Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/0821CAB4D63711EDAF54FC0CC4F9AE02.roa
File: 0821CAB4D63711EDAF54FC0CC4F9AE02.roa (raw, json)
Hash identifier: XfbI5fGdShveQdJi//Q+6zQAE8n/ItaYQWm65z57AUA=
Subject key identifier: B6:ED:0C:FD:ED:41:10:F9:A7:4B:F2:A6:CC:FF:59:61:A1:76:50:EB
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0A01
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/0821CAB4D63711EDAF54FC0CC4F9AE02.roa
Signing time: Wed 12 Apr 2023 07:18:51 +0000
ROA not before: Wed 12 Apr 2023 07:18:51 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/22 maxlen: 22
103.11.60.0/24 maxlen: 24
113.203.209.0/24 maxlen: 24
113.203.211.0/24 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.219.0/24 maxlen: 24
113.203.226.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
180.178.128.0/21 maxlen: 21
180.178.128.0/22 maxlen: 22
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.136.0/21 maxlen: 21
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.160.0/20 maxlen: 20
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.178.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
223.29.224.0/20 maxlen: 20
223.29.227.0/24 maxlen: 24
2401:4100::/32 maxlen: 32
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2561 (0xa01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7
Validity
Not Before: Apr 12 07:18:51 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64365b5b-b403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4b:70:a5:22:29:2c:f2:a7:08:99:17:c8:97:
13:62:f9:61:c2:69:cf:0d:55:16:a9:30:d7:f8:00:
2f:68:fe:de:3b:27:f6:b1:14:1b:d8:83:f2:95:de:
1a:1d:21:f0:90:cf:56:03:73:85:30:96:b2:9a:a1:
59:83:15:4b:74:52:ff:9f:ad:0c:9e:99:d2:fa:85:
22:e2:73:b3:0c:ad:fe:1c:51:cb:2c:b6:34:74:e0:
7c:b5:dd:55:02:78:97:2d:79:4c:47:23:3a:cf:bb:
67:ec:70:56:9a:80:ca:63:f5:f2:1d:fb:fd:0f:e3:
d1:59:a5:b6:f2:a5:cd:17:74:c3:38:d4:aa:5c:88:
f5:2b:a9:cb:23:25:2f:49:40:bd:98:b6:e7:3a:1b:
1b:3b:b1:58:fa:4e:5b:ce:04:67:00:1a:64:bb:3e:
47:af:4b:54:42:86:f2:b4:4b:b6:85:75:0f:32:25:
c2:0e:fe:5a:b8:02:59:9f:be:ac:33:cf:e1:c4:5c:
8c:80:79:54:07:32:12:6c:c6:bf:2f:cb:ba:b0:3d:
5a:65:ea:e3:a7:f4:ab:5f:a4:7a:b0:11:f7:64:17:
47:ec:8b:75:b2:2d:e1:2d:2e:ff:83:1f:86:74:7b:
80:4c:ef:51:df:91:12:3c:dc:2c:ae:52:b0:93:df:
a9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:ED:0C:FD:ED:41:10:F9:A7:4B:F2:A6:CC:FF:59:61:A1:76:50:EB
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/0821CAB4D63711EDAF54FC0CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0/22
113.203.209.0/24
