Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912BAA5/E67F63641D8F11E2B54E43EF08B02CD2/214B85D87C0311EBB2F8C86CC4F9AE02.roa
File: 214B85D87C0311EBB2F8C86CC4F9AE02.roa (raw, json)
Hash identifier: lyo3KeYKS41I3zCvbwFM3YRuu5a+CzwSrlJ2GPJMVKo=
Subject key identifier: BF:05:11:5F:BB:5D:FB:B2:7D:DC:63:EC:32:86:59:E2:57:E2:16:AC
Certificate issuer: /CN=A912BAA5/serialNumber=A5367BE14241559C1EB87D0D5EA3EEC593EDCFEC
Certificate serial: 3442
Authority key identifier: A5:36:7B:E1:42:41:55:9C:1E:B8:7D:0D:5E:A3:EE:C5:93:ED:CF:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pTZ74UJBVZweuH0NXqPuxZPtz-w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912BAA5/E67F63641D8F11E2B54E43EF08B02CD2/214B85D87C0311EBB2F8C86CC4F9AE02.roa
Signing time: Wed 18 Dec 2024 15:10:45 +0000
ROA not before: Wed 18 Dec 2024 15:10:45 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 24556
IP address blocks: 103.199.108.0/22 maxlen: 24
137.59.48.0/22 maxlen: 24
202.191.120.0/21 maxlen: 24
2404:3f80::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13378 (0x3442)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912BAA5
Validity
Not Before: Dec 18 15:10:45 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6762e5f4-5eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f3:eb:e7:38:1b:34:e1:96:c7:3b:2b:66:8a:
d8:85:e6:3e:c8:eb:4f:ab:39:4c:f9:6d:66:88:29:
51:58:c8:b8:e6:c6:e5:e4:85:5a:1c:01:29:06:5d:
22:e8:66:fe:ed:72:e3:1e:7d:43:27:d4:75:f5:df:
37:52:be:a0:21:b3:79:01:8d:ef:4c:9f:0b:2d:63:
a6:07:cf:c8:2c:8d:31:ef:be:3a:9d:06:e5:2f:b3:
e0:1f:c5:cb:24:76:ea:4f:97:27:1d:25:3f:6b:30:
6b:61:bc:c3:39:63:fe:5e:29:df:b5:ef:7a:20:db:
a7:3d:0e:33:b8:92:ef:7d:ea:c2:79:3d:24:78:b2:
69:d6:88:3f:d2:6d:35:fb:56:76:af:5a:33:99:db:
43:0c:9b:d1:04:a4:c1:09:2c:c0:a5:e9:b9:b6:14:
ad:d5:38:b8:de:df:97:59:c7:fa:ec:20:13:1a:21:
6f:27:84:be:ec:66:b1:40:fb:fd:24:25:ce:c3:d7:
20:43:f2:0e:04:2c:d6:9e:02:b5:ef:7a:f7:c7:13:
e0:df:c1:41:60:65:a9:92:52:b0:ec:b6:cb:d8:4c:
63:f8:dd:4d:7d:e0:8e:af:d6:1e:11:67:34:13:8d:
20:86:83:ee:ff:30:89:0c:68:b7:80:e9:db:d1:29:
50:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:05:11:5F:BB:5D:FB:B2:7D:DC:63:EC:32:86:59:E2:57:E2:16:AC
X509v3 Authority Key Identifier:
keyid:A5:36:7B:E1:42:41:55:9C:1E:B8:7D:0D:5E:A3:EE:C5:93:ED:CF:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912BAA5/E67F63641D8F11E2B54E43EF08B02CD2/pTZ74UJBVZweuH0NXqPuxZPtz-w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pTZ74UJBVZweuH0NXqPuxZPtz-w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BAA5/E67F63641D8F11E2B54E43EF08B02CD2/214B85D87C0311EBB2F8C86CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.199.108.0/22
