Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D560D/68C3F49A41EE11EA9CEA1F75C4F9AE02/A10B1F2CC2C111EB9FF4B980C4F9AE02.roa
File: A10B1F2CC2C111EB9FF4B980C4F9AE02.roa (raw, json)
Hash identifier: oW5ufK8uuYVD0QdaX00seTUO6gXE6JmBRPLc71abQX0=
Subject key identifier: C0:E7:B2:37:FE:30:58:0E:87:47:83:8B:88:81:17:BA:14:32:6E:62
Certificate issuer: /CN=A91D560D/serialNumber=D7146DA9DE28F5BB5E3DE2FF00C59FC85C9938DA
Certificate serial: 07BD
Authority key identifier: D7:14:6D:A9:DE:28:F5:BB:5E:3D:E2:FF:00:C5:9F:C8:5C:99:38:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xRtqd4o9btePeL_AMWfyFyZONo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D560D/68C3F49A41EE11EA9CEA1F75C4F9AE02/A10B1F2CC2C111EB9FF4B980C4F9AE02.roa
Signing time: Fri 10 May 2024 20:59:12 +0000
ROA not before: Fri 10 May 2024 20:59:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135030
IP address blocks: 103.111.164.0/22 maxlen: 22
103.111.164.0/23 maxlen: 23
103.111.164.0/24 maxlen: 24
103.111.165.0/24 maxlen: 24
103.111.166.0/23 maxlen: 23
103.111.166.0/24 maxlen: 24
103.111.167.0/24 maxlen: 24
2402:9f40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1981 (0x7bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D560D
Validity
Not Before: May 10 20:59:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=663e8a9f-c2f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:09:1b:a5:03:35:03:40:68:1b:31:b6:c1:c9:
99:20:53:a1:18:fd:0a:fb:ef:d5:bf:7e:9e:5c:62:
89:7b:8c:7b:da:00:67:b9:4d:e3:31:0b:de:1d:78:
28:26:28:b5:6d:f5:d2:31:dc:ff:db:cf:8b:8d:c0:
3e:67:2f:2d:93:47:a1:d5:19:66:a6:46:6d:a0:d2:
b1:18:f2:33:05:d6:62:4b:47:12:fb:0d:8f:c9:ec:
c4:ac:e9:99:41:ce:76:d6:a7:92:7d:97:93:47:de:
84:c9:5c:75:70:8e:8a:a9:e3:d9:06:40:b9:38:26:
75:f0:8a:a8:50:e3:ef:35:a7:12:f6:14:e6:a4:86:
46:e0:cc:82:fb:d5:61:7e:08:50:15:45:0b:c7:f7:
68:6a:1e:49:cb:38:fa:02:2a:49:84:41:47:c9:e5:
42:53:0a:39:90:74:35:e1:e1:f0:21:02:53:a0:50:
24:55:e9:a9:62:7c:fd:4a:7f:13:8f:5d:9f:f2:18:
e1:d9:0c:fd:2c:8b:8c:41:e2:58:e0:4a:d0:1b:a9:
d5:3f:eb:41:62:e2:1f:c5:4a:6c:26:39:5b:5f:a8:
05:fa:51:db:28:19:f5:a1:c2:08:c2:10:c9:79:f1:
a2:e1:49:97:0a:c7:81:54:de:4f:37:4e:b6:e9:00:
d9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:E7:B2:37:FE:30:58:0E:87:47:83:8B:88:81:17:BA:14:32:6E:62
X509v3 Authority Key Identifier:
keyid:D7:14:6D:A9:DE:28:F5:BB:5E:3D:E2:FF:00:C5:9F:C8:5C:99:38:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D560D/68C3F49A41EE11EA9CEA1F75C4F9AE02/1xRtqd4o9btePeL_AMWfyFyZONo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xRtqd4o9btePeL_AMWfyFyZONo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D560D/68C3F49A41EE11EA9CEA1F75C4F9AE02/A10B1F2CC2C111EB9FF4B980C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.164.0/22
