Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/EEC42F86232311EFAF815012C4F9AE02.roa
File: EEC42F86232311EFAF815012C4F9AE02.roa (raw, json)
Hash identifier: dmDX5d8Ee6EDnk/9c9IbholerFQLcJ0sPLUNE3zziAE=
Subject key identifier: 83:54:54:C8:19:5B:C3:90:17:04:CF:E3:63:0B:8F:B6:5E:E1:29:2F
Certificate issuer: /CN=A91F4FB0/serialNumber=876E6813BF2C1811CD11DE99281ACD44BEC0DE73
Certificate serial: C9
Authority key identifier: 87:6E:68:13:BF:2C:18:11:CD:11:DE:99:28:1A:CD:44:BE:C0:DE:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h25oE78sGBHNEd6ZKBrNRL7A3nM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/EEC42F86232311EFAF815012C4F9AE02.roa
Signing time: Wed 29 Jan 2025 05:08:50 +0000
ROA not before: Wed 29 Jan 2025 05:08:50 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 149172
IP address blocks: 103.177.196.0/23 maxlen: 23
103.177.196.0/23 maxlen: 24
2400:3d20::/36 maxlen: 36
2400:3d20:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 201 (0xc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F4FB0
Validity
Not Before: Jan 29 05:08:50 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6799b7e1-745c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c2:6f:65:32:c1:73:80:61:57:39:1f:7f:0f:
53:f4:cb:a7:d2:b8:f8:12:d1:96:42:d2:bd:6a:05:
f3:3a:14:49:91:47:65:e5:d5:7b:e7:92:33:d1:9d:
62:26:4d:62:58:79:eb:c7:2e:7a:c9:48:fc:c5:bf:
2f:9b:7b:8f:66:ad:44:8a:75:21:66:63:c2:9c:40:
e1:8b:a1:0b:88:64:11:0e:a6:9e:fe:72:b1:f5:a0:
f3:94:00:82:1d:c9:a1:81:c0:cd:35:8d:d7:c7:2b:
30:b1:2b:c3:42:03:16:40:53:7c:30:a6:74:49:a6:
08:43:65:8d:33:d7:17:4a:c1:db:cc:4c:3b:29:ef:
9e:a8:fa:5b:8a:62:65:6d:c0:79:04:a8:16:fb:6c:
5d:73:ba:37:0b:5a:e0:bc:59:59:e5:89:55:12:ee:
f0:f3:34:af:1b:6a:2d:b3:af:f5:54:e3:7b:f3:11:
44:e1:d8:cf:49:1d:53:97:33:2b:16:8d:26:14:fc:
80:13:72:d8:fd:f3:bf:67:d7:85:19:92:a9:bf:f1:
76:27:ad:ab:c9:b8:0b:56:6d:32:36:3d:3b:5f:d6:
85:0b:35:5e:51:66:7b:43:55:f6:c9:51:2d:3f:81:
ee:15:28:5b:8b:21:bd:14:15:8a:09:61:9b:4f:3e:
ef:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:54:54:C8:19:5B:C3:90:17:04:CF:E3:63:0B:8F:B6:5E:E1:29:2F
X509v3 Authority Key Identifier:
keyid:87:6E:68:13:BF:2C:18:11:CD:11:DE:99:28:1A:CD:44:BE:C0:DE:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/h25oE78sGBHNEd6ZKBrNRL7A3nM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h25oE78sGBHNEd6ZKBrNRL7A3nM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/EEC42F86232311EFAF815012C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.196.0/23
IPv6:
