Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B12B/08C27532DB6811ED96C49C3DC4F9AE02/2048ADEADD5011EDA3ACE13CC4F9AE02.roa
File: 2048ADEADD5011EDA3ACE13CC4F9AE02.roa (raw, json)
Hash identifier: Ry5wENgivtIXCFgzf0QiO3bQmATycLuxi4WQf0WGYRQ=
Subject key identifier: C4:20:19:D2:45:A8:11:54:C8:92:3C:BC:72:99:CA:D0:58:4A:8C:59
Certificate issuer: /CN=A911B12B/serialNumber=A9985CDD37932E1D364C4C6D75DBA503BF72677C
Certificate serial: 0184
Authority key identifier: A9:98:5C:DD:37:93:2E:1D:36:4C:4C:6D:75:DB:A5:03:BF:72:67:7C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qZhc3TeTLh02TExtddulA79yZ3w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B12B/08C27532DB6811ED96C49C3DC4F9AE02/2048ADEADD5011EDA3ACE13CC4F9AE02.roa
Signing time: Sat 15 Mar 2025 03:19:34 +0000
ROA not before: Sat 15 Mar 2025 03:19:34 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 139820
IP address blocks: 103.12.40.0/24 maxlen: 24
103.12.41.0/24 maxlen: 24
103.12.42.0/24 maxlen: 24
103.12.43.0/24 maxlen: 24
103.86.88.0/24 maxlen: 24
103.86.89.0/24 maxlen: 24
2001:df1:fa40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 388 (0x184)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B12B
Validity
Not Before: Mar 15 03:19:34 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67d4f1c6-d604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:62:27:11:69:5d:45:30:29:14:c8:c0:5f:d9:
d5:7f:69:d8:82:09:83:ab:95:f5:5d:8d:ad:f1:23:
ee:af:7a:76:05:ab:c3:ae:80:d8:18:0d:8a:10:34:
a6:c9:0e:f0:5c:d6:60:a6:1a:fb:a0:93:02:f3:78:
ba:ef:ee:29:b8:6f:5f:65:6e:d4:53:3c:46:86:d4:
14:f6:14:6f:34:2c:34:5b:76:70:da:90:32:63:de:
08:7a:0f:fb:38:93:c8:3f:7d:95:d4:38:b0:72:49:
15:34:c8:70:04:1e:70:50:19:ab:a9:51:57:2c:46:
30:f3:00:25:0c:76:f1:da:f0:4a:31:07:c5:bf:f5:
bc:66:29:5f:16:c3:39:4e:a0:02:a0:3e:1c:8c:12:
b8:49:6f:01:fe:f5:d4:31:6e:98:ab:0b:e5:c3:03:
75:e5:f9:f2:67:d3:90:2e:4a:13:85:be:ff:99:d2:
88:35:c5:40:d1:10:8a:72:65:8e:d3:b5:d5:30:24:
d8:69:7f:10:b9:6f:74:27:41:79:62:d4:2e:c7:8e:
a4:49:04:23:9f:bc:3f:a7:15:5e:75:1d:c1:66:19:
c2:e0:54:05:b3:e8:16:f0:1b:30:4e:4b:e1:6b:46:
5d:2c:ae:20:ae:bd:c2:6d:68:a8:e8:37:a4:97:04:
07:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:20:19:D2:45:A8:11:54:C8:92:3C:BC:72:99:CA:D0:58:4A:8C:59
X509v3 Authority Key Identifier:
keyid:A9:98:5C:DD:37:93:2E:1D:36:4C:4C:6D:75:DB:A5:03:BF:72:67:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B12B/08C27532DB6811ED96C49C3DC4F9AE02/qZhc3TeTLh02TExtddulA79yZ3w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qZhc3TeTLh02TExtddulA79yZ3w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B12B/08C27532DB6811ED96C49C3DC4F9AE02/2048ADEADD5011EDA3ACE13CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.12.40.0/22
