Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911AE4A/14135E60651611EDA632214FC4F9AE02/8317209CE04511EF8BD5FA0EC4F9AE02.roa
File: 8317209CE04511EF8BD5FA0EC4F9AE02.roa (raw, json)
Hash identifier: NSXJFLhEfsiv/QK2Yd/El5K1xruPxDto27c64G8OhpM=
Subject key identifier: 06:82:27:62:20:65:AC:DD:C8:48:43:CA:14:ED:ED:07:0C:01:D0:14
Certificate issuer: /CN=A911AE4A/serialNumber=C070A495B383E59D4571B6B17D8A9289AAED1825
Certificate serial: 01E5
Authority key identifier: C0:70:A4:95:B3:83:E5:9D:45:71:B6:B1:7D:8A:92:89:AA:ED:18:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wHCklbOD5Z1FcbaxfYqSiartGCU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911AE4A/14135E60651611EDA632214FC4F9AE02/8317209CE04511EF8BD5FA0EC4F9AE02.roa
Signing time: Sat 03 May 2025 02:38:58 +0000
ROA not before: Sat 03 May 2025 02:38:58 +0000
ROA not after: Tue 02 Sep 2025 00:00:00 +0000
asID: 150422
IP address blocks: 103.38.208.0/23 maxlen: 23
103.38.208.0/24 maxlen: 24
103.38.209.0/24 maxlen: 24
2400:c060::/32 maxlen: 40
2400:c060::/48 maxlen: 48
2400:c060:1::/48 maxlen: 48
2400:c060:2::/48 maxlen: 48
2400:c060:3::/48 maxlen: 48
2400:c060:4::/48 maxlen: 48
2400:c060:5::/48 maxlen: 48
2400:c060:6::/48 maxlen: 48
2400:c060:7::/48 maxlen: 48
2400:c060:8::/48 maxlen: 48
2400:c060:9::/48 maxlen: 48
2400:c060:a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 485 (0x1e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AE4A, serialNumber=C070A495B383E59D4571B6B17D8A9289AAED1825
Validity
Not Before: May 3 02:38:58 2025 GMT
Not After : Sep 2 00:00:00 2025 GMT
Subject: CN=681581c2-323a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7d:56:d0:ca:ca:b3:69:95:5e:d5:0e:54:f4:
0d:5f:9a:24:85:fe:58:a2:a4:e6:74:3d:01:2d:2d:
35:c6:a5:bf:4d:48:33:08:01:ee:97:e8:9d:25:43:
b5:3d:8a:76:a3:99:b8:aa:e4:93:5c:c3:82:1e:86:
ef:a7:5c:7e:31:36:da:20:38:bf:ce:56:ec:4c:d1:
1f:23:b6:ac:fa:7a:09:64:b8:22:2c:bd:40:ee:c1:
ce:56:80:ed:c3:be:59:b0:4d:12:a2:f9:e2:ba:cc:
7c:22:46:3b:22:68:9e:a0:df:55:e4:dd:b9:78:54:
be:fa:89:4c:4f:86:89:f0:fc:54:89:7c:04:e8:af:
a2:fd:b5:e8:85:93:37:b9:f6:b3:aa:59:d0:58:31:
09:7c:3e:d4:a8:55:f6:2c:26:ca:5f:78:a9:d4:12:
15:fa:d7:a1:82:50:1c:8e:a4:c9:5f:d1:ca:d6:68:
09:26:c7:c2:52:27:9d:59:b5:41:f4:1a:f1:09:bf:
54:19:a8:ef:01:8b:c8:08:f0:9b:3e:7f:f9:02:54:
0a:17:9e:3b:f4:9c:d2:15:0f:92:57:11:23:21:ee:
93:b9:dc:1a:b6:1b:b3:81:1f:0b:7d:be:a1:8e:09:
be:19:45:42:85:36:77:27:ee:23:ce:52:eb:58:0e:
6b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:82:27:62:20:65:AC:DD:C8:48:43:CA:14:ED:ED:07:0C:01:D0:14
X509v3 Authority Key Identifier:
