Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/1517BF2ED77711EF8E6D7517C4F9AE02.roa
File: 1517BF2ED77711EF8E6D7517C4F9AE02.roa (raw, json)
Hash identifier: uZO/DmVHnwlWE4o9YOLMd9p2vDFrMMH7/c/iUXTrU3g=
Subject key identifier: FF:82:2B:1A:84:98:83:E2:F7:4F:9D:E4:AD:EE:68:7B:B8:EF:FC:8F
Certificate issuer: /CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Certificate serial: 0A8B
Authority key identifier: FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/1517BF2ED77711EF8E6D7517C4F9AE02.roa
Signing time: Mon 20 Jan 2025 21:39:53 +0000
ROA not before: Mon 20 Jan 2025 21:39:53 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 55714
IP address blocks: 103.17.200.0/24 maxlen: 24
110.34.33.0/24 maxlen: 24
110.34.34.0/24 maxlen: 24
110.34.35.0/24 maxlen: 24
110.34.36.0/24 maxlen: 24
110.34.39.0/24 maxlen: 24
192.135.90.0/24 maxlen: 24
192.135.91.0/24 maxlen: 24
2406:f500::/32 maxlen: 32
2406:f500::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2699 (0xa8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Validity
Not Before: Jan 20 21:39:53 2025 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=678ec2a8-058a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9c:56:2a:6c:ad:a1:86:31:61:00:82:3e:ee:
68:4d:18:c0:02:74:97:13:2c:09:95:93:2c:13:3c:
89:c5:53:be:cc:3e:f9:51:dd:31:d6:30:54:50:1a:
c1:ca:c8:69:f5:bc:60:4f:09:32:e7:a5:6b:94:14:
59:3f:fe:9b:51:7d:83:65:8f:2d:4a:bf:66:2f:80:
af:1c:60:2e:05:a0:dd:9d:97:2c:aa:79:86:1a:dd:
29:fb:2f:68:b6:0f:be:15:03:6f:30:93:c7:ec:3e:
c5:21:7a:2b:5e:fb:62:2d:3a:05:29:2d:ad:fd:de:
fc:4e:76:3b:06:f7:63:52:fb:2e:11:0d:d6:81:0b:
66:88:7d:00:1f:81:8d:4a:29:32:70:ee:ba:54:72:
10:58:0a:42:ca:d5:02:96:56:26:41:83:c7:ea:77:
4b:8d:96:63:d6:4d:9c:9e:d5:9f:f9:e8:19:b3:3b:
2b:9a:70:2c:5f:89:d7:1b:94:35:e5:20:59:f7:6d:
ab:b0:64:df:7a:e5:c0:82:18:40:18:9f:6a:c2:d8:
80:62:ac:73:5e:da:c4:7e:3e:7e:31:40:23:af:3e:
96:10:40:26:d5:5e:b7:77:e5:d3:cb:2c:80:a5:86:
ba:e5:04:bc:b9:9b:17:e7:da:02:90:8d:56:41:60:
10:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:82:2B:1A:84:98:83:E2:F7:4F:9D:E4:AD:EE:68:7B:B8:EF:FC:8F
X509v3 Authority Key Identifier:
keyid:FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/1517BF2ED77711EF8E6D7517C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.17.200.0/24
110.34.33.0-110.34.36.255
110.34.39.0/24
192.135.90.0/23
IPv6:
2406:f500::/32
Signature Algorithm: sha256WithRSAEncryption
40:de:0c:84:92:ba:a3:c6:c5:16:11:07:ca:e5:ee:08:db:de:
