Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8806/39D087AAD69811EEA544B438C4F9AE02/905F46DEE05A11EFA20EC133C4F9AE02.roa
File: 905F46DEE05A11EFA20EC133C4F9AE02.roa (raw, json)
Hash identifier: NVqWotupuz8BWtoYreL5BX+y3xeJG+CMVF0kE4qkEmg=
Subject key identifier: 78:48:55:1A:8A:12:D6:A5:21:4E:77:60:B6:1F:D2:CC:DC:04:CE:D3
Certificate issuer: /CN=A91F8806/serialNumber=ED1E63C4CA85204ECBAD26CE2C9462645E0B1CAD
Certificate serial: C9
Authority key identifier: ED:1E:63:C4:CA:85:20:4E:CB:AD:26:CE:2C:94:62:64:5E:0B:1C:AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R5jxMqFIE7LrSbOLJRiZF4LHK0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F8806/39D087AAD69811EEA544B438C4F9AE02/905F46DEE05A11EFA20EC133C4F9AE02.roa
Signing time: Mon 03 Mar 2025 07:29:45 +0000
ROA not before: Mon 03 Mar 2025 07:29:44 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 9821
IP address blocks: 103.80.140.0/22 maxlen: 22
202.90.128.0/19 maxlen: 19
202.90.135.0/24 maxlen: 24
202.90.155.0/24 maxlen: 24
203.211.56.0/22 maxlen: 22
2001:d18::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 201 (0xc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F8806
Validity
Not Before: Mar 3 07:29:44 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67c55a68-f1ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7c:33:32:44:f4:32:0d:43:ab:a5:21:9e:c8:
78:ed:cf:4e:84:e1:2b:0c:36:ed:04:3a:bb:2e:64:
09:46:c9:28:61:ec:f8:c7:49:84:c6:73:39:8a:a4:
41:a5:48:77:c4:67:30:ee:bd:3e:23:96:47:cf:39:
9f:95:9d:ad:db:19:d5:ed:e1:a6:46:95:ea:d3:e3:
da:bb:0d:35:ae:67:77:c8:d9:29:f5:00:be:c5:52:
d0:89:ba:ef:04:9f:1b:21:c8:63:c2:11:34:7d:9e:
df:9d:e0:a9:78:a5:03:48:4a:c3:3f:d8:e5:45:fb:
20:6c:fa:d9:2e:ca:a9:68:5e:58:26:01:e0:04:c7:
94:42:b2:4d:5c:17:63:ce:dc:7a:7b:4b:e8:36:8e:
a3:6f:26:50:64:f5:e4:34:1f:07:fd:7d:5c:24:88:
4f:48:8c:0b:7b:b1:c4:0a:de:da:b5:bf:18:9e:c9:
8e:28:84:90:8d:72:69:0a:e5:2a:f5:01:2c:be:8b:
3e:e0:82:44:e5:dc:de:9f:d1:8c:7d:00:a3:b6:a5:
c4:f3:74:2a:4c:f1:9e:49:27:5f:2e:bd:53:11:4a:
fb:a6:01:4d:7e:dc:28:80:08:c5:8b:ad:7a:c8:be:
d4:a4:c8:6b:b2:ad:57:f0:77:de:21:42:c0:18:e6:
54:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:48:55:1A:8A:12:D6:A5:21:4E:77:60:B6:1F:D2:CC:DC:04:CE:D3
X509v3 Authority Key Identifier:
keyid:ED:1E:63:C4:CA:85:20:4E:CB:AD:26:CE:2C:94:62:64:5E:0B:1C:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F8806/39D087AAD69811EEA544B438C4F9AE02/7R5jxMqFIE7LrSbOLJRiZF4LHK0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R5jxMqFIE7LrSbOLJRiZF4LHK0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8806/39D087AAD69811EEA544B438C4F9AE02/905F46DEE05A11EFA20EC133C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.80.140.0/22
