Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB3E4/F69881DE69BA11EAA65DF764C4F9AE02/685E441A69BC11EA97D4FE67C4F9AE02.roa
File: 685E441A69BC11EA97D4FE67C4F9AE02.roa (raw, json)
Hash identifier: btvNkQxtxWOhr7BC1NN0JeTd0FhXrqBqWj4jtrNxyHI=
Subject key identifier: 87:19:D0:2E:30:3B:A8:69:3D:59:01:98:45:83:8A:0B:F0:F2:01:7A
Certificate issuer: /CN=A91AB3E4/serialNumber=EAA792F968863C3FFB9EBD1671A06C145A1B2164
Certificate serial: 0994
Authority key identifier: EA:A7:92:F9:68:86:3C:3F:FB:9E:BD:16:71:A0:6C:14:5A:1B:21:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6qeS-WiGPD_7nr0WcaBsFFobIWQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB3E4/F69881DE69BA11EAA65DF764C4F9AE02/685E441A69BC11EA97D4FE67C4F9AE02.roa
Signing time: Thu 20 Jun 2024 20:52:54 +0000
ROA not before: Thu 20 Jun 2024 20:52:54 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 58895
IP address blocks: 103.93.216.0/22 maxlen: 22
103.93.216.0/24 maxlen: 24
103.93.217.0/24 maxlen: 24
103.93.218.0/24 maxlen: 24
103.93.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2452 (0x994)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB3E4/serialNumber=EAA792F968863C3FFB9EBD1671A06C145A1B2164
Validity
Not Before: Jun 20 20:52:54 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=667496a6-19f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4f:38:a7:e8:b3:eb:2d:db:c4:a0:fe:f3:fe:
cc:05:4d:39:80:b6:76:e9:18:1e:7e:79:a4:e0:05:
dc:bd:3d:1e:ff:b6:bd:e7:f7:f6:cc:d7:fa:8c:f7:
0b:76:ad:69:1e:c1:42:01:be:a9:7c:68:47:0c:1d:
ff:d8:2b:1c:47:a8:45:44:4c:97:9f:86:48:4b:01:
4a:72:d7:9b:6e:55:dc:c8:ef:97:a5:08:88:76:e3:
a3:4b:76:66:16:10:5a:5c:83:bf:49:fb:4d:ae:b2:
2b:79:08:dc:ea:c4:0d:02:a0:91:67:67:44:c0:44:
2b:1f:ea:ce:c5:8e:89:65:af:f0:72:a2:00:0f:c6:
c5:19:8b:8d:fb:3f:dc:84:d8:c6:12:91:54:aa:db:
09:34:27:92:4c:f1:8d:9d:3d:75:43:ed:97:87:f8:
94:d5:03:4f:16:c9:1e:69:5c:e2:56:30:79:cc:f9:
21:c3:cf:e6:c6:48:65:0d:01:9a:f4:bf:35:90:17:
7a:02:0d:f8:e8:67:53:e1:11:69:f3:4e:8e:2d:7d:
32:30:80:b6:12:8a:c7:9c:fa:7d:e1:08:e4:dc:7f:
6c:67:92:3f:a0:8a:9f:5b:1f:52:7b:d5:74:0d:6a:
8e:f6:d8:cd:fb:43:65:81:4c:43:80:7a:dd:7a:ea:
46:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:19:D0:2E:30:3B:A8:69:3D:59:01:98:45:83:8A:0B:F0:F2:01:7A
X509v3 Authority Key Identifier:
keyid:EA:A7:92:F9:68:86:3C:3F:FB:9E:BD:16:71:A0:6C:14:5A:1B:21:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB3E4/F69881DE69BA11EAA65DF764C4F9AE02/6qeS-WiGPD_7nr0WcaBsFFobIWQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6qeS-WiGPD_7nr0WcaBsFFobIWQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB3E4/F69881DE69BA11EAA65DF764C4F9AE02/685E441A69BC11EA97D4FE67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.93.216.0/22
