Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158F08/5B17F6D207D011EAA4848644C4F9AE02/DD70B00CA17B11EAB16F4954C4F9AE02.roa
File: DD70B00CA17B11EAB16F4954C4F9AE02.roa (raw, json)
Hash identifier: XQ2zy7WOFMaRHWKqhzFGGsg6ca5aKYi9EoOBQsldads=
Subject key identifier: 71:E5:56:89:14:BD:D5:19:D4:56:7E:EC:5F:D7:6A:4B:A4:F3:CC:46
Certificate issuer: /CN=A9158F08/serialNumber=B2A784EE85F5538367297B51C0868F8F1C02F911
Certificate serial: 0860
Authority key identifier: B2:A7:84:EE:85:F5:53:83:67:29:7B:51:C0:86:8F:8F:1C:02:F9:11
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqeE7oX1U4NnKXtRwIaPjxwC-RE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158F08/5B17F6D207D011EAA4848644C4F9AE02/DD70B00CA17B11EAB16F4954C4F9AE02.roa
Signing time: Thu 04 Apr 2024 19:58:28 +0000
ROA not before: Thu 04 Apr 2024 19:58:28 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 62660
IP address blocks: 45.250.72.0/22 maxlen: 24
103.226.68.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2144 (0x860)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158F08/serialNumber=B2A784EE85F5538367297B51C0868F8F1C02F911
Validity
Not Before: Apr 4 19:58:28 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=660f0663-aa81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3b:ae:0a:9a:2b:09:68:0d:81:04:0d:96:88:
43:73:4d:04:c7:53:d3:f0:b4:55:7f:44:2d:94:8c:
e3:4c:bd:e1:35:5a:72:96:87:76:20:23:35:a6:87:
96:1a:25:b8:d0:ae:57:1b:b4:14:74:7c:0e:d2:c4:
ec:c4:c1:b4:6d:85:fb:91:e8:72:8e:cf:32:60:b3:
17:d8:88:63:67:32:db:91:71:c6:0b:2d:75:2f:56:
2f:99:c8:f4:28:ec:26:71:07:b5:18:cd:e5:e5:45:
df:a1:32:f1:bd:dd:e0:8b:be:b0:cc:b5:4e:76:44:
92:cb:7d:01:b3:0e:7e:33:3b:21:af:4f:08:e3:87:
1f:dc:8b:c1:b5:f9:ec:0a:ed:c7:d8:15:87:31:1c:
68:36:11:9f:1f:01:67:1b:bc:c3:13:63:e9:6b:f2:
ec:16:04:06:be:e3:95:7c:8b:a1:8e:43:86:ae:ad:
30:33:1f:1b:92:6b:9b:ed:df:ed:7e:24:b9:5d:43:
f1:c0:a8:80:20:b5:85:5c:a6:79:05:75:74:67:1f:
9e:76:6e:b1:32:53:91:de:f6:b9:a7:fb:1a:c8:b5:
11:6d:15:b0:db:ac:ec:66:2a:31:42:ba:76:8e:3e:
e8:44:be:19:de:34:ac:f0:f9:d7:7a:28:45:50:00:
1c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:E5:56:89:14:BD:D5:19:D4:56:7E:EC:5F:D7:6A:4B:A4:F3:CC:46
X509v3 Authority Key Identifier:
keyid:B2:A7:84:EE:85:F5:53:83:67:29:7B:51:C0:86:8F:8F:1C:02:F9:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158F08/5B17F6D207D011EAA4848644C4F9AE02/sqeE7oX1U4NnKXtRwIaPjxwC-RE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqeE7oX1U4NnKXtRwIaPjxwC-RE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158F08/5B17F6D207D011EAA4848644C4F9AE02/DD70B00CA17B11EAB16F4954C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.250.72.0/22
