Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913D657/7167885E42F811EA87424C3DC4F9AE02/E40F9840431D11EA9772B432C4F9AE02.roa
File: E40F9840431D11EA9772B432C4F9AE02.roa (raw, json)
Hash identifier: QBPEBpvLFTtdPXpspr7h5VGsK0OgTq1nZF5J1o2bgog=
Subject key identifier: 13:EF:9C:1B:8B:EF:38:44:F3:07:12:C4:7D:C0:35:CD:23:5B:91:4D
Certificate issuer: /CN=A913D657/serialNumber=B93A6C4C90520DDDC99A3D364905B5523574D324
Certificate serial: 0AF2
Authority key identifier: B9:3A:6C:4C:90:52:0D:DD:C9:9A:3D:36:49:05:B5:52:35:74:D3:24
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uTpsTJBSDd3Jmj02SQW1UjV00yQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913D657/7167885E42F811EA87424C3DC4F9AE02/E40F9840431D11EA9772B432C4F9AE02.roa
Signing time: Sat 22 Mar 2025 19:39:00 +0000
ROA not before: Sat 22 Mar 2025 19:39:00 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 138653
IP address blocks: 103.135.231.0/24 maxlen: 24
2001:df7:f300::/48 maxlen: 49
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2802 (0xaf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913D657, serialNumber=B93A6C4C90520DDDC99A3D364905B5523574D324
Validity
Not Before: Mar 22 19:39:00 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67df11d3-5dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:54:d4:90:f4:e2:ca:81:9b:9d:9a:4f:dc:20:
ba:2f:14:a9:7f:32:8b:92:81:88:17:96:56:0d:d8:
45:e3:1b:e8:8a:76:a3:e6:10:58:58:69:14:ee:f7:
5a:bf:6f:dd:e0:ad:9f:9e:53:3a:47:5c:ca:7c:a9:
70:3b:73:3d:b6:10:35:3b:ca:4d:48:61:2d:69:14:
73:8c:bb:df:a7:70:ad:57:b1:09:99:1e:61:45:33:
55:82:7a:23:19:50:46:7c:d3:55:91:2b:2a:d3:a3:
1a:35:00:1a:03:3c:96:11:85:f6:1f:1b:30:50:6f:
7e:cf:51:46:e7:95:95:29:f0:b2:44:99:50:fa:47:
33:5b:49:ae:9a:23:0a:09:e2:5f:ec:21:2f:e2:7a:
d8:0e:e5:c0:1f:95:c6:01:50:0b:6f:5e:0d:b6:b7:
13:70:49:11:5a:16:95:40:05:3a:1e:3b:48:7c:21:
01:2a:86:1b:7c:7e:96:a2:88:ae:da:e1:b9:74:e0:
0d:01:47:3e:39:64:94:7d:5c:2e:10:b6:70:a4:36:
4d:ac:54:52:db:90:ac:0d:67:06:de:df:05:5e:a4:
ec:ed:a5:e1:02:83:9a:97:22:e0:90:86:29:8f:c3:
f6:67:78:72:e1:8a:ff:ee:0c:eb:a9:c0:86:a8:bb:
68:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:EF:9C:1B:8B:EF:38:44:F3:07:12:C4:7D:C0:35:CD:23:5B:91:4D
X509v3 Authority Key Identifier:
keyid:B9:3A:6C:4C:90:52:0D:DD:C9:9A:3D:36:49:05:B5:52:35:74:D3:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913D657/7167885E42F811EA87424C3DC4F9AE02/uTpsTJBSDd3Jmj02SQW1UjV00yQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uTpsTJBSDd3Jmj02SQW1UjV00yQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913D657/7167885E42F811EA87424C3DC4F9AE02/E40F9840431D11EA9772B432C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.135.231.0/24
