Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/507F3494929A11ED80DFBC7FC4F9AE02.roa
File: 507F3494929A11ED80DFBC7FC4F9AE02.roa (raw, json)
Hash identifier: ktBNtq1qxohDkVYVjL6OVEfHG+eEbjdka6DSs9InKB8=
Subject key identifier: 0A:0A:97:08:38:21:32:86:A2:FC:A3:35:FA:71:18:31:3E:52:97:60
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0958
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/507F3494929A11ED80DFBC7FC4F9AE02.roa
Signing time: Tue 24 Jan 2023 15:08:54 +0000
ROA not before: Tue 24 Jan 2023 15:08:54 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/24 maxlen: 24
103.11.61.0/24 maxlen: 24
103.11.62.0/24 maxlen: 24
113.203.208.0/22 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.217.0/24 maxlen: 24
113.203.218.0/23 maxlen: 24
113.203.220.0/24 maxlen: 24
113.203.222.0/24 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.224.0/22 maxlen: 22
113.203.228.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.233.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
113.203.246.0/24 maxlen: 24
113.203.252.0/22 maxlen: 22
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.151.0/24 maxlen: 24
180.178.152.0/22 maxlen: 24
180.178.156.0/24 maxlen: 24
180.178.158.0/24 maxlen: 24
180.178.159.0/24 maxlen: 24
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.173.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
180.178.184.0/22 maxlen: 22
223.29.224.0/24 maxlen: 24
223.29.232.0/22 maxlen: 22
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2392 (0x958)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7
Validity
Not Before: Jan 24 15:08:54 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63cff486-0d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f3:7f:95:7d:ce:69:ca:d8:9e:d9:dc:0a:6f:
d2:1a:bf:13:8b:f8:47:56:2a:a2:38:83:45:2a:44:
96:b4:a3:53:76:3f:c4:ee:a0:11:2f:70:a5:77:59:
32:17:28:c0:61:83:77:af:2a:04:63:aa:db:a8:6a:
d2:cc:cd:b6:c5:f0:79:d4:34:7b:6f:59:aa:61:66:
a5:d8:6b:98:6c:a6:b9:50:0f:7f:b0:d8:03:92:d1:
9c:d7:dc:21:b4:31:bc:f1:f8:a8:5d:0e:03:d5:1e:
12:c0:96:d8:b3:8d:43:94:1b:ea:6d:ba:f2:be:d3:
ea:28:05:2f:6c:e7:b4:b2:b3:24:79:74:3a:93:13:
bf:4d:ef:f5:ac:5a:cf:a9:c8:a2:6a:67:31:e2:64:
9e:c3:99:ac:de:ff:41:9e:f6:2a:93:06:32:d0:f2:
52:3d:06:49:20:5a:5e:72:05:30:90:af:fa:cf:bb:
e3:0d:10:a4:99:dc:d7:31:d2:3b:5c:d7:32:a6:b9:
f7:ed:fc:60:63:fa:13:42:87:29:c5:f1:b9:c1:e1:
78:64:7c:ae:95:60:32:3c:46:ce:f4:28:da:4a:af:
93:bf:31:fa:23:04:eb:e6:66:75:2c:f6:47:b6:fa:
19:18:b0:78:38:9e:19:27:11:18:1a:b2:93:81:70:
91:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:0A:97:08:38:21:32:86:A2:FC:A3:35:FA:71:18:31:3E:52:97:60
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/507F3494929A11ED80DFBC7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0-103.11.62.255
113.203.208.0-113.203.220.255
113.203.222.0-113.203.229.255