113.203.211.0-113.203.216.255
113.203.219.0/24
113.203.226.0/24
113.203.234.0-113.203.240.255
113.203.243.0-113.203.244.255
180.178.128.0-180.178.144.255
180.178.149.0/24
180.178.160.0/20
180.178.178.0/24
180.178.180.0/22
223.29.224.0/20
IPv6:
2401:4100::/32
Signature Algorithm: sha256WithRSAEncryption
78:26:3e:f2:7f:4e:59:ea:ce:de:a3:6b:00:6d:7d:74:14:f9:
eb:a6:e5:15:df:25:d8:95:de:10:c8:f8:a3:2e:c6:43:ec:75:
45:c6:fc:76:d6:31:aa:72:28:fd:7a:f0:fa:7a:7b:35:24:e7:
73:b7:bc:aa:08:45:66:4c:28:47:d1:83:06:f7:d3:12:08:74:
f1:91:d4:62:f4:d9:ed:e4:da:f1:4d:56:96:8b:e0:c9:de:b9:
e8:09:12:92:33:7c:03:47:e3:80:19:55:8c:12:22:65:2a:a6:
46:d3:c4:9d:85:8d:e5:8c:87:68:f1:28:c6:69:8a:77:b2:17:
e3:86:2a:86:ac:11:b2:87:61:70:15:73:09:0f:6b:fc:88:74:
82:31:4c:30:c6:03:50:ce:a4:23:d2:e4:22:8e:16:f5:14:fc:
56:5a:ec:27:90:b9:ed:78:50:9f:37:73:25:8f:23:63:4e:a7:
5a:ed:8c:7c:c7:0e:65:ad:98:38:3b:d4:d1:c6:c2:35:68:aa:
2c:a4:ad:8a:5f:16:70:9d:08:dc:7f:b3:e0:41:d9:6a:ca:55:
70:05:50:9e:d5:1f:1f:86:bb:54:26:49:5e:36:5d:8f:44:92:
e4:f0:12:09:66:69:9b:ee:c7:96:bf:27:c7:f8:81:b8:a0:36:
47:a5:db:2f
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgICCgEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwNDEyMDcxODUxWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM2NWI1Yi1iNDAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0ktwpSIpLPKnCJkXyJcTYvlhwmnPDVUWqTDX+AAvaP7eOyf2sRQb2IPyld4a
HSHwkM9WA3OFMJaymqFZgxVLdFL/n60MnpnS+oUi4nOzDK3+HFHLLLY0dOB8td1V
AniXLXlMRyM6z7tn7HBWmoDKY/XyHfv9D+PRWaW28qXNF3TDONSqXIj1K6nLIyUv
SUC9mLbnOhsbO7FY+k5bzgRnABpkuz5Hr0tUQobytEu2hXUPMiXCDv5auAJZn76s
M8/hxFyMgHlUBzISbMa/L8u6sD1aZerjp/SrX6R6sBH3ZBdH7It1si3hLS7/gx+G
dHuATO9R35ESPNwsrlKwk9+plQIDAQABo4IDDzCCAwswHQYDVR0OBBYEFLbtDP3t
QRD5p0vypsz/WWGhdlDrMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvMDgyMUNBQjRE
NjM3MTFFREFGNTRGQzBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZgGCCsGAQUFBwEHAQH/
BIGIMIGFMHQEAgABMG4DBAJnCzwDBABxy9EwDAMEAHHL0wMEAHHL2AMEAHHL2wME
AHHL4jAMAwQBccvqAwQAccvwMAwDBABxy/MDBABxy/QwDAMEB7SygAMEALSykAME
ALSylQMEBLSyoAMEALSysgMEArSytAMEBN8d4DANBAIAAjAHAwUAJAFBADANBgkq
hkiG9w0BAQsFAAOCAQEAeCY+8n9OWerO3qNrAG19dBT566blFd8l2JXeEMj4oy7G
Q+x1Rcb8dtYxqnIo/Xrw+np7NSTnc7e8qghFZkwoR9GDBvfTEgh08ZHUYvTZ7eTa
8U1Wlovgyd656AkSkjN8A0fjgBlVjBIiZSqmRtPEnYWN5YyHaPEoxmmKd7IX44Yq
hqwRsodhcBVzCQ9r/Ih0gjFMMMYDUM6kI9LkIo4W9RT8VlrsJ5C57XhQnzdzJY8j
Y06nWu2MfMcOZa2YODvU0cbCNWiqLKStil8WcJ0I3H+z4EHZaspVcAVQntUfH4a7
VCZJXjZdj0SS5PASCWZpm+7Hlr8nx/iBuKA2R6XbLw==
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:56:39 2025 by rpki-client