Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9183BBC/140C175686D611EBB7B39C62C4F9AE02/E4205416B2F111EFBB14DE0FC4F9AE02.roa
File: E4205416B2F111EFBB14DE0FC4F9AE02.roa (raw, json)
Hash identifier: +PPk9wPnB/HaN9T/r6gV/ehFW9qMX+1S6UR5JZeX9Oo=
Subject key identifier: 67:DA:1D:51:51:16:E3:04:93:0D:F5:81:E5:3A:AD:B2:5E:3B:11:3F
Certificate issuer: /CN=A9183BBC/serialNumber=06181849E2C5F9313EA60A3397DC61472AC11B0D
Certificate serial: 0611
Authority key identifier: 06:18:18:49:E2:C5:F9:31:3E:A6:0A:33:97:DC:61:47:2A:C1:1B:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BhgYSeLF-TE-pgozl9xhRyrBGw0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9183BBC/140C175686D611EBB7B39C62C4F9AE02/E4205416B2F111EFBB14DE0FC4F9AE02.roa
Signing time: Thu 05 Dec 2024 10:16:28 +0000
ROA not before: Thu 05 Dec 2024 10:16:28 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 4594
IP address blocks: 43.225.100.0/22 maxlen: 22
43.225.100.0/24 maxlen: 24
43.225.101.0/24 maxlen: 24
43.225.102.0/24 maxlen: 24
43.225.103.0/24 maxlen: 24
103.44.61.0/24 maxlen: 24
2407:880::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1553 (0x611)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9183BBC/serialNumber=06181849E2C5F9313EA60A3397DC61472AC11B0D
Validity
Not Before: Dec 5 10:16:28 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=67517d7b-47b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:12:55:0a:e5:e4:97:43:02:dd:7d:58:b6:12:
fa:a5:33:00:cd:60:fb:c5:da:88:0b:f9:bd:bb:e7:
e3:30:cb:38:59:9d:fe:88:f0:e1:a7:ff:1d:5f:e6:
c1:3d:8e:e8:78:97:35:26:0f:f8:ea:8d:cc:4c:f8:
4f:e0:b0:ca:ef:8b:53:f6:50:fa:73:40:22:7b:af:
03:3f:44:54:3b:e3:36:8d:58:6e:dc:58:65:6b:81:
3d:42:44:06:fc:22:fc:67:e7:ac:80:e6:1b:93:ca:
17:08:c3:c5:50:29:77:2b:09:0c:b7:db:7d:4f:5c:
9f:03:5a:6c:36:8d:ec:c5:33:fa:c6:d9:f9:ff:5f:
60:f8:3d:ed:63:51:f7:66:22:47:93:33:30:4e:1c:
38:be:50:0f:16:ee:1b:04:00:7c:8d:d5:62:68:e6:
ae:89:83:f9:41:43:44:07:5b:98:4d:b6:8e:9b:14:
24:b3:e4:84:d5:1d:ac:f0:fd:c5:f3:26:53:07:de:
ff:ae:72:0b:4b:84:54:16:83:af:8f:6e:9d:39:16:
f8:32:fd:5b:ec:07:50:d9:3c:b4:c6:47:6c:54:20:
f0:2b:40:bb:32:8b:8e:81:8b:5b:17:76:65:d0:29:
04:d0:03:39:7a:6e:a2:83:ce:c4:a6:19:5f:07:82:
c2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DA:1D:51:51:16:E3:04:93:0D:F5:81:E5:3A:AD:B2:5E:3B:11:3F
X509v3 Authority Key Identifier:
keyid:06:18:18:49:E2:C5:F9:31:3E:A6:0A:33:97:DC:61:47:2A:C1:1B:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9183BBC/140C175686D611EBB7B39C62C4F9AE02/BhgYSeLF-TE-pgozl9xhRyrBGw0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BhgYSeLF-TE-pgozl9xhRyrBGw0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183BBC/140C175686D611EBB7B39C62C4F9AE02/E4205416B2F111EFBB14DE0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.100.0/22
