Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/E1F7FE5C091C11EABCF80D55C4F9AE02.roa
File: E1F7FE5C091C11EABCF80D55C4F9AE02.roa (raw, json)
Hash identifier: UYhXMyZh9NiDN+m3qNskwha0B+/9z8/9niiLaGLyPaM=
Subject key identifier: DC:1B:76:5E:24:2F:6A:56:AC:DC:5B:8F:39:B2:24:8C:C7:39:76:8D
Certificate issuer: /CN=A91B6D28/serialNumber=9A4DAF8FCA85E193D34EA49597996DED17CBDF1E
Certificate serial: 340C
Authority key identifier: 9A:4D:AF:8F:CA:85:E1:93:D3:4E:A4:95:97:99:6D:ED:17:CB:DF:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/E1F7FE5C091C11EABCF80D55C4F9AE02.roa
Signing time: Mon 02 Sep 2024 14:50:59 +0000
ROA not before: Mon 02 Sep 2024 14:50:59 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 38592
IP address blocks: 101.2.160.0/21 maxlen: 24
103.5.232.0/22 maxlen: 24
119.10.168.0/22 maxlen: 22
119.10.168.0/24 maxlen: 24
119.10.169.0/24 maxlen: 24
119.10.170.0/24 maxlen: 24
119.10.171.0/24 maxlen: 24
119.10.172.0/22 maxlen: 24
163.47.84.0/22 maxlen: 24
202.65.168.0/21 maxlen: 24
203.80.188.0/22 maxlen: 24
2402:2300::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13324 (0x340c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6D28
Validity
Not Before: Sep 2 14:50:59 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d5d0d2-6873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b8:99:87:bd:88:42:89:fa:30:b9:4b:61:95:
16:ed:ca:f6:9a:f8:79:87:0b:56:5e:f6:24:67:b7:
dd:77:eb:bf:f7:c2:a0:49:9c:4d:75:a3:27:4e:43:
c2:ac:c0:09:6c:9d:3e:73:26:22:82:aa:54:86:1e:
77:a2:c8:aa:25:d9:7a:ef:14:e6:bd:86:29:58:8b:
c6:38:56:9d:7b:9b:bc:cd:53:b2:5c:b7:6d:d9:1c:
45:4c:22:61:55:f5:9b:3a:b2:d7:89:1a:72:d4:a3:
ce:d2:f7:3e:dd:92:6f:4d:7d:a4:dc:3f:8d:6d:79:
03:6f:91:da:bb:55:84:18:d3:a7:ae:33:52:06:e5:
c4:a1:76:f0:7f:fd:07:5e:84:2c:7d:dc:75:41:56:
00:68:fd:95:cb:df:29:6d:92:d2:67:d6:dc:2b:c5:
29:36:70:27:45:a0:87:a0:69:28:1b:94:57:e2:4f:
2f:66:d0:a1:8a:ec:71:a1:47:55:e3:d4:54:88:8c:
8d:7c:08:60:f9:b5:41:b2:3d:32:b1:5c:21:2f:33:
59:62:c3:98:ad:f3:9a:fc:30:0d:d8:8b:ab:33:39:
6a:82:43:ce:eb:d5:ad:4e:32:c1:bb:66:31:71:44:
78:8e:43:1b:1c:56:5a:98:de:34:43:4b:93:7e:c8:
e9:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:1B:76:5E:24:2F:6A:56:AC:DC:5B:8F:39:B2:24:8C:C7:39:76:8D
X509v3 Authority Key Identifier:
keyid:9A:4D:AF:8F:CA:85:E1:93:D3:4E:A4:95:97:99:6D:ED:17:CB:DF:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/E1F7FE5C091C11EABCF80D55C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.2.160.0/21
103.5.232.0/22
119.10.168.0/21
163.47.84.0/22
202.65.168.0/21
203.80.188.0/22
IPv6:
2402:2300::/32