103.226.68.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:43:a7:3e:0c:55:d7:b2:05:fc:a4:96:b5:a8:fb:f1:40:c8:
8d:e3:1f:0c:24:41:25:bf:32:d7:d6:33:63:f5:ac:ae:f1:e8:
cf:11:e0:f4:d1:c2:f4:1e:40:51:c0:7c:06:ab:75:c8:2b:f8:
fb:e4:d4:b8:19:22:c4:17:aa:5d:4d:c8:ea:30:33:eb:3f:88:
42:1e:a6:aa:7e:fe:24:fa:87:d6:69:1e:ec:da:1b:f6:e0:e8:
62:fd:6c:09:2c:9c:5a:44:d1:21:8b:93:e1:d7:4c:5e:94:c3:
9e:83:ce:49:cc:a2:97:90:3c:9f:8b:ff:c6:46:a0:34:66:06:
89:bd:65:c1:bb:d3:75:7e:09:64:b6:ce:db:ec:b1:e2:47:48:
88:bc:6c:2e:7c:6e:2c:9f:b2:4e:b9:20:83:d2:bf:9d:5b:93:
8c:8f:04:0c:6f:0d:02:cf:2a:1e:27:50:9c:06:ed:eb:60:16:
d2:5d:b5:45:b5:33:a3:d2:83:4a:0f:66:ff:5f:71:a8:bd:73:
9c:63:a1:4e:28:15:8d:5e:3f:0f:4c:76:9a:30:78:9a:a5:d3:
c4:85:3d:b5:78:8f:70:c5:02:1d:3a:5f:30:e3:41:73:0b:62:
fc:3e:78:e2:7d:58:e9:f9:df:e2:6c:79:21:fd:b6:f6:16:37:
16:62:02:ef
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCGAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NThGMDgxMTAvBgNVBAUTKEIyQTc4NEVFODVGNTUzODM2NzI5N0I1MUMwODY4RjhG
MUMwMkY5MTEwHhcNMjQwNDA0MTk1ODI4WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBmMDY2My1hYTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2DuuCporCWgNgQQNlohDc00Ex1PT8LRVf0QtlIzjTL3hNVpylod2ICM1poeW
GiW40K5XG7QUdHwO0sTsxMG0bYX7kehyjs8yYLMX2IhjZzLbkXHGCy11L1Yvmcj0
KOwmcQe1GM3l5UXfoTLxvd3gi76wzLVOdkSSy30Bsw5+Mzshr08I44cf3IvBtfns
Cu3H2BWHMRxoNhGfHwFnG7zDE2Ppa/LsFgQGvuOVfIuhjkOGrq0wMx8bkmub7d/t
fiS5XUPxwKiAILWFXKZ5BXV0Zx+edm6xMlOR3va5p/sayLURbRWw26zsZioxQrp2
jj7oRL4Z3jSs8PnXeihFUAAc+wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHHlVokU
vdUZ1FZ+7F/Xakuk88xGMB8GA1UdIwQYMBaAFLKnhO6F9VODZyl7UcCGj48cAvkR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEYwOC81QjE3RjZEMjA3
RDAxMUVBQTQ4NDg2NDRDNEY5QUUwMi9zcWVFN29YMVU0Tm5LWHRSd0lhUGp4d0Mt
UkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NxZUU3b1gxVTRObktYdFJ3SWFQanh3Qy1SRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThGMDgvNUIxN0Y2RDIwN0QwMTFFQUE0ODQ4NjQ0QzRGOUFFMDIvREQ3MEIwMENB
MTdCMTFFQUIxNkY0OTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIt+kgDBAJn4kQwDQYJKoZIhvcNAQELBQADggEBADxDpz4M
VdeyBfyklrWo+/FAyI3jHwwkQSW/MtfWM2P1rK7x6M8R4PTRwvQeQFHAfAardcgr
+Pvk1LgZIsQXql1NyOowM+s/iEIepqp+/iT6h9ZpHuzaG/bg6GL9bAksnFpE0SGL
k+HXTF6Uw56DzknMopeQPJ+L/8ZGoDRmBom9ZcG703V+CWS2ztvsseJHSIi8bC58
biyfsk65IIPSv51bk4yPBAxvDQLPKh4nUJwG7etgFtJdtUW1M6PSg0oPZv9fcai9
c5xjoU4oFY1ePw9MdpoweJql08SFPbV4j3DFAh06XzDjQXMLYvw+eOJ9WOn53+Js
eSH9tvYWNxZiAu8=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:44:12 2025 by rpki-client