Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912CF99/B7384010053D11EA9B66BE78C4F9AE02/BC19A604053E11EABC1E707AC4F9AE02.roa
File: BC19A604053E11EABC1E707AC4F9AE02.roa (raw, json)
Hash identifier: YkdaufQKgLmZNVY5l1QIovl6Z82cSg5d5l7gPKlvt34=
Subject key identifier: 7B:F8:C0:21:50:88:9E:C5:E7:5D:7E:AF:E4:23:7D:F7:39:EA:81:0C
Certificate issuer: /CN=A912CF99/serialNumber=F61F121048631FB768D555C3BFA9B020685E8F49
Certificate serial: 0C1D
Authority key identifier: F6:1F:12:10:48:63:1F:B7:68:D5:55:C3:BF:A9:B0:20:68:5E:8F:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9h8SEEhjH7do1VXDv6mwIGhej0k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912CF99/B7384010053D11EA9B66BE78C4F9AE02/BC19A604053E11EABC1E707AC4F9AE02.roa
Signing time: Thu 20 Feb 2025 19:27:11 +0000
ROA not before: Thu 20 Feb 2025 19:27:11 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 58813
IP address blocks: 103.17.36.0/22 maxlen: 24
163.53.180.0/22 maxlen: 24
2405:d440::/32 maxlen: 32
2405:d440:100::/48 maxlen: 48
2405:d440:1fb::/48 maxlen: 48
2405:d440:1fc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3101 (0xc1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912CF99
Validity
Not Before: Feb 20 19:27:11 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b7820e-da95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:af:06:7e:55:60:b8:31:d5:f3:dd:f3:33:ae:
f2:86:50:82:73:96:0b:b6:d5:e9:fe:2d:46:ef:b9:
20:26:08:84:76:ec:82:dc:f1:90:bb:c4:bd:0c:6e:
8d:d1:77:b1:ac:d2:af:25:1f:ad:e7:98:bb:ab:b8:
f3:13:da:fe:46:17:79:98:81:0d:fb:80:c2:c1:46:
c3:55:d2:e6:a1:16:4a:70:1b:21:13:37:fb:f9:9a:
b3:6c:ee:78:e1:92:a6:db:ea:6a:5e:1c:d3:d0:39:
6f:41:6f:1c:12:26:a2:d5:7c:12:a1:03:65:79:34:
1b:96:b0:98:e5:cb:11:ba:0e:39:1b:a8:01:ef:82:
f3:00:da:b2:41:50:80:d0:2a:fd:11:ec:28:6d:ba:
31:4a:b5:4e:0b:92:fb:d1:d0:84:09:f5:e3:2f:cd:
00:55:19:00:82:ef:fc:2f:a2:2a:fb:5b:03:63:cd:
3b:12:1c:99:73:d4:77:37:63:07:77:77:59:b6:38:
f2:8b:3a:21:b4:b1:b4:40:21:8d:75:c8:16:ad:b4:
97:f2:b4:07:9f:3c:67:d4:c3:4d:42:17:ff:c0:90:
e0:8e:f2:e4:6b:a8:94:56:bb:ad:ae:68:66:1e:c9:
c3:46:58:5f:ef:af:29:3a:2c:9b:f8:91:c8:6e:f2:
b4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F8:C0:21:50:88:9E:C5:E7:5D:7E:AF:E4:23:7D:F7:39:EA:81:0C
X509v3 Authority Key Identifier:
keyid:F6:1F:12:10:48:63:1F:B7:68:D5:55:C3:BF:A9:B0:20:68:5E:8F:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912CF99/B7384010053D11EA9B66BE78C4F9AE02/9h8SEEhjH7do1VXDv6mwIGhej0k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9h8SEEhjH7do1VXDv6mwIGhej0k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CF99/B7384010053D11EA9B66BE78C4F9AE02/BC19A604053E11EABC1E707AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.17.36.0/22
