Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB2EB/430B5A78BF4311EE8FD30758C4F9AE02/B96DD308BF4311EE844DDD58C4F9AE02.roa
File: B96DD308BF4311EE844DDD58C4F9AE02.roa (raw, json)
Hash identifier: Qyo+y73YZI83wemHD69A6cWahcYB7AOwFIX0fbO5DQM=
Subject key identifier: 89:FC:D6:FA:90:D9:3F:23:DB:80:81:E8:C4:03:53:7A:7A:83:74:A0
Certificate issuer: /CN=A91AB2EB/serialNumber=5559831ADCEDECA5FA92FC4EB5D2EDE62E37A8CD
Certificate serial: D5
Authority key identifier: 55:59:83:1A:DC:ED:EC:A5:FA:92:FC:4E:B5:D2:ED:E6:2E:37:A8:CD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VVmDGtzt7KX6kvxOtdLt5i43qM0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB2EB/430B5A78BF4311EE8FD30758C4F9AE02/B96DD308BF4311EE844DDD58C4F9AE02.roa
Signing time: Sun 09 Mar 2025 04:51:26 +0000
ROA not before: Sun 09 Mar 2025 04:51:26 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 135343
IP address blocks: 103.214.192.0/22 maxlen: 22
103.214.192.0/24 maxlen: 24
103.214.193.0/24 maxlen: 24
103.214.194.0/24 maxlen: 24
103.214.195.0/24 maxlen: 24
144.48.140.0/22 maxlen: 22
144.48.140.0/24 maxlen: 24
144.48.141.0/24 maxlen: 24
144.48.142.0/24 maxlen: 24
144.48.143.0/24 maxlen: 24
2001:df1:b200::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213 (0xd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB2EB
Validity
Not Before: Mar 9 04:51:26 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67cd1e4d-28c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:83:f5:33:1a:02:4b:f0:e1:b6:1c:fe:bf:f5:
bc:77:32:40:8b:1a:d7:48:1e:44:0b:3c:7c:2c:8f:
96:b3:45:c1:7a:e4:df:d7:89:77:00:6a:95:8e:b7:
a0:81:e7:f4:22:b4:b4:fc:a6:be:c5:bf:09:43:c3:
ec:c4:01:c4:d6:b0:e0:54:9e:ae:44:ec:c2:f4:bf:
5e:77:ef:5f:a7:3a:54:42:6b:f7:a3:ed:52:f3:89:
0b:54:b4:65:23:51:04:38:f4:67:27:f1:fe:09:2e:
e7:26:2c:1d:9b:be:e0:d5:21:54:84:e7:c5:15:be:
43:ff:b9:95:6b:9e:0f:3d:6f:05:0e:16:a9:b0:ef:
e2:38:d6:de:eb:18:d2:2d:82:1f:c6:fe:01:fc:50:
50:cc:a3:f3:da:e9:da:fb:1d:eb:65:b9:86:bd:7a:
be:8b:69:6b:55:37:e6:cd:c6:3e:74:94:ff:54:2a:
a7:10:5b:4d:c1:2e:f1:9a:11:30:17:e3:29:42:bf:
7d:46:21:28:fc:dc:14:09:5c:6f:50:61:f0:24:73:
b7:30:7b:62:78:e7:cf:25:32:1e:9e:d8:c2:8e:5c:
c7:d7:0d:53:da:86:4e:1d:de:cd:f8:ed:39:d8:9a:
f3:be:7c:4c:2d:65:7e:d0:a1:68:71:71:22:6a:23:
7d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:FC:D6:FA:90:D9:3F:23:DB:80:81:E8:C4:03:53:7A:7A:83:74:A0
X509v3 Authority Key Identifier:
keyid:55:59:83:1A:DC:ED:EC:A5:FA:92:FC:4E:B5:D2:ED:E6:2E:37:A8:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB2EB/430B5A78BF4311EE8FD30758C4F9AE02/VVmDGtzt7KX6kvxOtdLt5i43qM0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VVmDGtzt7KX6kvxOtdLt5i43qM0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB2EB/430B5A78BF4311EE8FD30758C4F9AE02/B96DD308BF4311EE844DDD58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.214.192.0/22
