Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/4F7B7728DD5D11EF9312601BC4F9AE02.roa
File: 4F7B7728DD5D11EF9312601BC4F9AE02.roa (raw, json)
Hash identifier: K0pMn3ybPgYAvgYIHKptYZvODgeJgnqA7J5JHWlu6c0=
Subject key identifier: 51:19:2E:6B:31:AC:A4:11:1E:2D:6D:31:8F:11:2F:2E:83:43:A6:54
Certificate issuer: /CN=A91EEC3B/serialNumber=B7667505BB2042E72B62AE05BE2D1A3B41B4D235
Certificate serial: 070A
Authority key identifier: B7:66:75:05:BB:20:42:E7:2B:62:AE:05:BE:2D:1A:3B:41:B4:D2:35
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t2Z1BbsgQucrYq4Fvi0aO0G00jU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/4F7B7728DD5D11EF9312601BC4F9AE02.roa
Signing time: Tue 28 Jan 2025 09:50:31 +0000
ROA not before: Tue 28 Jan 2025 09:50:31 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 136917
IP address blocks: 103.110.126.0/24 maxlen: 24
2401:a840::/32 maxlen: 32
2401:a840::/36 maxlen: 36
2401:a840::/40 maxlen: 40
2401:a840:100::/40 maxlen: 40
2401:a840:200::/40 maxlen: 40
2401:a840:300::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1802 (0x70a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EEC3B/serialNumber=B7667505BB2042E72B62AE05BE2D1A3B41B4D235
Validity
Not Before: Jan 28 09:50:31 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6798a866-fa16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:34:2b:4f:05:8d:95:36:71:b5:0c:84:1b:4e:
74:91:d0:77:94:12:c0:d7:56:34:c5:a9:db:2e:c9:
a3:52:9f:42:1c:fc:d4:46:7c:a6:b5:60:6b:80:49:
8c:54:e3:54:ce:16:b4:9c:fc:9f:87:94:e7:cd:67:
ea:dd:8a:2f:ba:c5:24:da:a5:37:72:b0:b2:b4:c8:
5a:47:a2:1d:c9:8b:bc:3b:51:a3:34:99:9b:b1:9c:
33:e8:48:d8:30:89:3b:66:31:a7:7c:6c:da:b9:68:
5a:68:f1:57:87:b9:f4:3f:8a:a6:52:3a:22:bb:fb:
b4:3d:c3:cb:1f:a4:04:14:b8:9c:ca:a2:0f:a1:29:
02:b3:6c:0a:c2:fb:aa:00:bd:2e:0e:13:1a:20:78:
81:fe:fa:df:b7:aa:50:03:c2:71:a1:26:4b:73:af:
4e:78:9c:39:44:fd:11:36:a8:d6:f3:70:4a:01:93:
90:4a:3e:c7:b4:85:e6:39:82:fd:8d:27:25:4e:c9:
8d:b3:2f:9c:2d:58:ae:5b:16:db:91:30:e7:8a:b9:
f7:35:95:9c:15:b4:25:07:98:41:db:d8:ba:9c:23:
dc:b7:30:82:19:cc:b7:02:3e:9c:da:26:1c:11:bd:
9c:15:2e:02:c8:f9:46:7b:8f:6c:67:b8:a5:5e:47:
44:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:19:2E:6B:31:AC:A4:11:1E:2D:6D:31:8F:11:2F:2E:83:43:A6:54
X509v3 Authority Key Identifier:
keyid:B7:66:75:05:BB:20:42:E7:2B:62:AE:05:BE:2D:1A:3B:41:B4:D2:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/t2Z1BbsgQucrYq4Fvi0aO0G00jU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t2Z1BbsgQucrYq4Fvi0aO0G00jU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/4F7B7728DD5D11EF9312601BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.110.126.0/24