2400:3d20::-2400:3d20:10ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7c:1e:ff:08:02:ee:af:e4:5c:9c:28:0a:82:3d:60:7d:e2:df:
11:13:90:6d:2b:68:6b:70:df:0e:c0:b4:50:02:7d:50:62:5c:
f4:89:22:2c:77:cb:58:18:9f:68:86:3f:3b:b5:f5:65:80:5a:
71:82:09:c0:70:64:82:35:cf:be:79:23:42:6f:74:9e:8b:07:
74:b1:6f:96:12:f7:d6:24:11:d5:f5:25:63:3e:85:70:39:b8:
32:3e:c6:5e:49:85:96:f9:dc:94:f8:7f:b5:b0:1a:82:8d:b9:
2f:6b:10:5d:24:f5:b7:21:42:52:47:5e:61:f6:0c:37:a3:17:
05:a1:4a:d6:cc:98:d1:b5:e4:33:5d:d2:25:e8:b8:80:de:54:
17:56:32:6f:ad:15:92:3f:ee:23:2b:7f:cc:a5:e5:df:fa:ec:
19:37:d5:1a:34:52:25:ce:b0:b7:96:3d:0a:9b:fc:c9:47:8b:
0c:e0:1b:0f:4b:1a:7e:9a:1b:9b:95:95:54:0a:11:32:a6:85:
b5:4b:37:61:27:c3:aa:2e:08:b5:60:04:2e:c2:9c:66:da:65:
a3:40:59:d2:c6:e4:6d:18:62:c7:31:b4:88:9f:44:d7:a2:6e:
ef:d8:dc:e1:fe:8f:22:36:44:46:55:41:51:6c:4e:54:65:aa:
de:4d:bf:8d
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjRGQjAxMTAvBgNVBAUTKDg3NkU2ODEzQkYyQzE4MTFDRDExREU5OTI4MUFDRDQ0
QkVDMERFNzMwHhcNMjUwMTI5MDUwODUwWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk5YjdlMS03NDVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1MJvZTLBc4BhVzkffw9T9Mun0rj4EtGWQtK9agXzOhRJkUdl5dV755Iz0Z1i
Jk1iWHnrxy56yUj8xb8vm3uPZq1EinUhZmPCnEDhi6ELiGQRDqae/nKx9aDzlACC
HcmhgcDNNY3XxyswsSvDQgMWQFN8MKZ0SaYIQ2WNM9cXSsHbzEw7Ke+eqPpbimJl
bcB5BKgW+2xdc7o3C1rgvFlZ5YlVEu7w8zSvG2ots6/1VON78xFE4djPSR1TlzMr
Fo0mFPyAE3LY/fO/Z9eFGZKpv/F2J62rybgLVm0yNj07X9aFCzVeUWZ7Q1X2yVEt
P4HuFShbiyG9FBWKCWGbTz7vNwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFINUVMgZ
W8OQFwTP42MLj7Ze4SkvMB8GA1UdIwQYMBaAFIduaBO/LBgRzRHemSgazUS+wN5z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNEZCMC8wNThDRUMxNDE5
QkQxMUVGQkQzM0UwODJDNEY5QUUwMi9oMjVvRTc4c0dCSE5FZDZaS0JyTlJMN0Ez
bk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2gyNW9FNzhzR0JITkVkNlpLQnJOUkw3QTNuTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjRGQjAvMDU4Q0VDMTQxOUJEMTFFRkJEMzNFMDgyQzRGOUFFMDIvRUVDNDJGODYy
MzIzMTFFRkFGODE1MDEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E
KTAnMAwEAgABMAYDBAFnscQwFwQCAAIwETAPAwUFJAA9IAMGACQAPSAQMA0GCSqG
SIb3DQEBCwUAA4IBAQB8Hv8IAu6v5FycKAqCPWB94t8RE5BtK2hrcN8OwLRQAn1Q
Ylz0iSIsd8tYGJ9ohj87tfVlgFpxggnAcGSCNc++eSNCb3Seiwd0sW+WEvfWJBHV
9SVjPoVwObgyPsZeSYWW+dyU+H+1sBqCjbkvaxBdJPW3IUJSR15h9gw3oxcFoUrW
zJjRteQzXdIl6LiA3lQXVjJvrRWSP+4jK3/MpeXf+uwZN9UaNFIlzrC3lj0Km/zJ
R4sM4BsPSxp+mhublZVUChEypoW1SzdhJ8OqLgi1YAQuwpxm2mWjQFnSxuRtGGLH
MbSIn0TXom7v2Nzh/o8iNkRGVUFRbE5UZareTb+N
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:16:30 2025 by rpki-client