202.90.128.0/19
203.211.56.0/22
IPv6:
2001:d18::/32
Signature Algorithm: sha256WithRSAEncryption
95:2f:4a:e9:b5:1a:5a:79:a0:ad:be:fc:75:99:98:b3:15:d9:
10:42:2f:be:6f:15:bf:0b:5b:e4:d5:f9:e5:42:e0:56:50:d1:
79:97:af:4e:6b:80:97:19:3b:6c:8d:2d:af:5f:5f:f0:4d:e2:
da:14:18:4d:a8:17:7c:1c:ed:d2:7d:e6:6c:f6:8e:11:6b:90:
a0:46:6d:cb:2b:f2:40:c3:06:f0:c0:6b:79:1d:38:c4:2e:8f:
57:51:42:3b:ef:94:9b:3e:2a:0c:fc:8a:c3:21:47:51:87:3d:
0a:fc:4f:a4:7a:f1:93:f0:df:37:c6:40:50:82:a3:0d:5f:5e:
49:0f:d9:af:ae:47:2c:84:bf:56:31:96:58:aa:d5:27:85:e2:
2c:e7:ce:ca:4c:3a:d4:77:7f:37:f5:12:3f:4a:de:5a:63:7c:
fe:4f:30:98:d1:d7:d1:fa:b5:a3:7f:96:b2:59:c7:f8:da:35:
4a:d6:7f:2e:77:29:b8:09:36:28:e3:df:e7:41:ff:5a:59:9b:
c0:ae:35:ed:e7:24:15:3b:d5:b1:b7:12:86:ea:e2:b2:6c:28:
d8:40:63:01:6f:ab:91:b3:05:f4:b0:5c:0b:fd:e1:65:2f:88:
a6:06:9d:d7:93:df:e9:18:46:89:fe:04:eb:c8:32:72:2e:bf:
e5:59:5b:50
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjg4MDYxMTAvBgNVBAUTKEVEMUU2M0M0Q0E4NTIwNEVDQkFEMjZDRTJDOTQ2MjY0
NUUwQjFDQUQwHhcNMjUwMzAzMDcyOTQ0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M1NWE2OC1mMWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvnwzMkT0Mg1Dq6Uhnsh47c9OhOErDDbtBDq7LmQJRskoYez4x0mExnM5iqRB
pUh3xGcw7r0+I5ZHzzmflZ2t2xnV7eGmRpXq0+Pauw01rmd3yNkp9QC+xVLQibrv
BJ8bIchjwhE0fZ7fneCpeKUDSErDP9jlRfsgbPrZLsqpaF5YJgHgBMeUQrJNXBdj
ztx6e0voNo6jbyZQZPXkNB8H/X1cJIhPSIwLe7HECt7atb8YnsmOKISQjXJpCuUq
9QEsvos+4IJE5dzen9GMfQCjtqXE83QqTPGeSSdfLr1TEUr7pgFNftwogAjFi616
yL7UpMhrsq1X8HfeIULAGOZUmQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFHhIVRqK
EtalIU53YLYf0szcBM7TMB8GA1UdIwQYMBaAFO0eY8TKhSBOy60mziyUYmReCxyt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODgwNi8zOUQwODdBQUQ2
OTgxMUVFQTU0NEI0MzhDNEY5QUUwMi83UjVqeE1xRklFN0xyU2JPTEpSaVpGNExI
SzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdSNWp4TXFGSUU3THJTYk9MSlJpWkY0TEhLMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjg4MDYvMzlEMDg3QUFENjk4MTFFRUE1NDRCNDM4QzRGOUFFMDIvOTA1RjQ2REVF
MDVBMTFFRkEyMEVDMTMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAJnUIwDBAXKWoADBALL0zgwDQQCAAIwBwMFACABDRgwDQYJ
KoZIhvcNAQELBQADggEBAJUvSum1Glp5oK2+/HWZmLMV2RBCL75vFb8LW+TV+eVC
4FZQ0XmXr05rgJcZO2yNLa9fX/BN4toUGE2oF3wc7dJ95mz2jhFrkKBGbcsr8kDD
BvDAa3kdOMQuj1dRQjvvlJs+Kgz8isMhR1GHPQr8T6R68ZPw3zfGQFCCow1fXkkP
2a+uRyyEv1Yxlliq1SeF4iznzspMOtR3fzf1Ej9K3lpjfP5PMJjR19H6taN/lrJZ
x/jaNUrWfy53KbgJNijj3+dB/1pZm8CuNe3nJBU71bG3Eobq4rJsKNhAYwFvq5Gz
BfSwXAv94WUviKYGndeT3+kYRon+BOvIMnIuv+VZW1A=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:19:30 2025 by rpki-client