113.203.231.0/24
113.203.233.0-113.203.240.255
113.203.243.0-113.203.246.255
113.203.252.0/22
180.178.128.0/23
180.178.132.0/22
180.178.137.0-180.178.139.255
180.178.144.0/24
180.178.149.0/24
180.178.151.0-180.178.156.255
180.178.158.0-180.178.162.255
180.178.164.0/22
180.178.172.0/22
180.178.180.0-180.178.187.255
223.29.224.0/24
223.29.232.0/21
IPv6:
2401:4100::-2401:4100:8000:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0b:21:a1:18:01:43:9a:ba:54:a8:25:20:98:71:4a:fc:bd:a7:
8c:6e:e8:95:5a:40:21:e1:3a:1a:e0:9a:bd:f6:03:b6:bb:1e:
6e:5b:e3:b1:c1:9a:37:3a:b7:aa:43:12:7d:c4:3c:c6:51:26:
27:b5:87:35:7f:37:1c:d9:0a:3e:f4:59:2e:97:9d:70:c7:eb:
5d:b0:68:0d:e9:8b:72:00:9c:d9:49:2e:a7:69:fc:7e:51:66:
a9:b9:82:dc:5d:74:0b:f0:c4:fc:a9:0e:80:80:66:69:37:de:
57:86:f0:a0:b3:86:d1:c2:f6:db:c2:80:2d:f9:76:00:c1:8c:
06:78:35:d9:99:bb:53:d4:38:ae:58:3e:02:6f:e2:9f:ea:62:
22:69:12:89:7d:92:14:8a:5a:af:cb:79:2f:17:d9:ea:3c:5c:
11:a3:4e:74:de:5e:65:32:9c:8b:a3:f9:a2:19:f9:e3:dd:b9:
8f:24:90:21:d1:59:06:83:eb:98:8b:9c:15:20:9e:8c:eb:86:
ea:59:5d:89:f1:5d:1b:c5:74:3d:10:44:91:5e:de:1b:d2:0a:
20:67:2b:1c:f9:82:15:47:88:85:40:11:1d:fb:38:6c:02:da:
c8:fc:19:e9:96:ad:05:72:5e:d7:d1:6e:a0:68:0d:70:93:09:
e6:95:0a:65
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgICCVgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwMTI0MTUwODU0WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2NmZjQ4Ni0wZDhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0fN/lX3OacrYntncCm/SGr8Ti/hHViqiOINFKkSWtKNTdj/E7qARL3Cld1ky
FyjAYYN3ryoEY6rbqGrSzM22xfB51DR7b1mqYWal2GuYbKa5UA9/sNgDktGc19wh
tDG88fioXQ4D1R4SwJbYs41DlBvqbbryvtPqKAUvbOe0srMkeXQ6kxO/Te/1rFrP
qciiamcx4mSew5ms3v9BnvYqkwYy0PJSPQZJIFpecgUwkK/6z7vjDRCkmdzXMdI7
XNcyprn37fxgY/oTQocpxfG5weF4ZHyulWAyPEbO9CjaSq+TvzH6IwTr5mZ1LPZH
tvoZGLB4OJ4ZJxEYGrKTgXCR1QIDAQABo4IDZzCCA2MwHQYDVR0OBBYEFAoKlwg4
ITKGovyjNfpxGDE+UpdgMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvNTA3RjM0OTQ5
MjlBMTFFRDgwREZCQzdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfAGCCsGAQUFBwEHAQH/
BIHgMIHdMIHBBAIAATCBujAMAwQCZws8AwQAZws+MAwDBARxy9ADBABxy9wwDAME
AXHL3gMEAXHL5AMEAHHL5zAMAwQAccvpAwQAccvwMAwDBABxy/MDBABxy/YDBAJx
y/wDBAG0soADBAK0soQwDAMEALSyiQMEArSyiAMEALSykAMEALSylTAMAwQAtLKX
AwQAtLKcMAwDBAG0sp4DBAC0sqIDBAK0sqQDBAK0sqwwDAMEArSytAMEArSyuAME
AN8d4AMEA98d6DAXBAIAAjARMA8DBAAkAUEDBwAkAUEAgAAwDQYJKoZIhvcNAQEL
BQADggEBAAshoRgBQ5q6VKglIJhxSvy9p4xu6JVaQCHhOhrgmr32A7a7Hm5b47HB
mjc6t6pDEn3EPMZRJie1hzV/NxzZCj70WS6XnXDH612waA3pi3IAnNlJLqdp/H5R
Zqm5gtxddAvwxPypDoCAZmk33leG8KCzhtHC9tvCgC35dgDBjAZ4NdmZu1PUOK5Y
PgJv4p/qYiJpEol9khSKWq/LeS8X2eo8XBGjTnTeXmUynIuj+aIZ+ePduY8kkCHR
WQaD65iLnBUgnozrhupZXYnxXRvFdD0QRJFe3hvSCiBnKxz5ghVHiIVAER37OGwC
2sj8GemWrQVyXtfRbqBoDXCTCeaVCmU=
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:00:49 2025 by rpki-client