Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A2F88/4C7DA3C0E0A311EC8F9C0E58C4F9AE02/54467164E0A711EC8F4D5B5FC4F9AE02.roa
File: 54467164E0A711EC8F4D5B5FC4F9AE02.roa (raw, json)
Hash identifier: 8iGFuZI4O9j0Gdt93MzFvxSKeiFq7gMt0350fxzYb8g=
Subject key identifier: 00:86:12:B7:C0:B4:6D:4B:52:2F:0B:DE:72:69:1D:26:DE:6D:C0:A8
Certificate issuer: /CN=A91A2F88/serialNumber=3694283D213A5E567958E46CDBD812B5CC729D71
Certificate serial: 0250
Authority key identifier: 36:94:28:3D:21:3A:5E:56:79:58:E4:6C:DB:D8:12:B5:CC:72:9D:71
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NpQoPSE6XlZ5WORs29gStcxynXE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A2F88/4C7DA3C0E0A311EC8F9C0E58C4F9AE02/54467164E0A711EC8F4D5B5FC4F9AE02.roa
Signing time: Wed 17 Jul 2024 03:04:44 +0000
ROA not before: Wed 17 Jul 2024 03:04:44 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 149848
IP address blocks: 103.188.86.0/23 maxlen: 23
103.188.86.0/24 maxlen: 24
103.188.87.0/24 maxlen: 24
2400:a1a0::/32 maxlen: 32
2400:a1a0:1000::/36 maxlen: 36
2400:a1a0:2000::/36 maxlen: 36
2400:a1a0:3000::/36 maxlen: 36
2400:a1a0:4000::/36 maxlen: 36
2400:a1a0:5000::/36 maxlen: 36
2400:a1a0:6000::/36 maxlen: 36
2400:a1a0:8000::/36 maxlen: 36
2400:a1a0:9000::/36 maxlen: 36
2400:a1a0:a000::/36 maxlen: 36
2400:a1a0:b000::/36 maxlen: 36
2400:a1a0:c000::/36 maxlen: 36
2400:a1a0:d000::/36 maxlen: 36
2400:a1a0:e000::/36 maxlen: 36
2400:a1a0:f000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 592 (0x250)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A2F88
Validity
Not Before: Jul 17 03:04:44 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=669734cc-841a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e0:e4:82:99:6f:c4:02:8a:11:da:4a:1a:44:
2d:d1:2b:6e:ac:d4:57:b8:9d:41:c5:38:58:37:2b:
d5:bd:54:38:b9:db:e9:e0:30:79:e8:50:27:33:07:
c4:b5:fd:26:07:06:9d:e7:d9:31:18:ae:3d:2f:7d:
6d:f7:b6:53:6b:57:01:8e:f6:16:2e:df:7f:32:37:
cb:23:93:44:f9:2b:9a:0f:7e:0c:de:64:fc:51:99:
51:3f:a2:f7:1e:aa:39:e1:75:f5:0a:05:ef:f6:9c:
c0:61:14:a8:f0:19:d9:cc:55:e8:f2:ba:47:75:8f:
18:7b:42:61:80:bd:8f:d0:fe:d2:6f:90:5f:92:22:
af:61:31:93:03:1c:ad:11:37:ba:0f:14:7b:fd:24:
c2:18:2c:6f:f1:fc:17:bc:ff:b6:24:71:16:7e:77:
05:76:69:a6:7c:9e:19:b6:75:c8:c1:df:e8:a3:59:
ba:93:1a:ec:c7:b3:e7:9e:ce:ab:39:8e:f9:6b:05:
dd:f7:95:5d:d6:5c:b0:d7:2d:90:cb:ee:38:31:31:
a1:2c:24:12:58:fe:7c:8b:2d:9b:7e:c2:12:dc:ef:
fb:3c:d1:4f:81:95:d4:63:a6:81:b8:e8:9f:f6:3a:
1b:f8:fe:0a:dc:f7:3f:c5:75:af:66:62:ff:8f:d5:
47:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:86:12:B7:C0:B4:6D:4B:52:2F:0B:DE:72:69:1D:26:DE:6D:C0:A8
X509v3 Authority Key Identifier:
