Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91878E2/AF32083EFC6811EE9961DD5DC4F9AE02/1C174EBCFC7011EE96142B1BC4F9AE02.roa
File: 1C174EBCFC7011EE96142B1BC4F9AE02.roa (raw, json)
Hash identifier: KGzLhO+/ocV7ZlwOEymZzMf0KbOdaZwWpGWGZFRolBk=
Subject key identifier: 3C:05:76:07:FA:9C:0A:B0:FF:75:04:57:20:A0:E0:DC:D6:0D:3C:E4
Certificate issuer: /CN=A91878E2/serialNumber=0EDB4A37270BF494184A46E6023148FED6E33A1E
Certificate serial: 81
Authority key identifier: 0E:DB:4A:37:27:0B:F4:94:18:4A:46:E6:02:31:48:FE:D6:E3:3A:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DttKNycL9JQYSkbmAjFI_tbjOh4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91878E2/AF32083EFC6811EE9961DD5DC4F9AE02/1C174EBCFC7011EE96142B1BC4F9AE02.roa
Signing time: Sat 21 Dec 2024 04:49:10 +0000
ROA not before: Sat 21 Dec 2024 04:49:10 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 133393
IP address blocks: 103.217.96.0/24 maxlen: 24
103.217.97.0/24 maxlen: 24
103.238.194.0/24 maxlen: 24
103.253.116.0/24 maxlen: 24
139.5.120.0/24 maxlen: 24
139.5.121.0/24 maxlen: 24
139.5.122.0/24 maxlen: 24
139.5.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129 (0x81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91878E2
Validity
Not Before: Dec 21 04:49:10 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=676648c6-78d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:90:2c:3b:ef:64:bc:96:2b:fc:05:2f:7e:9d:
66:e3:57:1a:c6:a3:59:61:e7:1c:06:5e:64:12:a1:
9d:f0:f3:fc:43:de:87:04:ae:ef:4e:82:a9:78:df:
a1:8c:eb:ce:8c:8a:a0:ed:ab:c7:98:3b:e2:3d:07:
7c:0c:59:04:dd:fc:09:8b:62:af:10:15:d6:56:0b:
97:f5:b0:67:ae:51:a2:b8:f9:a5:02:cc:38:f1:0a:
49:55:5a:bf:ea:6b:4e:f9:24:f4:d1:93:19:16:f2:
ca:2b:9e:46:09:34:ca:a2:ad:46:f9:d0:ae:7e:86:
4d:db:fc:0f:c0:43:9b:fc:26:34:5a:62:d7:85:b4:
f6:21:ff:66:f0:44:b1:b1:e6:36:1a:90:c5:9a:66:
63:e7:7c:00:5e:69:b5:4d:ef:62:8c:5b:3a:6f:30:
5c:a1:35:85:a5:ad:8a:51:99:ae:90:a4:8f:9b:75:
2d:4b:ab:96:91:00:93:14:26:33:17:05:0d:37:db:
f5:d5:07:a0:23:0d:87:ef:d6:70:e6:8d:4b:37:f7:
7d:c0:97:54:8f:90:54:1d:16:48:fb:d8:d7:55:36:
c2:4a:5a:da:8d:ec:cb:c2:21:10:bd:80:74:86:22:
ee:29:2d:c0:5c:e2:fc:a2:61:7f:5a:a8:eb:96:b3:
e6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:05:76:07:FA:9C:0A:B0:FF:75:04:57:20:A0:E0:DC:D6:0D:3C:E4
X509v3 Authority Key Identifier:
keyid:0E:DB:4A:37:27:0B:F4:94:18:4A:46:E6:02:31:48:FE:D6:E3:3A:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91878E2/AF32083EFC6811EE9961DD5DC4F9AE02/DttKNycL9JQYSkbmAjFI_tbjOh4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DttKNycL9JQYSkbmAjFI_tbjOh4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91878E2/AF32083EFC6811EE9961DD5DC4F9AE02/1C174EBCFC7011EE96142B1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.217.96.0/23
