Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919992D/913329F4BBA611E68FC1212DC4F9AE02/F2E707C4CB2D11E6B15E0480C4F9AE02.roa
File: F2E707C4CB2D11E6B15E0480C4F9AE02.roa (raw, json)
Hash identifier: kc6Qio1nm2R7Nmekjn2RQdz6FiLOSkIgyD8v0SWSLok=
Subject key identifier: 1C:67:F4:B2:A8:61:F3:DB:6B:77:D0:AD:5F:A3:2E:12:9B:F5:78:91
Certificate issuer: /CN=A919992D/serialNumber=FF7704E4A7333F69372D9F3341F8D002CB4AC0CF
Certificate serial: 1C85
Authority key identifier: FF:77:04:E4:A7:33:3F:69:37:2D:9F:33:41:F8:D0:02:CB:4A:C0:CF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_3cE5KczP2k3LZ8zQfjQAstKwM8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919992D/913329F4BBA611E68FC1212DC4F9AE02/F2E707C4CB2D11E6B15E0480C4F9AE02.roa
Signing time: Fri 02 Aug 2024 16:34:17 +0000
ROA not before: Fri 02 Aug 2024 16:34:17 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 63998
IP address blocks: 103.61.8.0/22 maxlen: 22
103.61.8.0/22 maxlen: 24
103.61.8.0/22 maxlen: 30
103.61.8.0/23 maxlen: 23
103.61.8.0/24 maxlen: 24
103.61.9.0/24 maxlen: 24
103.61.10.0/23 maxlen: 23
103.61.10.0/24 maxlen: 24
103.61.11.0/24 maxlen: 24
2403:6a80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7301 (0x1c85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919992D
Validity
Not Before: Aug 2 16:34:17 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66ad0a89-477a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1d:88:30:bd:10:34:6f:99:ca:88:eb:47:11:
a9:d6:71:6b:d0:87:4f:c2:df:25:65:86:81:2a:da:
00:a2:43:66:24:9f:f6:85:6e:5b:ea:2a:c7:19:b2:
f5:97:b2:61:7c:7f:65:be:91:a9:be:11:bd:89:ef:
fe:e1:45:b0:67:fb:fa:28:82:0c:ae:d6:04:f1:2a:
1c:9e:46:e4:48:b5:09:e2:7a:20:54:c2:6a:e3:f0:
1a:a9:e4:6b:d9:94:96:a5:c6:63:72:be:a1:5b:49:
69:6d:bd:ca:80:cf:b0:76:68:60:7d:d6:90:02:f0:
32:32:91:2f:a4:92:32:fb:c9:3c:ca:26:c0:a0:7f:
96:e9:89:0e:a8:a3:54:aa:d5:b7:83:5e:20:20:71:
7d:06:84:83:76:b2:b0:49:cf:b4:75:76:cc:4e:84:
07:0b:f2:4d:53:92:8c:9e:49:66:cc:e7:ed:c5:44:
93:7a:ee:e5:27:92:f8:14:9a:5d:ac:6c:0b:39:01:
24:a1:fb:de:a6:36:ea:9e:33:1c:5f:fc:fb:a0:98:
c7:a3:78:99:49:32:e3:2e:46:da:fc:6a:b4:41:99:
cd:c7:bc:65:0f:06:df:da:75:95:de:1f:ca:44:e8:
1b:64:13:7e:d0:cd:0f:13:a7:64:d7:9b:9d:5d:8c:
ae:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:67:F4:B2:A8:61:F3:DB:6B:77:D0:AD:5F:A3:2E:12:9B:F5:78:91
X509v3 Authority Key Identifier:
keyid:FF:77:04:E4:A7:33:3F:69:37:2D:9F:33:41:F8:D0:02:CB:4A:C0:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919992D/913329F4BBA611E68FC1212DC4F9AE02/_3cE5KczP2k3LZ8zQfjQAstKwM8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_3cE5KczP2k3LZ8zQfjQAstKwM8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919992D/913329F4BBA611E68FC1212DC4F9AE02/F2E707C4CB2D11E6B15E0480C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.61.8.0/22
