Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/D7120558A7ED11EA95BED565C4F9AE02.roa
File: D7120558A7ED11EA95BED565C4F9AE02.roa (raw, json)
Hash identifier: dHv+b9eqHvJpNCOa+cVeJt4WLtjB7VsmaWpat9hHq+U=
Subject key identifier: 70:CB:D0:1A:11:66:F0:2B:74:89:AE:97:29:1D:0B:C0:77:26:82:47
Certificate issuer: /CN=A9161A58/serialNumber=B4669D30D210E4907CD2888BE74B89A6DD3CB6C8
Certificate serial: 0871
Authority key identifier: B4:66:9D:30:D2:10:E4:90:7C:D2:88:8B:E7:4B:89:A6:DD:3C:B6:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tGadMNIQ5JB80oiL50uJpt08tsg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/D7120558A7ED11EA95BED565C4F9AE02.roa
Signing time: Sat 22 Jun 2024 21:14:59 +0000
ROA not before: Sat 22 Jun 2024 21:14:59 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 135386
IP address blocks: 43.230.204.0/22 maxlen: 22
43.230.204.0/24 maxlen: 24
43.230.205.0/24 maxlen: 24
43.230.206.0/24 maxlen: 24
43.230.207.0/24 maxlen: 24
103.50.16.0/22 maxlen: 22
103.56.44.0/22 maxlen: 22
103.56.44.0/24 maxlen: 24
103.56.45.0/24 maxlen: 24
103.56.46.0/24 maxlen: 24
103.56.47.0/24 maxlen: 24
103.79.240.0/24 maxlen: 24
103.79.241.0/24 maxlen: 24
103.79.242.0/24 maxlen: 24
103.79.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2161 (0x871)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161A58/serialNumber=B4669D30D210E4907CD2888BE74B89A6DD3CB6C8
Validity
Not Before: Jun 22 21:14:59 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66773ed2-a33d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:da:3b:24:1b:44:a9:0f:34:15:35:15:5c:89:
cd:97:eb:36:9a:93:4c:c0:8a:9b:f0:c8:54:2c:cf:
09:bd:53:6c:52:ac:a9:5c:cf:01:16:22:5d:5d:c6:
91:9a:3a:6f:5a:6f:50:b2:01:a1:b7:81:99:15:83:
2c:a1:88:fe:3a:0d:9b:91:95:2d:bd:66:8c:88:a1:
8b:22:b0:46:7c:69:a8:58:08:db:fa:4f:ae:cd:be:
ae:dd:24:90:39:94:b6:bd:27:35:72:81:10:20:09:
8d:c1:f5:07:7d:36:4b:03:84:0c:0b:02:fd:0c:f2:
69:c9:25:ba:64:d4:dc:8d:00:3b:40:6c:41:db:81:
66:a6:0f:0e:e5:69:cc:1b:72:80:bf:25:40:88:43:
40:65:ef:1b:e9:27:4d:34:f8:c0:b2:bf:a4:ad:38:
18:15:87:a9:62:ca:c5:eb:a6:61:f9:c1:e2:55:4d:
59:20:b5:a8:5b:cb:62:0f:85:8b:19:bd:06:69:78:
11:2b:84:c7:ca:1e:5f:c7:72:14:ea:16:2d:b5:a6:
40:90:6b:17:73:85:46:02:8a:7c:cc:30:42:d9:62:
73:ed:6c:7c:11:52:03:e2:d1:3b:b5:3d:04:19:69:
50:31:50:bf:c7:f0:92:8a:e3:a7:11:92:2b:40:91:
24:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:CB:D0:1A:11:66:F0:2B:74:89:AE:97:29:1D:0B:C0:77:26:82:47
X509v3 Authority Key Identifier:
keyid:B4:66:9D:30:D2:10:E4:90:7C:D2:88:8B:E7:4B:89:A6:DD:3C:B6:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/tGadMNIQ5JB80oiL50uJpt08tsg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tGadMNIQ5JB80oiL50uJpt08tsg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/D7120558A7ED11EA95BED565C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.204.0/22
