Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDDB8/D3DD37F8F3B311E888D37228C4F9AE02/732BAF02BF5D11EB8199C943C4F9AE02.roa
File: 732BAF02BF5D11EB8199C943C4F9AE02.roa (raw, json)
Hash identifier: yzhbO4fNgFXSarfTZtISXiyDIysa917WS3nmXTjeXuI=
Subject key identifier: 34:83:67:C2:90:28:65:E8:9D:C1:EF:33:48:82:9F:4E:84:DF:15:F1
Certificate issuer: /CN=A91BDDB8/serialNumber=73F4BBDBD7A21D6E7B9E4BF5B0C81722CCC21D67
Certificate serial: 10E8
Authority key identifier: 73:F4:BB:DB:D7:A2:1D:6E:7B:9E:4B:F5:B0:C8:17:22:CC:C2:1D:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c_S729eiHW57nkv1sMgXIszCHWc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BDDB8/D3DD37F8F3B311E888D37228C4F9AE02/732BAF02BF5D11EB8199C943C4F9AE02.roa
Signing time: Thu 14 Mar 2024 18:06:04 +0000
ROA not before: Thu 14 Mar 2024 18:06:04 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 206264
IP address blocks: 43.243.160.0/22 maxlen: 22
43.243.160.0/24 maxlen: 24
43.243.161.0/24 maxlen: 24
43.243.162.0/24 maxlen: 24
43.243.163.0/24 maxlen: 24
103.28.88.0/24 maxlen: 24
103.28.89.0/24 maxlen: 24
103.109.100.0/22 maxlen: 22
103.109.102.0/24 maxlen: 24
183.81.168.0/23 maxlen: 24
2402:7840::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4328 (0x10e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDDB8/serialNumber=73F4BBDBD7A21D6E7B9E4BF5B0C81722CCC21D67
Validity
Not Before: Mar 14 18:06:04 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65f33c8c-e5a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b1:e8:d1:13:93:ba:bb:5f:f3:e3:43:81:34:
7b:fc:59:2e:fd:e9:9b:d7:0d:45:58:4a:6f:a1:6c:
92:0d:2f:17:56:84:39:e5:c1:e3:35:d5:eb:12:0d:
be:c1:a7:a5:44:c2:51:b2:1e:52:29:7a:96:5e:33:
68:00:d6:2a:5e:7b:42:1b:27:c7:03:94:fc:f1:61:
2c:65:41:ae:48:63:ec:d1:16:07:fb:40:b1:db:24:
04:b7:d0:3e:42:79:d5:9c:d9:a0:d6:7f:4c:23:c8:
28:64:d2:a2:55:98:d6:1d:97:c3:ca:58:de:77:12:
ea:2c:fd:77:a4:3b:df:5b:c7:dd:7d:43:9f:3f:80:
44:bd:b4:0d:46:b8:92:3c:e9:ec:94:e6:b4:8f:0a:
76:60:e0:ce:ea:95:cf:6f:83:3f:39:43:27:f4:bd:
b8:d8:33:7b:4e:9f:e5:c8:d7:82:d5:5b:c2:55:16:
c0:b8:35:05:58:61:3f:10:3e:17:2f:8a:64:fc:59:
92:1d:65:c0:b4:9d:80:90:55:8c:7a:4c:a4:03:6e:
1e:07:8d:62:c0:76:31:13:51:30:43:d4:c6:7b:e9:
46:a6:bb:48:9b:5c:fa:76:e6:bf:b7:77:f6:34:14:
f8:dd:bc:2c:19:af:8f:0a:57:ce:59:07:40:48:50:
f0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:83:67:C2:90:28:65:E8:9D:C1:EF:33:48:82:9F:4E:84:DF:15:F1
X509v3 Authority Key Identifier:
keyid:73:F4:BB:DB:D7:A2:1D:6E:7B:9E:4B:F5:B0:C8:17:22:CC:C2:1D:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BDDB8/D3DD37F8F3B311E888D37228C4F9AE02/c_S729eiHW57nkv1sMgXIszCHWc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c_S729eiHW57nkv1sMgXIszCHWc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDDB8/D3DD37F8F3B311E888D37228C4F9AE02/732BAF02BF5D11EB8199C943C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.160.0/22
