Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/2C0C25347FA511EDA9DE9A23C4F9AE02.roa
File: 2C0C25347FA511EDA9DE9A23C4F9AE02.roa (raw, json)
Hash identifier: A5iV+YzHqRMiJr5n+tJk+XsenZ+41up0u5Hgo03kNz0=
Subject key identifier: C8:B7:16:EE:A6:1B:7C:64:A2:44:16:BD:5C:39:44:5B:CD:26:26:8F
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 092C
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/2C0C25347FA511EDA9DE9A23C4F9AE02.roa
Signing time: Mon 19 Dec 2022 13:58:10 +0000
ROA not before: Mon 19 Dec 2022 13:58:10 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/24 maxlen: 24
103.11.61.0/24 maxlen: 24
103.11.62.0/24 maxlen: 24
113.203.208.0/22 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.217.0/24 maxlen: 24
113.203.218.0/23 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.224.0/22 maxlen: 22
113.203.228.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.242.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
113.203.246.0/24 maxlen: 24
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.151.0/24 maxlen: 24
180.178.152.0/22 maxlen: 24
180.178.156.0/24 maxlen: 24
180.178.158.0/24 maxlen: 24
180.178.159.0/24 maxlen: 24
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.173.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
180.178.184.0/22 maxlen: 22
223.29.224.0/24 maxlen: 24
223.29.232.0/22 maxlen: 22
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2348 (0x92c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7
Validity
Not Before: Dec 19 13:58:10 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63a06df2-0707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:49:96:ba:b7:cb:5c:f0:c5:7a:50:1a:08:51:
06:53:54:67:ec:8a:fd:ed:fb:95:92:b1:c8:8c:88:
47:fb:22:14:d4:04:8c:40:08:f7:9a:96:80:b8:95:
cd:af:6d:3f:fe:4d:e0:a2:81:df:36:bc:66:c7:c3:
49:38:b1:c9:15:ce:be:42:9c:8f:4a:fa:f9:7d:95:
af:3c:a7:d7:cf:ef:df:bc:39:c2:4c:ce:e5:fe:fd:
f8:5d:ef:d6:9e:73:58:7f:04:56:26:04:da:1c:84:
6e:09:59:37:0f:7c:c7:e4:b6:0b:87:df:1a:1e:a7:
00:77:6b:4b:dc:78:f9:32:9e:fd:b5:78:4a:3f:7f:
b5:91:6d:96:e3:b9:81:bb:5e:0b:f5:0c:4c:c1:87:
10:4d:77:46:09:ce:6e:ec:d0:56:5e:ea:3f:ce:09:
52:f6:a2:98:c2:f0:98:d6:5c:47:27:2f:b0:55:33:
36:9b:60:64:fb:a3:5a:98:4c:84:d8:25:81:0b:fc:
05:c2:c2:37:52:80:8b:13:80:4a:e7:6b:bf:e8:7a:
c3:ae:52:af:76:91:be:88:cd:c5:9b:40:0f:0c:1e:
2f:eb:9c:78:ff:71:68:13:89:65:9e:bc:02:90:03:
80:8e:d4:30:fb:a0:6e:13:51:bb:25:d8:02:ed:1c:
33:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B7:16:EE:A6:1B:7C:64:A2:44:16:BD:5C:39:44:5B:CD:26:26:8F
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/2C0C25347FA511EDA9DE9A23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0-103.11.62.255
113.203.208.0-113.203.219.255
113.203.223.0-113.203.229.255
113.203.231.0/24
