Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/33B566F2E80811EEB4888B0FC4F9AE02.roa
File: 33B566F2E80811EEB4888B0FC4F9AE02.roa (raw, json)
Hash identifier: AWfKj8WfzOyMqw6Ocft/ZEnHCsG/xvB82oanrPwPBiI=
Subject key identifier: 36:DF:A3:5E:FA:E4:73:C7:79:7E:6A:83:50:42:D3:D2:C0:4E:EE:08
Certificate issuer: /CN=A91BAD2D/serialNumber=94A950B303B46900DD5A3061030C89A4896803AF
Certificate serial: 9E
Authority key identifier: 94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/33B566F2E80811EEB4888B0FC4F9AE02.roa
Signing time: Sun 19 Jan 2025 04:27:45 +0000
ROA not before: Sun 19 Jan 2025 04:27:45 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 133894
IP address blocks: 43.230.209.0/24 maxlen: 24
103.46.208.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158 (0x9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BAD2D/serialNumber=94A950B303B46900DD5A3061030C89A4896803AF
Validity
Not Before: Jan 19 04:27:45 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=678c7f41-e757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:05:a5:75:0f:c0:df:03:8c:44:9b:60:fe:3e:
0e:ac:e4:bb:fa:a1:37:d9:81:19:dc:61:d3:d8:46:
e1:8f:ea:0b:80:05:e8:f2:96:84:76:0f:bc:37:0b:
ae:99:4d:35:2e:aa:21:1c:71:0a:26:9c:cc:5f:41:
ea:a0:96:e1:db:ac:a9:fe:f8:4f:01:f3:7b:aa:ba:
03:2d:ff:d9:ab:40:8b:f2:97:53:a7:6d:9b:85:f7:
71:11:61:ee:ef:79:55:93:85:08:3f:77:98:44:e3:
8e:ec:93:22:1d:36:d5:5d:1c:66:d3:01:03:31:cc:
9c:63:95:42:ef:68:68:59:db:c1:e5:60:df:4f:c8:
ec:36:c3:40:ca:0d:14:27:96:79:f3:22:e0:0d:c5:
6f:57:e5:5f:de:e9:aa:42:9b:b5:01:08:16:42:79:
47:91:43:3d:04:f8:48:eb:5d:e4:4d:cb:06:84:d2:
41:6b:0f:cd:cb:20:96:1f:98:f9:fc:42:b8:77:bc:
06:81:97:95:9e:2d:b5:dc:e8:db:82:6a:5c:e8:4d:
97:52:a1:cc:8a:53:19:05:b6:0b:3d:e9:0f:40:8f:
9e:6d:9b:08:16:c2:73:b8:4c:3e:34:46:65:18:32:
23:73:1d:d6:fe:d6:b9:4e:36:e3:82:bf:e4:f8:cf:
79:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:DF:A3:5E:FA:E4:73:C7:79:7E:6A:83:50:42:D3:D2:C0:4E:EE:08
X509v3 Authority Key Identifier:
keyid:94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/33B566F2E80811EEB4888B0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.209.0/24
103.46.208.0/22
Signature Algorithm: sha256WithRSAEncryption
73:51:0a:30:37:9b:fa:ee:9f:b5:a4:2b:a3:1c:a4:c6:c1:79:
1b:9b:6d:d5:7d:ea:6b:37:64:ec:95:92:60:36:df:37:21:ba:
1e:51:b4:43:9e:9d:41:f0:13:54:ae:fb:05:b1:f5:6f:75:f3:
64:39:2b:08:e9:12:18:91:2b:57:b3:93:db:83:f3:35:24:9c:
a0:e3:fa:e0:11:32:47:dc:2e:68:82:9f:49:83:cb:31:8f:64:
61:1e:6c:c9:eb:91:14:78:fa:3b:41:a4:ca:d4:d9:d4:b6:42:
77:4e:da:5d:18:0c:d6:f3:28:50:3d:0d:3b:34:bd:0f:a7:e3:
5a:3e:26:32:76:d9:c7:d8:fd:0a:62:86:fa:67:19:7f:ee:74:
ce:b2:36:ac:03:79:29:38:e7:7b:83:94:e2:cb:fb:dc:e0:aa:
d1:d3:c0:11:f9:22:04:81:0a:58:5c:6e:20:23:3e:40:40:e8:
9e:e9:58:ef:14:cd:69:bf:27:81:fc:40:a2:e8:4a:d1:78:da:
88:c5:e0:a7:b8:21:4a:9a:b6:32:84:c2:22:6b:d8:b2:24:96:
96:1f:32:f6:41:e3:bd:9e:ce:8a:45:ea:53:80:1b:60:e2:76:
7e:b9:07:f5:a9:83:d6:ad:96:2d:37:f3:d8:5d:e4:b5:34:42:
5c:8e:c6:eb
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkFEMkQxMTAvBgNVBAUTKDk0QTk1MEIzMDNCNDY5MDBERDVBMzA2MTAzMEM4OUE0
ODk2ODAzQUYwHhcNMjUwMTE5MDQyNzQ1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhjN2Y0MS1lNzU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxgWldQ/A3wOMRJtg/j4OrOS7+qE32YEZ3GHT2Ebhj+oLgAXo8paEdg+8Nwuu
mU01LqohHHEKJpzMX0HqoJbh26yp/vhPAfN7qroDLf/Zq0CL8pdTp22bhfdxEWHu
73lVk4UIP3eYROOO7JMiHTbVXRxm0wEDMcycY5VC72hoWdvB5WDfT8jsNsNAyg0U
J5Z58yLgDcVvV+Vf3umqQpu1AQgWQnlHkUM9BPhI613kTcsGhNJBaw/NyyCWH5j5
/EK4d7wGgZeVni213Ojbgmpc6E2XUqHMilMZBbYLPekPQI+ebZsIFsJzuEw+NEZl
GDIjcx3W/ta5Tjbjgr/k+M95iwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDbfo176
5HPHeX5qg1BC09LATu4IMB8GA1UdIwQYMBaAFJSpULMDtGkA3VowYQMMiaSJaAOv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUQyRC85MDg4RUU1QUU4
MDExMUVFQUQ2QzUwMzBDNEY5QUUwMi9sS2xRc3dPMGFRRGRXakJoQXd5SnBJbG9B
NjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xLbFFzd08wYVFEZFdqQmhBd3lKcElsb0E2OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkFEMkQvOTA4OEVFNUFFODAxMTFFRUFENkM1MDMwQzRGOUFFMDIvMzNCNTY2RjJF
ODA4MTFFRUI0ODg4QjBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr5tEDBAJnLtAwDQYJKoZIhvcNAQELBQADggEBAHNRCjA3
m/run7WkK6McpMbBeRubbdV96ms3ZOyVkmA23zchuh5RtEOenUHwE1Su+wWx9W91
82Q5KwjpEhiRK1ezk9uD8zUknKDj+uARMkfcLmiCn0mDyzGPZGEebMnrkRR4+jtB
pMrU2dS2QndO2l0YDNbzKFA9DTs0vQ+n41o+JjJ22cfY/QpihvpnGX/udM6yNqwD
eSk453uDlOLL+9zgqtHTwBH5IgSBClhcbiAjPkBA6J7pWO8UzWm/J4H8QKLoStF4
2ojF4Ke4IUqatjKEwiJr2LIklpYfMvZB472ezopF6lOAG2Didn65B/Wpg9atli03
89hd5LU0QlyOxus=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:08:48 2025 by rpki-client