Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB2EB/430B5A78BF4311EE8FD30758C4F9AE02/B96DD308BF4311EE844DDD58C4F9AE02.roa
File: B96DD308BF4311EE844DDD58C4F9AE02.roa (raw, json)
Hash identifier: CHWwiBoqVfGSoUjKXV1vohV3Io3pYex631KwXmxz4bs=
Subject key identifier: B3:AD:9C:3F:88:3C:40:7D:47:B7:A9:FD:2E:50:33:B2:1E:D3:7B:31
Certificate issuer: /CN=A91AB2EB/serialNumber=5559831ADCEDECA5FA92FC4EB5D2EDE62E37A8CD
Certificate serial: 04
Authority key identifier: 55:59:83:1A:DC:ED:EC:A5:FA:92:FC:4E:B5:D2:ED:E6:2E:37:A8:CD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VVmDGtzt7KX6kvxOtdLt5i43qM0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB2EB/430B5A78BF4311EE8FD30758C4F9AE02/B96DD308BF4311EE844DDD58C4F9AE02.roa
Signing time: Tue 30 Jan 2024 10:52:37 +0000
ROA not before: Tue 30 Jan 2024 10:52:37 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 135343
IP address blocks: 103.214.192.0/22 maxlen: 22
103.214.192.0/24 maxlen: 24
103.214.193.0/24 maxlen: 24
103.214.194.0/24 maxlen: 24
103.214.195.0/24 maxlen: 24
144.48.140.0/22 maxlen: 22
144.48.140.0/24 maxlen: 24
144.48.141.0/24 maxlen: 24
144.48.142.0/24 maxlen: 24
144.48.143.0/24 maxlen: 24
2001:df1:b200::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB2EB/serialNumber=5559831ADCEDECA5FA92FC4EB5D2EDE62E37A8CD
Validity
Not Before: Jan 30 10:52:37 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65b8d4f5-fcb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:70:80:15:76:c4:36:29:e5:62:5d:63:07:7f:
e4:6d:7a:28:38:64:ee:38:ba:d1:fc:fb:82:a1:bc:
6b:75:3d:ed:c3:f6:11:0a:46:2f:54:ce:8f:df:68:
ca:35:de:31:7c:02:5c:9f:b2:af:f4:28:49:ed:07:
ca:7a:5e:0f:f6:1e:5d:85:fe:71:b4:9c:1d:81:41:
48:14:80:8f:f0:f4:86:63:9b:93:6d:5a:19:3d:c3:
48:20:d4:48:5f:b6:85:fd:77:67:d3:01:cc:2a:38:
6c:1d:4c:4f:48:cc:87:b1:ad:dc:98:ff:20:ab:5b:
c3:5d:b4:02:88:69:e7:71:20:39:a3:7d:d4:0b:ef:
81:12:34:e9:41:e3:ef:be:1f:37:bf:e6:dc:83:2c:
4b:a9:1c:b8:54:de:5f:42:1b:22:71:cd:71:4c:5c:
65:ea:65:0c:9d:be:48:c7:3e:50:df:5b:7c:33:f0:
2a:f6:94:3a:a6:ed:55:7a:f3:f0:a3:7b:70:68:5f:
30:b2:08:cd:17:3c:0f:eb:8a:5b:1e:58:ab:32:12:
f0:48:14:a0:2b:5f:79:4e:c3:2b:0a:d9:93:42:d7:
f6:22:b2:ff:65:a7:1c:ea:67:92:4f:91:38:d1:70:
75:4a:32:5b:85:59:38:3e:d6:cd:1d:10:65:9e:de:
16:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AD:9C:3F:88:3C:40:7D:47:B7:A9:FD:2E:50:33:B2:1E:D3:7B:31
X509v3 Authority Key Identifier:
keyid:55:59:83:1A:DC:ED:EC:A5:FA:92:FC:4E:B5:D2:ED:E6:2E:37:A8:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB2EB/430B5A78BF4311EE8FD30758C4F9AE02/VVmDGtzt7KX6kvxOtdLt5i43qM0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VVmDGtzt7KX6kvxOtdLt5i43qM0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB2EB/430B5A78BF4311EE8FD30758C4F9AE02/B96DD308BF4311EE844DDD58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.214.192.0/22
