Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/5C0006B4E1B711EEA6D7F740C4F9AE02.roa
File: 5C0006B4E1B711EEA6D7F740C4F9AE02.roa (raw, json)
Hash identifier: 4jfL7SNWxDFOPvyEexB/Au04m937KqyBQLuHPsEG/BI=
Subject key identifier: 35:F9:B3:48:11:97:E7:EA:44:CA:4D:4C:F1:96:49:AB:25:F6:B3:68
Certificate issuer: /CN=A91CC1EB/serialNumber=534E675E89AC9AC302F530A277528CF81A3C5306
Certificate serial: 0576
Authority key identifier: 53:4E:67:5E:89:AC:9A:C3:02:F5:30:A2:77:52:8C:F8:1A:3C:53:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U05nXomsmsMC9TCid1KM-Bo8UwY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/5C0006B4E1B711EEA6D7F740C4F9AE02.roa
Signing time: Fri 21 Feb 2025 00:52:48 +0000
ROA not before: Fri 21 Feb 2025 00:52:48 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 136047
IP address blocks: 103.109.228.0/23 maxlen: 23
103.109.230.0/23 maxlen: 24
2401:e20::/32 maxlen: 32
2401:e20::/40 maxlen: 40
2401:e20:1000::/40 maxlen: 40
2401:e20:2000::/36 maxlen: 36
2401:e20:3000::/40 maxlen: 40
2401:e20:c100::/40 maxlen: 40
2401:e20:cc00::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1398 (0x576)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CC1EB
Validity
Not Before: Feb 21 00:52:48 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b7ce60-0ad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:89:87:cc:c2:b0:05:b5:65:ca:d7:2f:a5:9a:
26:99:df:76:9d:d4:fd:e0:ca:c0:d1:df:27:bd:89:
2d:de:45:4d:6d:89:99:db:37:92:69:3e:49:00:16:
a5:c9:4c:be:9b:c7:de:06:ef:aa:76:e9:07:7b:f2:
29:b0:30:e5:6c:8c:10:63:af:50:42:ae:36:f9:d6:
83:03:a6:c2:ea:a5:40:16:81:10:9f:5d:34:27:4f:
c7:d3:e9:40:61:d2:0f:49:7f:58:04:7a:5e:c8:75:
a5:ba:4d:58:97:93:8a:a0:21:76:c9:06:6f:6a:b6:
83:1e:1e:c2:0d:9c:70:17:d6:e7:c8:a3:7c:90:69:
74:a6:fa:32:56:f4:1a:d4:d9:d7:13:d1:6a:d2:41:
45:2f:03:41:92:50:7d:3a:8c:72:fc:31:fe:42:da:
60:2c:8e:79:61:8c:cc:b2:1c:34:bc:88:57:15:0c:
22:0e:bd:a2:fc:ae:1e:f2:6c:e6:b9:61:95:77:be:
72:19:30:26:0e:08:49:1f:a7:da:95:1b:13:10:b7:
38:2b:b3:98:54:be:b3:6e:29:14:e3:5b:ba:92:e7:
e4:2e:96:05:86:f5:3b:ac:22:d2:ce:be:bd:d9:dc:
43:88:db:6a:d0:6b:08:92:2d:e6:15:a5:1f:b5:35:
31:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F9:B3:48:11:97:E7:EA:44:CA:4D:4C:F1:96:49:AB:25:F6:B3:68
X509v3 Authority Key Identifier:
keyid:53:4E:67:5E:89:AC:9A:C3:02:F5:30:A2:77:52:8C:F8:1A:3C:53:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/U05nXomsmsMC9TCid1KM-Bo8UwY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U05nXomsmsMC9TCid1KM-Bo8UwY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/5C0006B4E1B711EEA6D7F740C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.109.228.0/22
