Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/057FD54C797611EFAD5DCD6DC4F9AE02.roa
File: 057FD54C797611EFAD5DCD6DC4F9AE02.roa (raw, json)
Hash identifier: IIcRFMkWVb72LioRJMwB/nH0T6BzbBtQr1NPRFzqssc=
Subject key identifier: 24:1A:AE:BE:84:72:C2:B9:24:A9:F8:1F:DC:D1:76:E1:79:B0:59:96
Certificate issuer: /CN=A91B88CA/serialNumber=F625E6CC039026FF5BC9D6BDC42D8D1C18ABF33B
Certificate serial: 79
Authority key identifier: F6:25:E6:CC:03:90:26:FF:5B:C9:D6:BD:C4:2D:8D:1C:18:AB:F3:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9iXmzAOQJv9byda9xC2NHBir8zs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/057FD54C797611EFAD5DCD6DC4F9AE02.roa
Signing time: Thu 05 Dec 2024 08:33:27 +0000
ROA not before: Thu 05 Dec 2024 08:33:27 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 135883
IP address blocks: 103.67.52.0/23 maxlen: 23
103.67.52.0/24 maxlen: 24
103.67.53.0/24 maxlen: 24
103.117.136.0/22 maxlen: 22
103.117.136.0/24 maxlen: 24
103.117.137.0/24 maxlen: 24
103.117.138.0/24 maxlen: 24
103.117.139.0/24 maxlen: 24
2403:1a40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121 (0x79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B88CA
Validity
Not Before: Dec 5 08:33:27 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67516556-1018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:89:5f:d2:df:06:11:ad:1f:32:55:6b:67:3e:
58:a3:f3:54:67:e4:f6:5f:93:47:bc:c9:25:43:b6:
b4:3d:09:89:c9:26:c7:8e:19:fd:5c:2c:22:77:1a:
ab:34:8f:bd:b4:d6:34:8d:d2:ae:5e:cd:be:82:36:
74:e9:01:20:c1:a9:a4:0d:b6:f3:b8:08:6d:b6:9f:
3a:56:ac:9f:77:8a:de:5e:17:06:ed:71:15:d5:00:
13:15:c8:60:6a:78:67:b1:80:a7:6b:e5:41:7d:e2:
29:06:e3:d5:a2:13:35:ba:4a:84:31:21:50:09:f9:
ab:c2:2b:a6:38:8f:fc:58:cc:32:a2:7b:e4:b1:fd:
83:8b:f3:8d:5f:ba:48:68:0b:2f:8f:2b:7b:93:7d:
7d:a6:c1:bb:51:25:93:1f:96:45:dc:cc:96:9a:f4:
29:0f:f6:a9:58:df:8f:0c:67:e4:8f:a0:77:31:56:
b7:34:5d:e3:4f:89:f6:61:9d:08:c2:7b:49:55:6b:
1d:13:eb:5e:b5:44:57:58:2c:4e:b2:39:36:f6:d1:
03:dc:9b:29:96:a2:f0:87:d3:8a:e2:62:61:3d:38:
27:1b:81:d1:10:b6:b8:2d:38:13:ff:66:56:7c:24:
2a:3b:c2:73:3d:e6:4a:5f:3c:1d:54:3b:02:0e:56:
fb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:1A:AE:BE:84:72:C2:B9:24:A9:F8:1F:DC:D1:76:E1:79:B0:59:96
X509v3 Authority Key Identifier:
keyid:F6:25:E6:CC:03:90:26:FF:5B:C9:D6:BD:C4:2D:8D:1C:18:AB:F3:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/9iXmzAOQJv9byda9xC2NHBir8zs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9iXmzAOQJv9byda9xC2NHBir8zs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/057FD54C797611EFAD5DCD6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.67.52.0/23
