Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED17F/A56D5F40FB4711EABEF47D3EC4F9AE02/8E7B872C2FED11ECB35A414FC4F9AE02.roa
File: 8E7B872C2FED11ECB35A414FC4F9AE02.roa (raw, json)
Hash identifier: OlQKH7ACIVrHGtlUAnuv3tHbt5ORT3G0pc9ERA6ytzA=
Subject key identifier: 36:65:EB:44:79:28:94:4A:66:9A:92:85:4F:2B:F3:43:F2:E0:1C:0F
Certificate issuer: /CN=A91ED17F/serialNumber=17F4FB128756EBB0BAC59D4E0F4B7E087279760D
Certificate serial: 078A
Authority key identifier: 17:F4:FB:12:87:56:EB:B0:BA:C5:9D:4E:0F:4B:7E:08:72:79:76:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F_T7EodW67C6xZ1OD0t-CHJ5dg0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ED17F/A56D5F40FB4711EABEF47D3EC4F9AE02/8E7B872C2FED11ECB35A414FC4F9AE02.roa
Signing time: Fri 24 Jan 2025 21:10:53 +0000
ROA not before: Fri 24 Jan 2025 21:10:53 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 58800
IP address blocks: 103.245.108.0/22 maxlen: 22
103.245.108.0/24 maxlen: 24
103.245.109.0/24 maxlen: 24
103.245.110.0/24 maxlen: 24
103.245.111.0/24 maxlen: 24
2406:b00::/32 maxlen: 32
2406:b00::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1930 (0x78a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ED17F
Validity
Not Before: Jan 24 21:10:53 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679401dd-88be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:60:4c:6e:79:a8:0e:ca:2f:ca:a9:74:32:50:
c7:59:e8:c4:27:d1:d8:6c:25:ed:d5:09:cb:fb:a9:
8c:06:16:d6:bf:7d:77:ef:23:3f:1b:d1:46:e2:cf:
83:d5:ad:80:ee:1e:24:97:d4:44:23:24:c4:e3:d2:
ef:0d:a5:50:33:f3:4e:2c:ed:8e:f1:81:c6:7a:de:
9a:13:5b:ee:35:02:73:8e:a1:79:66:12:a9:64:dd:
88:1b:c6:57:f8:f1:85:56:32:1e:d0:6c:9a:91:30:
2a:59:3d:20:4e:ce:0e:4d:80:da:7e:a8:85:d4:72:
58:67:68:d3:bc:79:64:d6:ae:96:7e:6f:e6:a2:8c:
04:13:80:c9:ac:f0:a2:a2:cf:42:b3:76:fe:d7:51:
66:a7:2e:6f:14:7c:d2:83:16:4d:17:65:0d:1f:eb:
31:a3:20:d1:e9:ac:81:21:3d:a0:62:d1:7c:0d:22:
74:25:70:19:67:a6:9c:59:d1:a6:f4:01:74:39:0a:
fe:b3:56:f1:33:b6:01:eb:92:3e:51:ce:99:b5:7b:
d5:8f:d7:10:2b:35:16:b3:f5:2d:43:71:26:fe:50:
5d:2f:bc:e8:0d:24:5f:1c:39:b6:56:4f:e2:20:91:
ab:06:ff:5f:b7:2b:33:37:32:9a:0e:cf:3e:0e:06:
98:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:65:EB:44:79:28:94:4A:66:9A:92:85:4F:2B:F3:43:F2:E0:1C:0F
X509v3 Authority Key Identifier:
keyid:17:F4:FB:12:87:56:EB:B0:BA:C5:9D:4E:0F:4B:7E:08:72:79:76:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ED17F/A56D5F40FB4711EABEF47D3EC4F9AE02/F_T7EodW67C6xZ1OD0t-CHJ5dg0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F_T7EodW67C6xZ1OD0t-CHJ5dg0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED17F/A56D5F40FB4711EABEF47D3EC4F9AE02/8E7B872C2FED11ECB35A414FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.245.108.0/22