103.86.88.0/23
IPv6:
2001:df1:fa40::/48
Signature Algorithm: sha256WithRSAEncryption
05:26:42:be:ae:ca:ac:60:8b:a7:f2:2c:6f:b8:b2:39:e1:2e:
c8:58:68:25:14:ff:90:1c:bc:32:cb:4c:7b:be:a0:f9:4f:b6:
73:8f:59:f4:1b:b5:0c:6c:1b:56:81:13:f8:3d:99:8e:a6:da:
e7:6c:48:49:35:93:a9:55:d9:a7:9f:8a:9f:de:f6:dd:0d:f7:
8d:ec:8a:29:a4:0d:a1:f7:c2:c8:71:fa:d9:21:c5:ec:e8:16:
e3:18:94:7e:0b:b4:78:f2:17:e8:c8:ed:ac:8c:ec:68:be:01:
7c:2b:f4:6a:d1:f5:5c:48:60:a3:bc:b4:66:6b:fa:d3:65:38:
c2:6e:d8:00:eb:2e:4a:d3:1f:9d:2f:a4:66:83:d2:b0:eb:28:
4f:38:36:15:93:6b:91:ee:f9:b6:e0:99:a6:0c:d4:ac:9d:ac:
63:80:12:aa:cf:04:a3:27:ab:56:17:89:f6:c5:14:65:21:dc:
ee:b1:08:3e:a4:39:7a:06:18:1f:cd:02:b8:e4:f4:87:d2:5d:
d3:76:04:87:4b:bb:b8:1e:db:e7:2d:8c:56:2c:a8:3f:76:0a:
1a:18:dd:17:d8:a0:4e:3b:c0:29:ef:01:e3:5b:b3:98:f0:79:
1f:9b:fa:b4:3e:54:b1:06:80:e0:d6:d9:51:50:5a:9d:d1:ea:
c9:b3:c8:0e
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICAYQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUIxMkIxMTAvBgNVBAUTKEE5OTg1Q0REMzc5MzJFMUQzNjRDNEM2RDc1REJBNTAz
QkY3MjY3N0MwHhcNMjUwMzE1MDMxOTM0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q0ZjFjNi1kNjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt2InEWldRTApFMjAX9nVf2nYggmDq5X1XY2t8SPur3p2BavDroDYGA2KEDSm
yQ7wXNZgphr7oJMC83i67+4puG9fZW7UUzxGhtQU9hRvNCw0W3Zw2pAyY94Ieg/7
OJPIP32V1DiwckkVNMhwBB5wUBmrqVFXLEYw8wAlDHbx2vBKMQfFv/W8ZilfFsM5
TqACoD4cjBK4SW8B/vXUMW6YqwvlwwN15fnyZ9OQLkoThb7/mdKINcVA0RCKcmWO
07XVMCTYaX8QuW90J0F5YtQux46kSQQjn7w/pxVedR3BZhnC4FQFs+gW8BswTkvh
a0ZdLK4grr3CbWio6DeklwQHJQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFMQgGdJF
qBFUyJI8vHKZytBYSoxZMB8GA1UdIwQYMBaAFKmYXN03ky4dNkxMbXXbpQO/cmd8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjEyQi8wOEMyNzUzMkRC
NjgxMUVEOTZDNDlDM0RDNEY5QUUwMi9xWmhjM1RlVExoMDJURXh0ZGR1bEE3OXla
M3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FaaGMzVGVUTGgwMlRFeHRkZHVsQTc5eVozdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUIxMkIvMDhDMjc1MzJEQjY4MTFFRDk2QzQ5QzNEQzRGOUFFMDIvMjA0OEFERUFE
RDUwMTFFREEzQUNFMTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAJnDCgDBAFnVlgwDwQCAAIwCQMHACABDfH6QDANBgkqhkiG
9w0BAQsFAAOCAQEABSZCvq7KrGCLp/Isb7iyOeEuyFhoJRT/kBy8MstMe76g+U+2
c49Z9Bu1DGwbVoET+D2Zjqba52xISTWTqVXZp5+Kn9723Q33jeyKKaQNoffCyHH6
2SHF7OgW4xiUfgu0ePIX6MjtrIzsaL4BfCv0atH1XEhgo7y0Zmv602U4wm7YAOsu
StMfnS+kZoPSsOsoTzg2FZNrke75tuCZpgzUrJ2sY4ASqs8EoyerVheJ9sUUZSHc
7rEIPqQ5egYYH80CuOT0h9Jd03YEh0u7uB7b5y2MViyoP3YKGhjdF9igTjvAKe8B
41uzmPB5H5v6tD5UsQaA4NbZUVBandHqybPIDg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:55:44 2025 by rpki-client