Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/CEC1F8CEBCDD11EDA890C37EC4F9AE02.roa
File: CEC1F8CEBCDD11EDA890C37EC4F9AE02.roa (raw, json)
Hash identifier: WohY8W0xB97fJlzc0NXwUcNoZJQ/eR2hTSMO+u9osbA=
Subject key identifier: F7:DF:CE:E6:F9:31:C2:9B:4B:E2:33:2E:33:9A:B3:A5:08:4B:CA:EE
Certificate issuer: /CN=A91B6EB1/serialNumber=C28879FEC10CE929C1CF2E5B97886F1D7EA17C5A
Certificate serial: 0B7B
Authority key identifier: C2:88:79:FE:C1:0C:E9:29:C1:CF:2E:5B:97:88:6F:1D:7E:A1:7C:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/woh5_sEM6SnBzy5bl4hvHX6hfFo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/CEC1F8CEBCDD11EDA890C37EC4F9AE02.roa
Signing time: Fri 28 Mar 2025 19:30:47 +0000
ROA not before: Fri 28 Mar 2025 19:30:47 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 136395
IP address blocks: 103.86.108.0/22 maxlen: 22
103.86.108.0/23 maxlen: 23
103.86.108.0/24 maxlen: 24
103.86.109.0/24 maxlen: 24
103.86.110.0/24 maxlen: 24
103.86.111.0/24 maxlen: 24
202.181.4.0/22 maxlen: 22
202.181.4.0/23 maxlen: 23
202.181.4.0/24 maxlen: 24
202.181.5.0/24 maxlen: 24
202.181.6.0/23 maxlen: 23
202.181.6.0/24 maxlen: 24
202.181.7.0/24 maxlen: 24
2400:bcc0::/32 maxlen: 32
2400:bcc0::/36 maxlen: 36
2400:bcc0:1::/48 maxlen: 48
2400:bcc0:2::/48 maxlen: 48
2400:bcc0:3::/48 maxlen: 48
2400:bcc0:4::/48 maxlen: 48
2400:bcc0:9::/48 maxlen: 48
2400:bcc0:1000::/36 maxlen: 36
2400:bcc0:1000::/48 maxlen: 48
2400:bcc0:1001::/48 maxlen: 48
2400:bcc0:1002::/48 maxlen: 48
2400:bcc0:1003::/48 maxlen: 48
2400:bcc0:1004::/48 maxlen: 48
2400:bcc0:1005::/48 maxlen: 48
2400:bcc0:1006::/48 maxlen: 48
2400:bcc0:1007::/48 maxlen: 48
2400:bcc0:1008::/48 maxlen: 48
2400:bcc0:1009::/48 maxlen: 48
2400:bcc0:100a::/48 maxlen: 48
2400:bcc0:100b::/48 maxlen: 48
2400:bcc0:100c::/48 maxlen: 48
2400:bcc0:1010::/48 maxlen: 48
2400:bcc0:1011::/48 maxlen: 48
2400:bcc0:1016::/48 maxlen: 48
2400:bcc0:1017::/48 maxlen: 48
2400:bcc0:101c::/48 maxlen: 48
2400:bcc0:101d::/48 maxlen: 48
2400:bcc0:1022::/48 maxlen: 48
2400:bcc0:1023::/48 maxlen: 48
2400:bcc0:1028::/48 maxlen: 48
2400:bcc0:1029::/48 maxlen: 48
2400:bcc0:102e::/48 maxlen: 48
2400:bcc0:1033::/48 maxlen: 48
2400:bcc0:1034::/48 maxlen: 48
2400:bcc0:2000::/36 maxlen: 36
2400:bcc0:3000::/36 maxlen: 36
2400:bcc0:3001::/48 maxlen: 48
2400:bcc0:3002::/48 maxlen: 48
2400:bcc0:3003::/48 maxlen: 48
2400:bcc0:3004::/48 maxlen: 48
2400:bcc0:3005::/48 maxlen: 48
2400:bcc0:3006::/48 maxlen: 48
