Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91975B6/B5762DD6C27D11ED912B774BC4F9AE02/B96031E6C28011EDBFDC524DC4F9AE02.roa
File: B96031E6C28011EDBFDC524DC4F9AE02.roa (raw, json)
Hash identifier: 3K6Mt+gzaF79lRG1h+RXhpBbhZf0fnb+YiaA9gs+4k8=
Subject key identifier: 22:72:70:37:71:6E:71:79:EA:7B:A1:74:48:1C:B8:73:D3:96:12:D9
Certificate issuer: /CN=A91975B6/serialNumber=E95FA0EDF1112E320C225E7B8D50418667A30ACF
Certificate serial: 03
Authority key identifier: E9:5F:A0:ED:F1:11:2E:32:0C:22:5E:7B:8D:50:41:86:67:A3:0A:CF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6V-g7fERLjIMIl57jVBBhmejCs8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91975B6/B5762DD6C27D11ED912B774BC4F9AE02/B96031E6C28011EDBFDC524DC4F9AE02.roa
Signing time: Tue 14 Mar 2023 15:56:04 +0000
ROA not before: Tue 14 Mar 2023 15:56:04 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 38193
IP address blocks: 103.236.132.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91975B6
Validity
Not Before: Mar 14 15:56:04 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64109914-2d6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:42:97:5a:9d:75:dd:fd:16:e7:d7:0e:e2:3e:
b7:76:fd:1b:84:c6:3b:a8:2c:63:74:54:87:15:a9:
59:78:a5:42:71:1e:df:42:70:b2:9e:39:27:3e:5c:
45:f1:ab:44:48:9b:20:ea:c8:73:f0:2a:59:82:b1:
b8:ff:3a:ff:99:a3:64:d3:6d:0b:8f:ef:33:42:3d:
ce:5e:44:8d:63:50:b1:16:af:c9:8d:c3:a9:f5:2b:
49:c3:60:78:fb:99:33:6d:01:3a:7a:24:fe:68:89:
7f:f9:54:95:e1:c7:ab:4e:c5:b0:bd:94:2a:28:19:
00:64:c6:32:45:eb:8b:53:23:03:e5:31:da:a7:74:
91:84:26:1d:98:4c:61:0f:af:9d:87:7a:ad:00:cc:
0d:2c:e8:8a:e7:04:ed:84:41:59:3e:e4:f6:c8:8d:
94:1d:09:df:8f:8f:17:ca:a1:ab:ad:1b:0a:f9:15:
01:f6:c7:49:b3:6c:12:30:e5:0c:4f:aa:7d:94:23:
34:53:8b:c4:8f:3a:b4:6d:25:1a:43:47:b1:e0:99:
bc:23:7b:73:e2:83:a1:58:a3:f5:7a:7a:04:e1:52:
77:59:92:2c:5f:3d:9a:0e:39:71:c2:8c:8a:87:74:
d3:0d:14:0c:bb:ef:41:0d:ef:c3:f6:b0:e1:58:c9:
75:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:72:70:37:71:6E:71:79:EA:7B:A1:74:48:1C:B8:73:D3:96:12:D9
X509v3 Authority Key Identifier:
keyid:E9:5F:A0:ED:F1:11:2E:32:0C:22:5E:7B:8D:50:41:86:67:A3:0A:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91975B6/B5762DD6C27D11ED912B774BC4F9AE02/6V-g7fERLjIMIl57jVBBhmejCs8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6V-g7fERLjIMIl57jVBBhmejCs8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91975B6/B5762DD6C27D11ED912B774BC4F9AE02/B96031E6C28011EDBFDC524DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.236.132.0/22
