Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D560D/68C3F49A41EE11EA9CEA1F75C4F9AE02/98DE3894CCE411EFA6203F26C4F9AE02.roa
File: 98DE3894CCE411EFA6203F26C4F9AE02.roa (raw, json)
Hash identifier: 3SgVhCtfs/W3yv0G/O8aned3SDegTr9jVDz9oCjRCUg=
Subject key identifier: 32:C7:B3:87:7B:5D:75:95:C1:3F:6C:49:E6:0B:D8:B6:35:33:7B:0D
Certificate issuer: /CN=A91D560D/serialNumber=D7146DA9DE28F5BB5E3DE2FF00C59FC85C9938DA
Certificate serial: 083E
Authority key identifier: D7:14:6D:A9:DE:28:F5:BB:5E:3D:E2:FF:00:C5:9F:C8:5C:99:38:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xRtqd4o9btePeL_AMWfyFyZONo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D560D/68C3F49A41EE11EA9CEA1F75C4F9AE02/98DE3894CCE411EFA6203F26C4F9AE02.roa
Signing time: Tue 07 Jan 2025 10:46:06 +0000
ROA not before: Tue 07 Jan 2025 10:46:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135030
IP address blocks: 103.111.164.0/23 maxlen: 23
103.111.164.0/24 maxlen: 24
103.111.165.0/24 maxlen: 24
103.111.166.0/24 maxlen: 24
2402:9f40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2110 (0x83e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D560D/serialNumber=D7146DA9DE28F5BB5E3DE2FF00C59FC85C9938DA
Validity
Not Before: Jan 7 10:46:06 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=677d05ee-d5b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:68:37:b9:e3:c6:23:eb:52:30:28:63:c7:1e:
e5:33:66:b2:54:04:f5:d5:32:3c:55:0a:98:b0:65:
d6:a1:e0:bc:75:99:a7:f7:6e:9d:60:b3:37:5b:48:
38:31:81:dc:1f:05:c0:30:66:a9:6b:5a:eb:45:32:
dd:d6:38:10:23:e6:43:b9:b3:38:e8:4a:1c:be:07:
58:bd:d2:db:57:91:49:f9:19:f1:22:ba:a0:25:5b:
7b:a4:36:08:28:6a:b7:1f:61:8d:a8:d5:ac:99:06:
69:6a:f9:e9:06:71:be:75:ee:20:d5:6b:b7:75:4b:
1c:d6:59:97:51:c8:40:20:3c:3f:e7:be:29:3e:f4:
a2:19:56:33:58:06:7e:8a:07:73:2a:6e:ae:e1:ed:
42:59:05:aa:68:8b:80:4a:95:f5:88:c2:61:07:58:
46:19:a7:f6:a6:91:6f:3d:f1:87:5f:5a:d1:fe:e4:
2d:77:97:10:14:21:27:6d:1b:a3:92:82:a9:e5:6a:
22:7f:26:b5:29:f1:3d:06:5d:b0:9c:ee:76:23:26:
0d:f5:08:e2:11:cb:df:f8:92:33:38:e6:2d:cc:36:
69:bd:63:d9:59:c4:ac:11:f4:ca:21:62:6f:b2:fa:
29:c9:19:d4:e9:3c:83:cb:97:d5:e3:45:f3:97:10:
5f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C7:B3:87:7B:5D:75:95:C1:3F:6C:49:E6:0B:D8:B6:35:33:7B:0D
X509v3 Authority Key Identifier:
keyid:D7:14:6D:A9:DE:28:F5:BB:5E:3D:E2:FF:00:C5:9F:C8:5C:99:38:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D560D/68C3F49A41EE11EA9CEA1F75C4F9AE02/1xRtqd4o9btePeL_AMWfyFyZONo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xRtqd4o9btePeL_AMWfyFyZONo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D560D/68C3F49A41EE11EA9CEA1F75C4F9AE02/98DE3894CCE411EFA6203F26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.164.0-103.111.166.255
