Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911681C/BC78E36A8E7F11EA9471D168C4F9AE02/E7BABAC2217111EC9C97E95CC4F9AE02.roa
File: E7BABAC2217111EC9C97E95CC4F9AE02.roa (raw, json)
Hash identifier: OjAcbEOp0amxQNPqpOvSSPyQnwHnVe9MoEWy3pew2ow=
Subject key identifier: 2A:03:89:12:F3:35:44:FF:35:ED:EC:CC:C8:E8:90:12:7F:1C:C1:30
Certificate issuer: /CN=A911681C/serialNumber=8D5BE6F50585DAFE7B4806BA09E225B0CC6F290B
Certificate serial: 0924
Authority key identifier: 8D:5B:E6:F5:05:85:DA:FE:7B:48:06:BA:09:E2:25:B0:CC:6F:29:0B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jVvm9QWF2v57SAa6CeIlsMxvKQs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911681C/BC78E36A8E7F11EA9471D168C4F9AE02/E7BABAC2217111EC9C97E95CC4F9AE02.roa
Signing time: Tue 22 Oct 2024 20:29:26 +0000
ROA not before: Tue 22 Oct 2024 20:29:26 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 140504
IP address blocks: 43.230.6.0/24 maxlen: 24
103.20.124.0/24 maxlen: 24
103.49.173.0/24 maxlen: 24
103.49.174.0/23 maxlen: 23
203.190.216.0/24 maxlen: 24
2403:ae80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2340 (0x924)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911681C
Validity
Not Before: Oct 22 20:29:26 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67180b25-d2e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:59:3a:77:f6:1f:ad:33:29:a7:69:c0:7f:61:
af:7c:7c:e9:98:5e:87:45:23:19:d9:e2:c7:18:12:
eb:ab:18:4d:44:62:2c:7d:c7:3b:b7:3e:11:54:1e:
c4:8f:e9:73:fd:27:34:bf:1e:00:1e:bf:eb:00:8e:
b3:06:3e:b7:6a:44:25:42:c1:6c:c2:1a:9a:d9:a5:
ce:a9:87:bd:f1:e8:25:41:75:e5:7c:5f:47:bd:9f:
10:73:0a:a9:34:3f:9f:b7:59:fd:a7:f6:0b:08:08:
c3:7e:6c:fa:c3:d1:50:b2:c8:a2:e8:56:71:a9:b6:
35:e6:ed:25:3c:d7:f7:97:a9:27:da:54:5c:9c:35:
b2:9c:1a:65:d0:ea:68:f8:ce:27:60:d9:db:b5:58:
a2:9f:07:79:40:fe:ba:12:a2:cc:be:02:26:cf:db:
3a:26:51:b5:91:dc:10:29:ae:bc:17:fc:ae:41:7a:
03:ac:22:69:d4:5a:49:a9:b1:5f:23:3a:27:ba:1f:
6e:b4:22:b3:80:7f:06:4b:f3:56:52:a4:80:08:2a:
c5:e4:b0:3a:f3:9a:2d:26:6f:0e:ad:75:fc:d1:0a:
b9:3a:00:0d:76:ab:c6:b1:30:24:e3:90:ec:26:95:
2e:72:e0:a5:57:e2:fc:90:a9:88:13:70:84:ac:9d:
78:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:03:89:12:F3:35:44:FF:35:ED:EC:CC:C8:E8:90:12:7F:1C:C1:30
X509v3 Authority Key Identifier:
keyid:8D:5B:E6:F5:05:85:DA:FE:7B:48:06:BA:09:E2:25:B0:CC:6F:29:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911681C/BC78E36A8E7F11EA9471D168C4F9AE02/jVvm9QWF2v57SAa6CeIlsMxvKQs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jVvm9QWF2v57SAa6CeIlsMxvKQs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911681C/BC78E36A8E7F11EA9471D168C4F9AE02/E7BABAC2217111EC9C97E95CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.6.0/24
