Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/EE8E0F3AA26711ECAFB48B53C4F9AE02.roa
File: EE8E0F3AA26711ECAFB48B53C4F9AE02.roa (raw, json)
Hash identifier: 3MDrKz+RefMI5j73wYkUuNy3Oa/4hoC/hS0v0G3eEHg=
Subject key identifier: 63:87:21:11:7B:AE:2E:C3:27:21:8C:C1:BC:87:C5:CE:6E:BE:A8:50
Certificate issuer: /CN=A91AEB80/serialNumber=6F23F27F090BEF4531802072E1DACF210D9D423C
Certificate serial: 03C3
Authority key identifier: 6F:23:F2:7F:09:0B:EF:45:31:80:20:72:E1:DA:CF:21:0D:9D:42:3C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/byPyfwkL70UxgCBy4drPIQ2dQjw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/EE8E0F3AA26711ECAFB48B53C4F9AE02.roa
Signing time: Sun 29 Dec 2024 00:13:51 +0000
ROA not before: Sun 29 Dec 2024 00:13:51 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 16509
IP address blocks: 103.180.108.0/24 maxlen: 24
103.180.109.0/24 maxlen: 24
2001:df0:59c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 963 (0x3c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AEB80
Validity
Not Before: Dec 29 00:13:51 2024 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=6770943f-3cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cc:57:f7:64:24:15:a4:ef:2c:78:e8:7b:6c:
d8:95:c9:80:23:ea:88:c1:6c:31:24:d9:3a:7c:31:
f1:d3:3b:b5:d2:51:a2:0e:51:f1:b3:6a:14:17:e6:
2c:a6:8e:ea:a9:c9:9c:58:3b:40:25:12:49:5f:b5:
c5:81:31:45:d0:99:bd:47:7a:a9:d7:9d:80:e5:1e:
52:06:b7:7c:5c:78:a3:60:17:ac:fa:f8:2b:9c:cb:
48:eb:83:61:73:4e:75:3a:77:77:93:7c:4b:13:d5:
d6:f9:bb:b4:2f:7f:37:94:77:22:60:e4:8d:e0:40:
6d:56:43:f2:57:85:ff:d2:88:5e:33:eb:d9:8f:2a:
cc:8b:c3:57:af:ca:3c:61:b9:25:60:01:0d:ba:b2:
63:c8:8d:22:e4:34:03:0c:99:70:f5:b6:9d:07:1d:
52:98:f5:13:5b:a4:3d:c1:b5:80:fa:9c:90:e9:9a:
4b:c5:ad:dd:12:ea:6c:cb:3f:f4:09:37:98:77:2d:
9b:b1:9c:3f:0e:d1:01:7d:de:ca:73:5b:06:c6:1a:
ea:97:13:07:8f:a3:6d:3f:1e:7c:de:a9:60:a7:cd:
51:21:f4:51:d2:d5:de:e5:f1:c2:8f:1d:7c:24:94:
7d:37:bc:63:75:d2:e0:1c:41:bd:d7:7a:c4:d6:e5:
e4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:87:21:11:7B:AE:2E:C3:27:21:8C:C1:BC:87:C5:CE:6E:BE:A8:50
X509v3 Authority Key Identifier:
keyid:6F:23:F2:7F:09:0B:EF:45:31:80:20:72:E1:DA:CF:21:0D:9D:42:3C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/byPyfwkL70UxgCBy4drPIQ2dQjw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/byPyfwkL70UxgCBy4drPIQ2dQjw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/EE8E0F3AA26711ECAFB48B53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.108.0/23
IPv6:
2001:df0:59c0::/48
