Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD378/632FA8CE51EA11EAB6A5CD86C4F9AE02/EF44A44E51EB11EABC11800DC4F9AE02.roa
File: EF44A44E51EB11EABC11800DC4F9AE02.roa (raw, json)
Hash identifier: wVjOHBRTAFBzywxmlgqw2C8A1H3crVXb96hs+TBB5RU=
Subject key identifier: 91:2F:8E:95:01:20:41:F9:B5:4C:F5:32:32:D0:5C:C3:EC:B6:E6:D6
Certificate issuer: /CN=A91FD378/serialNumber=99BE085D1C696CBC21B678F9188ECCE5DBCDD4CA
Certificate serial: 0A8A
Authority key identifier: 99:BE:08:5D:1C:69:6C:BC:21:B6:78:F9:18:8E:CC:E5:DB:CD:D4:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mb4IXRxpbLwhtnj5GI7M5dvN1Mo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FD378/632FA8CE51EA11EAB6A5CD86C4F9AE02/EF44A44E51EB11EABC11800DC4F9AE02.roa
Signing time: Thu 30 Jan 2025 20:09:25 +0000
ROA not before: Thu 30 Jan 2025 20:09:25 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133192
IP address blocks: 103.255.24.0/24 maxlen: 24
103.255.25.0/24 maxlen: 24
103.255.26.0/24 maxlen: 24
103.255.27.0/24 maxlen: 24
163.47.164.0/24 maxlen: 24
163.47.165.0/24 maxlen: 24
163.47.166.0/24 maxlen: 24
163.47.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2698 (0xa8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FD378
Validity
Not Before: Jan 30 20:09:25 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679bdc74-f5fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a5:9d:70:f4:df:1b:72:84:1d:12:a1:f4:17:
ce:04:12:83:b6:70:08:fe:bb:45:7c:74:0e:19:72:
7c:d2:40:d2:b9:4d:74:3a:57:2a:67:05:df:ef:88:
8f:07:d4:c6:f5:63:8a:3c:c8:ae:32:e5:ba:21:a3:
e0:4e:51:5e:17:b0:f8:68:cc:0b:32:11:81:00:bf:
5e:8f:8f:09:85:38:ed:3b:ac:27:07:dd:4b:e1:b0:
9f:14:42:3d:89:67:11:db:e6:f4:e8:24:3a:8e:f3:
d5:3e:23:2a:76:84:a6:55:85:ad:57:df:69:e0:0f:
54:6c:f3:31:0a:e2:2f:95:14:2e:07:b6:f1:d4:2c:
f1:57:f1:cd:64:9a:43:97:5b:42:61:f1:1b:05:3d:
8e:93:6b:84:20:70:4c:99:b4:4c:ef:63:25:5a:5d:
a7:71:05:42:e3:8c:f7:5f:cc:42:74:af:88:e8:93:
9d:65:1f:ca:fc:f1:79:cf:c2:be:db:7c:a6:21:28:
f3:3f:a9:50:57:25:09:c5:17:38:60:d6:23:ed:01:
3d:4a:8f:b9:dd:e9:4b:e6:aa:d6:2a:ae:5d:8a:df:
55:0e:3a:7e:f1:f2:d6:30:8f:a1:2e:2a:71:06:7e:
db:8d:89:db:0c:5d:63:af:fe:9e:80:b7:c6:67:a7:
b6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:2F:8E:95:01:20:41:F9:B5:4C:F5:32:32:D0:5C:C3:EC:B6:E6:D6
X509v3 Authority Key Identifier:
keyid:99:BE:08:5D:1C:69:6C:BC:21:B6:78:F9:18:8E:CC:E5:DB:CD:D4:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FD378/632FA8CE51EA11EAB6A5CD86C4F9AE02/mb4IXRxpbLwhtnj5GI7M5dvN1Mo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mb4IXRxpbLwhtnj5GI7M5dvN1Mo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD378/632FA8CE51EA11EAB6A5CD86C4F9AE02/EF44A44E51EB11EABC11800DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.255.24.0/22