0d:c5:e4:15:4b:93:eb:21:a9:23:b5:a8:96:e4:65:ba:ff:44:
57:fe:a9:c5:96:99:e0:6e:93:78:cd:5c:0e:5e:0d:2f:8e:51:
7b:a0:60:24:ad:85:d9:85:bf:b8:67:0b:8e:5a:fe:ac:86:22:
dd:ba:d9:78:29:06:b5:33:1a:d6:dc:dc:df:e8:5c:5b:79:fe:
e1:ca:25:a8:dc:19:03:91:2d:3e:cf:12:c9:26:bd:e6:f6:b4:
ce:15:1b:2c:79:5e:8b:b8:0d:dc:5c:1f:9b:81:70:85:7b:ee:
5a:87:e8:01:c0:56:67:f5:0f:c5:af:b5:6e:fd:8f:cf:a0:13:
91:1c:91:89:07:b5:b0:ad:b7:02:f2:9e:a6:de:12:59:56:09:
6e:b9:a0:0f:6e:1b:6d:80:33:7a:12:1a:a1:91:e9:47:9b:73:
8c:2b:38:64:b0:13:a1:f8:78:6c:8f:a7:f3:20:cc:f2:75:d6:
b0:16:c0:b9:a9:19:3f:e6:53:72:ec:5b:9e:3c:5f:91:6c:3a:
2a:bd:90:f2:d8:fc:82:04:c3:73:ea:c2:7d:98:57:82:cc:15:
0a:29:53:9c:d3:3c:9c:9b:9a:5e:8f:54:61:ed:af:5c:aa:d2:
1a:08:ca:96
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICCoswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUI2RUIxMTAvBgNVBAUTKEZDOUJENDYzRDAyRTlGRDJERkMzQzM5QUU0Q0Q1QUIz
MjI2NThDMkEwHhcNMjUwMTIwMjEzOTUzWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhlYzJhOC0wNThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxZxWKmytoYYxYQCCPu5oTRjAAnSXEywJlZMsEzyJxVO+zD75Ud0x1jBUUBrB
yshp9bxgTwky56VrlBRZP/6bUX2DZY8tSr9mL4CvHGAuBaDdnZcsqnmGGt0p+y9o
tg++FQNvMJPH7D7FIXorXvtiLToFKS2t/d78TnY7BvdjUvsuEQ3WgQtmiH0AH4GN
SikycO66VHIQWApCytUCllYmQYPH6ndLjZZj1k2cntWf+egZszsrmnAsX4nXG5Q1
5SBZ922rsGTfeuXAghhAGJ9qwtiAYqxzXtrEfj5+MUAjrz6WEEAm1V63d+XTyyyA
pYa65QS8uZsX59oCkI1WQWAQVQIDAQABo4ICvjCCArowHQYDVR0OBBYEFP+CKxqE
mIPi90+d5K3uaHu47/yPMB8GA1UdIwQYMBaAFPyb1GPQLp/S38PDmuTNWrMiZYwq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjZFQi8wMTM5MUIwMDhF
MkIxMUVBQkY4NkRBNENDNEY5QUUwMi9fSnZVWTlBdW45TGZ3OE9hNU0xYXN5Smxq
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19KdlVZOUF1bjlMZnc4T2E1TTFhc3lKbGpDby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUI2RUIvMDEzOTFCMDA4RTJCMTFFQUJGODZEQTRDQzRGOUFFMDIvMTUxN0JGMkVE
Nzc3MTFFRjhFNkQ3NTE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MCYEAgABMCADBABnEcgwDAMEAG4iIQMEAG4iJAMEAG4iJwMEAcCHWjANBAIA
AjAHAwUAJAb1ADANBgkqhkiG9w0BAQsFAAOCAQEAQN4MhJK6o8bFFhEHyuXuCNve
DcXkFUuT6yGpI7WoluRluv9EV/6pxZaZ4G6TeM1cDl4NL45Re6BgJK2F2YW/uGcL
jlr+rIYi3brZeCkGtTMa1tzc3+hcW3n+4colqNwZA5EtPs8SySa95va0zhUbLHle
i7gN3Fwfm4FwhXvuWofoAcBWZ/UPxa+1bv2Pz6ATkRyRiQe1sK23AvKept4SWVYJ
brmgD24bbYAzehIaoZHpR5tzjCs4ZLATofh4bI+n8yDM8nXWsBbAuakZP+ZTcuxb
njxfkWw6Kr2Q8tj8ggTDc+rCfZhXgswVCilTnNM8nJuaXo9UYe2vXKrSGgjKlg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:56:11 2025 by rpki-client