Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/B717D0B42AC411EDA91BCB76C4F9AE02.roa
File: B717D0B42AC411EDA91BCB76C4F9AE02.roa (raw, json)
Hash identifier: NEa8WmrJSutZ9XU7GEUbWu+PQmU/ur9nn3ymbRXQp5M=
Subject key identifier: 99:12:7F:87:F6:6A:79:F7:84:5B:86:5A:29:AA:3B:4E:E0:EB:E6:AC
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 085F
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/B717D0B42AC411EDA91BCB76C4F9AE02.roa
Signing time: Fri 02 Sep 2022 13:39:49 +0000
ROA not before: Fri 02 Sep 2022 13:39:49 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/24 maxlen: 24
103.11.62.0/24 maxlen: 24
103.11.63.0/24 maxlen: 24
113.203.208.0/22 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.217.0/24 maxlen: 24
113.203.218.0/23 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.228.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.242.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
113.203.246.0/24 maxlen: 24
113.203.247.0/24 maxlen: 24
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.140.0/22 maxlen: 22
180.178.144.0/24 maxlen: 24
180.178.145.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.150.0/24 maxlen: 24
180.178.151.0/24 maxlen: 24
180.178.152.0/22 maxlen: 24
180.178.156.0/23 maxlen: 24
180.178.159.0/24 maxlen: 24
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.173.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
223.29.224.0/24 maxlen: 24
223.29.225.0/24 maxlen: 24
223.29.232.0/22 maxlen: 22
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2143 (0x85f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7
Validity
Not Before: Sep 2 13:39:49 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=631207a5-b986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:87:4d:26:d9:4f:a2:9a:c1:0b:0e:a6:b3:43:
20:2c:5f:9e:82:b1:0f:1d:20:8a:73:74:24:3b:d3:
b3:d5:8b:2b:27:de:a7:2c:36:cf:5d:93:7d:b9:c0:
f9:0c:57:c8:34:65:d1:f0:95:79:ba:56:99:92:70:
bc:fc:18:6a:e6:32:92:fd:0e:34:39:f0:48:ec:cc:
99:f2:81:91:31:24:1d:cc:38:ca:a9:3f:41:96:2c:
d9:5d:f7:c4:8c:4b:b3:5a:55:a4:18:b7:26:85:2f:
ba:ba:11:86:aa:ad:77:70:fa:fb:33:8e:08:44:4c:
fe:44:40:35:2d:e8:8b:fa:cc:b4:82:db:ec:61:26:
d0:9f:81:5f:83:e6:7c:53:e1:c2:7f:50:41:87:0d:
b5:59:71:c3:d5:51:b1:55:f6:0d:69:df:4f:b4:e1:
eb:4e:c5:7e:44:5b:cc:18:b9:02:6b:1a:39:d8:d3:
02:30:a5:83:3c:6e:e4:c7:af:46:e8:95:77:73:e7:
c2:18:5f:a9:cf:1d:37:9c:42:12:ec:4f:11:5b:9a:
e4:42:13:65:1b:b4:15:ff:3c:63:f5:10:af:87:fa:
f1:32:84:21:bc:fa:df:b9:45:44:45:cb:72:45:13:
35:42:8f:29:a0:e1:2f:d3:65:ff:e1:c7:f0:fa:98:
c3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:12:7F:87:F6:6A:79:F7:84:5B:86:5A:29:AA:3B:4E:E0:EB:E6:AC
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/B717D0B42AC411EDA91BCB76C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0/24
