Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/02F1850E45A611EA81CD145AC4F9AE02.roa
File: 02F1850E45A611EA81CD145AC4F9AE02.roa (raw, json)
Hash identifier: +dnFv6At/j+rB10C6K34OqDt094wwEbkgdTC71u4hkg=
Subject key identifier: 0D:08:AC:02:3E:9A:3A:F2:82:51:57:C8:AB:0D:0C:5F:F3:9D:E7:48
Certificate issuer: /CN=A91AEE4B/serialNumber=B77283C533113A391E31D94527186ACF8399A25F
Certificate serial: 0A71
Authority key identifier: B7:72:83:C5:33:11:3A:39:1E:31:D9:45:27:18:6A:CF:83:99:A2:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t3KDxTMROjkeMdlFJxhqz4OZol8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/02F1850E45A611EA81CD145AC4F9AE02.roa
Signing time: Tue 20 Aug 2024 20:08:59 +0000
ROA not before: Tue 20 Aug 2024 20:08:59 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 134601
IP address blocks: 103.120.220.0/22 maxlen: 22
103.120.220.0/24 maxlen: 24
103.120.221.0/24 maxlen: 24
103.120.222.0/24 maxlen: 24
103.120.223.0/24 maxlen: 24
2404:ef40::/32 maxlen: 32
2404:ef40:220::/48 maxlen: 48
2404:ef40:221::/48 maxlen: 48
2404:ef40:222::/48 maxlen: 48
2404:ef40:223::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2673 (0xa71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AEE4B
Validity
Not Before: Aug 20 20:08:59 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66c4f7da-87e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:17:14:ce:99:d7:32:62:e1:af:03:05:2a:ec:
2d:48:7b:07:ac:8b:70:5c:89:c9:31:e1:ca:54:e1:
96:1d:89:e3:d5:27:1e:4b:7e:0b:b5:8b:23:2c:3e:
9b:99:f5:e9:d7:03:bf:45:09:af:df:72:4b:51:13:
90:c8:2c:77:4e:21:20:9e:fe:52:59:1d:56:e2:d0:
0d:8c:d4:e4:40:a7:ed:1f:26:11:f8:78:8c:48:68:
2f:e7:74:20:27:f4:79:c6:b8:6f:b5:d0:73:57:1b:
73:52:58:e8:58:b4:a3:15:9e:5c:7e:d4:3a:62:e3:
e7:6e:0e:7e:3b:1c:a4:4b:bc:cd:1b:92:c4:49:5f:
70:3b:62:6f:51:53:2a:5d:35:14:7e:a8:61:b8:04:
50:6e:05:05:f8:ec:c9:68:a1:9a:72:d8:8d:f6:07:
a6:9f:3a:04:d1:8d:b9:62:b9:d2:9c:02:2c:bb:30:
92:27:b2:22:20:89:8d:84:bb:1f:7f:32:ce:6c:1e:
99:e8:1d:0e:7f:5c:da:77:33:60:51:c7:73:0f:b6:
c8:a1:9d:ab:1b:ea:fb:2e:48:62:f2:71:d4:be:6a:
1c:4c:79:e7:b4:c1:31:59:98:e2:50:21:f9:32:20:
b1:8c:16:a1:d7:1d:3f:80:6b:6f:61:ed:ce:d2:a1:
29:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:08:AC:02:3E:9A:3A:F2:82:51:57:C8:AB:0D:0C:5F:F3:9D:E7:48
X509v3 Authority Key Identifier:
keyid:B7:72:83:C5:33:11:3A:39:1E:31:D9:45:27:18:6A:CF:83:99:A2:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/t3KDxTMROjkeMdlFJxhqz4OZol8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t3KDxTMROjkeMdlFJxhqz4OZol8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/02F1850E45A611EA81CD145AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.220.0/22
