Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/0DC2568E320511EA8CF6B72DC4F9AE02.roa
File: 0DC2568E320511EA8CF6B72DC4F9AE02.roa (raw, json)
Hash identifier: 1+11cacphPqsNd+omnkh++SqQDiBnfm5tRRdQKET7hw=
Subject key identifier: AB:71:1E:21:95:2C:D2:DB:23:C8:0D:ED:D2:B8:F4:AC:08:22:70:81
Certificate issuer: /CN=A91D1003/serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2
Certificate serial: 0A93
Authority key identifier: A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/0DC2568E320511EA8CF6B72DC4F9AE02.roa
Signing time: Thu 04 Apr 2024 20:59:16 +0000
ROA not before: Thu 04 Apr 2024 20:59:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55453
IP address blocks: 27.54.120.0/24 maxlen: 24
27.54.121.0/24 maxlen: 24
27.54.122.0/24 maxlen: 24
27.54.123.0/24 maxlen: 24
103.20.0.0/24 maxlen: 24
103.20.1.0/24 maxlen: 24
103.20.2.0/24 maxlen: 24
103.20.3.0/24 maxlen: 24
137.59.192.0/24 maxlen: 24
137.59.193.0/24 maxlen: 24
137.59.194.0/24 maxlen: 24
137.59.195.0/24 maxlen: 24
2407:1b00::/34 maxlen: 34
2407:1b00:4000::/34 maxlen: 34
2407:1b00:8000::/34 maxlen: 34
2407:1b00:c000::/34 maxlen: 34
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2707 (0xa93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1003
Validity
Not Before: Apr 4 20:59:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660f14a4-fa50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:01:05:c2:49:d8:7c:4d:d5:25:7c:79:ed:24:
4d:72:f3:b6:67:93:3c:6c:58:ea:87:1e:f8:5a:a5:
20:5e:29:b6:e5:ba:e4:2a:94:cd:77:d1:dc:58:08:
fa:92:b4:61:6e:6c:4b:70:81:63:f7:6f:cc:1a:85:
aa:31:fe:a3:84:da:49:55:4d:8b:74:6d:8f:88:67:
82:b8:00:fe:ab:65:10:48:b2:31:03:34:9b:d8:15:
3b:59:ef:5d:85:2b:8f:87:de:95:99:e5:81:5a:8b:
04:d1:a4:c5:bc:9f:f9:19:50:85:24:be:96:56:0b:
8a:09:e3:aa:ea:2d:fd:64:ca:7f:2d:a0:30:58:3d:
0a:5d:ad:6e:f0:47:c3:07:c1:99:37:81:a8:52:8b:
e4:46:7d:12:ec:18:0a:a8:39:6c:e5:c1:39:ce:c0:
e6:cc:c5:79:e9:12:e5:95:cc:3e:2e:e6:47:cc:43:
f6:be:2e:19:09:76:53:a8:72:d8:e8:3a:4b:b9:f0:
0e:2a:a3:67:11:4f:64:84:1d:95:ac:2b:c5:88:da:
63:4d:38:9c:4d:f0:03:1b:11:8a:9b:d0:c9:5c:91:
57:7b:c5:f8:5f:e1:6e:3d:ab:d4:e2:cb:f0:5f:91:
0a:e3:14:f6:c7:74:d9:81:d8:04:af:9f:bd:43:9d:
d6:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:71:1E:21:95:2C:D2:DB:23:C8:0D:ED:D2:B8:F4:AC:08:22:70:81
X509v3 Authority Key Identifier:
keyid:A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/0DC2568E320511EA8CF6B72DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.54.120.0/22
103.20.0.0/22
137.59.192.0/22
IPv6:
2407:1b00::/32
