Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A46B0/32E9873CBFC811EBB9E4EB6EC4F9AE02/7D58FFA4085511EFA3E44E39C4F9AE02.roa
File: 7D58FFA4085511EFA3E44E39C4F9AE02.roa (raw, json)
Hash identifier: A4THaP+7sIbjGVzCMFk15lYLq/WDo2B4Icw0zDPhDXI=
Subject key identifier: 6A:4D:0F:E1:B0:05:20:62:4A:0A:07:AD:1F:B7:32:D2:14:1B:1F:15
Certificate issuer: /CN=A91A46B0/serialNumber=FF682DF8D44864B341D9CB7B6C0659BFFAACC9C7
Certificate serial: 05C3
Authority key identifier: FF:68:2D:F8:D4:48:64:B3:41:D9:CB:7B:6C:06:59:BF:FA:AC:C9:C7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_2gt-NRIZLNB2ct7bAZZv_qsycc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A46B0/32E9873CBFC811EBB9E4EB6EC4F9AE02/7D58FFA4085511EFA3E44E39C4F9AE02.roa
Signing time: Tue 17 Dec 2024 07:33:05 +0000
ROA not before: Tue 17 Dec 2024 07:33:05 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 58955
IP address blocks: 43.239.251.0/24 maxlen: 24
43.249.35.0/24 maxlen: 24
45.64.184.0/24 maxlen: 24
45.64.185.0/24 maxlen: 24
45.64.186.0/24 maxlen: 24
45.64.187.0/24 maxlen: 24
103.27.200.0/24 maxlen: 24
103.27.201.0/24 maxlen: 24
103.27.202.0/24 maxlen: 24
103.27.203.0/24 maxlen: 24
103.70.5.0/24 maxlen: 24
103.70.7.0/24 maxlen: 24
103.86.48.0/24 maxlen: 24
103.86.49.0/24 maxlen: 24
103.86.50.0/24 maxlen: 24
103.86.51.0/24 maxlen: 24
103.132.0.0/24 maxlen: 24
103.132.1.0/24 maxlen: 24
103.132.2.0/24 maxlen: 24
103.132.3.0/24 maxlen: 24
103.230.120.0/24 maxlen: 24
103.230.121.0/24 maxlen: 24
103.230.122.0/24 maxlen: 24
103.230.123.0/24 maxlen: 24
103.234.236.0/22 maxlen: 22
103.234.236.0/24 maxlen: 24
103.234.237.0/24 maxlen: 24
103.234.238.0/24 maxlen: 24
103.234.239.0/24 maxlen: 24
103.245.165.0/24 maxlen: 24
103.245.166.0/24 maxlen: 24
116.204.180.0/24 maxlen: 24
116.204.181.0/24 maxlen: 24
116.204.182.0/24 maxlen: 24
116.204.183.0/24 maxlen: 24
2407:7900:1000::/40 maxlen: 40
2407:7900:2000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1475 (0x5c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A46B0/serialNumber=FF682DF8D44864B341D9CB7B6C0659BFFAACC9C7
Validity
Not Before: Dec 17 07:33:05 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67612931-95ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ba:f8:42:72:1a:5d:ec:ff:41:40:33:c3:c6:
a3:b0:c5:b6:c8:a9:5f:f0:de:dc:4a:35:ce:74:c7:
54:be:33:c0:95:2d:f7:d8:04:19:b8:33:52:78:41:
f6:55:79:46:f5:d4:12:a6:9a:80:98:b9:dd:85:b8:
c9:83:f3:10:5d:08:7b:e4:62:3f:93:15:e5:2c:0f:
ac:70:b4:25:17:53:b9:b4:d6:bf:86:ba:01:c0:2d:
64:c5:d3:1d:ee:8b:38:1e:c4:16:69:b3:bc:99:4d:
1c:d6:fa:4e:38:26:29:7c:94:ed:e0:12:9c:03:eb:
4a:97:7d:1a:9a:92:57:ff:f7:aa:54:ab:a0:26:a4:
00:be:9a:7e:c5:2a:ab:d7:1e:60:b9:ea:58:e5:3d:
9d:de:8d:49:d3:ca:d7:f5:04:4d:89:66:31:9d:d2:
8a:f5:5f:e5:9b:cd:cc:2c:e7:08:6f:82:13:a2:b6:
a8:9a:7d:df:5c:5f:6a:22:10:ad:e2:97:22:83:49:
46:e4:b6:22:8a:36:a7:54:c9:6d:88:cd:4b:35:5d:
7b:3d:77:e5:e3:45:c5:f1:fd:cb:12:ca:2d:ec:a4:
54:16:3f:c1:ee:b3:bc:eb:4c:99:59:8b:e3:c0:26:
a4:4c:94:af:50:2f:32:a5:7a:ae:e3:40:7b:34:31:
bb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:4D:0F:E1:B0:05:20:62:4A:0A:07:AD:1F:B7:32:D2:14:1B:1F:15
X509v3 Authority Key Identifier:
keyid:FF:68:2D:F8:D4:48:64:B3:41:D9:CB:7B:6C:06:59:BF:FA:AC:C9:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A46B0/32E9873CBFC811EBB9E4EB6EC4F9AE02/_2gt-NRIZLNB2ct7bAZZv_qsycc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_2gt-NRIZLNB2ct7bAZZv_qsycc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A46B0/32E9873CBFC811EBB9E4EB6EC4F9AE02/7D58FFA4085511EFA3E44E39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.251.0/24
43.249.35.0/24
45.64.184.0/22
103.27.200.0/22
103.70.5.0/24
103.70.7.0/24
103.86.48.0/22
103.132.0.0/22
103.230.120.0/22
103.234.236.0/22
103.245.165.0-103.245.166.255
116.204.180.0/22
IPv6:
2407:7900:1000::/40
2407:7900:2000::/40
Signature Algorithm: sha256WithRSAEncryption
8e:0b:a5:d7:ba:8f:77:5d:81:0b:7f:03:bd:3a:63:39:8e:de:
e8:81:bd:db:6b:27:e7:7c:90:48:f1:b1:5a:d0:ca:8c:fb:01:
5b:50:55:a4:1d:d3:5d:08:27:21:75:46:cb:17:7e:dd:ac:6a:
5e:32:49:0b:6d:d1:b7:37:9b:ee:84:01:ee:2d:3b:ba:c4:79:
b8:64:2d:5b:09:ac:19:17:d3:d3:71:81:44:12:0a:f9:50:37:
a1:a0:74:87:c9:81:1c:20:d8:70:1a:c7:88:ca:36:be:f7:c2:
81:76:b8:b2:d3:dc:87:b0:b0:d5:f2:71:53:da:45:33:6d:23:
de:c9:78:c9:9d:c2:2e:99:47:24:63:db:18:24:73:f9:ca:30:
9e:ce:1f:9b:80:7d:a4:1c:6e:ea:d2:36:41:89:dd:2a:eb:b9:
fc:32:f3:67:ec:37:9d:a3:9e:44:10:2b:05:0f:d6:1c:13:94:
70:04:e5:1f:65:75:89:d3:47:30:ec:dd:49:74:3d:ff:24:85:
aa:8c:54:9b:69:79:6b:97:02:cb:32:b8:b8:46:0f:d3:fa:a4:
67:2c:f8:65:9b:b8:7e:55:17:96:bd:a9:12:da:12:24:21:68:
98:cd:9d:c8:56:8a:08:c6:88:1c:93:54:75:dd:95:08:ea:b4:
6a:fa:f6:3e
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgICBcMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ2QjAxMTAvBgNVBAUTKEZGNjgyREY4RDQ0ODY0QjM0MUQ5Q0I3QjZDMDY1OUJG
RkFBQ0M5QzcwHhcNMjQxMjE3MDczMzA1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYxMjkzMS05NWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuLr4QnIaXez/QUAzw8ajsMW2yKlf8N7cSjXOdMdUvjPAlS332AQZuDNSeEH2
VXlG9dQSppqAmLndhbjJg/MQXQh75GI/kxXlLA+scLQlF1O5tNa/hroBwC1kxdMd
7os4HsQWabO8mU0c1vpOOCYpfJTt4BKcA+tKl30ampJX//eqVKugJqQAvpp+xSqr
1x5guepY5T2d3o1J08rX9QRNiWYxndKK9V/lm83MLOcIb4IToraomn3fXF9qIhCt
4pcig0lG5LYiijanVMltiM1LNV17PXfl40XF8f3LEsot7KRUFj/B7rO860yZWYvj
wCakTJSvUC8ypXqu40B7NDG70QIDAQABo4IC+DCCAvQwHQYDVR0OBBYEFGpND+Gw
BSBiSgoHrR+3MtIUGx8VMB8GA1UdIwQYMBaAFP9oLfjUSGSzQdnLe2wGWb/6rMnH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDZCMC8zMkU5ODczQ0JG
QzgxMUVCQjlFNEVCNkVDNEY5QUUwMi9fMmd0LU5SSVpMTkIyY3Q3YkFaWnZfcXN5
Y2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL18yZ3QtTlJJWkxOQjJjdDdiQVpadl9xc3ljYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ2QjAvMzJFOTg3M0NCRkM4MTFFQkI5RTRFQjZFQzRGOUFFMDIvN0Q1OEZGQTQw
ODU1MTFFRkEzRTQ0RTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYEGCCsGAQUFBwEHAQH/
BHIwcDBWBAIAATBQAwQAK+/7AwQAK/kjAwQCLUC4AwQCZxvIAwQAZ0YFAwQAZ0YH
AwQCZ1YwAwQCZ4QAAwQCZ+Z4AwQCZ+rsMAwDBABn9aUDBABn9aYDBAJ0zLQwFgQC
AAIwEAMGACQHeQAQAwYAJAd5ACAwDQYJKoZIhvcNAQELBQADggEBAI4Lpde6j3dd
gQt/A706YzmO3uiBvdtrJ+d8kEjxsVrQyoz7AVtQVaQd010IJyF1RssXft2sal4y
SQtt0bc3m+6EAe4tO7rEebhkLVsJrBkX09NxgUQSCvlQN6GgdIfJgRwg2HAax4jK
Nr73woF2uLLT3IewsNXycVPaRTNtI97JeMmdwi6ZRyRj2xgkc/nKMJ7OH5uAfaQc
burSNkGJ3Srrufwy82fsN52jnkQQKwUP1hwTlHAE5R9ldYnTRzDs3Ul0Pf8khaqM
VJtpeWuXAssyuLhGD9P6pGcs+GWbuH5VF5a9qRLaEiQhaJjNnchWigjGiByTVHXd
lQjqtGr69j4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:41:05 2025 by rpki-client