Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/DEE5E3C49F0511EC9DA80B77C4F9AE02.roa
File: DEE5E3C49F0511EC9DA80B77C4F9AE02.roa (raw, json)
Hash identifier: rDIkGkc5RWLLbbHLbXvxxPcvgv9UCQJUW3VRbKAdmkE=
Subject key identifier: 89:3B:09:7D:5C:D1:D6:3A:E6:75:A3:A3:3C:D2:62:3C:18:B5:6B:C9
Certificate issuer: /CN=A91398A3/serialNumber=775FE5A1F61A7408DFEED47F1447E3464DA50B2A
Certificate serial: 03CC
Authority key identifier: 77:5F:E5:A1:F6:1A:74:08:DF:EE:D4:7F:14:47:E3:46:4D:A5:0B:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d1_lofYadAjf7tR_FEfjRk2lCyo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/DEE5E3C49F0511EC9DA80B77C4F9AE02.roa
Signing time: Tue 17 Dec 2024 00:14:34 +0000
ROA not before: Tue 17 Dec 2024 00:14:34 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 136038
IP address blocks: 103.80.132.0/24 maxlen: 24
103.80.133.0/24 maxlen: 24
103.80.134.0/24 maxlen: 24
103.80.135.0/24 maxlen: 24
182.161.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 972 (0x3cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91398A3
Validity
Not Before: Dec 17 00:14:34 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6760c26a-57ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:9f:46:a4:17:a7:15:25:a5:2a:ef:9c:90:61:
60:4a:14:19:95:5e:0c:56:e0:4e:29:98:2e:cd:e1:
30:1d:70:92:88:1a:f1:0e:0f:a4:e9:cd:bb:d4:a6:
06:69:08:48:02:33:07:67:91:3b:00:17:6f:65:12:
dd:da:f9:15:37:13:59:ed:3e:28:1a:e8:a8:84:04:
16:ea:13:48:95:f2:24:11:18:1c:71:aa:21:2b:75:
b1:82:5d:bc:e1:ef:72:46:99:16:67:22:9f:0e:75:
ce:10:6b:93:ac:42:20:97:3d:76:1e:95:ce:8d:71:
9b:11:8e:32:09:4f:f6:05:33:49:52:1e:f8:82:5e:
21:c0:45:7b:a3:a7:e4:9b:a5:84:01:bc:32:c7:bd:
e3:20:3c:8d:62:1f:68:14:87:5e:fb:15:e4:27:d1:
88:d3:48:37:56:37:b3:74:95:4f:d1:e4:50:08:5f:
a0:c5:55:32:89:2f:d2:7d:2f:fd:91:b2:46:ff:82:
e0:85:62:21:24:5f:43:2d:94:29:c3:03:32:a5:e5:
ba:d8:2b:8d:1e:f0:bb:fb:9d:ca:47:11:9a:bc:d2:
4a:91:f1:29:0e:89:b2:08:d6:34:db:06:a2:56:c6:
b8:6b:20:9a:57:ef:4a:17:5a:ff:2b:8c:46:f7:2a:
fb:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3B:09:7D:5C:D1:D6:3A:E6:75:A3:A3:3C:D2:62:3C:18:B5:6B:C9
X509v3 Authority Key Identifier:
keyid:77:5F:E5:A1:F6:1A:74:08:DF:EE:D4:7F:14:47:E3:46:4D:A5:0B:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/d1_lofYadAjf7tR_FEfjRk2lCyo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d1_lofYadAjf7tR_FEfjRk2lCyo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/DEE5E3C49F0511EC9DA80B77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.80.132.0/22