103.50.16.0/22
103.56.44.0/22
103.79.240.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:f2:ce:2f:f5:d5:e5:12:68:1d:22:4f:0c:ff:21:ef:6c:84:
a6:d6:33:b2:5b:e8:cb:e7:65:b7:5d:2b:72:5b:83:0f:80:9f:
c6:f4:1c:d0:1b:2a:5a:7d:fc:5f:b0:ff:71:4c:71:84:64:89:
bb:4c:a2:4a:fb:18:11:d3:43:40:3d:15:1b:31:d1:4d:1d:ec:
6c:6d:dc:4c:43:d0:99:42:0c:db:a3:94:0b:d3:d4:72:3d:c5:
c9:c5:f0:ca:fa:f4:48:e4:16:cf:f4:31:8f:fb:cc:de:01:e1:
fe:9f:dd:04:23:78:b6:1d:0a:1b:f7:ac:07:f7:45:61:22:8c:
69:5b:34:03:cf:83:0c:3b:f6:e5:43:e1:d2:d0:70:0f:a0:1c:
6f:9b:a9:4e:ce:ac:c6:2f:f9:e8:89:db:61:4d:06:e4:72:19:
f8:d2:45:e9:bd:fa:46:7b:d6:e7:63:a2:9c:88:15:7b:cd:72:
45:a5:e0:60:30:47:91:0b:fb:19:11:2d:37:06:24:f4:79:f7:
d6:40:a6:67:56:c9:a5:5f:72:89:75:0c:70:87:b3:30:37:64:
6f:6c:f6:df:7a:33:8c:3a:b9:61:46:d7:3e:d3:7a:19:f6:dc:
e3:e5:70:62:1b:b4:1d:05:1f:bd:d3:f0:51:3b:5d:9c:a5:4a:
52:e0:1b:39
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCHEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjFBNTgxMTAvBgNVBAUTKEI0NjY5RDMwRDIxMEU0OTA3Q0QyODg4QkU3NEI4OUE2
REQzQ0I2QzgwHhcNMjQwNjIyMjExNDU5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc3M2VkMi1hMzNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp9o7JBtEqQ80FTUVXInNl+s2mpNMwIqb8MhULM8JvVNsUqypXM8BFiJdXcaR
mjpvWm9QsgGht4GZFYMsoYj+Og2bkZUtvWaMiKGLIrBGfGmoWAjb+k+uzb6u3SSQ
OZS2vSc1coEQIAmNwfUHfTZLA4QMCwL9DPJpySW6ZNTcjQA7QGxB24Fmpg8O5WnM
G3KAvyVAiENAZe8b6SdNNPjAsr+krTgYFYepYsrF66Zh+cHiVU1ZILWoW8tiD4WL
Gb0GaXgRK4THyh5fx3IU6hYttaZAkGsXc4VGAop8zDBC2WJz7Wx8EVID4tE7tT0E
GWlQMVC/x/CSiuOnEZIrQJEkVwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFHDL0BoR
ZvArdImulykdC8B3JoJHMB8GA1UdIwQYMBaAFLRmnTDSEOSQfNKIi+dLiabdPLbI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUE1OC9CMzg5MzA0RUE3
RUMxMUVBODA0ODU4NjRDNEY5QUUwMi90R2FkTU5JUTVKQjgwb2lMNTB1SnB0MDh0
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RHYWRNTklRNUpCODBvaUw1MHVKcHQwOHRzZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjFBNTgvQjM4OTMwNEVBN0VDMTFFQTgwNDg1ODY0QzRGOUFFMDIvRDcxMjA1NThB
N0VEMTFFQTk1QkVENTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAIr5swDBAJnMhADBAJnOCwDBAJnT/AwDQYJKoZIhvcNAQEL
BQADggEBABryzi/11eUSaB0iTwz/Ie9shKbWM7Jb6MvnZbddK3Jbgw+An8b0HNAb
Klp9/F+w/3FMcYRkibtMokr7GBHTQ0A9FRsx0U0d7Gxt3ExD0JlCDNujlAvT1HI9
xcnF8Mr69EjkFs/0MY/7zN4B4f6f3QQjeLYdChv3rAf3RWEijGlbNAPPgww79uVD
4dLQcA+gHG+bqU7OrMYv+eiJ22FNBuRyGfjSRem9+kZ71udjopyIFXvNckWl4GAw
R5EL+xkRLTcGJPR599ZApmdWyaVfcol1DHCHszA3ZG9s9t96M4w6uWFG1z7Tehn2
3OPlcGIbtB0FH73T8FE7XZylSlLgGzk=
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:47:48 2025 by rpki-client