Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D771/50C0804E294B11EBA78C1B2FC4F9AE02/B10AE62CBC4711EFAB43324BC4F9AE02.roa
File: B10AE62CBC4711EFAB43324BC4F9AE02.roa (raw, json)
Hash identifier: WngGzZfR37QO+ZPD9JTUiHln9y21rcYX1z/2stunaTA=
Subject key identifier: 4C:10:FE:E6:C8:01:48:CD:4A:0E:DB:05:18:18:B5:92:9E:BB:58:B0
Certificate issuer: /CN=A918D771/serialNumber=A32153712537600D71342EC069A57F3EED60D70C
Certificate serial: 0709
Authority key identifier: A3:21:53:71:25:37:60:0D:71:34:2E:C0:69:A5:7F:3E:ED:60:D7:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oyFTcSU3YA1xNC7AaaV_Pu1g1ww.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D771/50C0804E294B11EBA78C1B2FC4F9AE02/B10AE62CBC4711EFAB43324BC4F9AE02.roa
Signing time: Tue 17 Dec 2024 07:25:06 +0000
ROA not before: Tue 17 Dec 2024 07:25:06 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 58507
IP address blocks: 103.49.4.0/22 maxlen: 24
103.246.4.0/22 maxlen: 24
163.47.96.0/22 maxlen: 24
2400:5d80::/32 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1801 (0x709)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D771/serialNumber=A32153712537600D71342EC069A57F3EED60D70C
Validity
Not Before: Dec 17 07:25:06 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=67612752-2174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:12:b1:ef:45:ac:e5:79:6d:d2:c7:14:17:06:
35:d6:1d:84:5f:bd:93:45:7d:94:42:98:9c:10:f8:
6f:2c:2c:5e:d4:1a:10:bd:95:96:6d:04:23:ef:0f:
8c:50:9d:b0:a6:45:5d:5e:63:e3:37:86:39:c2:b7:
65:a4:70:30:cf:54:0a:63:f6:73:80:77:5f:9e:c4:
c5:cb:61:c6:2d:b7:ee:51:42:ee:d9:b4:16:16:12:
eb:43:3a:09:f5:12:eb:4e:8b:5c:b3:85:44:d5:12:
71:31:3b:4b:65:a8:47:4d:fe:43:93:80:e3:ac:b3:
b6:08:4a:0f:a7:ef:74:c2:52:c3:7b:7c:5c:a5:7e:
42:e3:31:33:47:ed:22:30:c0:33:8f:ce:6b:a0:a6:
67:75:08:be:f1:2b:fb:a1:9d:53:af:cb:38:12:f1:
fa:71:ad:dc:cc:5b:c7:97:46:af:82:85:7c:a9:72:
7f:40:f8:85:63:91:ab:47:24:ca:29:b6:9e:bd:89:
ac:f7:86:0c:35:58:1b:44:ef:54:28:7a:ca:bd:7e:
b7:e9:7c:02:8b:4b:03:67:57:38:49:f3:f1:15:52:
97:1f:ba:44:b6:15:cd:28:65:70:c2:65:97:79:75:
42:7c:2c:89:e2:e7:35:5b:20:e9:5a:e5:8b:c6:23:
d0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:10:FE:E6:C8:01:48:CD:4A:0E:DB:05:18:18:B5:92:9E:BB:58:B0
X509v3 Authority Key Identifier:
keyid:A3:21:53:71:25:37:60:0D:71:34:2E:C0:69:A5:7F:3E:ED:60:D7:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D771/50C0804E294B11EBA78C1B2FC4F9AE02/oyFTcSU3YA1xNC7AaaV_Pu1g1ww.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oyFTcSU3YA1xNC7AaaV_Pu1g1ww.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D771/50C0804E294B11EBA78C1B2FC4F9AE02/B10AE62CBC4711EFAB43324BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.49.4.0/22