103.117.136.0/22
IPv6:
2403:1a40::/32
Signature Algorithm: sha256WithRSAEncryption
98:74:16:c7:3d:4f:a0:f5:03:d6:02:91:83:32:da:dd:4c:a1:
b6:12:5f:6a:6c:e5:57:b9:79:40:aa:3b:fa:c4:62:66:88:95:
cf:29:37:e5:22:2f:80:5c:9b:91:9e:d8:ac:b4:3f:9f:51:a2:
1e:8b:ff:b2:95:27:cf:2d:3f:83:54:06:da:69:a0:8e:d2:ce:
f3:ec:ab:94:11:3b:b9:15:0e:db:b4:97:bf:64:d7:48:06:3f:
b5:9f:8e:f6:9b:1a:0e:03:f0:0d:84:73:97:f6:ef:58:cd:e9:
5d:b4:6b:c9:1f:9d:9e:ab:6b:31:7c:ba:f2:47:d2:78:9a:d3:
7b:ec:df:e2:d1:af:dd:4b:f0:51:e5:68:c5:9d:42:f0:d7:8a:
49:27:eb:82:51:1b:4f:22:af:b0:c7:0b:44:d7:cd:2e:c6:20:
06:e8:05:f6:c0:6b:54:46:78:fc:7e:e2:00:c5:40:c1:64:da:
1b:30:91:cc:7e:56:97:99:8d:78:2e:b0:b9:d5:7b:d6:1c:15:
ec:a3:19:0e:6d:4b:43:c7:2c:0c:a2:26:7b:69:c8:4a:ba:1d:
28:c8:72:91:c5:37:96:ac:33:f2:1b:3d:79:ec:ee:c5:7e:53:
b6:b4:83:6f:74:9d:83:d1:2d:11:7d:0f:f2:23:69:79:08:4a:
20:17:c7:c2
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBeTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
ODhDQTExMC8GA1UEBRMoRjYyNUU2Q0MwMzkwMjZGRjVCQzlENkJEQzQyRDhEMUMx
OEFCRjMzQjAeFw0yNDEyMDUwODMzMjdaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NTE2NTU2LTEwMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3iV/S3wYRrR8yVWtnPlij81Rn5PZfk0e8ySVDtrQ9CYnJJseOGf1cLCJ3Gqs0
j7201jSN0q5ezb6CNnTpASDBqaQNtvO4CG22nzpWrJ93it5eFwbtcRXVABMVyGBq
eGexgKdr5UF94ikG49WiEzW6SoQxIVAJ+avCK6Y4j/xYzDKie+Sx/YOL841fukho
Cy+PK3uTfX2mwbtRJZMflkXczJaa9CkP9qlY348MZ+SPoHcxVrc0XeNPifZhnQjC
e0lVax0T6161RFdYLE6yOTb20QPcmymWovCH04riYmE9OCcbgdEQtrgtOBP/ZlZ8
JCo7wnM95kpfPB1UOwIOVvvRAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQUJBquvoRy
wrkkqfgf3NF24XmwWZYwHwYDVR0jBBgwFoAU9iXmzAOQJv9byda9xC2NHBir8zsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI4OENBLzU2OTZFNzQ2MzQ2
NTExRUZBRjZERUI0RUM0RjlBRTAyLzlpWG16QU9RSnY5YnlkYTl4QzJOSEJpcjh6
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOWlYbXpBT1FKdjlieWRhOXhDMk5IQmlyOHpzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
ODhDQS81Njk2RTc0NjM0NjUxMUVGQUY2REVCNEVDNEY5QUUwMi8wNTdGRDU0Qzc5
NzYxMUVGQUQ1RENENkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAWdDNAMEAmd1iDANBAIAAjAHAwUAJAMaQDANBgkqhkiG9w0B
AQsFAAOCAQEAmHQWxz1PoPUD1gKRgzLa3UyhthJfamzlV7l5QKo7+sRiZoiVzyk3
5SIvgFybkZ7YrLQ/n1GiHov/spUnzy0/g1QG2mmgjtLO8+yrlBE7uRUO27SXv2TX
SAY/tZ+O9psaDgPwDYRzl/bvWM3pXbRryR+dnqtrMXy68kfSeJrTe+zf4tGv3Uvw
UeVoxZ1C8NeKSSfrglEbTyKvsMcLRNfNLsYgBugF9sBrVEZ4/H7iAMVAwWTaGzCR
zH5Wl5mNeC6wudV71hwV7KMZDm1LQ8csDKIme2nISrodKMhykcU3lqwz8hs9eezu
xX5TtrSDb3Sdg9EtEX0P8iNpeQhKIBfHwg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:20:16 2025 by rpki-client