Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5CC3/6416D83814C011EE96EA5421C4F9AE02/F287261014C311EE89C2C021C4F9AE02.roa
File: F287261014C311EE89C2C021C4F9AE02.roa (raw, json)
Hash identifier: h2JTkH5cDdzaWjiM7lCs6Ni3E0awofcV4Wu5xaJdDqI=
Subject key identifier: 39:48:24:C5:9D:3E:E6:7A:01:C1:CF:16:C2:03:8D:D1:0F:E4:EE:A3
Certificate issuer: /CN=A91A5CC3/serialNumber=DE55A369AED918698C2D63C32EF61BDBC5980596
Certificate serial: CC
Authority key identifier: DE:55:A3:69:AE:D9:18:69:8C:2D:63:C3:2E:F6:1B:DB:C5:98:05:96
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lWjaa7ZGGmMLWPDLvYb28WYBZY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A5CC3/6416D83814C011EE96EA5421C4F9AE02/F287261014C311EE89C2C021C4F9AE02.roa
Signing time: Thu 25 Jul 2024 05:26:48 +0000
ROA not before: Thu 25 Jul 2024 05:26:48 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 151421
IP address blocks: 103.228.10.0/23 maxlen: 23
103.228.10.0/24 maxlen: 24
103.228.11.0/24 maxlen: 24
2001:df2:9cc0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 204 (0xcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A5CC3
Validity
Not Before: Jul 25 05:26:48 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66a1e218-6207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7d:6f:da:d1:40:8c:72:be:6b:27:29:7b:99:
cf:93:71:f9:2f:33:81:d4:29:03:1c:4b:0c:45:06:
fd:aa:1d:29:2f:43:60:87:48:7a:b0:e5:da:16:8f:
7d:eb:31:a5:15:60:8a:14:d0:c9:52:7a:6c:53:19:
1f:22:6f:d6:92:3c:6d:f2:d0:44:13:44:b8:b9:f5:
f4:06:16:5d:b2:7b:89:d7:94:b3:8f:ba:f4:3b:b5:
79:e7:d1:8b:6f:f4:7c:f9:29:08:a4:35:ce:6a:4e:
af:2d:90:9a:6f:ed:5f:58:37:1a:07:1c:0c:58:42:
98:f3:a0:9b:9c:cb:7d:78:0b:ff:77:7d:e6:76:44:
54:75:a2:c3:14:1a:2e:05:19:c1:01:f5:22:29:9d:
8a:c8:60:36:7b:04:1a:10:86:96:5c:50:29:b1:ad:
40:78:b2:72:9a:d3:84:0b:29:30:5f:aa:ac:57:fb:
a7:6b:a9:66:b9:f9:fa:9e:16:2e:6c:e5:98:a2:16:
0a:44:0b:7e:eb:99:34:56:cc:c0:0e:70:10:50:d7:
68:42:9e:a9:ed:d5:61:da:56:2b:06:f6:7c:61:0a:
a0:3d:84:97:8b:47:48:67:b9:d6:24:eb:37:75:09:
40:5d:ae:e1:4e:c1:60:84:f8:37:88:91:fd:8f:1e:
fc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:48:24:C5:9D:3E:E6:7A:01:C1:CF:16:C2:03:8D:D1:0F:E4:EE:A3
X509v3 Authority Key Identifier:
keyid:DE:55:A3:69:AE:D9:18:69:8C:2D:63:C3:2E:F6:1B:DB:C5:98:05:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A5CC3/6416D83814C011EE96EA5421C4F9AE02/3lWjaa7ZGGmMLWPDLvYb28WYBZY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lWjaa7ZGGmMLWPDLvYb28WYBZY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5CC3/6416D83814C011EE96EA5421C4F9AE02/F287261014C311EE89C2C021C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.228.10.0/23
