Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/5879949ADE9B11EC9AE23269C4F9AE02.roa
File: 5879949ADE9B11EC9AE23269C4F9AE02.roa (raw, json)
Hash identifier: vJqrrt0bxSwZaP1IHOgSaljOyb8CxyRpUsYkTfCzlUg=
Subject key identifier: 8A:6F:2E:E7:EA:2C:97:2C:E0:9C:06:CE:AE:2F:2A:50:74:3B:9F:79
Certificate issuer: /CN=A91398A3/serialNumber=775FE5A1F61A7408DFEED47F1447E3464DA50B2A
Certificate serial: 03CE
Authority key identifier: 77:5F:E5:A1:F6:1A:74:08:DF:EE:D4:7F:14:47:E3:46:4D:A5:0B:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d1_lofYadAjf7tR_FEfjRk2lCyo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/5879949ADE9B11EC9AE23269C4F9AE02.roa
Signing time: Tue 17 Dec 2024 00:14:36 +0000
ROA not before: Tue 17 Dec 2024 00:14:36 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 137427
IP address blocks: 103.80.132.0/24 maxlen: 24
103.80.133.0/24 maxlen: 24
103.80.134.0/24 maxlen: 24
103.80.135.0/24 maxlen: 24
182.161.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 974 (0x3ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91398A3
Validity
Not Before: Dec 17 00:14:36 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6760c26c-cd16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:84:c7:44:a5:69:95:0d:29:99:e8:49:e6:22:
e1:ab:0a:06:ad:a4:26:76:01:f2:3f:79:f6:b4:eb:
81:4f:85:9c:f2:e1:a1:4f:15:a1:c6:dc:e2:71:e3:
f1:1d:a1:6f:1d:cb:97:e7:7d:d1:f4:56:75:03:ce:
9c:0f:a3:a9:d8:7c:0d:3e:c9:66:8e:78:cf:4e:74:
f9:61:35:71:b3:79:7a:d0:4f:10:c8:79:0d:d5:19:
2f:2b:20:dc:a9:7e:2f:83:72:ab:af:ae:e9:d5:9f:
06:0d:7a:a2:9c:2d:bb:55:8d:7e:26:58:89:c4:4c:
22:9c:5f:87:13:b9:06:ee:10:97:8e:2a:70:4a:20:
53:43:45:a0:60:7a:cd:52:7c:69:10:f7:7f:52:e6:
45:db:db:bb:e1:79:70:b4:93:9e:a5:b6:51:fa:98:
88:1f:c7:f4:4d:0c:84:5b:f4:3f:7c:97:7d:90:2b:
05:44:bf:6b:62:19:69:8d:2c:01:c4:11:c0:ef:e3:
b7:f5:8c:ac:0e:9d:3d:77:76:9e:6d:d3:95:05:7e:
7b:e7:3d:0f:59:38:c8:52:55:c0:16:56:01:77:1a:
04:4a:94:9c:30:a4:ce:78:b8:be:25:5f:57:f1:af:
bb:74:9b:a5:f5:d3:e2:3f:59:bd:ab:de:47:1b:2f:
5e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:6F:2E:E7:EA:2C:97:2C:E0:9C:06:CE:AE:2F:2A:50:74:3B:9F:79
X509v3 Authority Key Identifier:
keyid:77:5F:E5:A1:F6:1A:74:08:DF:EE:D4:7F:14:47:E3:46:4D:A5:0B:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/d1_lofYadAjf7tR_FEfjRk2lCyo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d1_lofYadAjf7tR_FEfjRk2lCyo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/5879949ADE9B11EC9AE23269C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.80.132.0/22