182.161.66.0/24
Signature Algorithm: sha256WithRSAEncryption
04:63:3a:dd:f1:fd:e2:63:53:0d:50:c8:68:c1:c9:e8:9c:f2:
ef:78:b9:4d:ea:3a:12:cc:40:10:76:b2:25:94:73:64:c3:47:
a6:aa:af:f1:c3:f8:e3:f6:91:95:a3:32:8d:9a:54:60:cc:a4:
1a:48:a6:d8:ca:80:17:4e:59:39:06:bd:9d:48:40:dc:ab:53:
2e:0a:d5:a9:bd:2d:8e:bf:15:06:74:03:45:3b:13:93:27:f9:
58:88:ce:ee:de:96:cd:1d:9c:a9:77:fd:0f:d2:23:1f:c7:f4:
cc:e6:e5:3f:05:ea:ba:d3:c0:65:bb:71:d0:1d:22:99:0a:c1:
52:a8:28:b7:40:d9:e2:bd:f2:08:39:7c:9d:86:fd:fd:82:c7:
5c:af:b6:d5:6a:97:ea:4c:ef:56:1d:ae:e7:f1:ae:09:f7:96:
30:23:f7:bc:f1:59:d8:67:96:12:43:7d:57:e0:9d:c9:51:ae:
2a:2a:2b:7c:3a:86:3b:66:9d:e7:27:e1:d5:a4:13:ae:de:e4:
22:5f:d7:7b:e0:e4:ae:58:1e:fd:1a:ea:d9:d5:3a:ae:e6:3f:
6c:64:c7:07:c6:d1:d3:8c:ff:fb:30:95:86:6a:67:51:3e:8f:
d4:53:de:87:f4:46:ef:fa:08:4d:df:1f:d1:df:c8:44:82:25:
73:83:84:64
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA8wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mzk4QTMxMTAvBgNVBAUTKDc3NUZFNUExRjYxQTc0MDhERkVFRDQ3RjE0NDdFMzQ2
NERBNTBCMkEwHhcNMjQxMjE3MDAxNDM0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYwYzI2YS01N2FiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5Z9GpBenFSWlKu+ckGFgShQZlV4MVuBOKZguzeEwHXCSiBrxDg+k6c271KYG
aQhIAjMHZ5E7ABdvZRLd2vkVNxNZ7T4oGuiohAQW6hNIlfIkERgccaohK3Wxgl28
4e9yRpkWZyKfDnXOEGuTrEIglz12HpXOjXGbEY4yCU/2BTNJUh74gl4hwEV7o6fk
m6WEAbwyx73jIDyNYh9oFIde+xXkJ9GI00g3VjezdJVP0eRQCF+gxVUyiS/SfS/9
kbJG/4LghWIhJF9DLZQpwwMypeW62CuNHvC7+53KRxGavNJKkfEpDomyCNY02wai
Vsa4ayCaV+9KF1r/K4xG9yr7FwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIk7CX1c
0dY65nWjozzSYjwYtWvJMB8GA1UdIwQYMBaAFHdf5aH2GnQI3+7UfxRH40ZNpQsq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOThBMy9FMjE5QjYxQzcx
MTMxMUVDQkMzMDg5MTlDNEY5QUUwMi9kMV9sb2ZZYWRBamY3dFJfRkVmalJrMmxD
eW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QxX2xvZllhZEFqZjd0Ul9GRWZqUmsybEN5by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mzk4QTMvRTIxOUI2MUM3MTEzMTFFQ0JDMzA4OTE5QzRGOUFFMDIvREVFNUUzQzQ5
RjA1MTFFQzlEQTgwQjc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUIQDBAC2oUIwDQYJKoZIhvcNAQELBQADggEBAARjOt3x
/eJjUw1QyGjByeic8u94uU3qOhLMQBB2siWUc2TDR6aqr/HD+OP2kZWjMo2aVGDM
pBpIptjKgBdOWTkGvZ1IQNyrUy4K1am9LY6/FQZ0A0U7E5Mn+ViIzu7els0dnKl3
/Q/SIx/H9Mzm5T8F6rrTwGW7cdAdIpkKwVKoKLdA2eK98gg5fJ2G/f2Cx1yvttVq
l+pM71Ydrufxrgn3ljAj97zxWdhnlhJDfVfgnclRrioqK3w6hjtmnecn4dWkE67e
5CJf13vg5K5YHv0a6tnVOq7mP2xkxwfG0dOM//swlYZqZ1E+j9RT3of0Ru/6CE3f
H9HfyESCJXODhGQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:37 2025 by rpki-client