Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/10BBF6CEB2E711EB8A61B44EC4F9AE02.roa
File: 10BBF6CEB2E711EB8A61B44EC4F9AE02.roa (raw, json)
Hash identifier: 0y9VyknIsSUScmWS3621geMMX5dlAHgNZtNYOtKkDmI=
Subject key identifier: AB:DC:2F:5B:AD:87:13:D2:1A:15:53:CC:3A:90:37:51:2F:C7:87:CF
Certificate issuer: /CN=A91B777C/serialNumber=7EBB3B41C97F3313FAE781EF63323C4AF62B8FB7
Certificate serial: 059E
Authority key identifier: 7E:BB:3B:41:C9:7F:33:13:FA:E7:81:EF:63:32:3C:4A:F6:2B:8F:B7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/frs7Qcl_MxP654HvYzI8SvYrj7c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/10BBF6CEB2E711EB8A61B44EC4F9AE02.roa
Signing time: Sat 14 Dec 2024 23:01:49 +0000
ROA not before: Sat 14 Dec 2024 23:01:49 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 133847
IP address blocks: 43.224.88.0/22 maxlen: 24
43.242.108.0/22 maxlen: 24
103.12.60.0/22 maxlen: 24
103.38.20.0/22 maxlen: 24
103.43.108.0/22 maxlen: 24
103.199.148.0/22 maxlen: 24
103.207.72.0/22 maxlen: 24
137.59.80.0/22 maxlen: 24
210.16.124.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1438 (0x59e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B777C
Validity
Not Before: Dec 14 23:01:49 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675e0e5c-0a83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:fd:f6:e0:5b:7b:07:49:51:15:ac:b2:ba:c1:
46:12:28:95:c4:c4:8d:08:95:b0:6f:73:fd:d1:86:
9c:dd:33:43:6f:3f:5d:4b:eb:11:a9:52:5c:e3:0d:
79:1b:e8:8f:c9:5c:ad:d9:2f:b2:77:56:a4:dc:89:
74:4a:6c:73:ff:99:1b:9a:f1:ef:9d:30:1b:0f:83:
8e:4f:b5:4d:73:47:31:20:85:45:13:ac:66:45:5a:
cb:af:66:36:82:25:7a:53:19:81:30:1d:c4:41:e8:
53:08:86:3e:25:bb:73:e5:5e:ff:30:95:a4:b2:db:
90:6e:6a:59:1c:04:f1:ce:1d:7c:e9:d4:d9:b3:a1:
79:fd:f3:72:3f:86:ad:33:11:10:c3:a0:86:8c:02:
f1:96:38:fc:36:77:14:48:df:a5:b9:29:51:3c:b8:
5a:ba:aa:02:f7:15:c8:ce:26:13:73:18:0b:7d:1a:
0a:32:c4:f5:f1:64:b8:01:df:4e:9d:d9:fb:0f:2b:
a5:ac:0a:2f:ab:4f:3c:d5:85:75:ee:15:dc:27:40:
c0:62:8d:b5:f2:66:f6:f5:30:42:b9:26:83:2c:2b:
4a:bc:d7:63:71:f9:4c:d1:30:fa:cf:16:a8:38:4d:
d1:5c:21:c1:6c:c8:30:85:33:f3:f7:49:ae:07:50:
c5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:DC:2F:5B:AD:87:13:D2:1A:15:53:CC:3A:90:37:51:2F:C7:87:CF
X509v3 Authority Key Identifier:
keyid:7E:BB:3B:41:C9:7F:33:13:FA:E7:81:EF:63:32:3C:4A:F6:2B:8F:B7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/frs7Qcl_MxP654HvYzI8SvYrj7c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/frs7Qcl_MxP654HvYzI8SvYrj7c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/10BBF6CEB2E711EB8A61B44EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.88.0/22
43.242.108.0/22
103.12.60.0/22
103.38.20.0/22