103.44.61.0/24
IPv6:
2407:880::/32
Signature Algorithm: sha256WithRSAEncryption
1e:11:52:85:af:d6:03:5e:60:8f:6e:23:b2:13:bb:d0:ac:ca:
19:cb:56:34:9c:de:29:5c:49:9f:c7:5a:43:62:a9:e2:05:ee:
61:3c:7f:89:dd:15:57:4f:3b:61:3f:32:22:72:f0:26:d1:2c:
9a:60:1a:d1:18:25:b9:d9:00:76:83:03:a3:49:2a:a8:ce:8d:
38:1d:c9:2d:bb:c2:27:56:d7:8c:d2:d0:64:a1:04:44:f2:0c:
bd:2e:b0:af:98:c5:ea:66:c2:82:d1:e8:33:50:5b:45:a4:78:
aa:d7:ca:32:e6:20:22:5c:9e:e8:0d:a5:1e:7d:e3:12:72:44:
e8:dc:a4:5f:4b:d6:1c:bd:42:ca:fe:1f:27:59:26:46:65:61:
9c:5f:26:fc:b1:ae:ce:c8:20:3e:77:06:ee:1d:cb:91:61:06:
9d:46:70:c9:b0:fe:76:6b:f7:3e:57:58:d1:95:e4:a7:c0:f0:
d7:68:a2:8c:9d:5d:f5:a9:6f:9f:53:78:49:aa:cd:e0:bc:78:
a4:76:33:1f:25:31:94:77:f4:ad:a1:cf:72:77:58:ef:97:17:
23:ab:70:88:6c:83:b9:21:77:73:22:82:13:2f:de:95:b1:5a:
61:5c:27:27:6f:21:14:99:54:a0:ea:e7:d7:28:86:5e:cb:22:
2a:fb:61:3a
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBhEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODNCQkMxMTAvBgNVBAUTKDA2MTgxODQ5RTJDNUY5MzEzRUE2MEEzMzk3REM2MTQ3
MkFDMTFCMEQwHhcNMjQxMjA1MTAxNjI4WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUxN2Q3Yi00N2IyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2RJVCuXkl0MC3X1YthL6pTMAzWD7xdqIC/m9u+fjMMs4WZ3+iPDhp/8dX+bB
PY7oeJc1Jg/46o3MTPhP4LDK74tT9lD6c0Aie68DP0RUO+M2jVhu3Fhla4E9QkQG
/CL8Z+esgOYbk8oXCMPFUCl3KwkMt9t9T1yfA1psNo3sxTP6xtn5/19g+D3tY1H3
ZiJHkzMwThw4vlAPFu4bBAB8jdViaOauiYP5QUNEB1uYTbaOmxQks+SE1R2s8P3F
8yZTB97/rnILS4RUFoOvj26dORb4Mv1b7AdQ2Ty0xkdsVCDwK0C7MouOgYtbF3Zl
0CkE0AM5em6ig87EphlfB4LCewIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGfaHVFR
FuMEkw31geU6rbJeOxE/MB8GA1UdIwQYMBaAFAYYGEnixfkxPqYKM5fcYUcqwRsN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4M0JCQy8xNDBDMTc1Njg2
RDYxMUVCQjdCMzlDNjJDNEY5QUUwMi9CaGdZU2VMRi1URS1wZ296bDl4aFJ5ckJH
dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JoZ1lTZUxGLVRFLXBnb3psOXhoUnlyQkd3MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODNCQkMvMTQwQzE3NTY4NkQ2MTFFQkI3QjM5QzYyQzRGOUFFMDIvRTQyMDU0MTZC
MkYxMTFFRkJCMTRERTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIr4WQDBABnLD0wDQQCAAIwBwMFACQHCIAwDQYJKoZIhvcN
AQELBQADggEBAB4RUoWv1gNeYI9uI7ITu9CsyhnLVjSc3ilcSZ/HWkNiqeIF7mE8
f4ndFVdPO2E/MiJy8CbRLJpgGtEYJbnZAHaDA6NJKqjOjTgdyS27widW14zS0GSh
BETyDL0usK+YxepmwoLR6DNQW0WkeKrXyjLmICJcnugNpR594xJyROjcpF9L1hy9
Qsr+HydZJkZlYZxfJvyxrs7IID53Bu4dy5FhBp1GcMmw/nZr9z5XWNGV5KfA8Ndo
ooydXfWpb59TeEmqzeC8eKR2Mx8lMZR39K2hz3J3WO+XFyOrcIhsg7khd3MighMv
3pWxWmFcJydvIRSZVKDq59cohl7LIir7YTo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:36:12 2025 by rpki-client