Signature Algorithm: sha256WithRSAEncryption
08:5f:f8:4c:89:b7:53:d7:9e:4f:b5:5a:8c:e6:8f:ba:2d:6d:
3a:d6:51:ea:76:38:07:c4:78:fc:04:0e:ff:ff:59:cd:76:dc:
ad:c7:e9:b8:23:a4:78:39:23:93:ea:6b:0d:7f:b9:11:1a:60:
04:08:8c:10:56:e8:04:87:3f:c6:a5:60:3f:6d:2b:f4:5e:3e:
51:fe:de:b3:f4:1c:99:a0:69:ab:32:04:a7:f4:b2:6d:1a:55:
87:16:fe:a2:bd:b4:80:8e:24:55:79:d3:1e:9a:a5:4c:47:9e:
b9:2d:56:77:25:ef:5d:9e:fd:dc:55:a3:32:5d:78:b7:17:44:
e2:9a:d3:24:dd:af:61:f3:15:61:86:bb:01:a7:99:4d:89:67:
95:b8:8b:d1:46:31:b7:28:ad:8a:84:8b:e3:8e:5b:e0:b2:9c:
64:9b:2f:57:38:cc:e1:5f:fb:fc:e2:30:b2:ca:0a:9f:38:01:
ef:a9:5d:72:bc:ca:b4:a7:92:6e:ef:c0:7f:9a:d8:c9:dd:35:
c9:12:30:a0:21:36:cd:af:4a:12:90:91:3f:4f:d7:b0:ab:6a:
7d:d3:85:53:bb:43:c0:a2:0a:2e:46:b5:0e:0b:d5:9c:00:63:
40:8f:c5:5d:a7:fe:c7:7d:1e:ac:45:65:d1:42:69:79:6e:d1:
75:7b:f0:fa
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICNAwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjZEMjgxMTAvBgNVBAUTKDlBNERBRjhGQ0E4NUUxOTNEMzRFQTQ5NTk3OTk2REVE
MTdDQkRGMUUwHhcNMjQwOTAyMTQ1MDU5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ1ZDBkMi02ODczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtriZh72IQon6MLlLYZUW7cr2mvh5hwtWXvYkZ7fdd+u/98KgSZxNdaMnTkPC
rMAJbJ0+cyYigqpUhh53osiqJdl67xTmvYYpWIvGOFade5u8zVOyXLdt2RxFTCJh
VfWbOrLXiRpy1KPO0vc+3ZJvTX2k3D+NbXkDb5Hau1WEGNOnrjNSBuXEoXbwf/0H
XoQsfdx1QVYAaP2Vy98pbZLSZ9bcK8UpNnAnRaCHoGkoG5RX4k8vZtChiuxxoUdV
49RUiIyNfAhg+bVBsj0ysVwhLzNZYsOYrfOa/DAN2IurMzlqgkPO69WtTjLBu2Yx
cUR4jkMbHFZamN40Q0uTfsjpUwIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFNwbdl4k
L2pWrNxbjzmyJIzHOXaNMB8GA1UdIwQYMBaAFJpNr4/KheGT006klZeZbe0Xy98e
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkQyOC82MUQ0NTMxMDFE
OTIxMUUyOUM1RjNBRjUwOEIwMkNEMi9tazJ2ajhxRjRaUFRUcVNWbDVsdDdSZkwz
eDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21rMnZqOHFGNFpQVFRxU1ZsNWx0N1JmTDN4NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjZEMjgvNjFENDUzMTAxRDkyMTFFMjlDNUYzQUY1MDhCMDJDRDIvRTFGN0ZFNUMw
OTFDMTFFQUJDRjgwRDU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBANlAqADBAJnBegDBAN3CqgDBAKjL1QDBAPKQagDBALLULww
DQQCAAIwBwMFACQCIwAwDQYJKoZIhvcNAQELBQADggEBAAhf+EyJt1PXnk+1Wozm
j7otbTrWUep2OAfEePwEDv//Wc123K3H6bgjpHg5I5Pqaw1/uREaYAQIjBBW6ASH
P8alYD9tK/RePlH+3rP0HJmgaasyBKf0sm0aVYcW/qK9tICOJFV50x6apUxHnrkt
Vncl712e/dxVozJdeLcXROKa0yTdr2HzFWGGuwGnmU2JZ5W4i9FGMbcorYqEi+OO
W+CynGSbL1c4zOFf+/ziMLLKCp84Ae+pXXK8yrSnkm7vwH+a2MndNckSMKAhNs2v
ShKQkT9P17Cran3ThVO7Q8CiCi5GtQ4L1ZwAY0CPxV2n/sd9HqxFZdFCaXlu0XV7
8Po=
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:01:01 2025 by rpki-client