103.238.194.0/24
103.253.116.0/24
139.5.120.0/22
Signature Algorithm: sha256WithRSAEncryption
36:ae:5e:f5:d7:14:04:4d:b5:b1:52:be:0c:79:35:1e:ee:1e:
8c:ed:0e:e8:f1:a1:56:d9:6d:a5:23:8c:2d:bc:73:94:80:e2:
0b:5b:54:23:56:53:a8:8f:22:87:d3:cb:ea:8f:f7:96:d2:18:
ee:a2:d0:6f:db:64:06:cb:ea:21:a0:e8:1f:3a:64:44:4d:66:
26:b8:57:fb:3a:ac:80:7e:63:55:cb:80:fb:6f:11:b1:cf:02:
d1:e2:20:cc:57:af:c9:43:82:0b:bf:29:f4:01:eb:fd:2a:6e:
82:ae:c5:12:2f:d7:3e:29:6b:f4:29:ab:d5:fa:ac:f2:bc:0e:
00:0e:19:25:92:e6:14:07:19:0e:0b:cd:e5:80:cd:53:e5:20:
ce:1f:12:19:c9:6e:bb:19:e0:8b:a0:85:31:98:fb:4e:c8:4f:
d1:eb:d6:c3:c8:9b:30:2b:ef:bb:bc:2f:83:8d:65:93:d7:d0:
5a:bc:17:80:97:a0:07:1a:b3:e3:b8:b1:f5:4b:0b:d1:2c:71:
4c:15:e0:66:da:35:34:a0:9a:b2:7d:75:a8:1a:89:6f:f9:76:
02:71:9a:8f:c1:02:0f:cd:73:56:4f:c4:2d:f0:ae:d9:89:45:
ae:cf:c7:5f:ba:4a:17:13:5c:4a:48:b6:65:d4:34:33:d9:de:
75:a3:b4:95
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODc4RTIxMTAvBgNVBAUTKDBFREI0QTM3MjcwQkY0OTQxODRBNDZFNjAyMzE0OEZF
RDZFMzNBMUUwHhcNMjQxMjIxMDQ0OTEwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY2NDhjNi03OGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwZAsO+9kvJYr/AUvfp1m41caxqNZYeccBl5kEqGd8PP8Q96HBK7vToKpeN+h
jOvOjIqg7avHmDviPQd8DFkE3fwJi2KvEBXWVguX9bBnrlGiuPmlAsw48QpJVVq/
6mtO+ST00ZMZFvLKK55GCTTKoq1G+dCufoZN2/wPwEOb/CY0WmLXhbT2If9m8ESx
seY2GpDFmmZj53wAXmm1Te9ijFs6bzBcoTWFpa2KUZmukKSPm3UtS6uWkQCTFCYz
FwUNN9v11QegIw2H79Zw5o1LN/d9wJdUj5BUHRZI+9jXVTbCSlrajezLwiEQvYB0
hiLuKS3AXOL8omF/WqjrlrPmFQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFDwFdgf6
nAqw/3UEVyCg4NzWDTzkMB8GA1UdIwQYMBaAFA7bSjcnC/SUGEpG5gIxSP7W4zoe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzhFMi9BRjMyMDgzRUZD
NjgxMUVFOTk2MURENURDNEY5QUUwMi9EdHRLTnljTDlKUVlTa2JtQWpGSV90YmpP
aDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0R0dEtOeWNMOUpRWVNrYm1BakZJX3Riak9oNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODc4RTIvQUYzMjA4M0VGQzY4MTFFRTk5NjFERDVEQzRGOUFFMDIvMUMxNzRFQkNG
QzcwMTFFRTk2MTQyQjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAFn2WADBABn7sIDBABn/XQDBAKLBXgwDQYJKoZIhvcNAQEL
BQADggEBADauXvXXFARNtbFSvgx5NR7uHoztDujxoVbZbaUjjC28c5SA4gtbVCNW
U6iPIofTy+qP95bSGO6i0G/bZAbL6iGg6B86ZERNZia4V/s6rIB+Y1XLgPtvEbHP
AtHiIMxXr8lDggu/KfQB6/0qboKuxRIv1z4pa/Qpq9X6rPK8DgAOGSWS5hQHGQ4L
zeWAzVPlIM4fEhnJbrsZ4IughTGY+07IT9Hr1sPImzAr77u8L4ONZZPX0Fq8F4CX
oAcas+O4sfVLC9EscUwV4GbaNTSgmrJ9dagaiW/5dgJxmo/BAg/Nc1ZPxC3wrtmJ
Ra7Px1+6ShcTXEpItmXUNDPZ3nWjtJU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:10:35 2025 by rpki-client