Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/59962840D01911EE96596B16C4F9AE02.roa
File: 59962840D01911EE96596B16C4F9AE02.roa (raw, json)
Hash identifier: jM6outMgdpJ44HUHhOOUfnOx+r280G0rdmU4B0AEX90=
Subject key identifier: 15:3C:78:27:A5:D4:42:75:60:8B:05:C1:CD:57:85:E3:9F:26:94:07
Certificate issuer: /CN=A911D9B2/serialNumber=91295BBB75BFAAEB9531B39B36EC7521DDE30D63
Certificate serial: D9
Authority key identifier: 91:29:5B:BB:75:BF:AA:EB:95:31:B3:9B:36:EC:75:21:DD:E3:0D:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSlbu3W_quuVMbObNux1Id3jDWM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/59962840D01911EE96596B16C4F9AE02.roa
Signing time: Wed 27 Nov 2024 16:06:44 +0000
ROA not before: Wed 27 Nov 2024 16:06:44 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 213122
IP address blocks: 103.96.80.0/22 maxlen: 24
103.131.130.0/23 maxlen: 24
103.199.98.0/24 maxlen: 24
103.199.99.0/24 maxlen: 24
2401:3a60:1100::/40 maxlen: 40
2401:3a60:1200::/40 maxlen: 40
2401:3a60:1300::/40 maxlen: 40
2401:3a60:1400::/40 maxlen: 40
2401:3a60:1500::/40 maxlen: 40
2401:3a60:1600::/40 maxlen: 40
2401:3a60:3100::/40 maxlen: 40
2401:3a60:3200::/40 maxlen: 40
2401:3a60:3300::/40 maxlen: 40
2401:3a60:5000::/40 maxlen: 40
2401:3a60:5100::/40 maxlen: 40
2401:3a60:5200::/40 maxlen: 40
2401:3a60:5300::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 217 (0xd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D9B2
Validity
Not Before: Nov 27 16:06:44 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67474394-5b7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:5d:f8:9c:c9:52:f1:81:d2:52:c0:75:b4:7f:
fc:7a:43:3d:7d:c9:5b:de:d7:d5:4d:6d:b9:96:e1:
17:41:99:34:b6:a7:7c:95:f8:80:dd:ad:fa:d5:5d:
ee:5e:61:2e:58:b4:26:14:a4:87:91:f0:db:ff:4f:
73:6e:4b:37:af:d4:30:40:b4:ca:b7:f3:0e:c3:a4:
81:9a:eb:30:39:1d:a1:62:1b:65:c7:f3:9d:8e:98:
45:71:cd:21:9d:30:a9:1d:fe:93:66:c4:d9:5a:6d:
b6:b7:4b:a6:33:55:af:37:17:8d:d0:83:04:74:73:
59:99:2e:23:06:b4:b8:a3:b9:3e:44:a5:61:8d:ab:
78:42:d3:c6:e9:fd:3a:fe:a7:46:84:1a:bb:94:b9:
71:f7:23:35:32:fd:3c:6d:bc:37:93:bf:52:d4:0a:
e2:3a:14:73:e0:dd:ef:a4:68:40:4e:c0:1b:4c:4b:
9c:f3:ff:27:d0:80:47:e9:76:ee:49:84:78:a7:78:
b0:7c:f1:f3:59:13:91:e4:49:d4:b1:9b:56:07:d1:
d6:a1:a2:b5:f6:ad:66:cc:53:18:a1:99:79:d5:b5:
f8:62:11:17:4c:d6:67:94:ef:93:a8:db:91:d3:28:
55:6e:56:d3:1f:9c:c9:8c:fe:52:15:6e:df:73:b4:
89:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:3C:78:27:A5:D4:42:75:60:8B:05:C1:CD:57:85:E3:9F:26:94:07
X509v3 Authority Key Identifier:
keyid:91:29:5B:BB:75:BF:AA:EB:95:31:B3:9B:36:EC:75:21:DD:E3:0D:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSlbu3W_quuVMbObNux1Id3jDWM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/59962840D01911EE96596B16C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.96.80.0/22