144.48.140.0/22
IPv6:
2001:df1:b200::/48
Signature Algorithm: sha256WithRSAEncryption
29:19:71:19:d2:a8:a8:4b:8b:67:7f:09:51:5e:b6:d0:f9:8d:
5b:7b:78:f0:41:77:d2:59:c4:52:56:8d:67:be:77:e6:b4:fb:
05:de:b4:d1:a4:ad:2e:47:3f:f7:6a:e3:c9:32:92:87:e4:68:
4f:2a:c4:12:bd:ce:03:64:a2:65:2f:aa:1b:8e:96:13:8c:c6:
fa:2c:df:42:46:dd:16:2a:9f:6a:c1:95:ec:48:92:fc:fa:f4:
8a:11:7f:22:30:ae:6e:79:78:65:92:89:17:e5:f0:2d:4a:93:
74:5a:7d:89:da:7e:d2:43:49:cb:f4:12:f6:ec:bb:08:5d:da:
12:b4:a9:84:6e:42:3c:c6:e8:91:31:94:54:83:fa:38:e3:f6:
b1:21:33:7e:1b:fa:a3:05:3f:db:88:c9:e5:5a:1f:a0:69:4a:
7f:1f:a5:6e:e0:0f:93:0a:d2:76:b7:f1:12:97:74:d8:2f:25:
ad:59:15:c8:d8:e1:63:ec:71:fb:92:d6:24:bb:9c:60:5f:f9:
9b:e9:5c:42:17:c9:8c:14:46:66:c8:3f:cb:a0:c0:fa:dc:d2:
9d:36:cf:46:94:be:9d:47:81:2d:6d:37:75:06:a1:ac:90:04:
78:e7:51:c0:39:f2:b9:3a:e3:1c:e5:cf:6a:31:54:a7:a5:18:
31:45:29:b7
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICANUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUIyRUIxMTAvBgNVBAUTKDU1NTk4MzFBRENFREVDQTVGQTkyRkM0RUI1RDJFREU2
MkUzN0E4Q0QwHhcNMjUwMzA5MDQ1MTI2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NkMWU0ZC0yOGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz4P1MxoCS/Dhthz+v/W8dzJAixrXSB5ECzx8LI+Ws0XBeuTf14l3AGqVjreg
gef0IrS0/Ka+xb8JQ8PsxAHE1rDgVJ6uROzC9L9ed+9fpzpUQmv3o+1S84kLVLRl
I1EEOPRnJ/H+CS7nJiwdm77g1SFUhOfFFb5D/7mVa54PPW8FDhapsO/iONbe6xjS
LYIfxv4B/FBQzKPz2una+x3rZbmGvXq+i2lrVTfmzcY+dJT/VCqnEFtNwS7xmhEw
F+MpQr99RiEo/NwUCVxvUGHwJHO3MHtieOfPJTIentjCjlzH1w1T2oZOHd7N+O05
2JrzvnxMLWV+0KFocXEiaiN95wIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFIn81vqQ
2T8j24CB6MQDU3p6g3SgMB8GA1UdIwQYMBaAFFVZgxrc7eyl+pL8TrXS7eYuN6jN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjJFQi80MzBCNUE3OEJG
NDMxMUVFOEZEMzA3NThDNEY5QUUwMi9WVm1ER3R6dDdLWDZrdnhPdGRMdDVpNDNx
TTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZWbURHdHp0N0tYNmt2eE90ZEx0NWk0M3FNMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUIyRUIvNDMwQjVBNzhCRjQzMTFFRThGRDMwNzU4QzRGOUFFMDIvQjk2REQzMDhC
RjQzMTFFRTg0NERERDU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAJn1sADBAKQMIwwDwQCAAIwCQMHACABDfGyADANBgkqhkiG
9w0BAQsFAAOCAQEAKRlxGdKoqEuLZ38JUV620PmNW3t48EF30lnEUlaNZ7535rT7
Bd600aStLkc/92rjyTKSh+RoTyrEEr3OA2SiZS+qG46WE4zG+izfQkbdFiqfasGV
7EiS/Pr0ihF/IjCubnl4ZZKJF+XwLUqTdFp9idp+0kNJy/QS9uy7CF3aErSphG5C
PMbokTGUVIP6OOP2sSEzfhv6owU/24jJ5VofoGlKfx+lbuAPkwrSdrfxEpd02C8l
rVkVyNjhY+xx+5LWJLucYF/5m+lcQhfJjBRGZsg/y6DA+tzSnTbPRpS+nUeBLW03
dQahrJAEeOdRwDnyuTrjHOXPajFUp6UYMUUptw==
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:48:06 2025 by rpki-client