Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
File: B902532EFEA211EDB9013076C4F9AE02.roa (raw, json)
Hash identifier: 0DcjyufPPKhf65I1PHM+O/al565lguF21gE3yVcguAg=
Subject key identifier: 9E:F4:A6:C1:71:1D:79:A0:36:49:1C:9F:B9:DB:6E:A9:76:9A:44:AD
Certificate issuer: /CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Certificate serial: 05A8
Authority key identifier: 31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
Signing time: Tue 28 Jan 2025 23:14:15 +0000
ROA not before: Tue 28 Jan 2025 23:14:15 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 63956
IP address blocks: 45.112.244.0/22 maxlen: 24
103.20.17.0/24 maxlen: 24
103.21.108.0/24 maxlen: 24
103.52.116.0/22 maxlen: 24
103.97.52.0/22 maxlen: 22
103.97.52.0/24 maxlen: 24
103.97.53.0/24 maxlen: 24
103.97.54.0/24 maxlen: 24
103.97.55.0/24 maxlen: 24
103.225.96.0/24 maxlen: 24
202.46.160.0/20 maxlen: 24
203.12.129.0/24 maxlen: 24
203.18.194.0/24 maxlen: 24
203.210.102.0/24 maxlen: 24
2402:1b80::/40 maxlen: 40
2402:1b80:10::/48 maxlen: 48
2402:1b80:11::/48 maxlen: 48
2402:1b80:14::/48 maxlen: 48
2402:1b80:103::/48 maxlen: 48
2402:1b80:104::/48 maxlen: 48
2402:1b80:106::/48 maxlen: 48
2402:1b80:203::/48 maxlen: 48
2402:1b80:204::/48 maxlen: 48
2402:1b80:206::/48 maxlen: 48
2402:1b80:300::/40 maxlen: 40
2402:1b80:304::/48 maxlen: 48
2402:1b80:306::/48 maxlen: 48
2402:1b80:403::/48 maxlen: 48
2402:1b80:3000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1448 (0x5a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Validity
Not Before: Jan 28 23:14:15 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=679964c7-6bd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:dd:38:00:62:8a:ac:02:cd:4b:d7:68:8e:79:
c0:aa:e0:0a:06:c2:52:63:da:7b:6d:80:8a:9d:9b:
ac:6b:1d:de:83:31:8d:0c:88:6c:2c:da:2b:14:e3:
ab:f6:65:a1:44:b8:e4:b6:f7:6f:2c:0b:1b:b0:30:
0b:09:7c:72:f4:f4:fc:65:22:0d:a7:38:b6:ed:5a:
9c:58:91:c1:02:ce:8a:80:23:eb:ee:d5:16:80:cd:
f2:7c:51:b8:d8:06:60:16:95:d1:7a:d7:e7:c1:ca:
0f:d2:5e:1a:97:f6:fe:3b:8e:ee:fc:84:94:6b:e3:
b6:38:60:1e:c1:00:16:bc:9a:3a:84:ea:2d:16:41:
8e:1c:ce:00:fc:b9:97:3a:84:f7:41:02:28:8e:7f:
53:88:ee:4b:43:cd:ab:47:95:db:c3:90:4e:5e:f5:
20:a5:63:5c:f0:6a:28:f9:c6:cd:ba:04:27:9b:29:
d6:7e:95:27:1a:a6:de:1f:fe:18:a1:79:e5:bd:aa:
db:71:9a:97:fc:8c:4b:63:5a:bf:8e:41:35:e1:6e:
f0:43:24:94:e7:6d:1b:03:61:94:e3:52:59:c5:f7:
c3:c9:46:88:e2:c9:ad:0a:86:b1:fa:d4:2d:a1:d9:
b7:66:e9:ea:bc:f8:34:0f:52:26:62:cc:64:72:aa:
f4:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:F4:A6:C1:71:1D:79:A0:36:49:1C:9F:B9:DB:6E:A9:76:9A:44:AD
X509v3 Authority Key Identifier:
keyid:31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.244.0/22
103.20.17.0/24
103.21.108.0/24
103.52.116.0/22
103.97.52.0/22
103.225.96.0/24
202.46.160.0/20
203.12.129.0/24
203.18.194.0/24
203.210.102.0/24
IPv6:
2402:1b80::/40
2402:1b80:103::-2402:1b80:104:ffff:ffff:ffff:ffff:ffff
