Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/222F2952038511EFAF036327C4F9AE02.roa
File: 222F2952038511EFAF036327C4F9AE02.roa (raw, json)
Hash identifier: rVMxOgelyBDIsz2ZEFIOCldOT+HvzVbaDGqU8kc2TB4=
Subject key identifier: B3:F7:0C:A6:16:3B:0E:C0:97:40:EA:C2:D0:32:BB:2D:14:8C:C1:DD
Certificate issuer: /CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F
Certificate serial: 59
Authority key identifier: BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/222F2952038511EFAF036327C4F9AE02.roa
Signing time: Mon 12 Aug 2024 17:53:52 +0000
ROA not before: Mon 12 Aug 2024 17:53:52 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 4213
IP address blocks: 43.252.120.0/22 maxlen: 22
43.252.120.0/24 maxlen: 24
103.233.80.0/23 maxlen: 23
103.233.82.0/24 maxlen: 24
103.233.83.0/24 maxlen: 24
110.34.151.0/24 maxlen: 24
110.34.166.0/24 maxlen: 24
110.34.186.0/23 maxlen: 23
110.34.188.0/23 maxlen: 23
110.34.191.0/24 maxlen: 24
110.34.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89 (0x59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F
Validity
Not Before: Aug 12 17:53:52 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66ba4c30-a2dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3a:e4:96:2a:0b:74:de:2c:2a:74:d3:34:ce:
de:13:78:56:62:a0:31:d7:fa:a6:c1:01:f7:fb:27:
4c:14:93:6d:1e:e9:a9:62:c8:26:2e:a6:2e:43:1c:
e4:68:49:3e:43:10:eb:de:61:8f:24:1b:7b:b9:bc:
4c:83:ac:2a:5a:8a:b1:ea:7a:16:bc:d0:3a:62:d9:
aa:73:0d:41:d0:5d:d3:c1:b7:7b:a0:c0:f3:ef:fb:
cd:1a:ea:b1:8e:e1:d1:17:80:e9:88:46:ca:b0:64:
bb:cc:cf:98:3b:bf:c1:a5:7b:6e:f7:f8:06:12:d3:
99:a4:ae:ad:ef:1e:b1:be:25:52:fe:32:a7:a4:a0:
84:a8:8c:eb:a3:6b:07:a3:00:90:90:9b:50:05:69:
4f:d9:c5:43:d7:15:c7:94:ef:aa:46:9d:68:6e:76:
94:32:aa:2a:ad:c4:4e:d9:fc:25:d8:65:ce:8f:a3:
a5:3c:d8:e8:9b:25:07:83:02:b4:e9:90:13:79:8a:
7c:f6:d2:0f:00:15:54:b6:a6:19:13:bb:cf:66:b7:
09:e1:82:9e:dd:57:3f:57:5c:52:28:3c:b4:e8:38:
3e:97:d1:9e:b0:14:86:fb:8d:94:2c:55:c9:dd:b4:
c1:54:a6:c3:f9:8e:61:36:e0:46:be:f9:25:f6:7c:
46:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F7:0C:A6:16:3B:0E:C0:97:40:EA:C2:D0:32:BB:2D:14:8C:C1:DD
X509v3 Authority Key Identifier:
keyid:BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/222F2952038511EFAF036327C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.120.0/22
103.233.80.0/22
110.34.151.0/24
110.34.166.0/24
110.34.186.0-110.34.189.255
110.34.191.0/24
110.34.217.0/24
Signature Algorithm: sha256WithRSAEncryption
57:70:61:23:99:95:c5:d7:a6:19:76:73:ee:2a:8d:a9:4f:c7:
35:6d:b6:b2:78:b3:b1:a7:60:5a:f4:dd:b8:7a:bb:f1:1e:97:
db:5e:cd:6c:db:a1:0a:68:39:4c:53:9d:53:66:e6:6e:34:f5:
1a:4a:68:78:fc:ab:36:b7:13:56:8a:b5:05:4f:bf:70:53:7d:
ed:a4:c9:62:3a:4f:98:7a:01:da:86:1b:1f:94:0a:39:30:9f:
82:47:01:a8:2c:cc:73:1c:74:f0:0f:91:05:85:d3:e2:dd:13:
1b:cb:f9:8a:61:f8:39:86:83:34:78:86:86:77:b0:e0:17:01:
fa:bd:aa:f0:b1:c3:85:bf:58:b4:9c:89:66:27:78:a5:b5:4e:
03:dc:d5:b4:c5:86:1e:d8:29:9d:70:16:07:67:e6:1b:e8:a7:
97:9a:7b:d7:be:e2:41:50:09:9c:44:de:6b:e3:7a:0a:36:89:
b4:e4:6c:20:4a:f2:82:07:37:aa:22:ea:ba:b4:0c:f7:9e:a2:
bd:cd:14:2d:fb:1d:d7:d2:02:48:35:16:6f:45:aa:b2:e2:cd:
6d:12:24:04:d5:bf:2d:f2:59:77:fa:24:13:8f:05:c5:ec:98:
64:63:4b:5f:18:b3:c8:1e:38:bd:51:34:6c:7f:85:6d:64:71:
98:01:78:ac
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIBWTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
QzUzMjExMC8GA1UEBRMoQkNBQjNFNzZGODRFRDQzNzQyRjJBMDgxMjQyNzA4RTc5
OUNFMUI1RjAeFw0yNDA4MTIxNzUzNTJaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YmE0YzMwLWEyZGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCiOuSWKgt03iwqdNM0zt4TeFZioDHX+qbBAff7J0wUk20e6aliyCYupi5DHORo
ST5DEOveYY8kG3u5vEyDrCpairHqeha80Dpi2apzDUHQXdPBt3ugwPPv+80a6rGO
4dEXgOmIRsqwZLvMz5g7v8Gle273+AYS05mkrq3vHrG+JVL+MqekoISojOujawej
AJCQm1AFaU/ZxUPXFceU76pGnWhudpQyqiqtxE7Z/CXYZc6Po6U82OibJQeDArTp
kBN5inz20g8AFVS2phkTu89mtwnhgp7dVz9XXFIoPLToOD6X0Z6wFIb7jZQsVcnd
tMFUpsP5jmE24Ea++SX2fEa1AgMBAAGjggLBMIICvTAdBgNVHQ4EFgQUs/cMphY7
DsCXQOrC0DK7LRSMwd0wHwYDVR0jBBgwFoAUvKs+dvhO1DdC8qCBJCcI55nOG18w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFDNTMyL0RBQTBEMEI0MDM3
RTExRUY4NTIwRTc1OEM0RjlBRTAyL3ZLcy1kdmhPMURkQzhxQ0JKQ2NJNTVuT0cx
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdktzLWR2aE8xRGRDOHFDQkpDY0k1NW5PRzE4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
QzUzMi9EQUEwRDBCNDAzN0UxMUVGODUyMEU3NThDNEY5QUUwMi8yMjJGMjk1MjAz
ODUxMUVGQUYwMzYzMjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBLBggrBgEFBQcBBwEB/wQ8
MDowOAQCAAEwMgMEAiv8eAMEAmfpUAMEAG4ilwMEAG4ipjAMAwQBbiK6AwQBbiK8
AwQAbiK/AwQAbiLZMA0GCSqGSIb3DQEBCwUAA4IBAQBXcGEjmZXF16YZdnPuKo2p
T8c1bbayeLOxp2Ba9N24ervxHpfbXs1s26EKaDlMU51TZuZuNPUaSmh4/Ks2txNW
irUFT79wU33tpMliOk+YegHahhsflAo5MJ+CRwGoLMxzHHTwD5EFhdPi3RMby/mK
Yfg5hoM0eIaGd7DgFwH6varwscOFv1i0nIlmJ3iltU4D3NW0xYYe2CmdcBYHZ+Yb
6KeXmnvXvuJBUAmcRN5r43oKNom05GwgSvKCBzeqIuq6tAz3nqK9zRQt+x3X0gJI
NRZvRaqy4s1tEiQE1b8t8ll3+iQTjwXF7JhkY0tfGLPIHji9UTRsf4VtZHGYAXis
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:02:59 2025 by rpki-client