137.59.48.0/22
202.191.120.0/21
IPv6:
2404:3f80::/32
Signature Algorithm: sha256WithRSAEncryption
67:73:8e:67:f4:27:51:99:cc:c8:d9:9d:57:de:ea:b9:56:04:
0d:a7:66:15:1e:bb:6b:d5:02:e1:e9:70:26:8d:09:fd:d7:b4:
df:55:9b:2b:04:50:5e:8d:91:b6:64:65:73:58:8e:85:e2:23:
97:86:e8:20:23:f8:43:d0:7d:b3:38:c3:2a:c9:0d:b3:28:aa:
a6:e7:aa:07:40:49:6f:e4:30:fe:12:da:f6:84:f8:a2:29:43:
e3:c6:7b:6c:69:45:1d:ee:06:22:f3:12:c1:be:01:2e:0a:b1:
42:8a:6e:eb:ee:7e:a5:a0:ad:e4:b5:f2:9e:70:ba:4f:9c:99:
04:96:a8:86:56:28:49:6f:af:89:9b:8e:d2:26:90:da:7b:38:
ce:d5:42:a2:73:4c:11:2e:6a:94:70:79:95:66:45:0d:7b:7f:
b4:28:7e:34:b2:a1:77:79:bc:b4:33:f5:72:8e:bd:b4:4e:7b:
0b:5f:a7:42:04:6e:49:f1:c2:d5:45:ac:ff:d3:64:4e:de:e0:
a4:d6:a4:c8:ae:84:f1:5c:fe:40:ef:8f:a8:9e:54:9d:16:b9:
8b:9d:00:20:61:45:ad:cb:4a:3b:d8:78:dd:7f:fa:1a:b6:76:
57:54:83:da:7c:22:4c:a5:a3:b9:ac:af:03:74:de:e8:c2:84:
17:ca:76:b5
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICNEIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkJBQTUxMTAvBgNVBAUTKEE1MzY3QkUxNDI0MTU1OUMxRUI4N0QwRDVFQTNFRUM1
OTNFRENGRUMwHhcNMjQxMjE4MTUxMDQ1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyZTVmNC01ZWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4PPr5zgbNOGWxzsrZorYheY+yOtPqzlM+W1miClRWMi45sbl5IVaHAEpBl0i
6Gb+7XLjHn1DJ9R19d83Ur6gIbN5AY3vTJ8LLWOmB8/ILI0x7746nQblL7PgH8XL
JHbqT5cnHSU/azBrYbzDOWP+Xinfte96INunPQ4zuJLvferCeT0keLJp1og/0m01
+1Z2r1ozmdtDDJvRBKTBCSzApem5thSt1Ti43t+XWcf67CATGiFvJ4S+7GaxQPv9
JCXOw9cgQ/IOBCzWngK173r3xxPg38FBYGWpklKw7LbL2Exj+N1NfeCOr9YeEWc0
E40ghoPu/zCJDGi3gOnb0SlQKwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFL8FEV+7
Xfuyfdxj7DKGWeJX4hasMB8GA1UdIwQYMBaAFKU2e+FCQVWcHrh9DV6j7sWT7c/s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkFBNS9FNjdGNjM2NDFE
OEYxMUUyQjU0RTQzRUYwOEIwMkNEMi9wVFo3NFVKQlZad2V1SDBOWHFQdXhaUHR6
LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BUWjc0VUpCVlp3ZXVIME5YcVB1eFpQdHotdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkJBQTUvRTY3RjYzNjQxRDhGMTFFMkI1NEU0M0VGMDhCMDJDRDIvMjE0Qjg1RDg3
QzAzMTFFQkIyRjhDODZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAJnx2wDBAKJOzADBAPKv3gwDQQCAAIwBwMFACQEP4AwDQYJ
KoZIhvcNAQELBQADggEBAGdzjmf0J1GZzMjZnVfe6rlWBA2nZhUeu2vVAuHpcCaN
Cf3XtN9VmysEUF6NkbZkZXNYjoXiI5eG6CAj+EPQfbM4wyrJDbMoqqbnqgdASW/k
MP4S2vaE+KIpQ+PGe2xpRR3uBiLzEsG+AS4KsUKKbuvufqWgreS18p5wuk+cmQSW
qIZWKElvr4mbjtImkNp7OM7VQqJzTBEuapRweZVmRQ17f7QofjSyoXd5vLQz9XKO
vbROewtfp0IEbknxwtVFrP/TZE7e4KTWpMiuhPFc/kDvj6ieVJ0WuYudACBhRa3L
SjvYeN1/+hq2dldUg9p8Ikylo7msrwN03ujChBfKdrU=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:07 2025 by rpki-client