103.11.62.0/23
113.203.208.0-113.203.219.255
113.203.223.0/24
113.203.228.0/23
113.203.231.0/24
113.203.234.0-113.203.240.255
113.203.242.0-113.203.247.255
180.178.128.0/23
180.178.132.0/22
180.178.137.0-180.178.145.255
180.178.149.0-180.178.157.255
180.178.159.0-180.178.162.255
180.178.164.0-180.178.168.255
180.178.172.0/22
180.178.180.0/22
223.29.224.0/23
223.29.232.0/21
IPv6:
2401:4100::-2401:4100:8000:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
64:81:bf:fa:09:75:7f:b2:55:18:70:a8:8e:0c:22:aa:dd:59:
ee:37:48:6c:e0:16:15:fe:40:05:cf:54:de:6f:a0:2a:90:34:
2d:ae:dd:e3:ac:b5:53:ad:a1:73:40:89:e4:2b:11:c4:f4:f4:
3e:e2:4e:ba:a9:91:fa:1e:42:dc:02:40:1d:de:bb:62:0a:46:
a3:dd:99:86:fb:8b:6c:2e:f5:54:da:c7:4d:5a:0e:40:d9:65:
e5:59:13:4e:f3:bf:f2:f3:1e:f2:77:57:50:66:ac:81:c1:f6:
d3:f9:b9:b5:19:18:dc:15:88:68:ec:35:ab:c7:2d:a6:e1:0e:
30:dc:30:4b:ea:cd:dd:18:c8:c4:cb:72:e4:28:ab:4d:ab:23:
d9:be:5f:b6:09:3b:8d:cb:67:ee:55:9f:6b:5f:4f:27:26:60:
a7:a6:76:c3:e8:72:fb:89:7d:b9:44:8b:05:06:ec:2b:22:a8:
af:3c:0c:85:a8:6d:91:47:3e:74:86:a8:05:7e:d5:a7:f9:04:
fc:ee:d2:a9:b1:89:d1:40:6e:f2:0f:8e:15:ed:c6:36:f5:5e:
8c:54:21:e8:ee:9e:b8:20:f6:49:1c:da:1d:87:1d:4b:11:ea:
ef:94:da:55:59:1b:12:c8:b1:e4:31:18:f3:d9:8a:86:38:2b:
9f:ba:68:7f
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgICCF8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIwOTAyMTMzOTQ5WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzEyMDdhNS1iOTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvIdNJtlPoprBCw6ms0MgLF+egrEPHSCKc3QkO9Oz1YsrJ96nLDbPXZN9ucD5
DFfINGXR8JV5ulaZknC8/Bhq5jKS/Q40OfBI7MyZ8oGRMSQdzDjKqT9BlizZXffE
jEuzWlWkGLcmhS+6uhGGqq13cPr7M44IREz+REA1LeiL+sy0gtvsYSbQn4Ffg+Z8
U+HCf1BBhw21WXHD1VGxVfYNad9PtOHrTsV+RFvMGLkCaxo52NMCMKWDPG7kx69G
6JV3c+fCGF+pzx03nEIS7E8RW5rkQhNlG7QV/zxj9RCvh/rxMoQhvPrfuUVERcty
RRM1Qo8poOEv02X/4cfw+pjDmwIDAQABo4IDUTCCA00wHQYDVR0OBBYEFJkSf4f2
ann3hFuGWimqO07g6+asMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvQjcxN0QwQjQy
QUM0MTFFREE5MUJDQjc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdoGCCsGAQUFBwEHAQH/
BIHKMIHHMIGrBAIAATCBpAMEAGcLPAMEAWcLPjAMAwQEccvQAwQCccvYAwQAccvf
AwQBccvkAwQAccvnMAwDBAFxy+oDBABxy/AwDAMEAXHL8gMEA3HL8AMEAbSygAME
ArSyhDAMAwQAtLKJAwQBtLKQMAwDBAC0spUDBAG0spwwDAMEALSynwMEALSyojAM
AwQCtLKkAwQAtLKoAwQCtLKsAwQCtLK0AwQB3x3gAwQD3x3oMBcEAgACMBEwDwME
ACQBQQMHACQBQQCAADANBgkqhkiG9w0BAQsFAAOCAQEAZIG/+gl1f7JVGHCojgwi
qt1Z7jdIbOAWFf5ABc9U3m+gKpA0La7d46y1U62hc0CJ5CsRxPT0PuJOuqmR+h5C
3AJAHd67YgpGo92ZhvuLbC71VNrHTVoOQNll5VkTTvO/8vMe8ndXUGasgcH20/m5
tRkY3BWIaOw1q8ctpuEOMNwwS+rN3RjIxMty5CirTasj2b5ftgk7jctn7lWfa19P
JyZgp6Z2w+hy+4l9uUSLBQbsKyKorzwMhahtkUc+dIaoBX7Vp/kE/O7SqbGJ0UBu
8g+OFe3GNvVejFQh6O6euCD2SRzaHYcdSxHq75TaVVkbEsix5DEY89mKhjgrn7po
fw==
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:59:20 2025 by rpki-client