Signature Algorithm: sha256WithRSAEncryption
36:ee:58:e5:f4:f6:0d:b8:3f:74:10:00:cc:f8:c5:e8:0f:39:
0a:90:19:93:d1:4b:1d:4b:68:13:70:8d:6e:49:77:73:e6:be:
2c:e2:d7:87:3f:7b:10:22:04:7b:0f:de:1b:38:4c:2f:78:2b:
6f:83:21:50:1c:a6:d6:27:e6:e3:62:23:7a:6a:24:9b:cb:6e:
65:21:99:14:72:69:30:1c:5f:e2:b0:be:ee:d1:b2:b8:30:7a:
4d:26:4a:a9:2a:57:e7:5b:2a:1e:b2:41:1f:1f:f2:20:58:29:
cc:5a:75:75:b2:13:fc:47:62:23:41:eb:d8:8c:47:8e:0b:dd:
01:5e:75:5b:bf:42:0a:92:35:a0:6d:df:da:42:ff:71:7d:85:
e4:ef:e4:be:fa:f5:f8:bf:65:3b:4a:53:fe:ed:0f:c2:a0:85:
c6:d7:d9:8a:9f:97:8d:f7:12:8e:4c:50:8b:4f:e6:39:94:e5:
a1:ed:e9:bf:f7:55:aa:7d:07:29:0d:38:ab:65:37:c8:1d:cd:
a9:d1:f7:8f:45:3e:aa:0c:11:7e:42:4d:f6:54:03:96:1e:2d:
c4:1c:49:33:c4:49:15:d8:6a:99:5e:fb:fd:e3:90:65:39:b0:
10:a4:7a:69:5a:28:d5:0d:76:92:90:24:37:58:78:f9:44:8a:
6f:95:6f:95
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NzVCNjExMC8GA1UEBRMoRTk1RkEwRURGMTExMkUzMjBDMjI1RTdCOEQ1MDQxODY2
N0EzMEFDRjAeFw0yMzAzMTQxNTU2MDRaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MTA5OTE0LTJkNmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCjQpdanXXd/Rbn1w7iPrd2/RuExjuoLGN0VIcVqVl4pUJxHt9CcLKeOSc+XEXx
q0RImyDqyHPwKlmCsbj/Ov+Zo2TTbQuP7zNCPc5eRI1jULEWr8mNw6n1K0nDYHj7
mTNtATp6JP5oiX/5VJXhx6tOxbC9lCooGQBkxjJF64tTIwPlMdqndJGEJh2YTGEP
r52Heq0AzA0s6IrnBO2EQVk+5PbIjZQdCd+PjxfKoautGwr5FQH2x0mzbBIw5QxP
qn2UIzRTi8SPOrRtJRpDR7Hgmbwje3Pig6FYo/V6egThUndZkixfPZoOOXHCjIqH
dNMNFAy770EN78P2sOFYyXU9AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUInJwN3Fu
cXnqe6F0SBy4c9OWEtkwHwYDVR0jBBgwFoAU6V+g7fERLjIMIl57jVBBhmejCs8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk3NUI2L0I1NzYyREQ2QzI3
RDExRUQ5MTJCNzc0QkM0RjlBRTAyLzZWLWc3ZkVSTGpJTUlsNTdqVkJCaG1lakNz
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNlYtZzdmRVJMaklNSWw1N2pWQkJobWVqQ3M4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NzVCNi9CNTc2MkRENkMyN0QxMUVEOTEyQjc3NEJDNEY5QUUwMi9COTYwMzFFNkMy
ODAxMUVEQkZEQzUyNERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmfshDANBgkqhkiG9w0BAQsFAAOCAQEANu5Y5fT2Dbg/dBAA
zPjF6A85CpAZk9FLHUtoE3CNbkl3c+a+LOLXhz97ECIEew/eGzhML3grb4MhUBym
1ifm42Ijemokm8tuZSGZFHJpMBxf4rC+7tGyuDB6TSZKqSpX51sqHrJBHx/yIFgp
zFp1dbIT/EdiI0Hr2IxHjgvdAV51W79CCpI1oG3f2kL/cX2F5O/kvvr1+L9lO0pT
/u0PwqCFxtfZip+XjfcSjkxQi0/mOZTloe3pv/dVqn0HKQ04q2U3yB3NqdH3j0U+
qgwRfkJN9lQDlh4txBxJM8RJFdhqmV77/eOQZTmwEKR6aVoo1Q12kpAkN1h4+USK
b5VvlQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:55:14 2025 by rpki-client