163.53.180.0/22
IPv6:
2405:d440::/32
Signature Algorithm: sha256WithRSAEncryption
2d:de:02:1a:71:82:ec:b1:d2:f5:7b:1a:9d:2a:2b:98:d5:4e:
b9:3c:f2:27:ef:5e:18:1f:66:0e:fe:18:78:51:fc:f5:fb:de:
cf:9f:f0:47:b9:c6:9e:10:fa:98:f0:04:e0:6d:00:80:48:27:
c9:6d:83:03:d6:6e:82:bc:75:70:72:f6:9b:d6:09:06:1f:0c:
af:e7:18:dc:1f:68:12:07:ca:52:43:a1:52:19:0b:a2:f6:f9:
66:d6:ed:97:85:5a:9f:02:a3:87:4b:e1:61:40:97:91:88:2e:
6b:4d:70:65:36:0f:b1:fa:08:aa:82:6f:e3:7b:67:13:4c:73:
29:69:43:eb:e6:8f:7b:75:9e:47:60:82:6a:12:e4:9d:42:60:
23:e1:ee:69:ff:58:cb:13:6f:e1:eb:1d:de:3f:05:12:28:7e:
07:25:b2:5c:fc:cd:8e:08:2b:3a:4e:9b:79:17:fd:46:c7:69:
7d:25:cd:9c:e0:80:19:c9:ce:d1:69:eb:22:31:6a:bf:11:79:
ef:a4:ef:44:71:18:4a:4e:a0:0f:ef:e2:c8:34:8f:11:3c:40:
a8:7f:df:a9:99:04:2e:5c:8f:9e:fd:41:38:3d:3e:9e:5b:95:
35:73:4f:7d:77:da:1d:c3:72:0c:c3:2d:74:25:eb:57:8f:22:
b3:55:ee:af
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDB0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkNGOTkxMTAvBgNVBAUTKEY2MUYxMjEwNDg2MzFGQjc2OEQ1NTVDM0JGQTlCMDIw
Njg1RThGNDkwHhcNMjUwMjIwMTkyNzExWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I3ODIwZS1kYTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxq8GflVguDHV893zM67yhlCCc5YLttXp/i1G77kgJgiEduyC3PGQu8S9DG6N
0XexrNKvJR+t55i7q7jzE9r+Rhd5mIEN+4DCwUbDVdLmoRZKcBshEzf7+ZqzbO54
4ZKm2+pqXhzT0DlvQW8cEiai1XwSoQNleTQblrCY5csRug45G6gB74LzANqyQVCA
0Cr9EewobboxSrVOC5L70dCECfXjL80AVRkAgu/8L6Iq+1sDY807EhyZc9R3N2MH
d3dZtjjyizohtLG0QCGNdcgWrbSX8rQHnzxn1MNNQhf/wJDgjvLka6iUVrutrmhm
HsnDRlhf768pOiyb+JHIbvK0nwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFHv4wCFQ
iJ7F511+r+Qjffc56oEMMB8GA1UdIwQYMBaAFPYfEhBIYx+3aNVVw7+psCBoXo9J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0Y5OS9CNzM4NDAxMDA1
M0QxMUVBOUI2NkJFNzhDNEY5QUUwMi85aDhTRUVoakg3ZG8xVlhEdjZtd0lHaGVq
MGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzloOFNFRWhqSDdkbzFWWER2Nm13SUdoZWoway5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkNGOTkvQjczODQwMTAwNTNEMTFFQTlCNjZCRTc4QzRGOUFFMDIvQkMxOUE2MDQw
NTNFMTFFQUJDMUU3MDdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnESQDBAKjNbQwDQQCAAIwBwMFACQF1EAwDQYJKoZIhvcN
AQELBQADggEBAC3eAhpxguyx0vV7Gp0qK5jVTrk88ifvXhgfZg7+GHhR/PX73s+f
8Ee5xp4Q+pjwBOBtAIBIJ8ltgwPWboK8dXBy9pvWCQYfDK/nGNwfaBIHylJDoVIZ
C6L2+WbW7ZeFWp8Co4dL4WFAl5GILmtNcGU2D7H6CKqCb+N7ZxNMcylpQ+vmj3t1
nkdggmoS5J1CYCPh7mn/WMsTb+HrHd4/BRIofgclslz8zY4IKzpOm3kX/UbHaX0l
zZzggBnJztFp6yIxar8Ree+k70RxGEpOoA/v4sg0jxE8QKh/36mZBC5cj579QTg9
Pp5blTVzT3132h3DcgzDLXQl61ePIrNV7q8=
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:57:17 2025 by rpki-client