Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/9FBFD358C0F911EFA63F3E64C4F9AE02.roa
File: 9FBFD358C0F911EFA63F3E64C4F9AE02.roa (raw, json)
Hash identifier: I0a+pf7OxwJp6heFmMZA6klapYaYJQmhSzNEKWS4Aew=
Subject key identifier: 53:A9:06:73:0E:F7:DA:88:D1:D0:0C:1C:DB:2F:24:9B:9D:A3:E8:59
Certificate issuer: /CN=A91E80FB/serialNumber=4085AE134B6338A127657283EBBC16C12F20B862
Certificate serial: 0378
Authority key identifier: 40:85:AE:13:4B:63:38:A1:27:65:72:83:EB:BC:16:C1:2F:20:B8:62
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIWuE0tjOKEnZXKD67wWwS8guGI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/9FBFD358C0F911EFA63F3E64C4F9AE02.roa
Signing time: Mon 23 Dec 2024 06:47:07 +0000
ROA not before: Mon 23 Dec 2024 06:47:07 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 141688
IP address blocks: 103.162.4.0/23 maxlen: 23
103.162.4.0/24 maxlen: 24
103.162.5.0/24 maxlen: 24
118.91.190.0/24 maxlen: 24
202.89.73.0/24 maxlen: 24
2407:bc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 888 (0x378)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E80FB/serialNumber=4085AE134B6338A127657283EBBC16C12F20B862
Validity
Not Before: Dec 23 06:47:07 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6769076b-b335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a9:85:4d:91:57:f5:4e:80:6b:cb:f0:83:ef:
c3:3d:15:7e:8b:55:24:b1:1c:39:44:65:c9:a6:07:
48:bc:2b:e8:41:1d:7f:e0:75:29:2b:73:a4:79:c9:
c7:c6:ef:bc:54:eb:a4:ee:16:e8:74:7e:ad:71:4e:
64:61:fb:0a:c4:1c:0c:80:bf:e7:15:ae:c8:cb:61:
78:0a:f1:ef:76:78:25:8c:e8:df:a2:c8:58:f4:4c:
42:b2:2a:4d:2b:e0:7b:08:16:42:fd:ef:00:40:60:
33:53:82:9c:c1:3e:c1:75:fb:1b:1d:01:ff:f0:aa:
bd:41:a0:66:f1:a1:75:8b:8d:61:34:27:e9:11:be:
3b:6a:05:7b:80:57:94:e4:79:75:c2:ed:ac:0c:a9:
c4:f8:9a:0d:50:fa:ff:e6:47:33:d4:53:a1:01:9c:
48:6c:ee:cb:2d:7f:ac:ac:b8:f9:b2:04:a7:78:38:
f1:66:58:20:d6:65:91:24:02:37:ff:8f:9e:2b:4f:
7f:a8:f9:69:a3:c4:83:b7:11:95:96:19:94:22:f7:
cd:17:31:e6:ac:d8:f2:ee:80:3f:31:d2:ef:ee:cf:
4a:9c:81:19:1a:e5:df:e5:64:0d:16:3e:71:4e:54:
01:0d:07:42:1d:fb:f0:1b:ec:0e:bd:19:2e:4d:a9:
e9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A9:06:73:0E:F7:DA:88:D1:D0:0C:1C:DB:2F:24:9B:9D:A3:E8:59
X509v3 Authority Key Identifier:
keyid:40:85:AE:13:4B:63:38:A1:27:65:72:83:EB:BC:16:C1:2F:20:B8:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIWuE0tjOKEnZXKD67wWwS8guGI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/9FBFD358C0F911EFA63F3E64C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.162.4.0/23
118.91.190.0/24
202.89.73.0/24
IPv6:
2407:bc0::/32
Signature Algorithm: sha256WithRSAEncryption
5e:d0:8f:3a:0d:ff:16:8f:b0:5f:f0:10:73:a5:69:85:43:9e:
87:5f:74:f9:29:38:00:6d:c5:9b:ba:c4:2d:30:c9:a9:2e:7a:
68:39:73:21:c8:6c:66:94:f3:f5:cb:62:69:0e:62:26:45:43:
05:38:5f:e4:c9:6f:b9:58:71:55:ff:03:6b:8f:58:47:b6:52:
16:74:cd:b8:30:6e:71:6a:1b:2b:77:22:02:f6:5c:e2:6a:93:
87:e6:47:54:36:72:fe:7c:9b:a5:81:12:09:cb:e6:04:29:53:
38:54:05:4a:fd:6a:41:5a:17:dd:04:b4:ab:7e:b4:44:43:2f:
57:af:35:d9:6a:99:7a:c2:48:51:2f:69:a1:ec:39:31:81:bd:
61:f7:99:64:d5:b8:4e:dc:2e:63:5f:86:b0:21:02:dd:28:a3:
a0:58:6c:14:b0:73:bf:c3:98:4e:a8:fe:66:ac:a8:2e:a5:d9:
fa:83:48:17:61:1e:35:75:9b:ad:fa:93:ff:6e:aa:50:51:f4:
87:3b:9f:08:8a:94:07:37:41:d3:bb:53:8f:4a:62:0f:bb:02:
70:1e:48:d6:5a:52:7d:68:ef:f2:04:d0:b5:8c:a1:51:ce:d8:
1f:f0:7b:01:e4:87:2a:d1:c0:02:54:18:fc:4b:ae:42:05:5e:
cc:ad:85:38
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICA3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTgwRkIxMTAvBgNVBAUTKDQwODVBRTEzNEI2MzM4QTEyNzY1NzI4M0VCQkMxNkMx
MkYyMEI4NjIwHhcNMjQxMjIzMDY0NzA3WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY5MDc2Yi1iMzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzamFTZFX9U6Aa8vwg+/DPRV+i1UksRw5RGXJpgdIvCvoQR1/4HUpK3OkecnH
xu+8VOuk7hbodH6tcU5kYfsKxBwMgL/nFa7Iy2F4CvHvdngljOjfoshY9ExCsipN
K+B7CBZC/e8AQGAzU4KcwT7BdfsbHQH/8Kq9QaBm8aF1i41hNCfpEb47agV7gFeU
5Hl1wu2sDKnE+JoNUPr/5kcz1FOhAZxIbO7LLX+srLj5sgSneDjxZlgg1mWRJAI3
/4+eK09/qPlpo8SDtxGVlhmUIvfNFzHmrNjy7oA/MdLv7s9KnIEZGuXf5WQNFj5x
TlQBDQdCHfvwG+wOvRkuTanpMwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFFOpBnMO
99qI0dAMHNsvJJudo+hZMB8GA1UdIwQYMBaAFECFrhNLYzihJ2Vyg+u8FsEvILhi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODBGQi82MjhENTIwQzhG
QjYxMUVDOTJCRDI1MTBDNEY5QUUwMi9RSVd1RTB0ak9LRW5aWEtENjd3V3dTOGd1
R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FJV3VFMHRqT0tFblpYS0Q2N3dXd1M4Z3VHSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTgwRkIvNjI4RDUyMEM4RkI2MTFFQzkyQkQyNTEwQzRGOUFFMDIvOUZCRkQzNThD
MEY5MTFFRkE2M0YzRTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAFnogQDBAB2W74DBADKWUkwDQQCAAIwBwMFACQHC8AwDQYJ
KoZIhvcNAQELBQADggEBAF7QjzoN/xaPsF/wEHOlaYVDnodfdPkpOABtxZu6xC0w
yakuemg5cyHIbGaU8/XLYmkOYiZFQwU4X+TJb7lYcVX/A2uPWEe2UhZ0zbgwbnFq
Gyt3IgL2XOJqk4fmR1Q2cv58m6WBEgnL5gQpUzhUBUr9akFaF90EtKt+tERDL1ev
NdlqmXrCSFEvaaHsOTGBvWH3mWTVuE7cLmNfhrAhAt0oo6BYbBSwc7/DmE6o/mas
qC6l2fqDSBdhHjV1m636k/9uqlBR9Ic7nwiKlAc3QdO7U49KYg+7AnAeSNZaUn1o
7/IE0LWMoVHO2B/wewHkhyrRwAJUGPxLrkIFXsythTg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:08:04 2025 by rpki-client