Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/32D8E190D0CB11EEAB1CAF34C4F9AE02.roa
File: 32D8E190D0CB11EEAB1CAF34C4F9AE02.roa (raw, json)
Hash identifier: I6cFYaTwrscj9Do0u5LBBtA5etRJeCEnBRWA8YbVDTo=
Subject key identifier: 08:06:79:62:B7:47:72:61:5B:3B:76:72:5F:89:DC:AD:C7:CE:D3:62
Certificate issuer: /CN=A911486F/serialNumber=E632D38C5A32C217C6EE71D52DEF9F38CA166C51
Certificate serial: 018A
Authority key identifier: E6:32:D3:8C:5A:32:C2:17:C6:EE:71:D5:2D:EF:9F:38:CA:16:6C:51
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5jLTjFoywhfG7nHVLe-fOMoWbFE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/32D8E190D0CB11EEAB1CAF34C4F9AE02.roa
Signing time: Mon 09 Dec 2024 02:25:48 +0000
ROA not before: Mon 09 Dec 2024 02:25:48 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 150696
IP address blocks: 103.60.204.0/24 maxlen: 24
2400:cf60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 394 (0x18a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911486F
Validity
Not Before: Dec 9 02:25:48 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6756552c-fe1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:01:95:6b:54:b9:c2:ed:9f:2f:49:26:4d:39:
52:e2:36:30:ad:d7:19:20:71:9c:e1:60:14:6e:92:
d0:f5:45:44:98:0f:91:66:d0:c3:05:5c:3c:c9:c9:
2d:51:33:3d:ac:42:f7:9b:7e:f8:0e:24:18:1d:58:
06:09:70:4f:38:57:18:e9:63:7d:30:e3:b5:3d:fe:
00:e3:d0:b2:60:ba:cc:ea:4c:c9:d4:62:a9:99:6e:
9a:39:b4:e0:7c:77:03:15:6b:37:02:a8:59:b1:ef:
95:d1:49:ee:2d:f0:07:f8:88:5a:1d:3d:48:af:ff:
4f:75:63:4a:6c:09:00:a5:cb:85:2b:20:a2:c3:41:
b3:08:a9:52:58:b2:a3:32:00:89:3b:64:81:68:3b:
2b:10:6f:22:61:53:16:0d:2b:0d:0b:19:ed:98:6d:
ce:38:7a:46:ed:ba:a7:54:80:c0:66:c9:8f:aa:b6:
fb:cb:77:09:2f:97:eb:92:e9:1b:cf:5e:be:5e:b8:
b5:2f:12:b1:f9:bd:b2:15:ea:b7:3e:90:49:6c:73:
11:d0:13:84:1a:e7:3b:d9:75:50:92:85:e9:15:71:
f1:d6:4d:d0:e4:0b:16:85:59:93:69:e8:40:7e:b5:
65:ee:1f:bc:61:05:6c:b4:0c:11:12:23:dc:d8:c3:
36:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:06:79:62:B7:47:72:61:5B:3B:76:72:5F:89:DC:AD:C7:CE:D3:62
X509v3 Authority Key Identifier:
keyid:E6:32:D3:8C:5A:32:C2:17:C6:EE:71:D5:2D:EF:9F:38:CA:16:6C:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/5jLTjFoywhfG7nHVLe-fOMoWbFE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5jLTjFoywhfG7nHVLe-fOMoWbFE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/32D8E190D0CB11EEAB1CAF34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.60.204.0/24
IPv6:
2400:cf60::/32