103.28.88.0/23
103.109.100.0/22
183.81.168.0/23
IPv6:
2402:7840::/32
Signature Algorithm: sha256WithRSAEncryption
8a:cf:9e:ee:6f:e3:f7:cb:ea:88:df:7f:b7:c2:fa:2b:ea:2f:
b0:be:32:c5:40:c0:e1:8a:2e:c2:f2:b9:aa:c2:f9:e7:54:cc:
e1:7d:17:fa:15:23:3e:98:e9:e2:b4:51:9a:a6:e5:d1:fc:cf:
56:59:52:82:9f:94:63:67:90:f0:9f:0c:20:f0:30:df:34:dc:
70:a6:d5:f7:49:12:44:cd:0c:d8:43:d3:65:a6:03:a7:25:e5:
86:1f:1c:48:ca:10:10:9a:9d:3b:5b:23:14:64:43:06:25:d3:
55:d8:ad:db:d6:44:b3:cc:1c:e4:8f:b3:d4:a4:ea:be:d3:76:
24:73:95:fe:a7:90:47:57:e8:0d:02:91:6e:2d:8f:bd:c8:15:
73:01:3f:91:4e:8a:ec:06:9f:62:3e:bd:03:46:62:60:5c:35:
7e:ec:23:84:6d:06:84:6a:88:46:bb:f6:8f:4d:70:d4:28:89:
77:d7:a8:04:f9:71:ad:56:7a:1b:05:a9:87:90:45:10:f9:73:
cc:1a:c1:72:fc:49:8a:b5:02:3a:e0:05:64:8e:f8:09:15:92:
00:2c:84:dd:29:73:11:42:8f:29:9d:33:66:e0:21:b9:a5:a9:
3f:fa:86:6b:5a:c7:e2:65:aa:0c:a6:ff:e5:31:f7:ab:67:33:
1c:36:b5:23
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICEOgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkREQjgxMTAvBgNVBAUTKDczRjRCQkRCRDdBMjFENkU3QjlFNEJGNUIwQzgxNzIy
Q0NDMjFENjcwHhcNMjQwMzE0MTgwNjA0WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYzM2M4Yy1lNWEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuLHo0ROTurtf8+NDgTR7/Fku/emb1w1FWEpvoWySDS8XVoQ55cHjNdXrEg2+
waelRMJRsh5SKXqWXjNoANYqXntCGyfHA5T88WEsZUGuSGPs0RYH+0Cx2yQEt9A+
QnnVnNmg1n9MI8goZNKiVZjWHZfDyljedxLqLP13pDvfW8fdfUOfP4BEvbQNRriS
POnslOa0jwp2YODO6pXPb4M/OUMn9L242DN7Tp/lyNeC1VvCVRbAuDUFWGE/ED4X
L4pk/FmSHWXAtJ2AkFWMekykA24eB41iwHYxE1EwQ9TGe+lGprtIm1z6dua/t3f2
NBT43bwsGa+PClfOWQdASFDwnQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFDSDZ8KQ
KGXoncHvM0iCn06E3xXxMB8GA1UdIwQYMBaAFHP0u9vXoh1ue55L9bDIFyLMwh1n
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRERCOC9EM0REMzdGOEYz
QjMxMUU4ODhEMzcyMjhDNEY5QUUwMi9jX1M3MjllaUhXNTdua3Yxc01nWElzekNI
V2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NfUzcyOWVpSFc1N25rdjFzTWdYSXN6Q0hXYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkREQjgvRDNERDM3RjhGM0IzMTFFODg4RDM3MjI4QzRGOUFFMDIvNzMyQkFGMDJC
RjVEMTFFQjgxOTlDOTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr86ADBAFnHFgDBAJnbWQDBAG3UagwDQQCAAIwBwMFACQC
eEAwDQYJKoZIhvcNAQELBQADggEBAIrPnu5v4/fL6ojff7fC+ivqL7C+MsVAwOGK
LsLyuarC+edUzOF9F/oVIz6Y6eK0UZqm5dH8z1ZZUoKflGNnkPCfDCDwMN803HCm
1fdJEkTNDNhD02WmA6cl5YYfHEjKEBCanTtbIxRkQwYl01XYrdvWRLPMHOSPs9Sk
6r7TdiRzlf6nkEdX6A0CkW4tj73IFXMBP5FOiuwGn2I+vQNGYmBcNX7sI4RtBoRq
iEa79o9NcNQoiXfXqAT5ca1WehsFqYeQRRD5c8wawXL8SYq1AjrgBWSO+AkVkgAs
hN0pcxFCjymdM2bgIbmlqT/6hmtax+Jlqgym/+Ux96tnMxw2tSM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:36:53 2025 by rpki-client