Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A16CF/2CAD508819A211EAAE811C71C4F9AE02/13DE95F668FA11EFAE700D5FC4F9AE02.roa
File: 13DE95F668FA11EFAE700D5FC4F9AE02.roa (raw, json)
Hash identifier: sv0g0tboRsfsbJ2uarFSxGBIzB+s+V9JKt78rjuG5CQ=
Subject key identifier: 58:65:6A:8C:FC:B3:99:B6:AF:DF:FD:10:D5:E7:AF:DE:5F:46:40:00
Certificate issuer: /CN=A91A16CF/serialNumber=829F0F40884DD991121005B07D09A2CBFFB4DEC6
Certificate serial: 0B98
Authority key identifier: 82:9F:0F:40:88:4D:D9:91:12:10:05:B0:7D:09:A2:CB:FF:B4:DE:C6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gp8PQIhN2ZESEAWwfQmiy_-03sY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A16CF/2CAD508819A211EAAE811C71C4F9AE02/13DE95F668FA11EFAE700D5FC4F9AE02.roa
Signing time: Fri 13 Dec 2024 16:11:26 +0000
ROA not before: Fri 13 Dec 2024 16:11:26 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 131464
IP address blocks: 103.198.132.0/24 maxlen: 24
103.198.133.0/24 maxlen: 24
103.198.134.0/24 maxlen: 24
103.198.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2968 (0xb98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A16CF
Validity
Not Before: Dec 13 16:11:26 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=675c5cad-624b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3c:dc:d6:c7:63:6d:34:29:59:f3:e5:ff:96:
08:03:e0:06:23:4e:98:99:ee:ac:b8:fb:bf:c6:08:
e8:bd:fe:85:18:44:da:1c:52:6b:7e:13:89:58:ed:
32:6f:90:6f:8c:ea:b2:29:42:c5:cb:51:dc:21:46:
e7:5c:f3:45:5c:ce:8b:fc:98:87:a6:7c:e4:56:1a:
12:2e:ff:a4:a1:37:a3:06:e0:ae:67:17:67:6c:1a:
b7:d5:a2:e2:ae:02:2f:ee:45:e0:4f:66:20:23:d8:
13:67:79:ed:c1:3f:e1:10:72:0d:c2:ad:49:00:bb:
44:d8:d1:87:46:17:b3:d6:0e:96:7c:67:85:cd:59:
bc:9c:b4:11:a9:e1:4f:0b:f4:e7:c1:66:04:96:2f:
c6:74:c2:5b:2a:8f:3b:c4:fd:fc:c4:d2:93:b9:9d:
45:64:21:31:1f:ae:47:e7:8b:51:72:a4:47:43:a2:
98:fb:4c:ff:68:12:5c:80:13:ef:bb:9d:e4:89:8b:
00:07:21:42:25:97:5c:b8:de:6f:55:c8:ed:a5:30:
d0:cf:84:34:3b:02:34:b1:f6:d4:22:cf:e9:7b:7d:
1d:af:f2:50:b7:6a:55:54:da:98:31:ba:5d:e7:6e:
8d:8f:0a:9d:5a:78:08:be:ae:4d:2f:cc:b6:05:02:
36:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:65:6A:8C:FC:B3:99:B6:AF:DF:FD:10:D5:E7:AF:DE:5F:46:40:00
X509v3 Authority Key Identifier:
keyid:82:9F:0F:40:88:4D:D9:91:12:10:05:B0:7D:09:A2:CB:FF:B4:DE:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A16CF/2CAD508819A211EAAE811C71C4F9AE02/gp8PQIhN2ZESEAWwfQmiy_-03sY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gp8PQIhN2ZESEAWwfQmiy_-03sY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A16CF/2CAD508819A211EAAE811C71C4F9AE02/13DE95F668FA11EFAE700D5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.198.132.0/22