Signature Algorithm: sha256WithRSAEncryption
7d:bd:bc:e8:74:27:ab:d2:50:84:f9:30:d5:90:b9:29:d1:22:
a9:37:b5:b4:de:e5:e6:d6:99:11:f7:c7:f3:05:73:f5:e6:5c:
26:c9:54:24:bd:d4:c1:a6:3c:c9:37:d3:06:ac:50:ca:0f:ae:
c0:f3:45:da:88:59:a8:b8:66:e6:74:91:34:e2:c2:9a:06:d5:
9b:94:77:61:ec:f9:31:fd:a0:e3:52:35:d4:df:c4:88:f1:77:
da:b5:16:20:43:2d:27:cf:f8:ea:c7:0c:84:54:b5:46:45:dd:
05:0a:5a:5e:e7:87:a1:f6:ca:28:58:29:ce:f7:17:ff:94:08:
b8:1a:46:3b:57:17:d7:91:d7:97:00:e8:12:3f:41:ef:52:c5:
dd:a3:b9:85:0d:44:3d:09:49:3f:4e:20:93:a6:1d:c7:04:7b:
42:3f:4d:18:74:de:39:63:71:83:18:b7:c7:90:32:c2:00:c9:
f0:ca:f9:48:3d:50:18:c8:c4:f7:86:18:52:b8:94:1b:bf:49:
d5:08:57:bf:a4:4f:f6:85:6d:02:e4:88:8b:25:da:72:be:72:
65:e9:ac:69:0e:96:13:58:e9:43:40:5c:f8:00:6a:d4:53:1b:
4e:59:f3:e0:53:9e:f4:b8:a3:3c:f9:28:32:88:97:99:8b:b5:
b3:26:57:ec
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTQ4NkYxMTAvBgNVBAUTKEU2MzJEMzhDNUEzMkMyMTdDNkVFNzFENTJERUY5RjM4
Q0ExNjZDNTEwHhcNMjQxMjA5MDIyNTQ4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU2NTUyYy1mZTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArAGVa1S5wu2fL0kmTTlS4jYwrdcZIHGc4WAUbpLQ9UVEmA+RZtDDBVw8yckt
UTM9rEL3m374DiQYHVgGCXBPOFcY6WN9MOO1Pf4A49CyYLrM6kzJ1GKpmW6aObTg
fHcDFWs3AqhZse+V0UnuLfAH+IhaHT1Ir/9PdWNKbAkApcuFKyCiw0GzCKlSWLKj
MgCJO2SBaDsrEG8iYVMWDSsNCxntmG3OOHpG7bqnVIDAZsmPqrb7y3cJL5frkukb
z16+Xri1LxKx+b2yFeq3PpBJbHMR0BOEGuc72XVQkoXpFXHx1k3Q5AsWhVmTaehA
frVl7h+8YQVstAwREiPc2MM24QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAgGeWK3
R3JhWzt2cl+J3K3HztNiMB8GA1UdIwQYMBaAFOYy04xaMsIXxu5x1S3vnzjKFmxR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNDg2Ri8yMkNGMzQ0ODg2
NkMxMUVEQUZBNUE0NzFDNEY5QUUwMi81akxUakZveXdoZkc3bkhWTGUtZk9Nb1di
RkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVqTFRqRm95d2hmRzduSFZMZS1mT01vV2JGRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTQ4NkYvMjJDRjM0NDg4NjZDMTFFREFGQTVBNDcxQzRGOUFFMDIvMzJEOEUxOTBE
MENCMTFFRUFCMUNBRjM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnPMwwDQQCAAIwBwMFACQAz2AwDQYJKoZIhvcNAQELBQAD
ggEBAH29vOh0J6vSUIT5MNWQuSnRIqk3tbTe5ebWmRH3x/MFc/XmXCbJVCS91MGm
PMk30wasUMoPrsDzRdqIWai4ZuZ0kTTiwpoG1ZuUd2Hs+TH9oONSNdTfxIjxd9q1
FiBDLSfP+OrHDIRUtUZF3QUKWl7nh6H2yihYKc73F/+UCLgaRjtXF9eR15cA6BI/
Qe9Sxd2juYUNRD0JST9OIJOmHccEe0I/TRh03jljcYMYt8eQMsIAyfDK+Ug9UBjI
xPeGGFK4lBu/SdUIV7+kT/aFbQLkiIsl2nK+cmXprGkOlhNY6UNAXPgAatRTG05Z
8+BTnvS4ozz5KDKIl5mLtbMmV+w=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:19:39 2025 by rpki-client