113.203.234.0-113.203.240.255
113.203.242.0-113.203.246.255
180.178.128.0/23
180.178.132.0/22
180.178.137.0-180.178.139.255
180.178.144.0/24
180.178.149.0/24
180.178.151.0-180.178.156.255
180.178.158.0-180.178.162.255
180.178.164.0/22
180.178.172.0/22
180.178.180.0-180.178.187.255
223.29.224.0/24
223.29.232.0/21
IPv6:
2401:4100::-2401:4100:8000:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a1:46:35:c4:cd:11:1d:78:4a:4f:02:75:12:5d:59:53:67:bd:
4e:de:90:6f:7b:83:05:16:c4:8d:79:81:39:e0:3d:44:f5:d5:
9a:07:60:f5:3c:a9:ea:f1:95:1d:aa:a4:0d:37:b0:fc:7b:13:
c8:ce:76:4e:58:5a:04:c9:87:52:cd:66:ff:f0:47:65:92:58:
f2:d6:2d:87:c4:de:46:2d:a2:03:dd:b3:06:07:3a:16:ea:af:
41:73:85:ee:0d:3e:71:b4:ff:2f:e8:fb:80:e0:19:a0:7d:98:
d3:3a:b6:3f:e9:e2:23:11:17:be:f7:8f:0d:c4:a4:c2:3c:42:
4b:85:0f:29:ad:0e:1e:49:b3:ad:32:29:a3:5a:d2:76:a9:ac:
d3:69:42:51:2f:2a:4a:2a:06:db:31:28:5a:78:20:2b:b2:44:
74:14:8e:58:9f:94:fb:84:7d:98:0c:cc:b2:c1:26:82:8f:76:
b4:c6:c1:a1:4c:33:5b:95:c7:84:65:01:8c:7e:22:f6:f8:42:
0b:38:0a:d1:a8:4f:64:7b:3d:73:98:10:f3:92:15:94:75:ee:
be:0e:dd:27:4e:5c:96:bb:98:29:8b:dd:77:df:1f:6b:2a:7d:
3a:f4:00:1f:95:bf:64:4d:35:09:b8:72:60:0e:90:0a:cd:1e:
d4:a9:5d:2e
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgICCSwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIxMjE5MTM1ODEwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2EwNmRmMi0wNzA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5kmWurfLXPDFelAaCFEGU1Rn7Ir97fuVkrHIjIhH+yIU1ASMQAj3mpaAuJXN
r20//k3gooHfNrxmx8NJOLHJFc6+QpyPSvr5fZWvPKfXz+/fvDnCTM7l/v34Xe/W
nnNYfwRWJgTaHIRuCVk3D3zH5LYLh98aHqcAd2tL3Hj5Mp79tXhKP3+1kW2W47mB
u14L9QxMwYcQTXdGCc5u7NBWXuo/zglS9qKYwvCY1lxHJy+wVTM2m2Bk+6NamEyE
2CWBC/wFwsI3UoCLE4BK52u/6HrDrlKvdpG+iM3Fm0APDB4v65x4/3FoE4llnrwC
kAOAjtQw+6BuE1G7JdgC7RwzzwIDAQABo4IDYTCCA10wHQYDVR0OBBYEFMi3Fu6m
G3xkokQWvVw5RFvNJiaPMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvMkMwQzI1MzQ3
RkE1MTFFREE5REU5QTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgeoGCCsGAQUFBwEHAQH/
BIHaMIHXMIG7BAIAATCBtDAMAwQCZws8AwQAZws+MAwDBARxy9ADBAJxy9gwDAME
AHHL3wMEAXHL5AMEAHHL5zAMAwQBccvqAwQAccvwMAwDBAFxy/IDBABxy/YDBAG0
soADBAK0soQwDAMEALSyiQMEArSyiAMEALSykAMEALSylTAMAwQAtLKXAwQAtLKc
MAwDBAG0sp4DBAC0sqIDBAK0sqQDBAK0sqwwDAMEArSytAMEArSyuAMEAN8d4AME
A98d6DAXBAIAAjARMA8DBAAkAUEDBwAkAUEAgAAwDQYJKoZIhvcNAQELBQADggEB
AKFGNcTNER14Sk8CdRJdWVNnvU7ekG97gwUWxI15gTngPUT11ZoHYPU8qerxlR2q
pA03sPx7E8jOdk5YWgTJh1LNZv/wR2WSWPLWLYfE3kYtogPdswYHOhbqr0Fzhe4N
PnG0/y/o+4DgGaB9mNM6tj/p4iMRF773jw3EpMI8QkuFDymtDh5Js60yKaNa0nap
rNNpQlEvKkoqBtsxKFp4ICuyRHQUjliflPuEfZgMzLLBJoKPdrTGwaFMM1uVx4Rl
AYx+Ivb4Qgs4CtGoT2R7PXOYEPOSFZR17r4O3SdOXJa7mCmL3XffH2sqfTr0AB+V
v2RNNQm4cmAOkArNHtSpXS4=
-----END CERTIFICATE-----
Generated at Sat Apr 12 06:07:27 2025 by rpki-client