Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A998A/522CB7347AE811EF9A4A4737C4F9AE02/F60E5BC87C8711EFB9EB5F5FC4F9AE02.roa
File: F60E5BC87C8711EFB9EB5F5FC4F9AE02.roa (raw, json)
Hash identifier: sGwgKU722VyFu2NA0DfEopEMxy9e4Oo0e3fH91ZD9lk=
Subject key identifier: EA:B7:CF:EF:06:D2:9C:CD:97:5C:37:98:4C:30:D1:0B:1D:C5:71:F1
Certificate issuer: /CN=A91A998A/serialNumber=9C071E814D80B10E2CA1F71E9B2E535C3905CB65
Certificate serial: 22
Authority key identifier: 9C:07:1E:81:4D:80:B1:0E:2C:A1:F7:1E:9B:2E:53:5C:39:05:CB:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nAcegU2AsQ4sofcemy5TXDkFy2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A998A/522CB7347AE811EF9A4A4737C4F9AE02/F60E5BC87C8711EFB9EB5F5FC4F9AE02.roa
Signing time: Thu 03 Oct 2024 03:11:41 +0000
ROA not before: Thu 03 Oct 2024 03:11:41 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 59065
IP address blocks: 43.230.181.0/24 maxlen: 24
43.230.182.0/24 maxlen: 24
103.50.0.0/24 maxlen: 24
103.50.2.0/24 maxlen: 24
103.50.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34 (0x22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A998A/serialNumber=9C071E814D80B10E2CA1F71E9B2E535C3905CB65
Validity
Not Before: Oct 3 03:11:41 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66fe0b6d-0927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d1:b8:58:53:ac:c4:3a:af:60:f3:6c:64:74:
45:c9:6b:dc:b4:cd:37:77:3b:53:f5:4a:fe:cd:83:
d3:d7:38:51:7b:88:fa:a1:c3:6a:38:f9:f6:cb:55:
da:34:d3:f6:36:58:83:c6:4b:a6:dd:b6:db:e0:b3:
f1:9f:a9:76:73:e7:89:cd:df:de:b1:ac:0e:78:92:
74:11:b4:ce:e4:c9:e9:53:ff:a1:ae:3e:67:f5:67:
8d:a6:14:69:90:4c:17:38:fe:7f:19:16:cf:a6:48:
56:68:c6:01:2c:cd:33:15:71:a2:98:b2:87:8c:54:
8a:f1:85:29:7d:01:45:fc:5a:52:6d:b6:be:7f:7b:
62:72:70:d8:61:37:ee:7d:c5:18:b3:ea:d9:e1:78:
eb:7a:4a:8b:42:3b:ff:63:c1:c5:d2:84:dd:93:e8:
61:1c:1a:2b:84:11:b9:0b:9d:d6:b5:4f:5d:13:8d:
e0:40:04:8d:0e:4f:c9:d5:1f:cf:da:9a:c9:08:0d:
2e:b3:03:4a:51:08:6e:f2:4a:4f:6f:cb:79:f6:91:
e2:8c:b6:98:d1:eb:30:02:a5:27:83:92:22:eb:08:
57:02:15:55:3e:b5:9c:85:33:56:47:87:10:95:23:
e8:3d:07:a4:6a:d0:a6:77:64:dd:74:44:42:d5:87:
f2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B7:CF:EF:06:D2:9C:CD:97:5C:37:98:4C:30:D1:0B:1D:C5:71:F1
X509v3 Authority Key Identifier:
keyid:9C:07:1E:81:4D:80:B1:0E:2C:A1:F7:1E:9B:2E:53:5C:39:05:CB:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A998A/522CB7347AE811EF9A4A4737C4F9AE02/nAcegU2AsQ4sofcemy5TXDkFy2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nAcegU2AsQ4sofcemy5TXDkFy2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A998A/522CB7347AE811EF9A4A4737C4F9AE02/F60E5BC87C8711EFB9EB5F5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.181.0-43.230.182.255