103.43.108.0/22
103.199.148.0/22
103.207.72.0/22
137.59.80.0/22
210.16.124.0/22
Signature Algorithm: sha256WithRSAEncryption
58:11:e6:df:84:d8:2e:7b:35:0b:e5:41:e0:bc:b4:7c:50:c6:
78:61:a2:8d:ba:74:27:90:3a:0e:ac:64:48:b0:fc:75:47:3b:
c4:75:dd:b3:41:fb:8d:db:5b:96:4a:8a:ad:8d:96:30:35:93:
8a:95:9c:3a:38:7c:62:d2:40:78:ab:8d:8c:42:98:5c:30:ed:
60:ae:ee:11:e8:39:92:be:1e:fe:03:66:2a:bc:b7:3c:a8:f1:
34:42:b8:25:ca:ad:45:9e:f7:0c:ed:cd:b9:77:19:44:ab:bf:
f4:e2:53:28:d3:06:43:02:ed:66:6f:3c:ef:3f:15:ef:4e:b3:
3b:02:ff:7c:a1:e5:fd:91:8e:d7:55:85:79:39:ca:0e:05:6b:
bf:b3:4e:1c:57:d6:65:9b:9d:91:65:19:6d:5c:6f:8c:c8:83:
3f:9e:d0:70:67:22:b9:21:12:6e:51:bc:37:7d:a4:3c:79:6e:
df:62:9b:3d:cb:79:f6:fd:7a:3c:0b:bb:11:f3:f5:2e:fd:0b:
2f:b8:17:6e:04:61:e1:d3:ce:10:d7:25:90:fb:ca:98:59:bd:
d2:4b:d7:6c:7a:9a:02:49:92:88:e2:45:50:73:ac:63:c7:29:
08:06:5c:5a:4a:2f:df:e3:0c:75:93:d8:6a:6d:f2:35:b7:67:
10:ad:d4:ff
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICBZ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjc3N0MxMTAvBgNVBAUTKDdFQkIzQjQxQzk3RjMzMTNGQUU3ODFFRjYzMzIzQzRB
RjYyQjhGQjcwHhcNMjQxMjE0MjMwMTQ5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVlMGU1Yy0wYTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2f324Ft7B0lRFayyusFGEiiVxMSNCJWwb3P90Yac3TNDbz9dS+sRqVJc4w15
G+iPyVyt2S+yd1ak3Il0Smxz/5kbmvHvnTAbD4OOT7VNc0cxIIVFE6xmRVrLr2Y2
giV6UxmBMB3EQehTCIY+Jbtz5V7/MJWkstuQbmpZHATxzh186dTZs6F5/fNyP4at
MxEQw6CGjALxljj8NncUSN+luSlRPLhauqoC9xXIziYTcxgLfRoKMsT18WS4Ad9O
ndn7DyulrAovq0881YV17hXcJ0DAYo218mb29TBCuSaDLCtKvNdjcflM0TD6zxao
OE3RXCHBbMgwhTPz90muB1DFOQIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFKvcL1ut
hxPSGhVTzDqQN1Evx4fPMB8GA1UdIwQYMBaAFH67O0HJfzMT+ueB72MyPEr2K4+3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzc3Qy82Q0Q4MTMzQ0Iy
REExMUVCOEIzODRBNjBDNEY5QUUwMi9mcnM3UWNsX014UDY1NEh2WXpJOFN2WXJq
N2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZyczdRY2xfTXhQNjU0SHZZekk4U3ZZcmo3Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc3N0MvNkNEODEzM0NCMkRBMTFFQjhCMzg0QTYwQzRGOUFFMDIvMTBCQkY2Q0VC
MkU3MTFFQjhBNjFCNDRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MDwEAgABMDYDBAIr4FgDBAIr8mwDBAJnDDwDBAJnJhQDBAJnK2wDBAJnx5QD
BAJnz0gDBAKJO1ADBALSEHwwDQYJKoZIhvcNAQELBQADggEBAFgR5t+E2C57NQvl
QeC8tHxQxnhhoo26dCeQOg6sZEiw/HVHO8R13bNB+43bW5ZKiq2NljA1k4qVnDo4
fGLSQHirjYxCmFww7WCu7hHoOZK+Hv4DZiq8tzyo8TRCuCXKrUWe9wztzbl3GUSr
v/TiUyjTBkMC7WZvPO8/Fe9OszsC/3yh5f2RjtdVhXk5yg4Fa7+zThxX1mWbnZFl
GW1cb4zIgz+e0HBnIrkhEm5RvDd9pDx5bt9imz3Lefb9ejwLuxHz9S79Cy+4F24E
YeHTzhDXJZD7yphZvdJL12x6mgJJkojiRVBzrGPHKQgGXFpKL9/jDHWT2Gpt8jW3
ZxCt1P8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:08:07 2025 by rpki-client