IPv6:
2402:9f40::/32
Signature Algorithm: sha256WithRSAEncryption
a8:24:4d:85:84:ae:60:47:b1:47:a9:0e:63:6f:3e:4f:6f:9e:
a3:93:c9:5d:aa:25:16:61:f8:67:d5:7d:ae:1d:95:95:db:21:
16:f5:65:7e:c6:ba:37:54:3e:22:96:9e:b0:cf:84:b3:11:c9:
f7:92:d8:1c:d8:0f:a5:d8:61:72:87:4b:18:c9:58:62:0e:2b:
e0:c2:9e:01:3e:7c:c5:85:ed:cd:e8:d1:de:5b:af:7d:e5:a9:
fa:18:4b:fd:c4:6e:53:d3:2f:7b:4f:38:f5:59:a3:e0:44:a6:
a1:c6:89:ad:42:74:cf:d3:5c:3f:93:8f:3e:a3:b6:42:ca:2b:
70:25:af:41:0f:d7:ea:4f:be:b1:66:6e:bf:0c:a8:f6:8a:e6:
4e:89:08:64:73:2c:19:2f:da:d9:98:33:cf:21:7c:b5:05:9b:
22:ed:35:b4:98:c6:b9:55:76:5e:ec:a2:42:06:e8:2d:c3:fc:
e0:35:94:f1:46:f8:3e:0b:67:53:36:3b:a0:b4:8d:af:e6:8d:
f9:a2:98:21:1c:d1:b7:39:e0:8e:37:02:ae:76:a9:5e:05:79:
f7:82:e4:41:ac:8f:88:a8:eb:8d:54:14:df:fc:eb:df:71:e8:
1d:e7:42:c3:cb:0f:f3:83:d3:08:5c:08:12:57:34:14:b1:36:
48:f1:8d:fd
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICB70wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDU2MEQxMTAvBgNVBAUTKEQ3MTQ2REE5REUyOEY1QkI1RTNERTJGRjAwQzU5RkM4
NUM5OTM4REEwHhcNMjQwNTEwMjA1OTEyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNlOGE5Zi1jMmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9AkbpQM1A0BoGzG2wcmZIFOhGP0K++/Vv36eXGKJe4x72gBnuU3jMQveHXgo
Jii1bfXSMdz/28+LjcA+Zy8tk0eh1RlmpkZtoNKxGPIzBdZiS0cS+w2PyezErOmZ
Qc521qeSfZeTR96EyVx1cI6KqePZBkC5OCZ18IqoUOPvNacS9hTmpIZG4MyC+9Vh
fghQFUULx/doah5Jyzj6AipJhEFHyeVCUwo5kHQ14eHwIQJToFAkVempYnz9Sn8T
j12f8hjh2Qz9LIuMQeJY4ErQG6nVP+tBYuIfxUpsJjlbX6gF+lHbKBn1ocIIwhDJ
efGi4UmXCseBVN5PN0626QDZFQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMDnsjf+
MFgOh0eDi4iBF7oUMm5iMB8GA1UdIwQYMBaAFNcUbaneKPW7Xj3i/wDFn8hcmTja
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTYwRC82OEMzRjQ5QTQx
RUUxMUVBOUNFQTFGNzVDNEY5QUUwMi8xeFJ0cWQ0bzlidGVQZUxfQU1XZnlGeVpP
Tm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzF4UnRxZDRvOWJ0ZVBlTF9BTVdmeUZ5Wk9Oby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDU2MEQvNjhDM0Y0OUE0MUVFMTFFQTlDRUExRjc1QzRGOUFFMDIvQTEwQjFGMkND
MkMxMTFFQjlGRjRCOTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnb6QwDQQCAAIwBwMFACQCn0AwDQYJKoZIhvcNAQELBQAD
ggEBAKgkTYWErmBHsUepDmNvPk9vnqOTyV2qJRZh+GfVfa4dlZXbIRb1ZX7GujdU
PiKWnrDPhLMRyfeS2BzYD6XYYXKHSxjJWGIOK+DCngE+fMWF7c3o0d5br33lqfoY
S/3EblPTL3tPOPVZo+BEpqHGia1CdM/TXD+Tjz6jtkLKK3Alr0EP1+pPvrFmbr8M
qPaK5k6JCGRzLBkv2tmYM88hfLUFmyLtNbSYxrlVdl7sokIG6C3D/OA1lPFG+D4L
Z1M2O6C0ja/mjfmimCEc0bc54I43Aq52qV4FefeC5EGsj4io641UFN/8699x6B3n
QsPLD/OD0whcCBJXNBSxNkjxjf0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:39:28 2025 by rpki-client