IPv6:
2402:9f40::/32
Signature Algorithm: sha256WithRSAEncryption
97:55:b1:b4:7a:79:8f:64:63:71:ee:6a:4a:b4:d2:46:f7:bc:
bc:f6:77:55:bf:5f:64:46:56:2f:d9:c9:d8:fa:88:43:e1:bf:
b8:31:f8:2c:f1:2f:79:08:6b:95:21:c0:6f:f8:5c:a1:7c:7d:
d9:42:70:3b:4b:cb:2a:05:ee:49:fb:3d:4c:02:65:50:17:40:
d4:97:07:cf:f3:29:cc:17:bb:2e:54:c2:12:f0:18:be:b6:92:
7b:b7:57:4e:72:47:a7:76:17:05:d4:4b:b1:dd:f3:fa:2a:04:
2c:ad:bd:1d:58:a3:34:0a:50:85:0e:75:dc:92:ae:23:b6:8c:
5a:3e:3f:e7:fa:c6:92:3e:11:b1:db:47:0e:67:b9:09:37:6f:
b5:9a:b1:14:7d:6e:a6:99:bf:27:f8:9c:62:36:5c:d1:e2:c5:
e8:8f:d8:63:f7:e8:18:75:a9:1f:6a:07:29:ef:c0:fd:52:10:
21:b9:61:16:27:27:52:d0:73:c1:59:b3:c0:5b:19:93:ee:82:
6c:c4:c3:59:fe:88:6b:c7:47:a2:99:8c:5f:b9:fb:9c:a6:e8:
ad:93:4d:3f:28:d1:46:1e:a5:e7:79:8d:15:e6:3f:c0:f9:49:
49:2d:b3:57:87:63:4e:cb:fe:22:ca:e5:40:99:77:b4:c1:cc:
8c:b9:1e:01
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICCD4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDU2MEQxMTAvBgNVBAUTKEQ3MTQ2REE5REUyOEY1QkI1RTNERTJGRjAwQzU5RkM4
NUM5OTM4REEwHhcNMjUwMTA3MTA0NjA2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdkMDVlZS1kNWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz2g3uePGI+tSMChjxx7lM2ayVAT11TI8VQqYsGXWoeC8dZmn926dYLM3W0g4
MYHcHwXAMGapa1rrRTLd1jgQI+ZDubM46EocvgdYvdLbV5FJ+RnxIrqgJVt7pDYI
KGq3H2GNqNWsmQZpavnpBnG+de4g1Wu3dUsc1lmXUchAIDw/574pPvSiGVYzWAZ+
igdzKm6u4e1CWQWqaIuASpX1iMJhB1hGGaf2ppFvPfGHX1rR/uQtd5cQFCEnbRuj
koKp5Woifya1KfE9Bl2wnO52IyYN9QjiEcvf+JIzOOYtzDZpvWPZWcSsEfTKIWJv
svopyRnU6TyDy5fV40XzlxBfPQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFDLHs4d7
XXWVwT9sSeYL2LY1M3sNMB8GA1UdIwQYMBaAFNcUbaneKPW7Xj3i/wDFn8hcmTja
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTYwRC82OEMzRjQ5QTQx
RUUxMUVBOUNFQTFGNzVDNEY5QUUwMi8xeFJ0cWQ0bzlidGVQZUxfQU1XZnlGeVpP
Tm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzF4UnRxZDRvOWJ0ZVBlTF9BTVdmeUZ5Wk9Oby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDU2MEQvNjhDM0Y0OUE0MUVFMTFFQTlDRUExRjc1QzRGOUFFMDIvOThERTM4OTRD
Q0U0MTFFRkE2MjAzRjI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBQEAgABMA4wDAMEAmdvpAMEAGdvpjANBAIAAjAHAwUAJAKfQDANBgkqhkiG
9w0BAQsFAAOCAQEAl1WxtHp5j2Rjce5qSrTSRve8vPZ3Vb9fZEZWL9nJ2PqIQ+G/
uDH4LPEveQhrlSHAb/hcoXx92UJwO0vLKgXuSfs9TAJlUBdA1JcHz/MpzBe7LlTC
EvAYvraSe7dXTnJHp3YXBdRLsd3z+ioELK29HVijNApQhQ513JKuI7aMWj4/5/rG
kj4RsdtHDme5CTdvtZqxFH1uppm/J/icYjZc0eLF6I/YY/foGHWpH2oHKe/A/VIQ
IblhFicnUtBzwVmzwFsZk+6CbMTDWf6Ia8dHopmMX7n7nKborZNNPyjRRh6l53mN
FeY/wPlJSS2zV4djTsv+IsrlQJl3tMHMjLkeAQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:54:00 2025 by rpki-client