Signature Algorithm: sha256WithRSAEncryption
72:5a:4e:ca:05:7b:23:61:51:fb:4e:00:21:c9:e2:4b:7d:ca:
8b:53:a1:68:4d:a9:55:db:e4:36:55:d4:e2:62:65:93:43:50:
d6:e5:dc:af:21:de:34:2b:43:3a:b4:84:81:ca:bd:ab:c9:83:
15:57:f0:33:bb:2b:e7:7c:0d:10:47:a3:f0:11:b2:06:af:7b:
05:23:0d:cd:0c:fc:d2:98:a3:fe:70:ca:12:30:31:9e:7e:ae:
e2:22:de:d4:81:1e:18:1d:9b:73:02:61:48:99:d0:c0:f3:dd:
06:3d:95:77:1d:70:35:9d:e7:15:28:3e:bc:4e:fe:71:fa:08:
19:17:79:91:ab:38:1f:6e:69:77:ca:29:40:85:3c:04:c2:6c:
50:ae:c5:12:39:29:ba:9c:3b:92:60:9a:2f:95:30:db:ab:40:
e0:2e:ea:c8:d1:76:9e:f3:ea:7f:6a:88:39:f0:94:be:27:8a:
b8:25:17:d6:04:69:40:3b:70:f4:e4:00:ca:c1:00:43:92:84:
a1:97:85:33:e5:10:41:c8:11:b5:c1:9d:44:16:9f:7e:35:e5:
2f:15:b2:bc:18:af:40:06:41:01:41:d5:93:12:ec:02:16:bd:
df:ac:3f:5f:e5:e1:cb:8d:aa:33:8b:25:2f:ed:5f:3d:3f:09:
7e:6d:4a:44
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUIzRTQxMTAvBgNVBAUTKEVBQTc5MkY5Njg4NjNDM0ZGQjlFQkQxNjcxQTA2QzE0
NUExQjIxNjQwHhcNMjQwNjIwMjA1MjU0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc0OTZhNi0xOWYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0E84p+iz6y3bxKD+8/7MBU05gLZ26Rgefnmk4AXcvT0e/7a95/f2zNf6jPcL
dq1pHsFCAb6pfGhHDB3/2CscR6hFREyXn4ZISwFKctebblXcyO+XpQiIduOjS3Zm
FhBaXIO/SftNrrIreQjc6sQNAqCRZ2dEwEQrH+rOxY6JZa/wcqIAD8bFGYuN+z/c
hNjGEpFUqtsJNCeSTPGNnT11Q+2Xh/iU1QNPFskeaVziVjB5zPkhw8/mxkhlDQGa
9L81kBd6Ag346GdT4RFp806OLX0yMIC2EorHnPp94Qjk3H9sZ5I/oIqfWx9Se9V0
DWqO9tjN+0NlgUxDgHrdeupGGwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIcZ0C4w
O6hpPVkBmEWDigvw8gF6MB8GA1UdIwQYMBaAFOqnkvlohjw/+569FnGgbBRaGyFk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjNFNC9GNjk4ODFERTY5
QkExMUVBQTY1REY3NjRDNEY5QUUwMi82cWVTLVdpR1BEXzducjBXY2FCc0ZGb2JJ
V1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZxZVMtV2lHUERfN25yMFdjYUJzRkZvYklXUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUIzRTQvRjY5ODgxREU2OUJBMTFFQUE2NURGNzY0QzRGOUFFMDIvNjg1RTQ0MUE2
OUJDMTFFQTk3RDRGRTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnXdgwDQYJKoZIhvcNAQELBQADggEBAHJaTsoFeyNhUftO
ACHJ4kt9yotToWhNqVXb5DZV1OJiZZNDUNbl3K8h3jQrQzq0hIHKvavJgxVX8DO7
K+d8DRBHo/ARsgavewUjDc0M/NKYo/5wyhIwMZ5+ruIi3tSBHhgdm3MCYUiZ0MDz
3QY9lXcdcDWd5xUoPrxO/nH6CBkXeZGrOB9uaXfKKUCFPATCbFCuxRI5KbqcO5Jg
mi+VMNurQOAu6sjRdp7z6n9qiDnwlL4nirglF9YEaUA7cPTkAMrBAEOShKGXhTPl
EEHIEbXBnUQWn3415S8VsrwYr0AGQQFB1ZMS7AIWvd+sP1/l4cuNqjOLJS/tXz0/
CX5tSkQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:57:24 2025 by rpki-client