103.131.130.0/23
103.199.98.0/23
IPv6:
2401:3a60:1100::-2401:3a60:16ff:ffff:ffff:ffff:ffff:ffff
2401:3a60:3100::-2401:3a60:33ff:ffff:ffff:ffff:ffff:ffff
2401:3a60:5000::/38
Signature Algorithm: sha256WithRSAEncryption
56:3a:b8:71:b6:49:75:97:fc:3f:b2:c6:62:0d:a1:c0:39:88:
f7:53:d8:cf:7e:c6:b6:13:a3:a2:89:de:0d:6c:30:3f:4d:1e:
6a:f1:e9:c8:86:d5:de:aa:eb:8b:2e:ba:4f:1c:ec:3b:c8:81:
af:00:d3:e7:e7:ba:64:8f:f9:6a:2e:5b:69:5a:bf:5c:db:ae:
41:ce:ea:1a:72:e7:e6:1e:ea:cc:7b:f5:c0:e7:16:96:b7:73:
8e:63:81:22:b3:58:0f:36:d1:96:86:bd:78:56:5f:c6:8c:df:
64:09:0b:46:f7:6c:94:ed:ce:08:1e:93:34:58:4c:dc:6b:ba:
98:50:21:79:f2:f9:18:c4:f1:83:6b:7c:d0:3f:c6:42:e0:01:
81:ab:12:83:b2:c7:ca:fe:1d:6e:42:23:d4:62:5e:0d:f2:dc:
5f:fd:b3:dd:89:58:40:ba:75:ea:bd:50:18:8d:11:45:5c:da:
db:e5:15:0e:b2:66:d5:fa:b6:77:7d:8e:96:34:7f:fd:88:6a:
cd:a6:73:13:02:24:fd:44:af:07:66:af:b0:46:14:7a:8f:f0:
78:88:a5:11:8d:df:fc:12:0e:f2:48:b8:57:2c:dd:97:b8:65:
0a:12:57:80:92:1e:cc:d5:0c:63:69:7b:55:45:7d:02:f6:4c:
0c:cc:53:8c
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgICANkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ5QjIxMTAvBgNVBAUTKDkxMjk1QkJCNzVCRkFBRUI5NTMxQjM5QjM2RUM3NTIx
RERFMzBENjMwHhcNMjQxMTI3MTYwNjQ0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ3NDM5NC01YjdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5134nMlS8YHSUsB1tH/8ekM9fclb3tfVTW25luEXQZk0tqd8lfiA3a361V3u
XmEuWLQmFKSHkfDb/09zbks3r9QwQLTKt/MOw6SBmuswOR2hYhtlx/OdjphFcc0h
nTCpHf6TZsTZWm22t0umM1WvNxeN0IMEdHNZmS4jBrS4o7k+RKVhjat4QtPG6f06
/qdGhBq7lLlx9yM1Mv08bbw3k79S1AriOhRz4N3vpGhATsAbTEuc8/8n0IBH6Xbu
SYR4p3iwfPHzWROR5EnUsZtWB9HWoaK19q1mzFMYoZl51bX4YhEXTNZnlO+TqNuR
0yhVblbTH5zJjP5SFW7fc7SJ4QIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFBU8eCel
1EJ1YIsFwc1XheOfJpQHMB8GA1UdIwQYMBaAFJEpW7t1v6rrlTGzmzbsdSHd4w1j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDlCMi8wQTZGM0I0Mjkx
NTUxMUVFQTRDMEY2NjhDNEY5QUUwMi9rU2xidTNXX3F1dVZNYk9iTnV4MUlkM2pE
V00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tTbGJ1M1dfcXV1Vk1iT2JOdXgxSWQzakRXTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ5QjIvMEE2RjNCNDI5MTU1MTFFRUE0QzBGNjY4QzRGOUFFMDIvNTk5NjI4NDBE
MDE5MTFFRTk2NTk2QjE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXwYIKwYBBQUHAQcBAf8E
UDBOMBgEAgABMBIDBAJnYFADBAFng4IDBAFnx2IwMgQCAAIwLDAQAwYAJAE6YBED
BgAkATpgFjAQAwYAJAE6YDEDBgIkATpgMAMGAiQBOmBQMA0GCSqGSIb3DQEBCwUA
A4IBAQBWOrhxtkl1l/w/ssZiDaHAOYj3U9jPfsa2E6Oiid4NbDA/TR5q8enIhtXe
quuLLrpPHOw7yIGvANPn57pkj/lqLltpWr9c265BzuoacufmHurMe/XA5xaWt3OO
Y4Eis1gPNtGWhr14Vl/GjN9kCQtG92yU7c4IHpM0WEzca7qYUCF58vkYxPGDa3zQ
P8ZC4AGBqxKDssfK/h1uQiPUYl4N8txf/bPdiVhAunXqvVAYjRFFXNrb5RUOsmbV
+rZ3fY6WNH/9iGrNpnMTAiT9RK8HZq+wRhR6j/B4iKURjd/8Eg7ySLhXLN2XuGUK
EleAkh7M1QxjaXtVRX0C9kwMzFOM
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:15:17 2025 by rpki-client