2402:1b80:106::/48
2402:1b80:203::-2402:1b80:204:ffff:ffff:ffff:ffff:ffff
2402:1b80:206::/48
2402:1b80:300::/40
2402:1b80:403::/48
2402:1b80:3000::/40
Signature Algorithm: sha256WithRSAEncryption
6b:a2:39:9e:c0:be:91:84:c1:b3:9f:9c:06:0c:a8:20:99:d3:
75:b7:1a:83:64:2f:3e:5c:09:4b:00:3d:ba:93:23:97:a4:55:
65:45:a4:1d:02:29:38:75:e5:3f:d6:75:5a:6f:fa:7a:26:de:
d2:f4:34:b7:ec:2e:42:ce:a6:3b:5f:4f:4b:d0:f0:c5:02:25:
98:e1:1a:6f:16:2f:c2:5f:01:1f:e2:8b:9e:25:aa:ce:2c:b6:
a0:ff:5b:d5:e6:af:f5:51:35:f7:a9:66:f2:8e:4f:55:3e:78:
9c:e6:1f:6c:6d:d8:dc:ee:08:54:c7:e0:bf:04:5a:16:30:67:
e2:7b:9f:dc:a8:d2:5f:95:56:5d:c1:15:01:8c:43:75:d6:44:
89:7a:de:eb:6a:4c:79:ad:41:db:49:9e:32:34:60:d6:48:44:
11:89:3c:0e:1b:f9:64:97:32:76:b1:d6:5b:8b:a4:21:59:00:
ab:0b:9e:b8:8d:e8:22:0f:55:a6:75:3d:d7:80:dc:21:21:2b:
2e:ee:e9:1f:4e:3f:f2:e9:63:24:c7:36:de:de:fc:1e:45:31:
8d:29:4e:b9:a5:ef:9a:fa:ad:97:54:97:c2:32:8d:1f:4c:16:
c1:15:8e:1d:7c:09:84:84:99:d6:60:5e:c9:d3:3c:31:1f:37:
ca:f9:7e:5f
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgICBagwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQzRjMxMTAvBgNVBAUTKDMxN0MzMDdGRkM2RUNCNkNGNjU2RjI2QjgyODJGRkI5
RTYyRjkzNjUwHhcNMjUwMTI4MjMxNDE1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk5NjRjNy02YmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3t04AGKKrALNS9dojnnAquAKBsJSY9p7bYCKnZusax3egzGNDIhsLNorFOOr
9mWhRLjktvdvLAsbsDALCXxy9PT8ZSINpzi27VqcWJHBAs6KgCPr7tUWgM3yfFG4
2AZgFpXRetfnwcoP0l4al/b+O47u/ISUa+O2OGAewQAWvJo6hOotFkGOHM4A/LmX
OoT3QQIojn9TiO5LQ82rR5Xbw5BOXvUgpWNc8Goo+cbNugQnmynWfpUnGqbeH/4Y
oXnlvarbcZqX/IxLY1q/jkE14W7wQySU520bA2GU41JZxffDyUaI4smtCoax+tQt
odm3ZunqvPg0D1ImYsxkcqr0EwIDAQABo4IDMTCCAy0wHQYDVR0OBBYEFJ70psFx
HXmgNkkcn7nbbql2mkStMB8GA1UdIwQYMBaAFDF8MH/8bsts9lbya4KC/7nmL5Nl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDNGMy9CMjU0NDgxQUNB
MzQxMUVCOEM5MEQ5NDFDNEY5QUUwMi9NWHd3Zl94dXkyejJWdkpyZ29MX3VlWXZr
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01Yd3dmX3h1eTJ6MlZ2SnJnb0xfdWVZdmsyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQzRjMvQjI1NDQ4MUFDQTM0MTFFQjhDOTBEOTQxQzRGOUFFMDIvQjkwMjUzMkVG
RUEyMTFFREI5MDEzMDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgboGCCsGAQUFBwEHAQH/
BIGqMIGnMEIEAgABMDwDBAItcPQDBABnFBEDBABnFWwDBAJnNHQDBAJnYTQDBABn
4WADBATKLqADBADLDIEDBADLEsIDBADL0mYwYQQCAAIwWwMGACQCG4AAMBIDBwAk
AhuAAQMDBwAkAhuAAQQDBwAkAhuAAQYwEgMHACQCG4ACAwMHACQCG4ACBAMHACQC
G4ACBgMGACQCG4ADAwcAJAIbgAQDAwYAJAIbgDAwDQYJKoZIhvcNAQELBQADggEB
AGuiOZ7AvpGEwbOfnAYMqCCZ03W3GoNkLz5cCUsAPbqTI5ekVWVFpB0CKTh15T/W
dVpv+nom3tL0NLfsLkLOpjtfT0vQ8MUCJZjhGm8WL8JfAR/ii54lqs4stqD/W9Xm
r/VRNfepZvKOT1U+eJzmH2xt2NzuCFTH4L8EWhYwZ+J7n9yo0l+VVl3BFQGMQ3XW
RIl63utqTHmtQdtJnjI0YNZIRBGJPA4b+WSXMnax1luLpCFZAKsLnriN6CIPVaZ1
PdeA3CEhKy7u6R9OP/LpYyTHNt7e/B5FMY0pTrml75r6rZdUl8IyjR9MFsEVjh18
CYSEmdZgXsnTPDEfN8r5fl8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:43:03 2025 by rpki-client