IPv6:
2404:ef40::/32
Signature Algorithm: sha256WithRSAEncryption
ca:e9:a3:46:9f:6e:3b:8d:29:28:e9:30:92:a1:5d:c8:63:2f:
51:41:6e:ed:6e:e3:76:7a:b8:0c:ef:2d:57:87:31:2e:f9:13:
44:96:12:09:f2:dd:a2:18:da:26:f3:4f:02:87:7f:8e:0a:3a:
3f:46:ed:2c:a8:4a:b8:ed:37:d6:9f:38:1c:12:d5:a1:82:04:
99:1d:45:c1:95:3b:25:0c:14:56:24:43:35:d8:46:3d:53:75:
3e:5e:1e:ae:f5:77:5b:5d:75:22:a6:87:ed:4b:e8:f9:c8:85:
33:27:66:a0:ff:52:cc:6a:a7:8d:4c:7e:4c:9a:a9:75:a7:65:
84:f6:87:40:9b:69:cd:54:f7:21:65:a3:52:be:06:2a:64:de:
fe:b2:be:1f:aa:5c:0f:53:7f:79:aa:f3:4a:aa:a9:c5:57:c9:
93:b6:a7:19:5e:f9:65:80:f2:ef:25:73:47:72:6e:d4:8b:a4:
e9:5a:3a:e1:9d:76:1b:68:a3:db:f3:f5:f0:17:a1:a7:e4:6d:
6c:19:00:fd:98:75:ca:65:8f:3f:a1:1f:df:f8:bb:5c:5c:b3:
fe:5f:9f:7d:90:3a:e3:9b:e2:57:e4:38:7b:1d:a1:54:a5:d5:
ca:56:96:3c:55:87:54:a2:c5:1c:93:27:99:f2:55:bc:d5:29:
9e:a3:7d:a3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCnEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUVFNEIxMTAvBgNVBAUTKEI3NzI4M0M1MzMxMTNBMzkxRTMxRDk0NTI3MTg2QUNG
ODM5OUEyNUYwHhcNMjQwODIwMjAwODU5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM0ZjdkYS04N2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsBcUzpnXMmLhrwMFKuwtSHsHrItwXInJMeHKVOGWHYnj1SceS34LtYsjLD6b
mfXp1wO/RQmv33JLUROQyCx3TiEgnv5SWR1W4tANjNTkQKftHyYR+HiMSGgv53Qg
J/R5xrhvtdBzVxtzUljoWLSjFZ5cftQ6YuPnbg5+OxykS7zNG5LESV9wO2JvUVMq
XTUUfqhhuARQbgUF+OzJaKGactiN9gemnzoE0Y25YrnSnAIsuzCSJ7IiIImNhLsf
fzLObB6Z6B0Of1zadzNgUcdzD7bIoZ2rG+r7Lkhi8nHUvmocTHnntMExWZjiUCH5
MiCxjBah1x0/gGtvYe3O0qEpWQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFA0IrAI+
mjryglFXyKsNDF/znedIMB8GA1UdIwQYMBaAFLdyg8UzETo5HjHZRScYas+DmaJf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUU0Qi82M0RGRjgwMjQ1
QTQxMUVBOTQyRTA5NTdDNEY5QUUwMi90M0tEeFRNUk9qa2VNZGxGSnhocXo0T1pv
bDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3QzS0R4VE1ST2prZU1kbEZKeGhxejRPWm9sOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUVFNEIvNjNERkY4MDI0NUE0MTFFQTk0MkUwOTU3QzRGOUFFMDIvMDJGMTg1MEU0
NUE2MTFFQTgxQ0QxNDVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJneNwwDQQCAAIwBwMFACQE70AwDQYJKoZIhvcNAQELBQAD
ggEBAMrpo0afbjuNKSjpMJKhXchjL1FBbu1u43Z6uAzvLVeHMS75E0SWEgny3aIY
2ibzTwKHf44KOj9G7SyoSrjtN9afOBwS1aGCBJkdRcGVOyUMFFYkQzXYRj1TdT5e
Hq71d1tddSKmh+1L6PnIhTMnZqD/Usxqp41MfkyaqXWnZYT2h0Cbac1U9yFlo1K+
Bipk3v6yvh+qXA9Tf3mq80qqqcVXyZO2pxle+WWA8u8lc0dybtSLpOlaOuGddhto
o9vz9fAXoafkbWwZAP2Ydcpljz+hH9/4u1xcs/5fn32QOuOb4lfkOHsdoVSl1cpW
ljxVh1SixRyTJ5nyVbzVKZ6jfaM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:04:48 2025 by rpki-client