144.48.140.0/22
IPv6:
2001:df1:b200::/48
Signature Algorithm: sha256WithRSAEncryption
89:6e:27:fb:71:91:41:9c:ef:73:e1:6b:ac:26:6f:ce:06:69:
e2:69:c7:dd:84:da:c4:36:c0:60:67:96:5e:be:dd:26:6d:fc:
fb:1d:a5:6a:2a:12:53:95:2c:ce:63:d9:2e:be:ce:67:6f:cc:
a8:52:bb:98:4d:d9:3f:ef:c5:38:fd:7b:b4:fd:01:d9:ef:39:
9f:fa:b0:2a:8f:88:b3:1c:6c:43:43:da:73:37:e0:a4:b1:85:
fd:6e:8f:87:d9:cc:77:d0:60:1f:94:fd:e7:d0:ed:b2:05:4c:
f3:d8:2d:50:ea:f7:87:cc:a1:4a:79:40:9f:15:d1:40:54:de:
e1:6c:f8:60:d4:24:ed:d4:11:b2:02:a1:9d:90:9b:ee:36:84:
0b:07:db:68:49:90:cc:5b:8c:a7:b5:7a:b8:12:f5:b6:17:2c:
76:f2:af:62:1e:c8:94:5b:5d:3f:01:3e:d6:e3:bf:b3:68:0a:
c5:c8:f1:50:54:d0:f2:5f:34:ee:e8:94:de:d7:3c:98:d9:4a:
c3:1e:d4:40:dd:7d:dd:58:8c:4b:40:90:ee:37:61:38:0a:1c:
02:8b:56:79:0c:de:e8:90:2c:39:0b:d3:e9:99:43:ec:a2:f7:
d3:12:e5:ac:a3:90:94:97:79:c4:4f:ab:b8:c3:73:7a:ef:7a:
04:f2:50:a2
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
QjJFQjExMC8GA1UEBRMoNTU1OTgzMUFEQ0VERUNBNUZBOTJGQzRFQjVEMkVERTYy
RTM3QThDRDAeFw0yNDAxMzAxMDUyMzdaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YjhkNGY1LWZjYjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBcIAVdsQ2KeViXWMHf+Rteig4ZO44utH8+4KhvGt1Pe3D9hEKRi9Uzo/faMo1
3jF8Alyfsq/0KEntB8p6Xg/2Hl2F/nG0nB2BQUgUgI/w9IZjm5NtWhk9w0gg1Ehf
toX9d2fTAcwqOGwdTE9IzIexrdyY/yCrW8NdtAKIaedxIDmjfdQL74ESNOlB4+++
Hze/5tyDLEupHLhU3l9CGyJxzXFMXGXqZQydvkjHPlDfW3wz8Cr2lDqm7VV68/Cj
e3BoXzCyCM0XPA/rilseWKsyEvBIFKArX3lOwysK2ZNC1/Yisv9lpxzqZ5JPkTjR
cHVKMluFWTg+1s0dEGWe3hZtAgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUs62cP4g8
QH1Ht6n9LlAzsh7TezEwHwYDVR0jBBgwFoAUVVmDGtzt7KX6kvxOtdLt5i43qM0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFCMkVCLzQzMEI1QTc4QkY0
MzExRUU4RkQzMDc1OEM0RjlBRTAyL1ZWbURHdHp0N0tYNmt2eE90ZEx0NWk0M3FN
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVlZtREd0enQ3S1g2a3Z4T3RkTHQ1aTQzcU0wLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
QjJFQi80MzBCNUE3OEJGNDMxMUVFOEZEMzA3NThDNEY5QUUwMi9COTZERDMwOEJG
NDMxMUVFODQ0RERENThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn
MCUwEgQCAAEwDAMEAmfWwAMEApAwjDAPBAIAAjAJAwcAIAEN8bIAMA0GCSqGSIb3
DQEBCwUAA4IBAQCJbif7cZFBnO9z4WusJm/OBmniacfdhNrENsBgZ5Zevt0mbfz7
HaVqKhJTlSzOY9kuvs5nb8yoUruYTdk/78U4/Xu0/QHZ7zmf+rAqj4izHGxDQ9pz
N+CksYX9bo+H2cx30GAflP3n0O2yBUzz2C1Q6veHzKFKeUCfFdFAVN7hbPhg1CTt
1BGyAqGdkJvuNoQLB9toSZDMW4yntXq4EvW2Fyx28q9iHsiUW10/AT7W47+zaArF
yPFQVNDyXzTu6JTe1zyY2UrDHtRA3X3dWIxLQJDuN2E4ChwCi1Z5DN7okCw5C9Pp
mUPsovfTEuWso5CUl3nET6u4w3N673oE8lCi
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:06:02 2025 by rpki-client