IPv6:
2401:a840::/32
Signature Algorithm: sha256WithRSAEncryption
06:e6:ba:f3:3a:0c:a1:e4:cb:90:96:64:25:a4:fc:e2:5e:06:
8a:63:59:13:52:8f:11:40:ed:c0:cb:4f:36:84:cc:f3:41:5c:
a3:4a:34:6c:89:0a:12:de:69:ec:39:86:af:67:a5:9e:65:76:
e2:7b:7a:5d:3f:76:00:b5:1c:e0:61:24:47:00:ca:32:b3:b8:
25:8e:cd:e2:87:03:f5:cf:a3:9d:db:fb:01:01:6d:61:25:6b:
5b:a6:77:53:e1:01:a8:00:ac:0e:ed:c9:75:6c:9e:22:ae:88:
f1:cd:5f:f8:8c:46:93:3e:55:88:f6:e1:6a:33:04:f3:71:7e:
a4:78:5f:5a:e3:dd:42:f7:5c:95:9e:2a:ce:f2:a9:be:73:72:
31:6d:af:24:74:13:31:21:5b:48:61:11:b7:6c:62:51:66:fc:
4e:9c:7a:c1:00:53:07:4a:ba:7e:12:f5:a0:93:9d:4e:da:45:
4c:69:09:67:ec:c5:c1:e4:f3:db:2d:be:e6:0f:ac:a0:3c:72:
6f:b5:67:3a:6d:5b:b1:5b:65:f0:3e:35:8a:df:ea:0a:83:06:
01:5a:94:e7:66:50:bc:c5:11:e6:82:d3:1c:e0:f8:58:e9:db:
aa:8b:3f:c1:29:a0:01:40:d7:46:73:8f:19:67:ea:a2:ee:2a:
99:97:d8:c3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBwowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVDM0IxMTAvBgNVBAUTKEI3NjY3NTA1QkIyMDQyRTcyQjYyQUUwNUJFMkQxQTNC
NDFCNEQyMzUwHhcNMjUwMTI4MDk1MDMxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk4YTg2Ni1mYTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2zQrTwWNlTZxtQyEG050kdB3lBLA11Y0xanbLsmjUp9CHPzURnymtWBrgEmM
VONUzha0nPyfh5TnzWfq3YovusUk2qU3crCytMhaR6IdyYu8O1GjNJmbsZwz6EjY
MIk7ZjGnfGzauWhaaPFXh7n0P4qmUjoiu/u0PcPLH6QEFLicyqIPoSkCs2wKwvuq
AL0uDhMaIHiB/vrft6pQA8JxoSZLc69OeJw5RP0RNqjW83BKAZOQSj7HtIXmOYL9
jSclTsmNsy+cLViuWxbbkTDnirn3NZWcFbQlB5hB29i6nCPctzCCGcy3Aj6c2iYc
Eb2cFS4CyPlGe49sZ7ilXkdEmwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFEZLmsx
rKQRHi1tMY8RLy6DQ6ZUMB8GA1UdIwQYMBaAFLdmdQW7IELnK2KuBb4tGjtBtNI1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUMzQi82QjM3RTE5Qzg0
MTcxMUU3ODVGMTcwODBDNEY5QUUwMi90MloxQmJzZ1F1Y3JZcTRGdmkwYU8wRzAw
alUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3QyWjFCYnNnUXVjcllxNEZ2aTBhTzBHMDBqVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVDM0IvNkIzN0UxOUM4NDE3MTFFNzg1RjE3MDgwQzRGOUFFMDIvNEY3Qjc3MjhE
RDVEMTFFRjkzMTI2MDFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnbn4wDQQCAAIwBwMFACQBqEAwDQYJKoZIhvcNAQELBQAD
ggEBAAbmuvM6DKHky5CWZCWk/OJeBopjWRNSjxFA7cDLTzaEzPNBXKNKNGyJChLe
aew5hq9npZ5lduJ7el0/dgC1HOBhJEcAyjKzuCWOzeKHA/XPo53b+wEBbWEla1um
d1PhAagArA7tyXVsniKuiPHNX/iMRpM+VYj24WozBPNxfqR4X1rj3UL3XJWeKs7y
qb5zcjFtryR0EzEhW0hhEbdsYlFm/E6cesEAUwdKun4S9aCTnU7aRUxpCWfsxcHk
89stvuYPrKA8cm+1ZzptW7FbZfA+NYrf6gqDBgFalOdmULzFEeaC0xzg+Fjp26qL
P8EpoAFA10Zzjxln6qLuKpmX2MM=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:18:18 2025 by rpki-client