IPv6:
2406:b00::/32
Signature Algorithm: sha256WithRSAEncryption
ad:e4:da:c9:16:49:10:e4:cd:cf:11:02:d6:0f:75:91:f6:e2:
ec:5e:d9:f9:35:05:c7:38:ed:44:a0:fa:c9:65:d8:38:b5:71:
14:45:9b:bb:44:2f:4c:6b:84:bc:c2:48:da:54:52:9e:2c:44:
05:50:90:5c:80:11:df:7b:05:0d:db:3a:a1:8a:6c:8a:88:40:
45:65:9a:c6:41:1c:21:b9:4a:7c:2c:1d:d0:a7:80:56:83:89:
b7:d2:04:c6:47:96:44:e4:ae:40:90:73:78:a9:82:40:3a:ec:
8b:81:1e:b1:b8:d5:08:cd:65:ed:48:f9:12:1f:96:79:c1:3f:
1f:f5:f7:f6:ab:09:9f:47:dd:fe:aa:32:ac:77:25:14:67:14:
7e:0b:35:57:aa:97:fd:3e:86:e4:79:49:64:1b:05:3d:c1:25:
b9:5f:b9:a7:a1:fb:fb:eb:02:e4:7e:91:79:f3:91:23:7b:58:
1e:8d:bc:d4:4d:eb:5a:39:8b:f0:ac:d8:b7:6b:30:63:05:23:
57:d8:82:61:c5:65:50:34:32:f9:0d:e0:2a:46:fb:c4:68:9b:
f3:7f:e8:bd:33:83:30:03:b3:a6:0a:28:39:0d:c9:e4:39:2b:
06:5e:ad:7a:65:d7:37:c4:e4:78:52:46:d2:52:ce:bd:d3:58:
19:aa:db:86
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICB4owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUQxN0YxMTAvBgNVBAUTKDE3RjRGQjEyODc1NkVCQjBCQUM1OUQ0RTBGNEI3RTA4
NzI3OTc2MEQwHhcNMjUwMTI0MjExMDUzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk0MDFkZC04OGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqGBMbnmoDsovyql0MlDHWejEJ9HYbCXt1QnL+6mMBhbWv3137yM/G9FG4s+D
1a2A7h4kl9REIyTE49LvDaVQM/NOLO2O8YHGet6aE1vuNQJzjqF5ZhKpZN2IG8ZX
+PGFVjIe0GyakTAqWT0gTs4OTYDafqiF1HJYZ2jTvHlk1q6Wfm/moowEE4DJrPCi
os9Cs3b+11Fmpy5vFHzSgxZNF2UNH+sxoyDR6ayBIT2gYtF8DSJ0JXAZZ6acWdGm
9AF0OQr+s1bxM7YB65I+Uc6ZtXvVj9cQKzUWs/UtQ3Em/lBdL7zoDSRfHDm2Vk/i
IJGrBv9ftyszNzKaDs8+DgaYQQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDZl60R5
KJRKZpqShU8r80Py4BwPMB8GA1UdIwQYMBaAFBf0+xKHVuuwusWdTg9LfghyeXYN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDE3Ri9BNTZENUY0MEZC
NDcxMUVBQkVGNDdEM0VDNEY5QUUwMi9GX1Q3RW9kVzY3QzZ4WjFPRDB0LUNISjVk
ZzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZfVDdFb2RXNjdDNnhaMU9EMHQtQ0hKNWRnMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUQxN0YvQTU2RDVGNDBGQjQ3MTFFQUJFRjQ3RDNFQzRGOUFFMDIvOEU3Qjg3MkMy
RkVEMTFFQ0IzNUE0MTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJn9WwwDQQCAAIwBwMFACQGCwAwDQYJKoZIhvcNAQELBQAD
ggEBAK3k2skWSRDkzc8RAtYPdZH24uxe2fk1Bcc47USg+sll2Di1cRRFm7tEL0xr
hLzCSNpUUp4sRAVQkFyAEd97BQ3bOqGKbIqIQEVlmsZBHCG5SnwsHdCngFaDibfS
BMZHlkTkrkCQc3ipgkA67IuBHrG41QjNZe1I+RIflnnBPx/19/arCZ9H3f6qMqx3
JRRnFH4LNVeql/0+huR5SWQbBT3BJblfuaeh+/vrAuR+kXnzkSN7WB6NvNRN61o5
i/Cs2LdrMGMFI1fYgmHFZVA0MvkN4CpG+8Rom/N/6L0zgzADs6YKKDkNyeQ5KwZe
rXpl1zfE5HhSRtJSzr3TWBmq24Y=
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:31:07 2025 by rpki-client