IPv6:
2403:6a80::/32
Signature Algorithm: sha256WithRSAEncryption
48:1e:dd:21:61:b8:04:75:e8:0d:f2:38:f2:cf:ac:3c:f7:c5:
3f:3d:24:6d:44:e7:e8:b7:95:b3:f3:1f:b6:b1:5b:ef:9c:25:
3a:4e:28:d7:36:a6:17:52:b8:8c:a5:e1:41:a8:6a:b2:a3:b8:
a1:46:0e:8f:8e:78:ef:aa:44:1d:27:50:95:b1:f1:b4:f9:63:
7e:60:28:fa:56:b3:e2:6e:b9:28:62:1b:77:69:3d:f6:10:40:
54:93:c6:aa:66:cd:c7:bb:77:b2:04:3a:fd:8e:bd:4b:59:7d:
1e:d3:53:bb:0b:21:ca:a6:f7:ea:1a:40:03:fd:e1:3e:23:8a:
3e:41:a6:8f:69:b0:0d:6b:2b:23:ec:3a:70:0f:21:d3:bd:7f:
66:51:cf:1b:cd:78:2c:34:d1:a9:c7:47:5f:e1:78:e0:2e:be:
9b:0d:32:45:3b:3e:87:a4:b3:32:54:c2:70:0a:8b:60:66:a2:
71:38:c9:75:3b:83:6b:2b:b3:24:a5:ea:5e:86:c0:4e:44:87:
fc:6a:a7:3b:9a:8b:41:20:1c:73:74:25:75:dc:2d:66:7f:6b:
cf:04:64:4e:77:4b:19:e3:c1:a5:29:f7:99:35:a8:e4:db:3a:
8c:7e:c4:23:c6:7b:73:1a:cf:4c:7a:d8:5b:81:0e:6d:66:e1:
ac:6e:c8:8d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICHIUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTk5MkQxMTAvBgNVBAUTKEZGNzcwNEU0QTczMzNGNjkzNzJEOUYzMzQxRjhEMDAy
Q0I0QUMwQ0YwHhcNMjQwODAyMTYzNDE3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFkMGE4OS00NzdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsR2IML0QNG+ZyojrRxGp1nFr0IdPwt8lZYaBKtoAokNmJJ/2hW5b6irHGbL1
l7JhfH9lvpGpvhG9ie/+4UWwZ/v6KIIMrtYE8SocnkbkSLUJ4nogVMJq4/AaqeRr
2ZSWpcZjcr6hW0lpbb3KgM+wdmhgfdaQAvAyMpEvpJIy+8k8yibAoH+W6YkOqKNU
qtW3g14gIHF9BoSDdrKwSc+0dXbMToQHC/JNU5KMnklmzOftxUSTeu7lJ5L4FJpd
rGwLOQEkofvepjbqnjMcX/z7oJjHo3iZSTLjLkba/Gq0QZnNx7xlDwbf2nWV3h/K
ROgbZBN+0M0PE6dk15udXYyuswIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBxn9LKo
YfPba3fQrV+jLhKb9XiRMB8GA1UdIwQYMBaAFP93BOSnMz9pNy2fM0H40ALLSsDP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTkyRC85MTMzMjlGNEJC
QTYxMUU2OEZDMTIxMkRDNEY5QUUwMi9fM2NFNUtjelAyazNMWjh6UWZqUUFzdEt3
TTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL18zY0U1S2N6UDJrM0xaOHpRZmpRQXN0S3dNOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTk5MkQvOTEzMzI5RjRCQkE2MTFFNjhGQzEyMTJEQzRGOUFFMDIvRjJFNzA3QzRD
QjJEMTFFNkIxNUUwNDgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnPQgwDQQCAAIwBwMFACQDaoAwDQYJKoZIhvcNAQELBQAD
ggEBAEge3SFhuAR16A3yOPLPrDz3xT89JG1E5+i3lbPzH7axW++cJTpOKNc2phdS
uIyl4UGoarKjuKFGDo+OeO+qRB0nUJWx8bT5Y35gKPpWs+JuuShiG3dpPfYQQFST
xqpmzce7d7IEOv2OvUtZfR7TU7sLIcqm9+oaQAP94T4jij5Bpo9psA1rKyPsOnAP
IdO9f2ZRzxvNeCw00anHR1/heOAuvpsNMkU7PoekszJUwnAKi2BmonE4yXU7g2sr
sySl6l6GwE5Eh/xqpzuai0EgHHN0JXXcLWZ/a88EZE53SxnjwaUp95k1qOTbOox+
xCPGe3Maz0x62FuBDm1m4axuyI0=
-----END CERTIFICATE-----
Generated at Fri Apr 11 18:07:51 2025 by rpki-client