2400:bcc0:300b::/48 maxlen: 48
2400:bcc0:300c::/48 maxlen: 48
2400:bcc0:3010::/48 maxlen: 48
2400:bcc0:3011::/48 maxlen: 48
2400:bcc0:3016::/48 maxlen: 48
2400:bcc0:3017::/48 maxlen: 48
2400:bcc0:301c::/48 maxlen: 48
2400:bcc0:301d::/48 maxlen: 48
2400:bcc0:3022::/48 maxlen: 48
2400:bcc0:3023::/48 maxlen: 48
2400:bcc0:3028::/48 maxlen: 48
2400:bcc0:3029::/48 maxlen: 48
2400:bcc0:302e::/48 maxlen: 48
2400:bcc0:4000::/36 maxlen: 36
2400:bcc0:5000::/36 maxlen: 36
2400:bcc0:6000::/36 maxlen: 36
2400:bcc0:7000::/36 maxlen: 36
2400:bcc0:8000::/36 maxlen: 36
2400:bcc0:9000::/36 maxlen: 36
2400:bcc0:a000::/36 maxlen: 36
2400:bcc0:b000::/36 maxlen: 36
2400:bcc0:c000::/36 maxlen: 36
2400:bcc0:d000::/36 maxlen: 36
2400:bcc0:e000::/36 maxlen: 36
2400:bcc0:f000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2939 (0xb7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6EB1
Validity
Not Before: Mar 28 19:30:47 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e6f8e7-af8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c8:f5:6a:5d:af:0c:e6:a5:55:c4:0a:52:c0:
7e:14:e6:ca:2b:9d:ba:02:58:72:52:c5:fe:be:85:
49:c6:00:d3:e8:3c:32:5b:e4:bb:95:30:c3:ee:e5:
94:5f:0d:cc:1a:11:5b:d4:51:da:22:06:d6:25:5d:
e7:fe:8d:0d:b2:28:27:b0:4e:48:da:9a:50:fe:06:
5d:df:86:d3:48:cc:17:76:69:ed:23:fb:48:cd:85:
e2:a4:8e:3c:ef:4e:07:2e:e5:97:9d:27:76:16:d0:
29:61:88:41:55:49:43:7d:a3:e5:b9:73:ca:a4:8e:
97:f1:f7:d5:9b:85:cd:ed:e1:19:86:32:8f:24:f9:
b3:53:45:5d:5e:58:74:ae:5c:93:65:4d:7d:49:e1:
3c:d9:ff:cf:bd:68:65:ed:55:e4:32:fb:15:85:3e:
3b:f4:c3:9d:91:c6:23:ac:14:a8:2e:43:43:a4:98:
27:c3:89:bb:55:db:93:48:6f:a8:6a:40:1e:16:16:
b4:28:32:2b:74:e4:c5:bc:9a:16:62:f3:55:c4:36:
26:83:3a:98:90:11:9b:91:28:4e:9b:ce:ce:4f:3a:
e4:c2:bb:f1:61:26:01:9a:7c:71:e5:eb:6b:24:76:
3e:fd:a9:64:31:1e:a6:10:56:1a:00:df:bb:8c:4e:
a1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:DF:CE:E6:F9:31:C2:9B:4B:E2:33:2E:33:9A:B3:A5:08:4B:CA:EE
X509v3 Authority Key Identifier:
keyid:C2:88:79:FE:C1:0C:E9:29:C1:CF:2E:5B:97:88:6F:1D:7E:A1:7C:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/woh5_sEM6SnBzy5bl4hvHX6hfFo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/woh5_sEM6SnBzy5bl4hvHX6hfFo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/CEC1F8CEBCDD11EDA890C37EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.86.108.0/22
202.181.4.0/22
IPv6:
2400:bcc0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:70:3c:8a:7f:3f:25:40:97:53:e3:48:21:a8:6b:12:2b:e0:
aa:e5:ba:2a:f6:fc:04:15:f5:ce:17:f7:6e:01:3f:2f:3a:83:
b2:a9:48:8b:42:8f:6e:e1:e5:8a:c3:42:7e:39:e9:93:d9:3b:
d0:1c:f6:9c:44:ef:06:18:66:10:f7:b8:c7:07:9e:4d:22:19:
69:0d:6a:cd:3f:c7:46:da:73:20:b4:40:62:a1:dd:fa:8d:f7:
a6:60:8c:1d:50:d5:d2:44:99:fd:dc:5f:f8:bd:0b:57:55:bc:
4b:dd:6e:b6:28:0f:77:f2:67:d1:68:a8:f4:e6:f4:2c:6e:66:
49:02:d2:14:ef:30:12:83:26:69:26:a2:4f:42:f2:db:0f:9d:
f3:f8:67:97:9d:6b:72:c3:91:50:ea:5c:e5:f2:00:90:0c:7c:
c9:05:28:62:41:bc:d1:9c:7f:8d:be:13:00:21:21:9f:1e:36:
f2:47:04:b8:0c:4f:8c:83:6f:43:dd:71:fa:06:11:65:f7:3c:
a9:c7:25:b8:20:f0:5c:5f:06:2d:b2:76:61:3d:32:c8:28:c6:
fc:83:87:2f:09:c2:ea:f0:25:5a:ec:6a:a1:20:3d:e4:96:07:
5f:fa:e3:84:f6:ca:b3:99:2a:c9:d5:a3:48:bb:98:f9:26:b1:
d2:f7:7b:d2
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICC3swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjZFQjExMTAvBgNVBAUTKEMyODg3OUZFQzEwQ0U5MjlDMUNGMkU1Qjk3ODg2RjFE
N0VBMTdDNUEwHhcNMjUwMzI4MTkzMDQ3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U2ZjhlNy1hZjhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo8j1al2vDOalVcQKUsB+FObKK526AlhyUsX+voVJxgDT6DwyW+S7lTDD7uWU
Xw3MGhFb1FHaIgbWJV3n/o0NsignsE5I2ppQ/gZd34bTSMwXdmntI/tIzYXipI48
704HLuWXnSd2FtApYYhBVUlDfaPluXPKpI6X8ffVm4XN7eEZhjKPJPmzU0VdXlh0
rlyTZU19SeE82f/PvWhl7VXkMvsVhT479MOdkcYjrBSoLkNDpJgnw4m7VduTSG+o
akAeFha0KDIrdOTFvJoWYvNVxDYmgzqYkBGbkShOm87OTzrkwrvxYSYBmnxx5etr
JHY+/alkMR6mEFYaAN+7jE6hLQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFPffzub5
McKbS+IzLjOas6UIS8ruMB8GA1UdIwQYMBaAFMKIef7BDOkpwc8uW5eIbx1+oXxa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkVCMS80QzVGNzIwODMx
RjMxMUVBQTBBOTY4NzZDNEY5QUUwMi93b2g1X3NFTTZTbkJ6eTVibDRodkhYNmhm
Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dvaDVfc0VNNlNuQnp5NWJsNGh2SFg2aGZGby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjZFQjEvNEM1RjcyMDgzMUYzMTFFQUEwQTk2ODc2QzRGOUFFMDIvQ0VDMUY4Q0VC
Q0REMTFFREE4OTBDMzdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnVmwDBALKtQQwDQQCAAIwBwMFACQAvMAwDQYJKoZIhvcN
AQELBQADggEBAIxwPIp/PyVAl1PjSCGoaxIr4Krluir2/AQV9c4X924BPy86g7Kp
SItCj27h5YrDQn456ZPZO9Ac9pxE7wYYZhD3uMcHnk0iGWkNas0/x0bacyC0QGKh
3fqN96ZgjB1Q1dJEmf3cX/i9C1dVvEvdbrYoD3fyZ9FoqPTm9CxuZkkC0hTvMBKD
Jmkmok9C8tsPnfP4Z5eda3LDkVDqXOXyAJAMfMkFKGJBvNGcf42+EwAhIZ8eNvJH
BLgMT4yDb0PdcfoGEWX3PKnHJbgg8FxfBi2ydmE9MsgoxvyDhy8JwurwJVrsaqEg
PeSWB1/644T2yrOZKsnVo0i7mPkmsdL3e9I=
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:37:09 2025 by rpki-client