163.47.164.0/22
Signature Algorithm: sha256WithRSAEncryption
23:fa:fb:46:14:ef:06:28:12:ba:81:b6:93:08:54:e8:52:98:
31:71:d4:73:5d:76:a8:12:ab:05:1b:fd:77:ff:0c:74:2f:23:
42:fc:98:73:fb:db:b8:f8:b3:a3:9e:c6:0e:e0:48:74:53:c7:
bd:30:18:55:98:6a:c3:88:61:e9:0e:11:b4:0f:1c:53:54:97:
d1:f3:9b:44:25:b3:94:2a:a4:f2:b7:a5:56:80:e1:c7:a6:ef:
d2:b2:88:c5:d8:03:b3:21:5d:51:7a:80:4f:03:23:61:de:b6:
11:e3:d9:29:d3:17:84:e2:e9:63:27:d3:b5:16:0d:96:b3:5b:
dd:c3:5e:d1:ec:b9:5c:ee:6f:9e:3f:5d:91:7a:99:b5:28:a8:
88:f9:c6:62:a0:a6:e1:ed:a4:3f:85:fe:3a:64:75:58:a5:ce:
f5:6c:f2:f8:ca:0d:ba:2d:b2:eb:04:cc:56:25:64:a9:53:90:
43:cf:47:a9:35:e3:b8:3e:90:ab:54:0d:0e:63:54:e9:18:77:
57:96:2d:27:2c:6a:d6:01:8e:eb:d8:01:97:b7:d3:a4:bc:85:
48:8c:2d:f9:17:ea:ec:86:e4:44:ba:5f:46:77:6a:1e:d7:c2:
e9:f5:f3:23:b1:ba:10:de:14:dd:05:15:e9:c1:3b:d6:a8:b9:
88:39:16:7c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCoowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkQzNzgxMTAvBgNVBAUTKDk5QkUwODVEMUM2OTZDQkMyMUI2NzhGOTE4OEVDQ0U1
REJDREQ0Q0EwHhcNMjUwMTMwMjAwOTI1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzliZGM3NC1mNWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnKWdcPTfG3KEHRKh9BfOBBKDtnAI/rtFfHQOGXJ80kDSuU10OlcqZwXf74iP
B9TG9WOKPMiuMuW6IaPgTlFeF7D4aMwLMhGBAL9ej48JhTjtO6wnB91L4bCfFEI9
iWcR2+b06CQ6jvPVPiMqdoSmVYWtV99p4A9UbPMxCuIvlRQuB7bx1CzxV/HNZJpD
l1tCYfEbBT2Ok2uEIHBMmbRM72MlWl2ncQVC44z3X8xCdK+I6JOdZR/K/PF5z8K+
23ymISjzP6lQVyUJxRc4YNYj7QE9So+53elL5qrWKq5dit9VDjp+8fLWMI+hLipx
Bn7bjYnbDF1jr/6egLfGZ6e2FwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJEvjpUB
IEH5tUz1MjLQXMPstubWMB8GA1UdIwQYMBaAFJm+CF0caWy8IbZ4+RiOzOXbzdTK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRDM3OC82MzJGQThDRTUx
RUExMUVBQjZBNUNEODZDNEY5QUUwMi9tYjRJWFJ4cGJMd2h0bmo1R0k3TTVkdk4x
TW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21iNElYUnhwYkx3aHRuajVHSTdNNWR2TjFNby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkQzNzgvNjMyRkE4Q0U1MUVBMTFFQUI2QTVDRDg2QzRGOUFFMDIvRUY0NEE0NEU1
MUVCMTFFQUJDMTE4MDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJn/xgDBAKjL6QwDQYJKoZIhvcNAQELBQADggEBACP6+0YU
7wYoErqBtpMIVOhSmDFx1HNddqgSqwUb/Xf/DHQvI0L8mHP727j4s6Oexg7gSHRT
x70wGFWYasOIYekOEbQPHFNUl9Hzm0Qls5QqpPK3pVaA4cem79KyiMXYA7MhXVF6
gE8DI2HethHj2SnTF4Ti6WMn07UWDZazW93DXtHsuVzub54/XZF6mbUoqIj5xmKg
puHtpD+F/jpkdVilzvVs8vjKDbotsusEzFYlZKlTkEPPR6k147g+kKtUDQ5jVOkY
d1eWLScsatYBjuvYAZe306S8hUiMLfkX6uyG5ES6X0Z3ah7Xwun18yOxuhDeFN0F
FenBO9aouYg5Fnw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:56:31 2025 by rpki-client