Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913E8CB/5703919C0B8511EA86A52A53C4F9AE02/B42B359A0B8611EA96BE4F58C4F9AE02.roa
File: B42B359A0B8611EA96BE4F58C4F9AE02.roa (raw, json)
Hash identifier: HdewlY3PXx0aOYEAAg+QAY8+JFrnwFjVG1bCPak1FZg=
Subject key identifier: 65:92:EB:60:D3:2B:B1:91:94:DC:28:48:99:B3:7F:C8:1D:AE:F3:D1
Certificate issuer: /CN=A913E8CB/serialNumber=8B868F226FE774797F76A29B584ECEA8DE9A7FA3
Certificate serial: 0A5E
Authority key identifier: 8B:86:8F:22:6F:E7:74:79:7F:76:A2:9B:58:4E:CE:A8:DE:9A:7F:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i4aPIm_ndHl_dqKbWE7OqN6af6M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913E8CB/5703919C0B8511EA86A52A53C4F9AE02/B42B359A0B8611EA96BE4F58C4F9AE02.roa
Signing time: Wed 28 Dec 2022 20:16:54 +0000
ROA not before: Wed 28 Dec 2022 20:16:54 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 137584
IP address blocks: 103.104.216.0/22 maxlen: 22
103.104.216.0/23 maxlen: 23
103.104.216.0/24 maxlen: 24
103.104.217.0/24 maxlen: 24
103.104.218.0/23 maxlen: 23
103.104.218.0/24 maxlen: 24
103.104.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2654 (0xa5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913E8CB/serialNumber=8B868F226FE774797F76A29B584ECEA8DE9A7FA3
Validity
Not Before: Dec 28 20:16:54 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63aca435-b375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f7:71:b8:8a:76:aa:0c:3a:56:ea:2b:84:39:
1c:ab:40:5b:2a:bd:63:2a:f0:a5:14:42:3d:46:35:
3d:88:1d:5e:5c:2e:8e:7b:92:61:e7:3c:de:ba:24:
75:86:38:cf:94:a9:0d:f5:be:53:c8:6d:7f:a9:0b:
8a:73:46:42:87:4d:ab:b4:80:2b:dd:0a:95:cf:aa:
1f:47:91:80:16:8b:cb:ac:0a:a1:54:e3:54:15:27:
07:ff:59:64:6a:bd:a9:7f:44:98:f1:95:dd:d5:20:
06:f2:06:9a:68:df:ab:8b:d6:e7:6a:f4:ce:9c:76:
cd:89:7a:db:b5:ae:c0:07:51:3b:9c:44:70:ff:cf:
9e:b7:b4:b6:ed:1d:38:cd:04:0c:45:6d:1d:09:8b:
90:91:f6:e8:6d:d3:19:df:5e:f4:7b:52:fa:b3:b0:
1f:8b:74:0e:5e:f5:2d:bd:9a:50:e8:00:df:96:29:
c4:96:ef:2b:49:4c:e6:c4:75:51:79:9e:8f:ec:d9:
e2:5d:8a:60:8c:d0:33:ce:91:06:1c:74:83:10:75:
9f:66:b2:87:5d:ab:eb:0b:35:97:d0:e8:33:88:3c:
30:06:60:de:dd:04:c8:92:49:a4:68:89:d9:7b:51:
2d:f3:fe:30:e1:df:8c:cc:23:27:76:7a:ee:cd:42:
4c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:92:EB:60:D3:2B:B1:91:94:DC:28:48:99:B3:7F:C8:1D:AE:F3:D1
X509v3 Authority Key Identifier:
keyid:8B:86:8F:22:6F:E7:74:79:7F:76:A2:9B:58:4E:CE:A8:DE:9A:7F:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913E8CB/5703919C0B8511EA86A52A53C4F9AE02/i4aPIm_ndHl_dqKbWE7OqN6af6M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i4aPIm_ndHl_dqKbWE7OqN6af6M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E8CB/5703919C0B8511EA86A52A53C4F9AE02/B42B359A0B8611EA96BE4F58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.216.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:04:e2:3d:aa:b5:d8:d7:38:b6:68:60:b4:11:59:66:05:f9:
77:f3:0c:68:86:c0:1a:ca:63:d1:31:2d:34:9e:a2:6c:19:d7:
08:f8:6d:b7:30:40:eb:2b:49:bd:60:e5:e8:db:68:44:0f:93:
f8:99:02:9c:bf:e3:0f:26:60:a4:af:fd:ee:bb:01:49:67:ec:
25:8f:79:8e:c4:da:fa:db:b1:12:2f:98:f8:1c:18:e9:99:92:
31:19:f0:89:fb:d2:cf:1f:ae:f4:bf:bf:31:6f:b9:39:92:15:
8c:29:7b:cf:f9:ec:10:a7:22:22:76:a8:73:e1:d6:2d:4d:df:
45:f0:88:78:e1:a3:47:e8:ce:ca:b9:fd:54:e2:c7:e2:fa:f5:
62:43:9f:76:04:c2:b9:33:06:12:2d:13:69:96:7b:c9:19:af:
b7:36:bc:b6:3c:72:57:52:a5:3a:33:0a:08:6f:76:33:9c:d8:
16:a8:9b:46:58:0c:83:dd:46:4b:f4:94:97:f1:c7:46:af:03:
0b:61:37:d4:f9:22:8c:61:02:e7:c0:2f:7b:f7:83:4d:16:c9:
9a:e4:53:b7:8b:e2:7b:ed:17:8b:ff:82:68:1b:c7:52:61:85:
34:f5:fe:63:2f:41:69:18:a9:e2:39:7b:f6:13:c6:2d:fc:03:
a7:a8:ef:bf
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0U4Q0IxMTAvBgNVBAUTKDhCODY4RjIyNkZFNzc0Nzk3Rjc2QTI5QjU4NEVDRUE4
REU5QTdGQTMwHhcNMjIxMjI4MjAxNjU0WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2FjYTQzNS1iMzc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxPdxuIp2qgw6VuorhDkcq0BbKr1jKvClFEI9RjU9iB1eXC6Oe5Jh5zzeuiR1
hjjPlKkN9b5TyG1/qQuKc0ZCh02rtIAr3QqVz6ofR5GAFovLrAqhVONUFScH/1lk
ar2pf0SY8ZXd1SAG8gaaaN+ri9bnavTOnHbNiXrbta7AB1E7nERw/8+et7S27R04
zQQMRW0dCYuQkfbobdMZ3170e1L6s7Afi3QOXvUtvZpQ6ADflinElu8rSUzmxHVR
eZ6P7NniXYpgjNAzzpEGHHSDEHWfZrKHXavrCzWX0OgziDwwBmDe3QTIkkmkaInZ
e1Et8/4w4d+MzCMndnruzUJM2QIDAQABo4IClTCCApEwHQYDVR0OBBYEFGWS62DT
K7GRlNwoSJmzf8gdrvPRMB8GA1UdIwQYMBaAFIuGjyJv53R5f3aim1hOzqjemn+j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRThDQi81NzAzOTE5QzBC
ODUxMUVBODZBNTJBNTNDNEY5QUUwMi9pNGFQSW1fbmRIbF9kcUtiV0U3T3FONmFm
Nk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2k0YVBJbV9uZEhsX2RxS2JXRTdPcU42YWY2TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0U4Q0IvNTcwMzkxOUMwQjg1MTFFQTg2QTUyQTUzQzRGOUFFMDIvQjQyQjM1OUEw
Qjg2MTFFQTk2QkU0RjU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnaNgwDQYJKoZIhvcNAQELBQADggEBAHoE4j2qtdjXOLZo
YLQRWWYF+XfzDGiGwBrKY9ExLTSeomwZ1wj4bbcwQOsrSb1g5ejbaEQPk/iZApy/
4w8mYKSv/e67AUln7CWPeY7E2vrbsRIvmPgcGOmZkjEZ8In70s8frvS/vzFvuTmS
FYwpe8/57BCnIiJ2qHPh1i1N30XwiHjho0fozsq5/VTix+L69WJDn3YEwrkzBhIt
E2mWe8kZr7c2vLY8cldSpTozCghvdjOc2Baom0ZYDIPdRkv0lJfxx0avAwthN9T5
IoxhAufAL3v3g00WyZrkU7eL4nvtF4v/gmgbx1JhhTT1/mMvQWkYqeI5e/YTxi38
A6eo778=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org