Signature Algorithm: sha256WithRSAEncryption
1b:2d:e5:45:d5:66:21:f0:02:82:23:7c:9b:35:c2:20:f2:b6:
74:ff:b0:96:2b:2b:2a:83:14:e2:c8:90:54:ad:73:c5:61:42:
75:4f:bb:ad:1f:4c:61:18:a9:09:64:19:bc:59:b4:f2:af:e3:
82:b7:51:c1:fb:cc:3d:bf:66:57:6c:55:94:a9:ae:9e:9a:07:
3a:2a:e8:ef:25:e7:bb:7e:a2:87:ea:d2:90:72:8a:71:c6:17:
cf:51:4f:03:38:25:ff:63:74:1b:61:28:2a:cb:c1:82:41:52:
d9:63:e1:80:f7:7a:ec:31:df:5f:d6:7f:a1:6b:03:c5:76:76:
3a:4b:0a:57:6b:5b:3b:61:7c:9d:a5:5f:df:97:b2:ef:96:29:
7a:b6:5e:f2:cb:1c:63:0e:11:a0:bb:31:50:02:26:52:6f:7d:
1a:4d:e8:b3:95:16:93:18:d5:22:ef:62:b1:50:db:37:bd:c3:
0d:58:7a:ae:16:17:ca:d7:3e:0a:c7:be:85:10:4c:f6:43:67:
07:9c:e0:d8:78:49:93:7c:2f:fb:2e:95:e0:8b:b0:54:20:8e:
05:b2:c7:2f:3d:2d:b6:95:4e:c5:6b:bc:72:47:15:01:64:0a:
be:80:06:28:f2:46:d3:af:ab:30:62:64:44:d6:c9:20:d9:9e:
2f:3c:b4:3e
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICCpMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDEwMDMxMTAvBgNVBAUTKEE1MjAxQUVFNkY0QTVDMUVCOEE3RTFDNzg1M0JGQkIy
QkE3NUNCRDIwHhcNMjQwNDA0MjA1OTE2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBmMTRhNC1mYTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwwEFwknYfE3VJXx57SRNcvO2Z5M8bFjqhx74WqUgXim25brkKpTNd9HcWAj6
krRhbmxLcIFj92/MGoWqMf6jhNpJVU2LdG2PiGeCuAD+q2UQSLIxAzSb2BU7We9d
hSuPh96VmeWBWosE0aTFvJ/5GVCFJL6WVguKCeOq6i39ZMp/LaAwWD0KXa1u8EfD
B8GZN4GoUovkRn0S7BgKqDls5cE5zsDmzMV56RLllcw+LuZHzEP2vi4ZCXZTqHLY
6DpLufAOKqNnEU9khB2VrCvFiNpjTTicTfADGxGKm9DJXJFXe8X4X+FuPavU4svw
X5EK4xT2x3TZgdgEr5+9Q53WmQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFKtxHiGV
LNLbI8gN7dK49KwIInCBMB8GA1UdIwQYMBaAFKUgGu5vSlweuKfhx4U7+7K6dcvS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTAwMy9BQTRFOTVDODMy
MDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hCNjRwLUhIaFR2N3NycDF5
OUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BTQWE3bTlLWEI2NHAtSEhoVHY3c3JwMXk5SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDEwMDMvQUE0RTk1QzgzMjAzMTFFQThEMkExQjJCQzRGOUFFMDIvMERDMjU2OEUz
MjA1MTFFQThDRjZCNzJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAIbNngDBAJnFAADBAKJO8AwDQQCAAIwBwMFACQHGwAwDQYJ
KoZIhvcNAQELBQADggEBABst5UXVZiHwAoIjfJs1wiDytnT/sJYrKyqDFOLIkFSt
c8VhQnVPu60fTGEYqQlkGbxZtPKv44K3UcH7zD2/ZldsVZSprp6aBzoq6O8l57t+
oofq0pByinHGF89RTwM4Jf9jdBthKCrLwYJBUtlj4YD3euwx31/Wf6FrA8V2djpL
CldrWzthfJ2lX9+Xsu+WKXq2XvLLHGMOEaC7MVACJlJvfRpN6LOVFpMY1SLvYrFQ
2ze9ww1Yeq4WF8rXPgrHvoUQTPZDZwec4Nh4SZN8L/suleCLsFQgjgWyxy89LbaV
TsVrvHJHFQFkCr6ABijyRtOvqzBiZETWySDZni88tD4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:44:46 2025 by rpki-client