Signature Algorithm: sha256WithRSAEncryption
64:7d:b0:70:29:1a:b0:2b:3f:ed:f6:75:bc:d4:48:f6:f5:a4:
ed:6b:50:68:ac:8b:7f:46:8e:37:13:8e:ad:81:f7:58:67:54:
33:a1:70:e3:64:b4:2b:c0:58:19:68:68:eb:19:49:5a:08:b6:
b4:0a:d4:5a:7d:82:ff:0d:49:3f:e1:97:98:67:d4:76:c4:e1:
04:10:c9:79:30:39:2d:8b:96:49:f9:1c:65:c3:16:96:d9:6e:
a4:2f:ac:39:79:a9:e6:4c:7a:3e:76:b2:75:6f:bb:19:11:58:
62:e4:ee:a7:f9:ab:77:d8:45:ce:93:a3:bb:64:5e:2c:a8:d8:
0d:4d:f7:53:e3:68:58:55:2f:59:b8:dd:d1:22:d1:73:d4:69:
15:e3:f7:f8:39:28:40:a3:b1:6e:2f:5b:f6:8d:b9:11:31:45:
a5:ab:11:4b:f2:ac:97:04:d4:50:46:b6:32:f9:a8:24:5f:06:
32:98:4e:d8:8f:73:09:ee:a5:7f:2e:63:d2:36:b6:e7:fd:a1:
13:14:a9:8c:30:35:db:e0:ee:ed:0f:4c:12:81:4a:76:97:85:
aa:07:0d:21:01:16:cd:53:5d:eb:43:de:b1:0c:34:e2:cf:58:
e7:f4:00:c5:47:9b:5c:d2:38:a2:b1:a5:58:10:5d:e4:f1:8f:
b0:9b:23:c0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC5gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTE2Q0YxMTAvBgNVBAUTKDgyOUYwRjQwODg0REQ5OTExMjEwMDVCMDdEMDlBMkNC
RkZCNERFQzYwHhcNMjQxMjEzMTYxMTI2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVjNWNhZC02MjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAszzc1sdjbTQpWfPl/5YIA+AGI06Yme6suPu/xgjovf6FGETaHFJrfhOJWO0y
b5BvjOqyKULFy1HcIUbnXPNFXM6L/JiHpnzkVhoSLv+koTejBuCuZxdnbBq31aLi
rgIv7kXgT2YgI9gTZ3ntwT/hEHINwq1JALtE2NGHRhez1g6WfGeFzVm8nLQRqeFP
C/TnwWYEli/GdMJbKo87xP38xNKTuZ1FZCExH65H54tRcqRHQ6KY+0z/aBJcgBPv
u53kiYsAByFCJZdcuN5vVcjtpTDQz4Q0OwI0sfbUIs/pe30dr/JQt2pVVNqYMbpd
526NjwqdWngIvq5NL8y2BQI2vwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFhlaoz8
s5m2r9/9ENXnr95fRkAAMB8GA1UdIwQYMBaAFIKfD0CITdmREhAFsH0Josv/tN7G
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMTZDRi8yQ0FENTA4ODE5
QTIxMUVBQUU4MTFDNzFDNEY5QUUwMi9ncDhQUUloTjJaRVNFQVd3ZlFtaXlfLTAz
c1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dwOFBRSWhOMlpFU0VBV3dmUW1peV8tMDNzWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTE2Q0YvMkNBRDUwODgxOUEyMTFFQUFFODExQzcxQzRGOUFFMDIvMTNERTk1RjY2
OEZBMTFFRkFFNzAwRDVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnxoQwDQYJKoZIhvcNAQELBQADggEBAGR9sHApGrArP+32
dbzUSPb1pO1rUGisi39GjjcTjq2B91hnVDOhcONktCvAWBloaOsZSVoItrQK1Fp9
gv8NST/hl5hn1HbE4QQQyXkwOS2Llkn5HGXDFpbZbqQvrDl5qeZMej52snVvuxkR
WGLk7qf5q3fYRc6To7tkXiyo2A1N91PjaFhVL1m43dEi0XPUaRXj9/g5KECjsW4v
W/aNuRExRaWrEUvyrJcE1FBGtjL5qCRfBjKYTtiPcwnupX8uY9I2tuf9oRMUqYww
Ndvg7u0PTBKBSnaXhaoHDSEBFs1TXetD3rEMNOLPWOf0AMVHm1zSOKKxpVgQXeTx
j7CbI8A=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:18:31 2025 by rpki-client