IPv6:
2001:df2:9cc0::/48
Signature Algorithm: sha256WithRSAEncryption
9e:23:15:31:8e:e1:83:0a:2f:8e:e3:cc:c5:42:d3:da:f4:ef:
ac:23:a9:95:00:47:c4:7d:00:3a:2e:b8:28:58:8a:45:c1:43:
d1:da:10:4e:9a:ea:95:d9:3e:90:d6:fd:b6:e4:05:9b:22:79:
f6:e5:01:16:57:69:9a:79:09:41:18:44:80:f3:61:12:43:b7:
c2:82:4a:b3:be:c7:65:33:bb:22:0b:95:93:8b:3a:ae:40:bd:
53:96:73:ce:f0:9a:3a:33:3b:bd:a3:c2:5c:92:64:b4:d3:59:
82:ca:22:84:c6:e6:be:d5:49:32:61:e2:59:d7:eb:dd:8b:89:
cf:42:57:fa:d9:ce:1e:43:54:34:ef:f0:f9:41:c9:b1:88:4b:
4a:29:c0:50:77:4d:b9:34:31:bb:71:61:62:77:b6:32:dc:b0:
aa:d9:8e:dd:62:a9:39:15:4b:65:bc:1e:4a:53:73:50:0e:42:
62:cf:34:8f:fd:06:b0:1f:78:e3:d0:38:42:1c:03:eb:66:46:
15:a8:0a:f1:8d:a2:2f:4c:45:84:14:ca:1b:19:cf:9f:85:46:
a0:63:e6:22:ed:30:82:a8:82:13:f4:66:3f:d5:c4:e7:e3:61:
ad:51:22:c9:70:06:97:c4:58:91:e5:e1:69:bd:7b:2b:a7:a5:
ad:e1:49:b1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTVDQzMxMTAvBgNVBAUTKERFNTVBMzY5QUVEOTE4Njk4QzJENjNDMzJFRjYxQkRC
QzU5ODA1OTYwHhcNMjQwNzI1MDUyNjQ4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmExZTIxOC02MjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqX1v2tFAjHK+aycpe5nPk3H5LzOB1CkDHEsMRQb9qh0pL0Ngh0h6sOXaFo99
6zGlFWCKFNDJUnpsUxkfIm/Wkjxt8tBEE0S4ufX0BhZdsnuJ15Szj7r0O7V559GL
b/R8+SkIpDXOak6vLZCab+1fWDcaBxwMWEKY86CbnMt9eAv/d33mdkRUdaLDFBou
BRnBAfUiKZ2KyGA2ewQaEIaWXFApsa1AeLJymtOECykwX6qsV/una6lmufn6nhYu
bOWYohYKRAt+65k0VszADnAQUNdoQp6p7dVh2lYrBvZ8YQqgPYSXi0dIZ7nWJOs3
dQlAXa7hTsFghPg3iJH9jx78ewIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDlIJMWd
PuZ6AcHPFsIDjdEP5O6jMB8GA1UdIwQYMBaAFN5Vo2mu2RhpjC1jwy72G9vFmAWW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNUNDMy82NDE2RDgzODE0
QzAxMUVFOTZFQTU0MjFDNEY5QUUwMi8zbFdqYWE3WkdHbU1MV1BETHZZYjI4V1lC
WlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNsV2phYTdaR0dtTUxXUERMdlliMjhXWUJaWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTVDQzMvNjQxNkQ4MzgxNEMwMTFFRTk2RUE1NDIxQzRGOUFFMDIvRjI4NzI2MTAx
NEMzMTFFRTg5QzJDMDIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFn5AowDwQCAAIwCQMHACABDfKcwDANBgkqhkiG9w0BAQsF
AAOCAQEAniMVMY7hgwovjuPMxULT2vTvrCOplQBHxH0AOi64KFiKRcFD0doQTprq
ldk+kNb9tuQFmyJ59uUBFldpmnkJQRhEgPNhEkO3woJKs77HZTO7IguVk4s6rkC9
U5ZzzvCaOjM7vaPCXJJktNNZgsoihMbmvtVJMmHiWdfr3YuJz0JX+tnOHkNUNO/w
+UHJsYhLSinAUHdNuTQxu3FhYne2MtywqtmO3WKpORVLZbweSlNzUA5CYs80j/0G
sB9449A4QhwD62ZGFagK8Y2iL0xFhBTKGxnPn4VGoGPmIu0wgqiCE/RmP9XE5+Nh
rVEiyXAGl8RYkeXhab17K6elreFJsQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:03:11 2025 by rpki-client