IPv6:
2001:df7:f300::/48
Signature Algorithm: sha256WithRSAEncryption
8f:77:72:8e:d5:4d:6b:95:1d:e1:3e:86:45:8c:13:83:9b:75:
f8:3f:7c:c2:8d:52:99:3e:64:29:3e:9d:d6:a3:1f:07:97:63:
dd:b6:73:0e:2a:53:57:59:f1:c9:5b:fc:1c:ca:76:f6:3c:06:
7f:72:16:d5:25:49:d6:a8:32:a2:4d:0d:a3:77:64:e5:0f:1b:
12:b7:04:15:75:03:ac:91:50:00:14:04:cf:d6:ac:a1:72:24:
f5:ee:05:82:7c:96:02:f6:cc:1a:a9:0d:30:6b:c6:4f:0d:32:
e4:79:a5:80:0e:17:1b:22:72:e8:8c:26:2b:c1:3b:36:20:70:
df:be:e0:de:6a:fd:59:27:84:26:79:32:1d:89:75:9a:f9:a5:
a6:2c:c1:9e:0a:b7:79:b2:b3:3f:92:00:dc:23:e7:88:5d:b3:
ee:55:65:41:f6:61:98:11:38:61:93:93:f2:35:32:e5:ab:2c:
d6:5d:ed:a7:47:e1:fa:91:17:cd:bc:3d:af:e8:fc:a2:1e:2b:
8d:b6:25:33:30:e0:bf:d6:df:cb:4a:58:90:be:05:6a:b7:68:
86:57:19:57:0f:8f:a5:5d:68:33:8d:0f:3b:0d:cf:c8:55:16:
f6:c5:7e:9a:85:cd:ec:b9:c9:9d:ca:c4:a5:40:48:b1:39:33:
8f:b3:40:70
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICCvIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0Q2NTcxMTAvBgNVBAUTKEI5M0E2QzRDOTA1MjBERERDOTlBM0QzNjQ5MDVCNTUy
MzU3NEQzMjQwHhcNMjUwMzIyMTkzOTAwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RmMTFkMy01ZGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtFTUkPTiyoGbnZpP3CC6LxSpfzKLkoGIF5ZWDdhF4xvoinaj5hBYWGkU7vda
v2/d4K2fnlM6R1zKfKlwO3M9thA1O8pNSGEtaRRzjLvfp3CtV7EJmR5hRTNVgnoj
GVBGfNNVkSsq06MaNQAaAzyWEYX2HxswUG9+z1FG55WVKfCyRJlQ+kczW0mumiMK
CeJf7CEv4nrYDuXAH5XGAVALb14NtrcTcEkRWhaVQAU6HjtIfCEBKoYbfH6Wooiu
2uG5dOANAUc+OWSUfVwuELZwpDZNrFRS25CsDWcG3t8FXqTs7aXhAoOalyLgkIYp
j8P2Z3hy4Yr/7gzrqcCGqLto9QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBPvnBuL
7zhE8wcSxH3ANc0jW5FNMB8GA1UdIwQYMBaAFLk6bEyQUg3dyZo9NkkFtVI1dNMk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRDY1Ny83MTY3ODg1RTQy
RjgxMUVBODc0MjRDM0RDNEY5QUUwMi91VHBzVEpCU0RkM0ptajAyU1FXMVVqVjAw
eVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VUcHNUSkJTRGQzSm1qMDJTUVcxVWpWMDB5US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0Q2NTcvNzE2Nzg4NUU0MkY4MTFFQTg3NDI0QzNEQzRGOUFFMDIvRTQwRjk4NDA0
MzFEMTFFQTk3NzJCNDMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnh+cwDwQCAAIwCQMHACABDffzADANBgkqhkiG9w0BAQsF
AAOCAQEAj3dyjtVNa5Ud4T6GRYwTg5t1+D98wo1SmT5kKT6d1qMfB5dj3bZzDipT
V1nxyVv8HMp29jwGf3IW1SVJ1qgyok0No3dk5Q8bErcEFXUDrJFQABQEz9asoXIk
9e4FgnyWAvbMGqkNMGvGTw0y5HmlgA4XGyJy6IwmK8E7NiBw377g3mr9WSeEJnky
HYl1mvmlpizBngq3ebKzP5IA3CPniF2z7lVlQfZhmBE4YZOT8jUy5ass1l3tp0fh
+pEXzbw9r+j8oh4rjbYlMzDgv9bfy0pYkL4FardohlcZVw+PpV1oM40POw3PyFUW
9sV+moXN7LnJncrEpUBIsTkzj7NAcA==
-----END CERTIFICATE-----
Generated at Sat May 17 13:40:20 2025 by rpki-client