Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa
File: 596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa (raw, json)
Hash identifier: ninl9qaRwReMJ+VyWpCOBcznoKGFRI4XnhBOBj8GIYw=
Subject key identifier: 31:E9:75:61:B7:DA:B2:8A:A4:64:7F:CC:79:B6:C9:C3:F0:D8:9D:5A
Certificate issuer: /CN=A91CFAB9/serialNumber=DD8A2B88654C3366FFE7FCF6556A9786002AA65B
Certificate serial: 02C5
Authority key identifier: DD:8A:2B:88:65:4C:33:66:FF:E7:FC:F6:55:6A:97:86:00:2A:A6:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3YoriGVMM2b_5_z2VWqXhgAqpls.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa
Signing time: Wed 27 Mar 2024 03:16:01 +0000
ROA not before: Wed 27 Mar 2024 03:16:01 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 135069
IP address blocks: 103.208.140.0/22 maxlen: 22
103.208.140.0/24 maxlen: 24
103.208.141.0/24 maxlen: 24
103.208.142.0/24 maxlen: 24
103.208.143.0/24 maxlen: 24
163.47.109.0/24 maxlen: 24
180.235.104.0/22 maxlen: 22
180.235.104.0/24 maxlen: 24
180.235.105.0/24 maxlen: 24
180.235.106.0/24 maxlen: 24
180.235.107.0/24 maxlen: 24
203.28.247.0/24 maxlen: 24
223.26.24.0/22 maxlen: 22
223.26.24.0/24 maxlen: 24
223.26.25.0/24 maxlen: 24
223.26.26.0/24 maxlen: 24
223.26.27.0/24 maxlen: 24
2404:4880::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 709 (0x2c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFAB9/serialNumber=DD8A2B88654C3366FFE7FCF6556A9786002AA65B
Validity
Not Before: Mar 27 03:16:01 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66038f71-a496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c3:0d:e6:99:4e:de:4f:bf:77:e8:b1:26:dd:
54:70:a1:40:8c:f7:82:c0:45:8a:b7:5d:e8:ca:51:
68:fb:f1:f8:76:cc:df:37:a7:82:6c:98:80:5c:6e:
7a:d8:21:a5:5a:5c:23:b8:7c:0a:b6:0d:57:b0:18:
17:44:2d:94:63:2a:b0:45:6a:15:6a:73:6b:1f:5c:
39:db:3a:b4:1a:4b:61:c7:09:20:ba:18:42:7c:79:
75:98:99:d0:ef:12:1f:a0:55:14:9c:37:7f:20:55:
ba:b3:f8:31:5e:10:f6:eb:59:1e:59:9a:20:a7:b4:
b2:f1:e1:c4:b0:cf:55:2e:69:bb:5a:0a:35:4d:cd:
5f:94:df:37:8b:29:dd:41:66:56:c0:69:fe:cb:75:
2e:a2:6e:a5:b9:d8:04:de:bb:7a:2b:18:fa:e0:80:
a3:63:1a:6c:d6:c6:83:d8:5e:3b:bc:6c:df:07:f2:
be:a6:3d:31:c3:13:c3:f3:83:0d:b9:40:ea:6d:c5:
56:e0:91:20:c8:a2:3f:ae:a1:4e:26:cd:f1:90:9e:
06:33:cc:65:5f:16:3e:22:3e:1e:8c:39:73:44:13:
42:92:d3:be:44:62:b4:d0:56:e0:97:f5:85:0c:66:
b2:78:96:7d:78:e9:5d:64:3e:0e:77:b8:ab:0d:06:
4f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E9:75:61:B7:DA:B2:8A:A4:64:7F:CC:79:B6:C9:C3:F0:D8:9D:5A
X509v3 Authority Key Identifier:
keyid:DD:8A:2B:88:65:4C:33:66:FF:E7:FC:F6:55:6A:97:86:00:2A:A6:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/3YoriGVMM2b_5_z2VWqXhgAqpls.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3YoriGVMM2b_5_z2VWqXhgAqpls.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.208.140.0/22