keyid:36:94:28:3D:21:3A:5E:56:79:58:E4:6C:DB:D8:12:B5:CC:72:9D:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A2F88/4C7DA3C0E0A311EC8F9C0E58C4F9AE02/NpQoPSE6XlZ5WORs29gStcxynXE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NpQoPSE6XlZ5WORs29gStcxynXE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A2F88/4C7DA3C0E0A311EC8F9C0E58C4F9AE02/54467164E0A711EC8F4D5B5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.188.86.0/23
IPv6:
2400:a1a0::/32
Signature Algorithm: sha256WithRSAEncryption
31:7b:6b:ec:0b:b6:39:8e:84:10:26:18:58:92:9d:5a:6b:b1:
c6:a1:2d:6f:02:d6:4a:98:17:77:5e:95:79:e2:aa:91:fd:1d:
0f:2b:ea:36:ee:c0:ea:4b:14:2a:49:8d:f1:6a:24:a3:08:b8:
f1:62:80:d1:e3:a5:ba:5f:74:17:a3:5a:63:41:6b:5b:f6:5c:
ec:50:b4:5c:f8:c7:62:2e:7e:54:37:99:87:79:ba:f4:c6:8e:
b5:62:b2:eb:92:a1:78:3e:31:67:e8:ee:6e:aa:52:5e:c7:ae:
8e:e7:9e:e7:57:c4:ae:45:bd:7e:51:19:b4:d6:9d:ab:98:06:
27:09:a8:37:6d:26:11:3b:10:3c:55:b2:36:37:8e:39:0d:6a:
71:59:13:9f:f2:b6:eb:fc:a1:34:45:8c:96:48:d8:73:48:83:
81:1b:c5:83:0f:c3:a1:ea:f8:1f:e8:29:a1:5f:e7:1a:7d:9c:
8a:9e:fa:ea:b7:35:9e:c2:7f:95:4b:18:53:38:6d:c1:80:ec:
c6:3f:fa:28:b6:2e:b3:d5:98:22:8e:c6:2a:88:87:b1:71:be:
68:75:98:3e:e0:1d:9f:63:d3:67:18:3d:04:f8:74:cb:6d:35:
3f:de:aa:ba:63:a6:45:c2:52:f3:1f:cb:65:57:9a:fe:44:b5:
18:fe:26:b3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAlAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTJGODgxMTAvBgNVBAUTKDM2OTQyODNEMjEzQTVFNTY3OTU4RTQ2Q0RCRDgxMkI1
Q0M3MjlENzEwHhcNMjQwNzE3MDMwNDQ0WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njk3MzRjYy04NDFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApODkgplvxAKKEdpKGkQt0SturNRXuJ1BxThYNyvVvVQ4udvp4DB56FAnMwfE
tf0mBwad59kxGK49L31t97ZTa1cBjvYWLt9/MjfLI5NE+SuaD34M3mT8UZlRP6L3
Hqo54XX1CgXv9pzAYRSo8BnZzFXo8rpHdY8Ye0JhgL2P0P7Sb5BfkiKvYTGTAxyt
ETe6DxR7/STCGCxv8fwXvP+2JHEWfncFdmmmfJ4ZtnXIwd/oo1m6kxrsx7Pnns6r
OY75awXd95Vd1lyw1y2Qy+44MTGhLCQSWP58iy2bfsIS3O/7PNFPgZXUY6aBuOif
9job+P4K3Pc/xXWvZmL/j9VHiwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFACGErfA
tG1LUi8L3nJpHSbebcCoMB8GA1UdIwQYMBaAFDaUKD0hOl5WeVjkbNvYErXMcp1x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMkY4OC80QzdEQTNDMEUw
QTMxMUVDOEY5QzBFNThDNEY5QUUwMi9OcFFvUFNFNlhsWjVXT1JzMjlnU3RjeHlu
WEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05wUW9QU0U2WGxaNVdPUnMyOWdTdGN4eW5YRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTJGODgvNEM3REEzQzBFMEEzMTFFQzhGOUMwRTU4QzRGOUFFMDIvNTQ0NjcxNjRF
MEE3MTFFQzhGNEQ1QjVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnvFYwDQQCAAIwBwMFACQAoaAwDQYJKoZIhvcNAQELBQAD
ggEBADF7a+wLtjmOhBAmGFiSnVprscahLW8C1kqYF3delXniqpH9HQ8r6jbuwOpL
FCpJjfFqJKMIuPFigNHjpbpfdBejWmNBa1v2XOxQtFz4x2IuflQ3mYd5uvTGjrVi
suuSoXg+MWfo7m6qUl7Hro7nnudXxK5FvX5RGbTWnauYBicJqDdtJhE7EDxVsjY3
jjkNanFZE5/ytuv8oTRFjJZI2HNIg4EbxYMPw6Hq+B/oKaFf5xp9nIqe+uq3NZ7C
f5VLGFM4bcGA7MY/+ii2LrPVmCKOxiqIh7Fxvmh1mD7gHZ9j02cYPQT4dMttNT/e
qrpjpkXCUvMfy2VXmv5EtRj+JrM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:44:35 2025 by rpki-client