Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/41088D5C7CF011EFA2B7A53EC4F9AE02.roa
File: 41088D5C7CF011EFA2B7A53EC4F9AE02.roa (raw, json)
Hash identifier: jbDEc+DrTvT0YMSjfKg3ftpV+pKzVsK3T6h7J/D7/To=
Subject key identifier: F0:B9:56:9A:43:04:FC:9B:C6:93:AE:2D:AF:F2:5A:0A:E5:48:E9:70
Certificate issuer: /CN=A91B9E19/serialNumber=255290A01AA9B9118B66EEDA0F905F6D40DB05AE
Certificate serial: 0D89
Authority key identifier: 25:52:90:A0:1A:A9:B9:11:8B:66:EE:DA:0F:90:5F:6D:40:DB:05:AE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JVKQoBqpuRGLZu7aD5BfbUDbBa4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/41088D5C7CF011EFA2B7A53EC4F9AE02.roa
Signing time: Tue 24 Dec 2024 14:24:32 +0000
ROA not before: Tue 24 Dec 2024 14:24:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 401276
IP address blocks: 103.88.94.0/23 maxlen: 23
103.88.94.0/24 maxlen: 24
103.88.95.0/24 maxlen: 24
220.158.194.0/23 maxlen: 23
220.158.194.0/24 maxlen: 24
220.158.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3465 (0xd89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9E19
Validity
Not Before: Dec 24 14:24:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=676ac41f-5ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:92:77:53:4d:37:8b:3c:55:db:fc:14:a3:a9:
69:1a:5a:ea:9f:f4:50:a7:c1:45:96:97:ba:a4:20:
fb:4f:b4:af:70:29:c4:64:a0:2b:b1:67:4c:b3:a9:
a6:45:43:f2:52:b3:1a:2e:03:24:65:39:69:e4:0e:
02:ff:b9:79:03:92:0b:69:ce:9e:0a:4b:8e:3f:26:
d5:3a:b7:b2:f4:ff:af:07:16:8d:98:7b:a6:c3:1e:
8e:6a:c9:96:ed:48:c4:d1:fd:f9:32:11:21:db:c3:
2e:f8:4d:42:d7:18:c8:3f:45:8d:9a:39:87:8a:38:
70:26:14:c9:1b:81:a1:22:06:90:47:a5:f3:9a:63:
aa:dc:4f:83:3a:29:0c:ee:e3:27:7b:78:82:07:ed:
bb:1a:e4:8d:16:5f:15:aa:43:3f:2c:22:58:18:f5:
37:3f:d0:f7:4f:4e:96:53:41:57:5d:38:86:a0:06:
5b:7a:e3:fc:3a:fc:b1:5e:70:85:a6:2f:08:74:18:
a3:7d:bf:3d:a7:4e:de:03:e1:ec:63:cc:dc:9c:7c:
84:3a:97:7e:c0:26:b0:9b:a0:a3:81:41:e7:3e:36:
aa:6f:90:7f:8b:dd:bc:08:20:10:2c:67:8c:9a:a0:
51:9b:95:96:de:7d:fa:cc:95:9c:81:44:27:7b:9f:
ed:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:B9:56:9A:43:04:FC:9B:C6:93:AE:2D:AF:F2:5A:0A:E5:48:E9:70
X509v3 Authority Key Identifier:
keyid:25:52:90:A0:1A:A9:B9:11:8B:66:EE:DA:0F:90:5F:6D:40:DB:05:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/JVKQoBqpuRGLZu7aD5BfbUDbBa4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JVKQoBqpuRGLZu7aD5BfbUDbBa4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/41088D5C7CF011EFA2B7A53EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.94.0/23
