcNMjMwNDI2MjAxNjUwWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDQ5ODZiMi04MTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr4kTavgxuwcy2Ax3Nhx8twlLm/kErcI9/jLaKvdPveScX5iESuz0J01o/fo4
h4F+MVQz06KMsfPW8idyKOmczCaeTYrk5stWKP56CJqpHrDmIkGm/Ra6z3x1Q9pL
tAWmW8KLzlPIMS6fu7btYMLD6nG5HRoL+EUEDfT8MFp9531LZn1SALZw9az42wBl
6OTWaaLFnRKw2xS1lAYCHy2QEyqzkDrbL8e2QFtv1TKVqNLK7cYskTgKGOrtxsK6
ZAnweTUehJMhg9AqCCszI5PoRq1cUW6U3FSqlBbwIIGN6TEheT78wY0cpuxCYspZ
DU7ZodzuyrspTIGg/8qJobOxwwIDAQABo4IClTCCApEwHQYDVR0OBBYEFL9etT7Z
9o+7YU3wX3HThIczJIXXMB8GA1UdIwQYMBaAFFxDa5FhVri4UmfEj7iXO4m0k/WB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMURGOC9FQjgzMUJEODAx
MzcxMUVBQjk0RDdEM0NDNEY5QUUwMi9YRU5ya1dGV3VMaFNaOFNQdUpjN2liU1Q5
WUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hFTnJrV0ZXdUxoU1o4U1B1SmM3aWJTVDlZRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzFERjgvRUI4MzFCRDgwMTM3MTFFQUI5NEQ3RDNDQzRGOUFFMDIvMjdGRjcyRDY4
Q0FBMTFFRDlFMjk5OTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJncKQwDQYJKoZIhvcNAQELBQADggEBAHxMOPAMtENaLxBX
Q0xVzZp1GP1DQ0A3JNyPGvgz4LRg9prd6xPUZ5BtBzXk1aDNFkgINya0JQtLYyml
Mboqha3JR4zt0WTPpPQgwKAr401nTasBE4sRrTCFr56aFUQbkYdnyzdHE4uCJhTz
yCGjZDttpPjYKzD7cFHIyVS5ODc8WCNXpvUIUQUlgmGBRrhsmQp51CtgepWyj3ei
6G2LXZmGAPOv7IJvfMkFmU7gQitlN5rKJ3m060tE2/3cKII8XeCXNrXyQU4emXWi
3Oa2QU1Ia4bpHnuOPzgzO6R7Tpu1P+lOAqB+uCwXMHMwXsOkDjEQy/PnoAoDu+J4
NjlT8b0=
-----END CERTIFICATE-----
Generated at Sat May 3 17:03:42 2025 by rpki-client