103.50.0.0/24
103.50.2.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:84:5f:78:21:39:bd:fd:c8:12:36:88:ad:1d:cc:3f:9b:fe:
99:b6:de:82:0c:2b:df:44:a6:46:46:20:5f:be:02:4e:97:80:
1b:dd:97:a9:c8:c7:9e:38:86:9d:d2:9c:c4:8d:a0:14:0b:a7:
6e:0a:71:f7:a3:81:ca:d3:10:4a:4a:32:b9:df:e5:1a:6c:8e:
91:61:81:3a:c3:68:bb:80:0c:5b:4d:c0:de:50:86:2f:a0:71:
41:02:bd:3a:b3:a1:48:13:2d:fa:1c:f7:58:59:16:24:79:ef:
e0:50:20:ea:d3:4e:e1:99:b5:df:b8:29:68:24:69:78:1b:d9:
a3:08:cd:e6:e2:6a:46:13:68:2a:0b:86:f1:ae:6d:41:73:aa:
5f:59:71:00:e2:95:14:e5:43:68:53:51:b3:d2:57:01:a8:a3:
e3:22:dc:b9:ab:43:6c:ee:fd:cb:a1:e1:15:c9:79:9c:4b:16:
7e:98:ce:48:72:3c:63:58:d1:04:23:02:47:a1:75:c1:02:19:
41:47:38:3d:4f:e5:c8:fc:7a:7b:af:67:cf:02:0f:27:e7:75:
04:93:70:fa:67:d8:ce:20:11:fa:28:3c:97:fc:55:16:35:f7:
54:39:64:11:f8:81:f1:2f:10:2a:72:59:d2:ec:a9:7b:57:0c:
12:8e:59:7b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
OTk4QTExMC8GA1UEBRMoOUMwNzFFODE0RDgwQjEwRTJDQTFGNzFFOUIyRTUzNUMz
OTA1Q0I2NTAeFw0yNDEwMDMwMzExNDFaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZmUwYjZkLTA5MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCi0bhYU6zEOq9g82xkdEXJa9y0zTd3O1P1Sv7Ng9PXOFF7iPqhw2o4+fbLVdo0
0/Y2WIPGS6bdttvgs/GfqXZz54nN396xrA54knQRtM7kyelT/6GuPmf1Z42mFGmQ
TBc4/n8ZFs+mSFZoxgEszTMVcaKYsoeMVIrxhSl9AUX8WlJttr5/e2JycNhhN+59
xRiz6tnheOt6SotCO/9jwcXShN2T6GEcGiuEEbkLnda1T10TjeBABI0OT8nVH8/a
mskIDS6zA0pRCG7ySk9vy3n2keKMtpjR6zACpSeDkiLrCFcCFVU+tZyFM1ZHhxCV
I+g9B6Rq0KZ3ZN10RELVh/IBAgMBAAGjggKpMIICpTAdBgNVHQ4EFgQU6rfP7wbS
nM2XXDeYTDDRCx3FcfEwHwYDVR0jBBgwFoAUnAcegU2AsQ4sofcemy5TXDkFy2Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5OThBLzUyMkNCNzM0N0FF
ODExRUY5QTRBNDczN0M0RjlBRTAyL25BY2VnVTJBc1E0c29mY2VteTVUWERrRnky
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbkFjZWdVMkFzUTRzb2ZjZW15NVRYRGtGeTJVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
OTk4QS81MjJDQjczNDdBRTgxMUVGOUE0QTQ3MzdDNEY5QUUwMi9GNjBFNUJDODdD
ODcxMUVGQjlFQjVGNUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAzBggrBgEFBQcBBwEB/wQk
MCIwIAQCAAEwGjAMAwQAK+a1AwQAK+a2AwQAZzIAAwQBZzICMA0GCSqGSIb3DQEB
CwUAA4IBAQC7hF94ITm9/cgSNoitHcw/m/6Ztt6CDCvfRKZGRiBfvgJOl4Ab3Zep
yMeeOIad0pzEjaAUC6duCnH3o4HK0xBKSjK53+UabI6RYYE6w2i7gAxbTcDeUIYv
oHFBAr06s6FIEy36HPdYWRYkee/gUCDq007hmbXfuCloJGl4G9mjCM3m4mpGE2gq
C4bxrm1Bc6pfWXEA4pUU5UNoU1Gz0lcBqKPjIty5q0Ns7v3LoeEVyXmcSxZ+mM5I
cjxjWNEEIwJHoXXBAhlBRzg9T+XI/Hp7r2fPAg8n53UEk3D6Z9jOIBH6KDyX/FUW
NfdUOWQR+IHxLxAqclnS7Kl7VwwSjll7
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:38:09 2025 by rpki-client