220.158.194.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:3e:1a:3c:d7:93:10:0a:0d:b0:33:5d:24:83:7c:8a:20:f8:
18:35:f1:f8:b5:c8:f5:03:ba:50:31:24:b6:89:d5:c6:3e:c8:
ee:eb:fa:8c:6f:d3:12:43:f7:fe:75:f0:c5:f5:dd:bf:6b:25:
d7:68:93:1f:e7:6c:83:3d:73:bc:c2:ac:79:80:a2:b0:7c:af:
04:ee:2b:2a:e3:30:ab:69:08:dc:dc:3d:19:a1:6a:51:a5:8d:
39:b7:7f:ea:2d:98:79:87:e8:01:47:91:3c:2f:1e:42:b4:07:
b7:27:ce:1f:c0:bc:ba:1f:92:69:a8:f9:f2:3f:cc:cf:c6:34:
89:43:38:63:f9:b0:f4:3d:17:eb:f8:63:9b:aa:c4:0e:e1:40:
35:4d:4a:d7:40:df:8e:5b:29:8f:42:a7:41:05:43:ef:4a:19:
ac:38:e5:1b:1f:ac:01:7b:ff:f4:40:f1:ce:5e:5b:d5:d4:98:
f6:70:b5:ac:38:c6:52:73:6e:85:8d:80:5e:84:83:52:c0:38:
a0:a5:91:d1:6c:73:9a:19:18:bc:fe:11:fc:9b:c0:f2:f8:1d:
90:1c:53:8d:8d:a7:85:73:34:f3:8b:cc:25:16:66:d4:7b:36:
27:4d:fa:03:05:5c:b9:8a:e1:fc:e6:5e:87:3e:22:83:74:a4:
d9:51:f7:a7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDYkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlFMTkxMTAvBgNVBAUTKDI1NTI5MEEwMUFBOUI5MTE4QjY2RUVEQTBGOTA1RjZE
NDBEQjA1QUUwHhcNMjQxMjI0MTQyNDMyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZhYzQxZi01Y2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvZJ3U003izxV2/wUo6lpGlrqn/RQp8FFlpe6pCD7T7SvcCnEZKArsWdMs6mm
RUPyUrMaLgMkZTlp5A4C/7l5A5ILac6eCkuOPybVOrey9P+vBxaNmHumwx6OasmW
7UjE0f35MhEh28Mu+E1C1xjIP0WNmjmHijhwJhTJG4GhIgaQR6XzmmOq3E+DOikM
7uMne3iCB+27GuSNFl8VqkM/LCJYGPU3P9D3T06WU0FXXTiGoAZbeuP8OvyxXnCF
pi8IdBijfb89p07eA+HsY8zcnHyEOpd+wCawm6CjgUHnPjaqb5B/i928CCAQLGeM
mqBRm5WW3n36zJWcgUQne5/tAwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPC5VppD
BPybxpOuLa/yWgrlSOlwMB8GA1UdIwQYMBaAFCVSkKAaqbkRi2bu2g+QX21A2wWu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUUxOS8zNTZGMkYzRUMx
QTUxMUU5QThCOEYzMzZDNEY5QUUwMi9KVktRb0JxcHVSR0xadTdhRDVCZmJVRGJC
YTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pWS1FvQnFwdVJHTFp1N2FENUJmYlVEYkJhNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlFMTkvMzU2RjJGM0VDMUE1MTFFOUE4QjhGMzM2QzRGOUFFMDIvNDEwODhENUM3
Q0YwMTFFRkEyQjdBNTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnWF4DBAHcnsIwDQYJKoZIhvcNAQELBQADggEBAJo+GjzX
kxAKDbAzXSSDfIog+Bg18fi1yPUDulAxJLaJ1cY+yO7r+oxv0xJD9/518MX13b9r
Jddokx/nbIM9c7zCrHmAorB8rwTuKyrjMKtpCNzcPRmhalGljTm3f+otmHmH6AFH
kTwvHkK0B7cnzh/AvLofkmmo+fI/zM/GNIlDOGP5sPQ9F+v4Y5uqxA7hQDVNStdA
345bKY9Cp0EFQ+9KGaw45RsfrAF7//RA8c5eW9XUmPZwtaw4xlJzboWNgF6Eg1LA
OKClkdFsc5oZGLz+EfybwPL4HZAcU42Np4VzNPOLzCUWZtR7NidN+gMFXLmK4fzm
Xoc+IoN0pNlR96c=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:57:31 2025 by rpki-client