Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91936BE/CA06668CE44811EA810B0380C4F9AE02/538866F6E44B11EAA31DD984C4F9AE02.roa
File: 538866F6E44B11EAA31DD984C4F9AE02.roa (raw, json)
Hash identifier: muRqFTnS2+oQQUYzYuXwP+mAhzn5jlwAwgRQL1uNMII=
Subject key identifier: 74:F0:A3:B9:88:51:EA:E8:20:3E:07:2C:5E:02:CA:17:17:3E:4E:48
Certificate issuer: /CN=A91936BE/serialNumber=8021B16B92421F77B7260E97E6AD8C1D24BD299A
Certificate serial: 07A3
Authority key identifier: 80:21:B1:6B:92:42:1F:77:B7:26:0E:97:E6:AD:8C:1D:24:BD:29:9A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCGxa5JCH3e3Jg6X5q2MHSS9KZo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91936BE/CA06668CE44811EA810B0380C4F9AE02/538866F6E44B11EAA31DD984C4F9AE02.roa
Signing time: Wed 06 Nov 2024 20:59:29 +0000
ROA not before: Wed 06 Nov 2024 20:59:29 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 24183
IP address blocks: 45.125.168.0/22 maxlen: 22
103.226.32.0/22 maxlen: 22
103.226.32.0/23 maxlen: 23
103.226.34.0/24 maxlen: 24
103.226.35.0/24 maxlen: 24
202.20.0.0/21 maxlen: 21
202.68.80.0/20 maxlen: 20
202.174.176.0/20 maxlen: 20
202.174.176.0/23 maxlen: 23
2402:9e00::/32 maxlen: 32
2402:9e00:400::/48 maxlen: 48
2402:9e00:401::/48 maxlen: 48
2402:9e00:402::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1955 (0x7a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91936BE/serialNumber=8021B16B92421F77B7260E97E6AD8C1D24BD299A
Validity
Not Before: Nov 6 20:59:29 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=672bd8b1-f97e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b1:b0:fb:9b:67:78:6f:21:b3:90:2b:85:5a:
01:f5:48:54:98:2e:71:ff:f0:b9:ee:d9:04:33:b5:
7c:bf:04:42:81:21:63:e7:55:ff:01:42:d4:76:24:
7a:fc:2b:ea:4c:43:90:12:ed:af:96:37:64:b7:ad:
a4:8d:2d:1b:cc:b8:ff:dd:05:d0:ca:e6:4e:99:62:
52:71:59:e4:a5:6a:e4:0d:8c:5d:83:41:ad:86:84:
7e:9c:bb:61:31:3a:5b:ab:5d:50:d4:b5:05:58:57:
c3:8a:57:94:d7:d2:89:3e:39:a7:f7:2e:83:22:ce:
18:19:3f:3b:53:fe:8e:05:0d:99:6c:46:18:29:8c:
13:f9:5e:ff:54:ab:c8:8c:f4:3c:a4:f2:1b:a9:25:
5a:cd:7e:3d:d2:1e:05:90:65:5d:01:ac:1c:a8:de:
88:b5:83:63:23:39:00:84:62:ba:3c:c5:12:a1:a7:
85:bb:4d:b8:64:cc:55:90:f4:22:65:6a:85:08:7f:
9a:7f:16:bd:59:19:06:c0:45:9f:c9:dc:0a:47:86:
8a:57:74:70:1c:03:7c:98:ad:b3:19:53:25:9d:ac:
b6:e8:93:f7:03:b4:a2:69:b1:c9:2b:0d:f1:76:03:
8d:50:42:28:38:f5:d9:5b:fb:f3:e3:2d:58:69:97:
13:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F0:A3:B9:88:51:EA:E8:20:3E:07:2C:5E:02:CA:17:17:3E:4E:48
X509v3 Authority Key Identifier:
keyid:80:21:B1:6B:92:42:1F:77:B7:26:0E:97:E6:AD:8C:1D:24:BD:29:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91936BE/CA06668CE44811EA810B0380C4F9AE02/gCGxa5JCH3e3Jg6X5q2MHSS9KZo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCGxa5JCH3e3Jg6X5q2MHSS9KZo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91936BE/CA06668CE44811EA810B0380C4F9AE02/538866F6E44B11EAA31DD984C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.168.0/22