103.20.124.0/24
103.49.173.0-103.49.175.255
203.190.216.0/24
IPv6:
2403:ae80::/32
Signature Algorithm: sha256WithRSAEncryption
39:37:ca:c8:82:84:12:36:03:c6:67:19:bc:3f:0f:a0:fe:d7:
79:b4:9b:e7:92:8a:ec:5a:85:56:83:72:fa:da:15:12:2a:87:
8d:e3:65:61:86:51:cd:2f:2f:0d:3e:cd:cb:9f:20:f9:19:bb:
12:79:2a:86:76:01:1e:8a:65:d6:5b:01:3b:c3:03:45:d9:a0:
3f:72:ef:69:ea:71:c8:69:77:f7:42:d1:2b:1a:aa:f0:f0:fa:
21:b7:b9:5e:c1:67:87:3f:88:72:64:ff:42:de:75:35:6d:38:
b9:87:7f:e0:e6:ad:58:5c:93:d7:80:02:eb:7a:49:1c:50:0f:
8c:8c:e7:cc:71:e8:0e:21:f6:ad:4e:82:c5:5a:71:9a:2f:25:
80:98:d5:88:3b:b3:cb:21:8f:53:42:fd:31:90:7a:98:06:1b:
79:c9:07:7e:59:09:1d:63:cf:c3:c4:3e:da:3e:a3:54:03:ac:
01:23:7d:fb:27:0c:98:a5:01:93:a3:16:4b:d2:aa:28:e7:31:
b7:06:50:72:4a:65:65:91:28:16:09:8d:f7:c4:61:81:f4:00:
5b:2e:37:e0:90:88:8e:2b:ff:60:57:95:c1:64:d6:97:1a:83:
14:49:d5:5a:5e:74:1a:8b:bf:0d:89:b6:53:14:1d:5a:d8:86:
84:9d:37:2f
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICCSQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY4MUMxMTAvBgNVBAUTKDhENUJFNkY1MDU4NURBRkU3QjQ4MDZCQTA5RTIyNUIw
Q0M2RjI5MEIwHhcNMjQxMDIyMjAyOTI2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE4MGIyNS1kMmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAplk6d/YfrTMpp2nAf2GvfHzpmF6HRSMZ2eLHGBLrqxhNRGIsfcc7tz4RVB7E
j+lz/Sc0vx4AHr/rAI6zBj63akQlQsFswhqa2aXOqYe98eglQXXlfF9HvZ8Qcwqp
ND+ft1n9p/YLCAjDfmz6w9FQssii6FZxqbY15u0lPNf3l6kn2lRcnDWynBpl0Opo
+M4nYNnbtViinwd5QP66EqLMvgImz9s6JlG1kdwQKa68F/yuQXoDrCJp1FpJqbFf
Izonuh9utCKzgH8GS/NWUqSACCrF5LA685otJm8OrXX80Qq5OgANdqvGsTAk45Ds
JpUucuClV+L8kKmIE3CErJ14aQIDAQABo4ICvjCCArowHQYDVR0OBBYEFCoDiRLz
NUT/Ne3szMjokBJ/HMEwMB8GA1UdIwQYMBaAFI1b5vUFhdr+e0gGugniJbDMbykL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjgxQy9CQzc4RTM2QThF
N0YxMUVBOTQ3MUQxNjhDNEY5QUUwMi9qVnZtOVFXRjJ2NTdTQWE2Q2VJbHNNeHZL
UXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pWdm05UVdGMnY1N1NBYTZDZUlsc014dktRcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY4MUMvQkM3OEUzNkE4RTdGMTFFQTk0NzFEMTY4QzRGOUFFMDIvRTdCQUJBQzIy
MTcxMTFFQzlDOTdFOTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MCYEAgABMCADBAAr5gYDBABnFHwwDAMEAGcxrQMEBGcxoAMEAMu+2DANBAIA
AjAHAwUAJAOugDANBgkqhkiG9w0BAQsFAAOCAQEAOTfKyIKEEjYDxmcZvD8PoP7X
ebSb55KK7FqFVoNy+toVEiqHjeNlYYZRzS8vDT7Ny58g+Rm7EnkqhnYBHopl1lsB
O8MDRdmgP3LvaepxyGl390LRKxqq8PD6Ibe5XsFnhz+IcmT/Qt51NW04uYd/4Oat
WFyT14AC63pJHFAPjIznzHHoDiH2rU6CxVpxmi8lgJjViDuzyyGPU0L9MZB6mAYb
eckHflkJHWPPw8Q+2j6jVAOsASN9+ycMmKUBk6MWS9KqKOcxtwZQckplZZEoFgmN
98RhgfQAWy434JCIjiv/YFeVwWTWlxqDFEnVWl50Gou/DYm2UxQdWtiGhJ03Lw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:32:19 2025 by rpki-client