Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/04421FB4C2A911EBB201FE39C4F9AE02.roa
File: 04421FB4C2A911EBB201FE39C4F9AE02.roa (raw, json)
Hash identifier: codx2KaWlaGrUgOplDGQb2t/gzk8xsI27IkWfU9XUcg=
Subject key identifier: CA:50:86:3B:80:32:F6:A8:49:30:9E:64:2A:EB:20:74:B4:58:7C:04
Certificate issuer: /CN=A91551D7/serialNumber=113618B0D410682AC06A901D65BB9AC955ED89E0
Certificate serial: 0E2B
Authority key identifier: 11:36:18:B0:D4:10:68:2A:C0:6A:90:1D:65:BB:9A:C9:55:ED:89:E0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ETYYsNQQaCrAapAdZbuayVXtieA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/04421FB4C2A911EBB201FE39C4F9AE02.roa
Signing time: Wed 18 Dec 2024 18:16:23 +0000
ROA not before: Wed 18 Dec 2024 18:16:23 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 18106
IP address blocks: 43.230.96.0/23 maxlen: 23
43.230.98.0/23 maxlen: 23
103.7.68.0/22 maxlen: 22
103.7.68.0/24 maxlen: 24
103.7.69.0/24 maxlen: 24
103.7.70.0/24 maxlen: 24
103.7.71.0/24 maxlen: 24
163.47.88.0/24 maxlen: 24
163.47.89.0/24 maxlen: 24
223.27.137.0/24 maxlen: 24
223.27.138.0/24 maxlen: 24
223.27.140.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3627 (0xe2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91551D7/serialNumber=113618B0D410682AC06A901D65BB9AC955ED89E0
Validity
Not Before: Dec 18 18:16:23 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67631177-e9db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:c0:f3:e7:8b:81:e6:b8:03:36:78:ee:db:13:
00:8b:0b:24:cf:6d:97:7f:34:a4:6f:0a:30:b7:7d:
60:40:88:d6:fd:0e:87:40:0a:7d:ac:a3:58:da:44:
d5:5b:a5:ef:b1:17:a9:d3:a3:62:58:d5:e4:c7:88:
e8:db:06:df:cb:d0:3f:24:59:e8:e7:93:58:a0:3f:
dc:96:c5:86:52:14:3a:ad:7d:67:e9:3a:55:39:f4:
18:43:90:ac:86:89:ee:87:1c:78:ce:74:d0:d4:9e:
44:e8:95:2f:fa:00:36:30:04:c3:7c:4d:eb:c0:dd:
9c:13:b2:15:eb:d4:8b:41:08:3d:02:51:05:15:3a:
93:87:1e:57:72:ec:fa:7a:09:fd:d5:26:ce:e1:95:
2f:3e:be:18:47:dd:98:6f:db:40:29:5d:a7:1f:bc:
14:30:51:74:ed:4b:ae:f9:d3:2b:d6:02:90:04:a4:
39:62:b5:bb:a2:83:29:54:fb:0f:f1:16:a6:5a:41:
a7:41:3a:db:b2:9f:59:e1:04:85:ae:68:97:a5:e5:
37:cf:19:dc:eb:fc:b1:68:8c:f2:45:00:e9:77:1c:
a3:eb:2f:39:41:88:81:0f:12:9c:52:0e:6b:e4:6d:
fe:dc:fb:1c:87:37:18:e7:60:01:f5:24:19:64:b9:
4f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:50:86:3B:80:32:F6:A8:49:30:9E:64:2A:EB:20:74:B4:58:7C:04
X509v3 Authority Key Identifier:
keyid:11:36:18:B0:D4:10:68:2A:C0:6A:90:1D:65:BB:9A:C9:55:ED:89:E0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/ETYYsNQQaCrAapAdZbuayVXtieA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ETYYsNQQaCrAapAdZbuayVXtieA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/04421FB4C2A911EBB201FE39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.96.0/22