keyid:C0:70:A4:95:B3:83:E5:9D:45:71:B6:B1:7D:8A:92:89:AA:ED:18:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911AE4A/14135E60651611EDA632214FC4F9AE02/wHCklbOD5Z1FcbaxfYqSiartGCU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wHCklbOD5Z1FcbaxfYqSiartGCU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AE4A/14135E60651611EDA632214FC4F9AE02/8317209CE04511EF8BD5FA0EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.38.208.0/23
IPv6:
2400:c060::/32
Signature Algorithm: sha256WithRSAEncryption
b6:a9:6c:a3:2c:db:8b:55:47:ad:67:29:e9:2d:c1:d8:0a:50:
b8:ed:6b:4c:c4:ec:68:ff:ac:07:68:f7:c4:7c:2f:fa:eb:9d:
73:c7:25:3f:1d:45:b4:cd:07:55:98:c6:78:21:30:ac:32:6b:
d5:48:1d:49:70:0b:40:33:d8:20:2a:75:94:31:a5:a6:9a:5e:
b9:7a:c0:ce:fc:76:45:54:cb:98:40:e9:0a:4c:75:8d:be:55:
6a:be:3c:d1:ae:f5:f8:77:3d:e0:1a:ee:28:7b:6e:90:b8:ba:
46:6e:72:79:b0:4b:71:e7:80:2f:c5:98:16:a7:dd:8c:ae:37:
19:75:ac:05:b9:93:79:bf:b5:51:37:79:f4:14:34:a0:64:68:
2a:92:ba:d3:55:b6:f2:d3:08:38:ec:d8:17:d5:d0:7f:45:d8:
bb:e5:7b:a2:08:38:d1:ab:b4:1e:22:e9:55:cc:d4:f3:af:98:
ff:5c:be:b5:8e:33:4e:ca:39:8b:bf:ac:29:bc:92:a4:ce:57:
c2:32:a3:9e:52:4f:74:e1:c9:08:a1:4f:e8:03:83:23:e9:fd:
af:5c:01:57:67:27:87:15:03:f9:b7:2b:27:f8:10:45:5b:c7:
a9:7a:e9:f9:32:15:54:30:e6:45:ca:bf:e3:4e:8a:7a:54:d6:
33:9d:64:03
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUFFNEExMTAvBgNVBAUTKEMwNzBBNDk1QjM4M0U1OUQ0NTcxQjZCMTdEOEE5Mjg5
QUFFRDE4MjUwHhcNMjUwNTAzMDIzODU4WhcNMjUwOTAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODE1ODFjMi0zMjNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzX1W0MrKs2mVXtUOVPQNX5okhf5YoqTmdD0BLS01xqW/TUgzCAHul+idJUO1
PYp2o5m4quSTXMOCHobvp1x+MTbaIDi/zlbsTNEfI7as+noJZLgiLL1A7sHOVoDt
w75ZsE0Sovniusx8IkY7ImieoN9V5N25eFS++olMT4aJ8PxUiXwE6K+i/bXohZM3
ufazqlnQWDEJfD7UqFX2LCbKX3ip1BIV+tehglAcjqTJX9HK1mgJJsfCUiedWbVB
9BrxCb9UGajvAYvICPCbPn/5AlQKF5479JzSFQ+SVxEjIe6TudwathuzgR8Lfb6h
jgm+GUVChTZ3J+4jzlLrWA5rMwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAaCJ2Ig
ZazdyEhDyhTt7QcMAdAUMB8GA1UdIwQYMBaAFMBwpJWzg+WdRXG2sX2Kkomq7Rgl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUU0QS8xNDEzNUU2MDY1
MTYxMUVEQTYzMjIxNEZDNEY5QUUwMi93SENrbGJPRDVaMUZjYmF4ZllxU2lhcnRH
Q1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dIQ2tsYk9ENVoxRmNiYXhmWXFTaWFydEdDVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUFFNEEvMTQxMzVFNjA2NTE2MTFFREE2MzIyMTRGQzRGOUFFMDIvODMxNzIwOUNF
MDQ1MTFFRjhCRDVGQTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnJtAwDQQCAAIwBwMFACQAwGAwDQYJKoZIhvcNAQELBQAD
ggEBALapbKMs24tVR61nKektwdgKULjta0zE7Gj/rAdo98R8L/rrnXPHJT8dRbTN
B1WYxnghMKwya9VIHUlwC0Az2CAqdZQxpaaaXrl6wM78dkVUy5hA6QpMdY2+VWq+
PNGu9fh3PeAa7ih7bpC4ukZucnmwS3HngC/FmBan3YyuNxl1rAW5k3m/tVE3efQU
NKBkaCqSutNVtvLTCDjs2BfV0H9F2Lvle6IIONGrtB4i6VXM1POvmP9cvrWOM07K
OYu/rCm8kqTOV8Iyo55ST3ThyQihT+gDgyPp/a9cAVdnJ4cVA/m3Kyf4EEVbx6l6
6fkyFVQw5kXKv+NOinpU1jOdZAM=
-----END CERTIFICATE-----
Generated at Wed Jun 18 06:37:05 2025 by rpki-client