163.47.109.0/24
180.235.104.0/22
203.28.247.0/24
223.26.24.0/22
IPv6:
2404:4880::/32
Signature Algorithm: sha256WithRSAEncryption
05:80:b8:35:70:77:45:ea:5c:79:74:05:e7:6d:71:22:c3:2c:
b2:ee:5a:db:be:94:72:1b:2d:bb:96:da:cb:40:54:a8:c1:ac:
b1:d3:6c:44:45:a5:67:ca:4d:32:15:c8:22:20:26:84:7a:0a:
75:eb:86:b1:eb:90:b9:df:6c:55:bd:af:07:05:11:d5:88:09:
1d:a7:25:a0:68:98:cb:8e:05:b1:00:aa:e2:43:39:b8:b6:34:
6a:60:ce:b3:01:ac:ef:8a:54:2a:15:0f:eb:a4:f8:5f:96:67:
56:bf:85:60:d0:8d:aa:31:20:2f:17:5d:90:d4:ee:24:d1:a9:
4f:16:c2:c5:8d:3b:21:51:6a:05:e7:8f:a4:19:0d:51:29:ab:
07:5b:65:88:cf:bf:7f:cf:94:df:0c:56:e5:fc:48:f4:35:77:
1d:fb:35:3a:2e:06:eb:26:9d:30:bf:74:ad:5c:5e:50:6d:d0:
3d:03:ca:d5:a3:ae:1b:53:24:12:ae:90:62:30:77:c1:64:e2:
3b:b1:fc:3f:59:be:42:84:e1:37:bd:98:81:22:27:d3:c2:a6:
d4:8c:fb:a8:7d:ed:32:bd:a6:5e:cd:c0:f8:cc:61:42:fc:66:
46:9f:9e:aa:c1:5d:6b:9e:52:e1:0a:d4:81:ae:a0:51:43:88:
fb:1f:06:76
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICAsUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZBQjkxMTAvBgNVBAUTKEREOEEyQjg4NjU0QzMzNjZGRkU3RkNGNjU1NkE5Nzg2
MDAyQUE2NUIwHhcNMjQwMzI3MDMxNjAxWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjAzOGY3MS1hNDk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy8MN5plO3k+/d+ixJt1UcKFAjPeCwEWKt13oylFo+/H4dszfN6eCbJiAXG56
2CGlWlwjuHwKtg1XsBgXRC2UYyqwRWoVanNrH1w52zq0GkthxwkguhhCfHl1mJnQ
7xIfoFUUnDd/IFW6s/gxXhD261keWZogp7Sy8eHEsM9VLmm7Wgo1Tc1flN83iynd
QWZWwGn+y3Uuom6ludgE3rt6Kxj64ICjYxps1saD2F47vGzfB/K+pj0xwxPD84MN
uUDqbcVW4JEgyKI/rqFOJs3xkJ4GM8xlXxY+Ij4ejDlzRBNCktO+RGK00Fbgl/WF
DGayeJZ9eOldZD4Od7irDQZPoQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFDHpdWG3
2rKKpGR/zHm2ycPw2J1aMB8GA1UdIwQYMBaAFN2KK4hlTDNm/+f89lVql4YAKqZb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkFCOS9FODUzMzgyQzlG
MTMxMUVDOUU0NUQ1NzJDNEY5QUUwMi8zWW9yaUdWTU0yYl81X3oyVldxWGhnQXFw
bHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNZb3JpR1ZNTTJiXzVfejJWV3FYaGdBcXBscy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZBQjkvRTg1MzM4MkM5RjEzMTFFQzlFNDVENTcyQzRGOUFFMDIvNTk2Q0NDNEU5
RjE5MTFFQzhGREZFQTdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAJn0IwDBACjL20DBAK062gDBADLHPcDBALfGhgwDQQCAAIw
BwMFACQESIAwDQYJKoZIhvcNAQELBQADggEBAAWAuDVwd0XqXHl0BedtcSLDLLLu
Wtu+lHIbLbuW2stAVKjBrLHTbERFpWfKTTIVyCIgJoR6CnXrhrHrkLnfbFW9rwcF
EdWICR2nJaBomMuOBbEAquJDObi2NGpgzrMBrO+KVCoVD+uk+F+WZ1a/hWDQjaox
IC8XXZDU7iTRqU8WwsWNOyFRagXnj6QZDVEpqwdbZYjPv3/PlN8MVuX8SPQ1dx37
NTouBusmnTC/dK1cXlBt0D0DytWjrhtTJBKukGIwd8Fk4jux/D9ZvkKE4Te9mIEi
J9PCptSM+6h97TK9pl7NwPjMYUL8ZkafnqrBXWueUuEK1IGuoFFDiPsfBnY=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:28:25 2025 by rpki-client