Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/CE988D80FB7311EC97CD7F85C4F9AE02.roa
File: CE988D80FB7311EC97CD7F85C4F9AE02.roa (raw, json)
Hash identifier: c5X0bRS1v3BmM8+viPXYxx/gJz2nVR8k5o+BxqMhvNI=
Subject key identifier: EF:92:EE:8D:39:95:E1:46:B7:30:71:9D:5D:84:B7:48:89:59:01:68
Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Certificate serial: 04E3
Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/CE988D80FB7311EC97CD7F85C4F9AE02.roa
Signing time: Sat 28 Dec 2024 23:32:32 +0000
ROA not before: Sat 28 Dec 2024 23:32:32 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 395092
IP address blocks: 43.230.160.0/22 maxlen: 24
103.20.234.0/23 maxlen: 24
103.27.132.0/23 maxlen: 23
103.27.134.0/23 maxlen: 23
103.159.64.0/23 maxlen: 24
203.96.176.0/22 maxlen: 24
210.16.64.0/22 maxlen: 24
2406:cb40::/48 maxlen: 48
2406:cb40:1::/48 maxlen: 48
2406:cb41::/48 maxlen: 48
2406:cb42::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1251 (0x4e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ACD72
Validity
Not Before: Dec 28 23:32:32 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67708a90-842f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:11:e0:32:dc:71:8c:0f:15:a8:36:88:1e:e8:
19:76:75:f1:6f:1a:6a:7d:26:59:74:3b:c7:f3:39:
6d:1a:ca:80:07:dd:5c:3e:f0:99:e5:11:16:5a:77:
3d:7f:89:f2:94:38:72:33:7b:5f:12:b3:48:25:7a:
10:d9:7c:81:78:e9:2a:cd:45:5d:9b:4b:2f:eb:0b:
48:e5:d6:eb:59:ae:68:9a:56:fd:a0:d6:bc:d0:e8:
4a:13:0d:8c:38:e3:0f:fa:e1:1b:51:96:57:ec:75:
f4:8c:51:29:14:b0:6b:5d:80:f0:7b:d9:e9:0e:05:
e2:a2:b2:12:6c:54:45:58:52:e5:18:88:4d:0d:5e:
26:ce:90:f3:e1:ec:ad:31:4c:04:16:09:5b:1b:27:
a9:d4:f7:a7:95:07:7a:ab:00:18:a0:e7:5a:91:a6:
66:5e:3a:10:17:f1:23:14:ce:a6:a8:e2:49:46:90:
b2:19:c0:11:48:c4:c3:0b:8a:c4:9a:cb:c0:4f:1a:
a2:7f:de:ad:b4:34:eb:ab:a0:06:de:1e:50:bc:27:
aa:80:b6:be:c5:f0:2c:5b:6b:c3:03:db:35:47:85:
78:72:06:81:26:f0:64:b6:54:f3:17:18:10:d2:b0:
b3:df:a0:52:10:dd:c4:16:f2:cc:7d:fd:77:58:86:
ad:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:92:EE:8D:39:95:E1:46:B7:30:71:9D:5D:84:B7:48:89:59:01:68
X509v3 Authority Key Identifier:
keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/CE988D80FB7311EC97CD7F85C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.160.0/22
103.20.234.0/23
103.27.132.0/22
103.159.64.0/23
203.96.176.0/22
210.16.64.0/22
IPv6:
2406:cb40::/47
2406:cb41::/48
2406:cb42::/48
Signature Algorithm: sha256WithRSAEncryption
4d:82:5b:43:9c:fe:d2:c1:ab:3c:7a:ca:57:db:8e:09:35:3e:
d0:aa:03:f1:2e:b5:8c:ed:68:70:1b:ed:63:ca:c3:80:a9:43:
bb:82:0c:ad:a2:e3:b5:62:9a:72:54:9b:60:e3:1a:c4:11:e9:
ba:40:f6:b9:b8:05:80:c9:3c:7a:39:1a:8a:3f:ce:97:1f:a1:
11:57:33:db:d8:d0:4e:1e:3a:30:d3:0a:cc:eb:39:90:cd:c4:
a4:c8:d8:b6:35:d6:62:a5:9e:3b:1d:ff:39:23:e5:da:cf:84:
a1:fa:80:da:7b:a1:f0:fd:2a:c9:cf:2a:67:3e:f4:7b:a9:89:
57:cc:c3:03:68:2e:a3:54:41:c5:da:54:c3:18:04:8f:3d:41:
ba:3c:8b:71:96:37:15:42:b5:75:40:82:91:41:58:3d:50:07:
c4:48:06:fb:c2:c8:0b:7d:c5:82:11:ce:40:a2:2a:9a:32:61:
37:d8:c3:eb:24:ef:85:79:3b:48:18:53:7a:25:c2:a4:db:53:
b2:c2:3f:f8:2a:9c:61:9c:0d:7e:a2:71:5c:00:41:b0:1c:50:
13:e8:a0:a0:8c:3a:2b:f1:41:3e:a4:dd:f1:be:6b:0e:ca:30:
2c:8f:ac:e2:20:57:bd:78:bb:1e:1e:b9:32:76:80:99:04:df:
c1:22:27:da
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgICBOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy
MEM4RkQ1N0IwHhcNMjQxMjI4MjMzMjMyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzcwOGE5MC04NDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6BHgMtxxjA8VqDaIHugZdnXxbxpqfSZZdDvH8zltGsqAB91cPvCZ5REWWnc9
f4nylDhyM3tfErNIJXoQ2XyBeOkqzUVdm0sv6wtI5dbrWa5omlb9oNa80OhKEw2M
OOMP+uEbUZZX7HX0jFEpFLBrXYDwe9npDgXiorISbFRFWFLlGIhNDV4mzpDz4eyt
MUwEFglbGyep1PenlQd6qwAYoOdakaZmXjoQF/EjFM6mqOJJRpCyGcARSMTDC4rE
msvATxqif96ttDTrq6AG3h5QvCeqgLa+xfAsW2vDA9s1R4V4cgaBJvBktlTzFxgQ
0rCz36BSEN3EFvLMff13WIatBQIDAQABo4IC1jCCAtIwHQYDVR0OBBYEFO+S7o05
leFGtzBxnV2Et0iJWQFoMB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2
MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvQ0U5ODhEODBG
QjczMTFFQzk3Q0Q3Rjg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYAYIKwYBBQUHAQcBAf8E
UTBPMCoEAgABMCQDBAIr5qADBAFnFOoDBAJnG4QDBAFnn0ADBALLYLADBALSEEAw
IQQCAAIwGwMHASQGy0AAAAMHACQGy0EAAAMHACQGy0IAADANBgkqhkiG9w0BAQsF
AAOCAQEATYJbQ5z+0sGrPHrKV9uOCTU+0KoD8S61jO1ocBvtY8rDgKlDu4IMraLj
tWKaclSbYOMaxBHpukD2ubgFgMk8ejkaij/Olx+hEVcz29jQTh46MNMKzOs5kM3E
pMjYtjXWYqWeOx3/OSPl2s+EofqA2nuh8P0qyc8qZz70e6mJV8zDA2guo1RBxdpU
wxgEjz1BujyLcZY3FUK1dUCCkUFYPVAHxEgG+8LIC33FghHOQKIqmjJhN9jD6yTv
hXk7SBhTeiXCpNtTssI/+CqcYZwNfqJxXABBsBxQE+igoIw6K/FBPqTd8b5rDsow
LI+s4iBXvXi7Hh65MnaAmQTfwSIn2g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:08:09 2025 by rpki-client