Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/B4DF66BA809F11E7B741FD2EC4F9AE02.roa
File: B4DF66BA809F11E7B741FD2EC4F9AE02.roa (raw, json)
Hash identifier: 77Iwmlvm6ZwohaEy6gbfC43esuXdCwx4q/OWoXmvTdY=
Subject key identifier: 76:95:02:88:0D:7A:74:BB:B5:18:DA:C1:CE:21:6C:7E:83:25:5F:F6
Certificate issuer: /CN=A914C725/serialNumber=ED17D1BE3D5711C6C98C8CCC59AAF737E865C384
Certificate serial: 18F5
Authority key identifier: ED:17:D1:BE:3D:57:11:C6:C9:8C:8C:CC:59:AA:F7:37:E8:65:C3:84
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RfRvj1XEcbJjIzMWar3N-hlw4Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/B4DF66BA809F11E7B741FD2EC4F9AE02.roa
Signing time: Thu 30 Jan 2025 19:21:53 +0000
ROA not before: Thu 30 Jan 2025 19:21:53 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 56286
IP address blocks: 103.29.56.0/22 maxlen: 22
103.29.56.0/24 maxlen: 24
103.29.57.0/24 maxlen: 24
103.29.58.0/24 maxlen: 24
103.29.59.0/24 maxlen: 24
103.106.166.0/23 maxlen: 23
103.106.166.0/24 maxlen: 24
103.106.167.0/24 maxlen: 24
2403:1300::/32 maxlen: 32
2403:1300::/36 maxlen: 36
2403:1300:100::/40 maxlen: 40
2403:1300:100::/48 maxlen: 48
2403:1300:101::/48 maxlen: 48
2403:1300:102::/48 maxlen: 48
2403:1300:111::/48 maxlen: 48
2403:1300:113::/48 maxlen: 48
2403:1300:121::/48 maxlen: 48
2403:1300:122::/48 maxlen: 48
2403:1300:131::/48 maxlen: 48
2403:1300:200::/40 maxlen: 40
2403:1300:201::/48 maxlen: 48
2403:1300:202::/48 maxlen: 48
2403:1300:211::/48 maxlen: 48
2403:1300:221::/48 maxlen: 48
2403:1300:222::/48 maxlen: 48
2403:1300:223::/48 maxlen: 48
2403:1300:231::/48 maxlen: 48
2403:1300:300::/40 maxlen: 40
2403:1300:301::/48 maxlen: 48
2403:1300:302::/48 maxlen: 48
2403:1300:311::/48 maxlen: 48
2403:1300:1000::/36 maxlen: 36
2403:1300:2000::/36 maxlen: 36
2403:1300:3000::/36 maxlen: 36
2403:1300:8000::/36 maxlen: 36
2403:1300:f000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6389 (0x18f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C725/serialNumber=ED17D1BE3D5711C6C98C8CCC59AAF737E865C384
Validity
Not Before: Jan 30 19:21:53 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=679bd151-6a7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e4:6a:28:f9:8f:4a:9b:28:97:f8:80:2a:2e:
c5:90:c9:87:4e:11:9a:10:3b:30:67:a3:09:26:f3:
ca:eb:f3:13:40:92:f6:f6:07:b1:f3:51:70:a5:c3:
83:89:9e:ed:07:78:cf:73:08:ea:58:07:b5:0f:22:
2a:1c:8d:b9:4a:56:e3:e1:1b:eb:ae:66:de:1f:c3:
9b:c1:af:03:43:61:87:06:80:cf:23:19:e7:54:4e:
a6:ce:b4:c4:89:33:ce:39:f3:56:2a:6e:fd:9e:26:
d2:cf:ba:ff:2a:c6:f6:5e:9a:06:33:d5:7f:84:98:
5e:19:74:bd:66:ec:44:03:b5:17:44:28:88:18:b4:
42:42:8b:ba:bf:77:b9:1a:a7:50:ff:33:94:c2:63:
79:22:9c:be:9f:ef:b2:aa:2e:34:29:41:2a:af:00:
8c:61:f9:b1:82:98:95:b6:87:b6:d8:43:44:0f:8e:
d9:95:df:b3:ff:1c:7f:56:0b:e6:ea:ad:0f:d6:6a:
24:9e:db:de:b6:fe:48:94:00:8c:68:74:57:28:6a:
be:c6:e1:70:fe:77:56:43:d1:cf:23:8b:21:28:6d:
00:fa:85:ff:6d:d9:bb:7d:5c:d8:5d:06:02:ef:99:
54:f4:4d:27:9d:8c:64:06:ef:a6:28:f2:be:6d:cc:
ea:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:95:02:88:0D:7A:74:BB:B5:18:DA:C1:CE:21:6C:7E:83:25:5F:F6
X509v3 Authority Key Identifier:
keyid:ED:17:D1:BE:3D:57:11:C6:C9:8C:8C:CC:59:AA:F7:37:E8:65:C3:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/7RfRvj1XEcbJjIzMWar3N-hlw4Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RfRvj1XEcbJjIzMWar3N-hlw4Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/B4DF66BA809F11E7B741FD2EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.29.56.0/22
103.106.166.0/23
IPv6:
2403:1300::/32
Signature Algorithm: sha256WithRSAEncryption
ac:bb:2f:ab:86:39:8a:02:f4:2b:40:e4:64:9e:18:fc:f4:2c:
1f:3e:f2:bb:b0:24:d1:0e:b5:48:f9:fa:eb:14:07:ef:e5:13:
a8:df:eb:20:21:89:4d:55:a1:97:9e:79:62:53:97:d5:b5:41:
76:0f:0e:09:21:69:19:e4:e0:c7:0d:f1:c9:39:b8:de:9e:af:
c2:c3:2c:e6:c2:ef:81:f1:6f:e4:29:cb:a1:e1:4a:41:cf:24:
65:b6:44:cc:d1:41:a6:f9:23:64:77:71:f2:a6:95:e6:82:8d:
4d:86:42:b8:09:d8:71:80:4e:44:16:d8:86:22:0e:db:26:97:
67:27:62:e2:00:37:64:eb:1e:b7:bc:69:f4:f2:7b:7e:b8:cb:
9a:c2:6e:5b:71:f2:78:7e:3d:c5:d4:e2:9d:92:ea:78:eb:8f:
47:ec:45:89:eb:73:48:bf:2c:81:f8:15:ea:04:c1:50:86:33:
41:1d:96:c2:fd:45:29:14:23:cb:e5:e3:19:81:5e:1a:f3:c2:
18:36:65:5a:e3:eb:f6:cb:3c:a5:2b:75:cf:18:6c:97:60:ea:
33:55:6e:94:c8:e3:9b:9e:c8:3b:da:cd:b9:61:82:d7:8e:b0:
0c:22:c8:80:c6:ad:2f:9f:6c:96:c4:8e:7e:ab:a2:49:be:2b:
c9:fe:a0:ad
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICGPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEM3MjUxMTAvBgNVBAUTKEVEMTdEMUJFM0Q1NzExQzZDOThDOENDQzU5QUFGNzM3
RTg2NUMzODQwHhcNMjUwMTMwMTkyMTUzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzliZDE1MS02YTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtuRqKPmPSpsol/iAKi7FkMmHThGaEDswZ6MJJvPK6/MTQJL29gex81FwpcOD
iZ7tB3jPcwjqWAe1DyIqHI25Slbj4RvrrmbeH8Obwa8DQ2GHBoDPIxnnVE6mzrTE
iTPOOfNWKm79nibSz7r/Ksb2XpoGM9V/hJheGXS9ZuxEA7UXRCiIGLRCQou6v3e5
GqdQ/zOUwmN5Ipy+n++yqi40KUEqrwCMYfmxgpiVtoe22ENED47Zld+z/xx/Vgvm
6q0P1mokntvetv5IlACMaHRXKGq+xuFw/ndWQ9HPI4shKG0A+oX/bdm7fVzYXQYC
75lU9E0nnYxkBu+mKPK+bczqTwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFHaVAogN
enS7tRjawc4hbH6DJV/2MB8GA1UdIwQYMBaAFO0X0b49VxHGyYyMzFmq9zfoZcOE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzcyNS8zMTg0NEMzNjgw
OUYxMUU3QkQ2QTZCMkVDNEY5QUUwMi83UmZSdmoxWEVjYkpqSXpNV2FyM04taGx3
NFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdSZlJ2ajFYRWNiSmpJek1XYXIzTi1obHc0US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEM3MjUvMzE4NDRDMzY4MDlGMTFFN0JENkE2QjJFQzRGOUFFMDIvQjRERjY2QkE4
MDlGMTFFN0I3NDFGRDJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnHTgDBAFnaqYwDQQCAAIwBwMFACQDEwAwDQYJKoZIhvcN
AQELBQADggEBAKy7L6uGOYoC9CtA5GSeGPz0LB8+8ruwJNEOtUj5+usUB+/lE6jf
6yAhiU1VoZeeeWJTl9W1QXYPDgkhaRnk4McN8ck5uN6er8LDLObC74Hxb+Qpy6Hh
SkHPJGW2RMzRQab5I2R3cfKmleaCjU2GQrgJ2HGATkQW2IYiDtsml2cnYuIAN2Tr
Hre8afTye364y5rCbltx8nh+PcXU4p2S6njrj0fsRYnrc0i/LIH4FeoEwVCGM0Ed
lsL9RSkUI8vl4xmBXhrzwhg2ZVrj6/bLPKUrdc8YbJdg6jNVbpTI45ueyDvazblh
gteOsAwiyIDGrS+fbJbEjn6rokm+K8n+oK0=
-----END CERTIFICATE-----
Generated at Sun Apr 27 06:02:25 2025 by rpki-client