IPv6:
2401:e20::/32
Signature Algorithm: sha256WithRSAEncryption
a4:a2:8e:99:9b:37:44:2c:1c:a8:ce:ed:94:14:0b:9f:92:39:
c6:70:71:67:f1:da:5c:50:72:77:bb:90:a7:20:e3:c2:0b:3a:
bb:b6:fa:e2:d4:34:d6:71:57:f6:62:68:c4:7a:8a:8a:a7:08:
1d:da:e6:94:c0:c9:42:b3:97:b1:30:3a:06:0b:34:ad:b8:f9:
fc:1f:6b:e4:8b:f2:cf:a9:14:44:15:c2:2a:1c:03:22:f6:6e:
55:02:e6:45:17:3b:34:d7:5d:23:36:d1:98:a1:34:e2:b6:9e:
34:bc:f1:6e:f7:86:a7:0e:0e:cd:df:07:2c:5c:99:43:35:8d:
ef:8e:1b:ec:d7:6e:f3:07:5f:fb:68:fd:e6:c3:d2:8b:c9:e2:
2a:fa:c3:0e:df:d6:2f:1f:d1:a5:86:90:6c:b6:f9:77:69:7c:
da:33:c1:fc:e6:a0:4d:d1:73:d8:f1:54:fb:d4:e1:5a:c0:a8:
1f:e8:0a:69:2c:38:29:c4:6f:f1:5d:aa:cb:37:9d:87:b6:60:
a6:a8:ba:cf:ab:9a:84:df:9d:65:a7:cd:5f:23:93:08:f1:cf:
61:f5:2e:8d:55:79:cb:30:8c:22:44:76:d8:3b:c1:61:7e:72:
15:da:90:d7:ef:41:5d:ee:bb:ca:d1:b4:7a:e5:02:c4:2c:a5:
ff:86:c0:cc
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBXYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0MxRUIxMTAvBgNVBAUTKDUzNEU2NzVFODlBQzlBQzMwMkY1MzBBMjc3NTI4Q0Y4
MUEzQzUzMDYwHhcNMjUwMjIxMDA1MjQ4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I3Y2U2MC0wYWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA64mHzMKwBbVlytcvpZommd92ndT94MrA0d8nvYkt3kVNbYmZ2zeSaT5JABal
yUy+m8feBu+qdukHe/IpsDDlbIwQY69QQq42+daDA6bC6qVAFoEQn100J0/H0+lA
YdIPSX9YBHpeyHWluk1Yl5OKoCF2yQZvaraDHh7CDZxwF9bnyKN8kGl0pvoyVvQa
1NnXE9Fq0kFFLwNBklB9Ooxy/DH+QtpgLI55YYzMshw0vIhXFQwiDr2i/K4e8mzm
uWGVd75yGTAmDghJH6falRsTELc4K7OYVL6zbikU41u6kufkLpYFhvU7rCLSzr69
2dxDiNtq0GsIki3mFaUftTUxgQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDX5s0gR
l+fqRMpNTPGWSasl9rNoMB8GA1UdIwQYMBaAFFNOZ16JrJrDAvUwondSjPgaPFMG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQzFFQi9BQzM4NEFBNkRE
ODIxMUVCOTU4RDFDMzBDNEY5QUUwMi9VMDVuWG9tc21zTUM5VENpZDFLTS1CbzhV
d1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1UwNW5Yb21zbXNNQzlUQ2lkMUtNLUJvOFV3WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0MxRUIvQUMzODRBQTZERDgyMTFFQjk1OEQxQzMwQzRGOUFFMDIvNUMwMDA2QjRF
MUI3MTFFRUE2RDdGNzQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnbeQwDQQCAAIwBwMFACQBDiAwDQYJKoZIhvcNAQELBQAD
ggEBAKSijpmbN0QsHKjO7ZQUC5+SOcZwcWfx2lxQcne7kKcg48ILOru2+uLUNNZx
V/ZiaMR6ioqnCB3a5pTAyUKzl7EwOgYLNK24+fwfa+SL8s+pFEQVwiocAyL2blUC
5kUXOzTXXSM20ZihNOK2njS88W73hqcODs3fByxcmUM1je+OG+zXbvMHX/to/ebD
0ovJ4ir6ww7f1i8f0aWGkGy2+XdpfNozwfzmoE3Rc9jxVPvU4VrAqB/oCmksOCnE
b/Fdqss3nYe2YKaous+rmoTfnWWnzV8jkwjxz2H1Lo1VecswjCJEdtg7wWF+chXa
kNfvQV3uu8rRtHrlAsQspf+GwMw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:12:36 2025 by rpki-client