103.7.68.0/22
163.47.88.0/23
223.27.137.0-223.27.138.255
223.27.140.0/24
Signature Algorithm: sha256WithRSAEncryption
56:62:82:9c:99:42:2f:0a:29:51:59:ee:37:cf:33:13:b0:42:
36:86:7f:88:12:e9:cd:8b:a8:bc:8f:78:38:cb:a3:3d:d1:8e:
bb:49:32:05:61:b5:58:6c:d3:a3:65:3d:51:30:36:d8:39:32:
31:46:74:31:fb:95:e9:12:c5:04:67:cd:df:6c:95:64:2a:87:
b5:29:fe:8d:2c:ce:d6:b6:5d:b4:a8:2d:81:64:8a:1e:cf:7e:
7c:b5:9d:7b:e0:d7:8a:c9:91:fd:54:df:2b:49:f5:62:d9:21:
1e:3e:25:52:16:d1:87:6b:67:e3:51:2a:fd:3f:75:73:f3:1f:
90:2f:bf:89:b6:fd:7c:18:82:eb:22:09:76:5a:af:3a:79:d8:
1f:ef:e2:49:2d:52:71:ce:1a:ff:a9:f5:76:d1:b6:4a:5a:0a:
cc:4e:35:5c:d0:7b:17:a6:c6:0a:3f:f7:f9:b5:27:48:7e:dd:
f4:ec:c4:73:09:e8:fb:89:48:bc:7d:b0:5a:05:77:31:f4:aa:
23:0e:f2:1e:33:1c:74:c2:1a:6b:3f:7a:b4:89:d9:e8:b2:15:
e5:4c:83:43:15:7a:5e:7f:cc:29:b4:ea:76:4c:f4:17:51:28:
fd:30:21:e5:37:87:10:31:79:af:c0:9b:ca:7e:41:e7:95:d5:
bc:27:43:d1
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICDiswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTUxRDcxMTAvBgNVBAUTKDExMzYxOEIwRDQxMDY4MkFDMDZBOTAxRDY1QkI5QUM5
NTVFRDg5RTAwHhcNMjQxMjE4MTgxNjIzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYzMTE3Ny1lOWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6cDz54uB5rgDNnju2xMAiwskz22XfzSkbwowt31gQIjW/Q6HQAp9rKNY2kTV
W6XvsRep06NiWNXkx4jo2wbfy9A/JFno55NYoD/clsWGUhQ6rX1n6TpVOfQYQ5Cs
honuhxx4znTQ1J5E6JUv+gA2MATDfE3rwN2cE7IV69SLQQg9AlEFFTqThx5Xcuz6
egn91SbO4ZUvPr4YR92Yb9tAKV2nH7wUMFF07Uuu+dMr1gKQBKQ5YrW7ooMpVPsP
8RamWkGnQTrbsp9Z4QSFrmiXpeU3zxnc6/yxaIzyRQDpdxyj6y85QYiBDxKcUg5r
5G3+3PschzcY52AB9SQZZLlPxQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFMpQhjuA
MvaoSTCeZCrrIHS0WHwEMB8GA1UdIwQYMBaAFBE2GLDUEGgqwGqQHWW7mslV7Yng
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTFENy82OEYwOTI5MjlF
MkYxMUU5QjJFNTI4MEFDNEY5QUUwMi9FVFlZc05RUWFDckFhcEFkWmJ1YXlWWHRp
ZUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VUWVlzTlFRYUNyQWFwQWRaYnVheVZYdGllQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTUxRDcvNjhGMDkyOTI5RTJGMTFFOUIyRTUyODBBQzRGOUFFMDIvMDQ0MjFGQjRD
MkE5MTFFQkIyMDFGRTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBAIr5mADBAJnB0QDBAGjL1gwDAMEAN8biQMEAN8bigMEAN8b
jDANBgkqhkiG9w0BAQsFAAOCAQEAVmKCnJlCLwopUVnuN88zE7BCNoZ/iBLpzYuo
vI94OMujPdGOu0kyBWG1WGzTo2U9UTA22DkyMUZ0MfuV6RLFBGfN32yVZCqHtSn+
jSzO1rZdtKgtgWSKHs9+fLWde+DXismR/VTfK0n1YtkhHj4lUhbRh2tn41Eq/T91
c/MfkC+/ibb9fBiC6yIJdlqvOnnYH+/iSS1Scc4a/6n1dtG2SloKzE41XNB7F6bG
Cj/3+bUnSH7d9OzEcwno+4lIvH2wWgV3MfSqIw7yHjMcdMIaaz96tInZ6LIV5UyD
QxV6Xn/MKbTqdkz0F1Eo/TAh5TeHEDF5r8Cbyn5B55XVvCdD0Q==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:01:50 2025 by rpki-client