103.246.4.0/22
163.47.96.0/22
IPv6:
2400:5d80::/32
Signature Algorithm: sha256WithRSAEncryption
3b:47:e4:ca:d0:82:ec:20:cc:57:b0:98:fc:95:f2:a3:35:b1:
13:3d:e1:56:75:65:e1:9d:64:2a:93:80:d2:19:48:ee:2d:86:
52:96:7f:02:1f:c4:1f:b3:f1:38:2a:df:dd:32:82:0e:54:cf:
4c:36:72:fe:02:94:29:45:3d:dc:d2:f6:01:58:a0:a9:26:e9:
ae:b7:68:f5:d7:77:76:7f:70:03:a1:1f:5d:47:88:ef:ca:b3:
a1:7e:65:ca:e3:f0:31:8c:ca:4b:bb:42:54:34:08:11:8e:f9:
b5:6c:33:0e:11:97:99:bc:ca:0f:35:89:26:ae:44:f1:41:3a:
dd:d9:b6:26:94:ad:7f:bb:c3:5b:02:17:8b:1b:ad:cc:de:31:
63:fc:4d:7b:9e:dc:d7:be:32:b3:59:24:20:72:43:3f:c2:b0:
a7:52:75:35:f5:92:99:95:e1:e3:31:11:33:6b:62:cb:0a:26:
45:95:64:ea:63:d0:ef:8b:1f:4c:4f:b4:2a:70:2c:28:d4:11:
b6:44:99:b2:f2:b9:12:ab:ef:53:e4:d8:3e:1a:63:ba:4c:10:
56:ba:95:f7:31:f8:64:fc:21:05:33:0e:41:e1:e8:c7:c4:c2:
90:9e:0e:ff:0e:f4:e4:73:ce:9e:9e:ff:b5:95:58:9c:7b:b5:
49:c2:c3:ad
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICBwkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQ3NzExMTAvBgNVBAUTKEEzMjE1MzcxMjUzNzYwMEQ3MTM0MkVDMDY5QTU3RjNF
RUQ2MEQ3MEMwHhcNMjQxMjE3MDcyNTA2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYxMjc1Mi0yMTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6RKx70Ws5Xlt0scUFwY11h2EX72TRX2UQpicEPhvLCxe1BoQvZWWbQQj7w+M
UJ2wpkVdXmPjN4Y5wrdlpHAwz1QKY/ZzgHdfnsTFy2HGLbfuUULu2bQWFhLrQzoJ
9RLrTotcs4VE1RJxMTtLZahHTf5Dk4DjrLO2CEoPp+90wlLDe3xcpX5C4zEzR+0i
MMAzj85roKZndQi+8Sv7oZ1Tr8s4EvH6ca3czFvHl0avgoV8qXJ/QPiFY5GrRyTK
KbaevYms94YMNVgbRO9UKHrKvX636XwCi0sDZ1c4SfPxFVKXH7pEthXNKGVwwmWX
eXVCfCyJ4uc1WyDpWuWLxiPQRQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFEwQ/ubI
AUjNSg7bBRgYtZKeu1iwMB8GA1UdIwQYMBaAFKMhU3ElN2ANcTQuwGmlfz7tYNcM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDc3MS81MEMwODA0RTI5
NEIxMUVCQTc4QzFCMkZDNEY5QUUwMi9veUZUY1NVM1lBMXhOQzdBYWFWX1B1MWcx
d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL295RlRjU1UzWUExeE5DN0FhYVZfUHUxZzF3dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQ3NzEvNTBDMDgwNEUyOTRCMTFFQkE3OEMxQjJGQzRGOUFFMDIvQjEwQUU2MkNC
QzQ3MTFFRkFCNDMzMjRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAJnMQQDBAJn9gQDBAKjL2AwDQQCAAIwBwMFACQAXYAwDQYJ
KoZIhvcNAQELBQADggEBADtH5MrQguwgzFewmPyV8qM1sRM94VZ1ZeGdZCqTgNIZ
SO4thlKWfwIfxB+z8Tgq390ygg5Uz0w2cv4ClClFPdzS9gFYoKkm6a63aPXXd3Z/
cAOhH11HiO/Ks6F+Zcrj8DGMyku7QlQ0CBGO+bVsMw4Rl5m8yg81iSauRPFBOt3Z
tiaUrX+7w1sCF4sbrczeMWP8TXue3Ne+MrNZJCByQz/CsKdSdTX1kpmV4eMxETNr
YssKJkWVZOpj0O+LH0xPtCpwLCjUEbZEmbLyuRKr71Pk2D4aY7pMEFa6lfcx+GT8
IQUzDkHh6MfEwpCeDv8O9ORzzp6e/7WVWJx7tUnCw60=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:27:21 2025 by rpki-client