103.226.32.0/22
202.20.0.0/21
202.68.80.0/20
202.174.176.0/20
IPv6:
2402:9e00::/32
Signature Algorithm: sha256WithRSAEncryption
52:1f:31:ce:21:ae:ca:aa:29:54:9b:1b:db:22:38:bd:a2:4c:
91:c7:1b:ee:c3:35:53:98:3f:98:54:54:fc:a3:26:5c:76:88:
7c:bf:9e:0b:20:60:e7:c2:27:0f:e8:f2:6d:25:3a:90:17:4a:
a6:ad:50:8e:77:54:4a:50:62:6c:3c:01:60:7f:c8:d5:0e:e1:
e7:85:3a:c3:28:a3:2d:e9:5a:18:7c:6e:4e:58:ca:06:51:91:
45:bb:66:20:5c:c9:63:63:cf:58:8b:00:70:6b:69:b5:4b:f4:
ff:04:aa:48:72:a5:af:e5:2b:6b:79:c0:dc:f8:a4:b5:39:01:
55:91:67:cb:73:07:2b:92:0d:a4:df:7e:79:5a:54:01:ff:ac:
53:0b:67:3b:b8:48:62:a0:53:cf:84:c4:f7:38:d1:8c:b2:82:
7b:47:b0:cd:0b:6c:37:7a:17:f2:27:52:ed:a6:c0:5d:d6:ba:
95:11:bc:11:7a:8c:5c:2a:e6:7e:fe:66:77:fa:3c:cc:a2:33:
22:3a:92:65:e9:20:58:b6:3a:12:19:e9:61:bb:59:f2:a2:1e:
a3:f9:fa:6d:e3:89:21:c3:d7:81:71:62:64:a7:cc:78:79:3d:
88:db:e3:ea:23:c3:ed:7a:40:e5:6d:a1:82:3c:b1:73:e7:8c:
af:c8:de:fc
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICB6MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTM2QkUxMTAvBgNVBAUTKDgwMjFCMTZCOTI0MjFGNzdCNzI2MEU5N0U2QUQ4QzFE
MjRCRDI5OUEwHhcNMjQxMTA2MjA1OTI5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJiZDhiMS1mOTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtLGw+5tneG8hs5ArhVoB9UhUmC5x//C57tkEM7V8vwRCgSFj51X/AULUdiR6
/CvqTEOQEu2vljdkt62kjS0bzLj/3QXQyuZOmWJScVnkpWrkDYxdg0GthoR+nLth
MTpbq11Q1LUFWFfDileU19KJPjmn9y6DIs4YGT87U/6OBQ2ZbEYYKYwT+V7/VKvI
jPQ8pPIbqSVazX490h4FkGVdAawcqN6ItYNjIzkAhGK6PMUSoaeFu024ZMxVkPQi
ZWqFCH+afxa9WRkGwEWfydwKR4aKV3RwHAN8mK2zGVMlnay26JP3A7SiabHJKw3x
dgONUEIoOPXZW/vz4y1YaZcTUwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFHTwo7mI
UeroID4HLF4CyhcXPk5IMB8GA1UdIwQYMBaAFIAhsWuSQh93tyYOl+atjB0kvSma
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MzZCRS9DQTA2NjY4Q0U0
NDgxMUVBODEwQjAzODBDNEY5QUUwMi9nQ0d4YTVKQ0gzZTNKZzZYNXEyTUhTUzlL
Wm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dDR3hhNUpDSDNlM0pnNlg1cTJNSFNTOUtaby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTM2QkUvQ0EwNjY2OENFNDQ4MTFFQTgxMEIwMzgwQzRGOUFFMDIvNTM4ODY2RjZF
NDRCMTFFQUEzMUREOTg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAItfagDBAJn4iADBAPKFAADBATKRFADBATKrrAwDQQCAAIw
BwMFACQCngAwDQYJKoZIhvcNAQELBQADggEBAFIfMc4hrsqqKVSbG9siOL2iTJHH
G+7DNVOYP5hUVPyjJlx2iHy/ngsgYOfCJw/o8m0lOpAXSqatUI53VEpQYmw8AWB/
yNUO4eeFOsMooy3pWhh8bk5YygZRkUW7ZiBcyWNjz1iLAHBrabVL9P8Eqkhypa/l
K2t5wNz4pLU5AVWRZ8tzByuSDaTffnlaVAH/rFMLZzu4SGKgU8+ExPc40YyygntH
sM0LbDd6F/InUu2mwF3WupURvBF6jFwq5n7+Znf6PMyiMyI6kmXpIFi2OhIZ6WG7
WfKiHqP5+m3jiSHD14FxYmSnzHh5PYjb4+ojw+16QOVtoYI8sXPnjK/I3vw=
-----END CERTIFICATE-----
Generated at Mon Apr 28 09:37:02 2025 by rpki-client