Signature Algorithm: sha256WithRSAEncryption
2b:64:22:1d:43:68:be:03:4f:27:20:2f:92:c0:b8:e2:34:9c:
38:d0:33:a2:b8:d5:a0:31:80:ef:39:2d:84:68:bd:a8:1b:32:
be:78:1e:96:64:f2:6f:17:c3:e5:03:9f:b8:13:ba:a3:e5:9b:
1a:b9:8d:ce:1e:93:7d:c9:1b:49:ef:f6:35:e1:e3:df:b9:39:
fe:83:cd:cb:d7:b8:07:c9:c3:67:09:dc:81:6e:53:99:83:03:
4a:2a:ee:41:47:3f:a5:30:ce:05:42:a7:36:6c:71:69:d8:56:
84:97:61:42:13:10:f8:53:6d:3f:80:0f:27:68:2a:97:ab:56:
5b:7e:4d:84:bb:de:bc:eb:35:6d:22:2b:6f:17:ef:5d:47:71:
08:c5:7d:14:37:99:27:e1:7a:a6:43:83:a8:5d:60:ae:b0:c6:
10:a8:44:5c:bb:65:b7:1c:52:f7:f2:65:70:1c:90:6b:58:d1:
d6:a1:d2:b4:d9:4a:d8:f0:65:9e:1d:da:02:38:2f:84:74:b0:
2f:22:f2:a0:65:cb:b6:a9:53:0e:7a:0f:a7:b8:42:ee:19:ef:
40:ec:d3:df:7e:60:11:20:b0:76:54:51:d5:8d:33:3a:6c:ba:
7d:cb:98:06:41:85:96:09:a2:51:6d:48:ef:a2:25:dd:2b:61:
1c:7c:76:3a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICA8MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUVCODAxMTAvBgNVBAUTKDZGMjNGMjdGMDkwQkVGNDUzMTgwMjA3MkUxREFDRjIx
MEQ5RDQyM0MwHhcNMjQxMjI5MDAxMzUxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzcwOTQzZi0zY2FlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuMxX92QkFaTvLHjoe2zYlcmAI+qIwWwxJNk6fDHx0zu10lGiDlHxs2oUF+Ys
po7qqcmcWDtAJRJJX7XFgTFF0Jm9R3qp152A5R5SBrd8XHijYBes+vgrnMtI64Nh
c051Ond3k3xLE9XW+bu0L383lHciYOSN4EBtVkPyV4X/0oheM+vZjyrMi8NXr8o8
YbklYAENurJjyI0i5DQDDJlw9badBx1SmPUTW6Q9wbWA+pyQ6ZpLxa3dEupsyz/0
CTeYdy2bsZw/DtEBfd7Kc1sGxhrqlxMHj6NtPx583qlgp81RIfRR0tXe5fHCjx18
JJR9N7xjddLgHEG913rE1uXkLwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGOHIRF7
ri7DJyGMwbyHxc5uvqhQMB8GA1UdIwQYMBaAFG8j8n8JC+9FMYAgcuHazyENnUI8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUI4MC83NzYyRkM1QTdF
NkMxMUVDODczRDY3ODNDNEY5QUUwMi9ieVB5ZndrTDcwVXhnQ0J5NGRyUElRMmRR
ancuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2J5UHlmd2tMNzBVeGdDQnk0ZHJQSVEyZFFqdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUVCODAvNzc2MkZDNUE3RTZDMTFFQzg3M0Q2NzgzQzRGOUFFMDIvRUU4RTBGM0FB
MjY3MTFFQ0FGQjQ4QjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFntGwwDwQCAAIwCQMHACABDfBZwDANBgkqhkiG9w0BAQsF
AAOCAQEAK2QiHUNovgNPJyAvksC44jScONAzorjVoDGA7zkthGi9qBsyvngelmTy
bxfD5QOfuBO6o+WbGrmNzh6TfckbSe/2NeHj37k5/oPNy9e4B8nDZwncgW5TmYMD
SiruQUc/pTDOBUKnNmxxadhWhJdhQhMQ+FNtP4APJ2gql6tWW35NhLvevOs1bSIr
bxfvXUdxCMV9FDeZJ+F6pkODqF1grrDGEKhEXLtltxxS9/JlcByQa1jR1qHStNlK
2PBlnh3aAjgvhHSwLyLyoGXLtqlTDnoPp7hC7hnvQOzT335gESCwdlRR1Y0zOmy6
fcuYBkGFlgmiUW1I76Il3SthHHx2Og==
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:51:57 2025 by rpki-client