182.161.66.0/24
Signature Algorithm: sha256WithRSAEncryption
50:b2:e8:dc:cc:0d:3b:88:7c:c9:17:99:6a:2f:9e:a1:67:55:
40:52:57:d2:71:a5:9e:3f:1a:9d:43:82:cd:7a:6d:e0:fa:bc:
09:c7:af:9e:d2:50:49:2b:f0:b5:46:3d:e0:bd:3c:0e:44:e2:
e8:e5:eb:79:91:64:97:03:96:24:64:e1:0d:78:ee:bb:90:2f:
57:85:1b:75:92:42:c0:7b:9b:3d:96:3c:76:52:62:d1:1b:88:
eb:8b:5e:f4:75:64:88:40:5b:a6:45:09:93:79:9c:2b:58:51:
93:81:13:75:61:cc:a9:e9:22:68:2e:bf:42:d6:f2:2d:66:67:
c5:c5:c3:9b:0d:e6:99:90:15:d4:82:2b:18:28:0a:80:ba:49:
ee:fd:7c:1a:58:af:04:b9:56:2e:cd:e3:25:5d:f9:96:1b:11:
02:33:4d:66:99:ee:3c:da:d7:c6:7e:fd:a0:ed:c6:98:85:72:
58:d8:18:c1:89:05:e9:70:5b:61:c2:db:ed:5e:dc:fe:1e:03:
fa:0f:8e:82:97:94:25:95:72:9f:fa:77:9e:03:31:a0:0a:3c:
f8:db:28:a5:ad:4d:3d:36:59:d3:60:81:9d:80:82:88:81:5b:
91:ef:e5:ca:ac:4d:0a:96:1e:e7:78:5b:7e:31:4c:c4:0e:79:
30:a9:ec:38
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA84wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mzk4QTMxMTAvBgNVBAUTKDc3NUZFNUExRjYxQTc0MDhERkVFRDQ3RjE0NDdFMzQ2
NERBNTBCMkEwHhcNMjQxMjE3MDAxNDM2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYwYzI2Yy1jZDE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5oTHRKVplQ0pmehJ5iLhqwoGraQmdgHyP3n2tOuBT4Wc8uGhTxWhxtzicePx
HaFvHcuX533R9FZ1A86cD6Op2HwNPslmjnjPTnT5YTVxs3l60E8QyHkN1RkvKyDc
qX4vg3Krr67p1Z8GDXqinC27VY1+JliJxEwinF+HE7kG7hCXjipwSiBTQ0WgYHrN
UnxpEPd/UuZF29u74XlwtJOepbZR+piIH8f0TQyEW/Q/fJd9kCsFRL9rYhlpjSwB
xBHA7+O39YysDp09d3aebdOVBX575z0PWTjIUlXAFlYBdxoESpScMKTOeLi+JV9X
8a+7dJul9dPiP1m9q95HGy9e3QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIpvLufq
LJcs4JwGzq4vKlB0O595MB8GA1UdIwQYMBaAFHdf5aH2GnQI3+7UfxRH40ZNpQsq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOThBMy9FMjE5QjYxQzcx
MTMxMUVDQkMzMDg5MTlDNEY5QUUwMi9kMV9sb2ZZYWRBamY3dFJfRkVmalJrMmxD
eW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QxX2xvZllhZEFqZjd0Ul9GRWZqUmsybEN5by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mzk4QTMvRTIxOUI2MUM3MTEzMTFFQ0JDMzA4OTE5QzRGOUFFMDIvNTg3OTk0OUFE
RTlCMTFFQzlBRTIzMjY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUIQDBAC2oUIwDQYJKoZIhvcNAQELBQADggEBAFCy6NzM
DTuIfMkXmWovnqFnVUBSV9JxpZ4/Gp1Dgs16beD6vAnHr57SUEkr8LVGPeC9PA5E
4ujl63mRZJcDliRk4Q147ruQL1eFG3WSQsB7mz2WPHZSYtEbiOuLXvR1ZIhAW6ZF
CZN5nCtYUZOBE3VhzKnpImguv0LW8i1mZ8XFw5sN5pmQFdSCKxgoCoC6Se79fBpY
rwS5Vi7N4yVd+ZYbEQIzTWaZ7jza18Z+/aDtxpiFcljYGMGJBelwW2HC2+1e3P4e
A/oPjoKXlCWVcp/6d54DMaAKPPjbKKWtTT02WdNggZ2AgoiBW5Hv5cqsTQqWHud4
W34xTMQOeTCp7Dg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:23:05 2025 by rpki-client