Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9132AEB/EF29BA2A1DA111E2868B689408B02CD2/514DBDFC98C711EAA0CFE582C4F9AE02.roa
File: 514DBDFC98C711EAA0CFE582C4F9AE02.roa (raw, json)
Hash identifier: i+oLVOiTvF13PBUoOa9UfIxFEQhcYfTJRD1Exsj8GIk=
Subject key identifier: 3A:48:14:D5:94:69:D4:6D:E6:D7:75:A9:B9:C9:E4:A5:BE:2A:25:D6
Certificate issuer: /CN=A9132AEB/serialNumber=0F952A27EF3EF27CEA08C57D202A38069ECB5840
Certificate serial: 343E
Authority key identifier: 0F:95:2A:27:EF:3E:F2:7C:EA:08:C5:7D:20:2A:38:06:9E:CB:58:40
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D5UqJ-8-8nzqCMV9ICo4Bp7LWEA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9132AEB/EF29BA2A1DA111E2868B689408B02CD2/514DBDFC98C711EAA0CFE582C4F9AE02.roa
Signing time: Mon 04 Nov 2024 15:31:08 +0000
ROA not before: Mon 04 Nov 2024 15:31:08 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 45925
IP address blocks: 103.230.104.0/22 maxlen: 22
103.230.104.0/23 maxlen: 23
103.230.104.0/24 maxlen: 24
103.230.105.0/24 maxlen: 24
103.230.106.0/23 maxlen: 23
103.230.106.0/24 maxlen: 24
103.230.107.0/24 maxlen: 24
123.253.132.0/22 maxlen: 22
123.253.132.0/23 maxlen: 23
123.253.132.0/24 maxlen: 24
123.253.133.0/24 maxlen: 24
123.253.134.0/23 maxlen: 23
123.253.134.0/24 maxlen: 24
123.253.135.0/24 maxlen: 24
202.4.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13374 (0x343e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9132AEB
Validity
Not Before: Nov 4 15:31:08 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6728e8bc-399e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:4d:91:88:2c:36:ae:8c:ad:0b:fa:51:68:31:
12:ee:19:56:69:8b:e7:99:a0:75:ce:15:29:6c:35:
91:48:77:ff:ba:c0:48:a7:b9:22:76:f9:ca:45:66:
ed:b3:c4:a3:b4:51:d4:11:e5:3e:c5:24:f2:56:9a:
6f:8f:18:ea:62:4b:f0:9a:9d:8e:49:05:ea:50:2e:
cc:5e:d0:9a:ed:40:ef:f7:bc:17:61:fc:d3:0b:12:
61:21:70:68:39:e5:bd:6e:d4:2c:0f:b6:78:7d:03:
34:db:4f:a8:77:e2:d1:66:e5:46:c3:c1:5d:65:7e:
15:0e:bf:34:1b:af:12:25:8c:a9:87:08:02:c2:5a:
b6:c5:79:80:7d:10:12:95:e8:24:40:c2:36:11:19:
f3:cd:c9:ae:15:04:9b:79:67:d7:4d:16:57:34:d6:
53:d3:4d:fe:bd:00:78:a4:b9:46:7f:17:cc:29:d5:
38:2b:15:be:04:0f:c8:de:97:0a:7d:73:0f:08:35:
ab:a8:b0:46:cf:b5:27:d2:ec:ea:be:01:2b:3a:57:
ff:88:48:12:e0:30:32:8c:d9:cf:43:30:9c:dd:2e:
78:e0:91:2c:af:56:dc:2c:90:94:1a:25:d9:ee:6b:
9e:7b:3a:81:8a:34:f7:88:ab:90:f2:6e:f9:05:1a:
b5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:48:14:D5:94:69:D4:6D:E6:D7:75:A9:B9:C9:E4:A5:BE:2A:25:D6
X509v3 Authority Key Identifier:
keyid:0F:95:2A:27:EF:3E:F2:7C:EA:08:C5:7D:20:2A:38:06:9E:CB:58:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9132AEB/EF29BA2A1DA111E2868B689408B02CD2/D5UqJ-8-8nzqCMV9ICo4Bp7LWEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D5UqJ-8-8nzqCMV9ICo4Bp7LWEA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132AEB/EF29BA2A1DA111E2868B689408B02CD2/514DBDFC98C711EAA0CFE582C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.230.104.0/22
123.253.132.0/22
202.4.173.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:8f:99:5c:04:a6:e7:f9:77:28:fe:88:e2:0c:ef:a8:da:70:
30:77:83:62:3c:00:75:85:d7:1e:fc:c3:11:99:fb:a0:d6:3e:
6f:86:f2:06:4d:e6:f3:f3:b6:67:de:5c:54:bf:c8:f0:85:21:
ad:ae:cb:ce:32:b9:db:3f:a9:09:13:c9:43:69:16:19:89:4e:
f9:82:74:99:76:96:a3:c8:ec:77:b8:49:dc:8b:b1:de:22:5f:
72:5d:45:11:ce:24:13:5a:fa:e3:53:52:6f:d1:44:61:26:88:
9f:61:fa:cf:81:b9:9b:bc:ec:23:94:db:f0:51:dc:47:4d:9d:
4c:57:89:6b:4e:4c:9a:04:76:47:c4:75:dd:a8:c7:6b:1d:24:
35:2c:1a:ed:43:9b:b8:96:1b:80:89:4e:b2:92:c3:06:18:61:
ed:89:39:44:ec:74:d3:43:fa:32:02:ab:e3:24:5d:8c:46:eb:
f0:fa:02:eb:01:43:4c:f6:2c:70:6c:f3:ee:aa:e8:40:49:89:
6e:9d:33:47:40:91:4b:c2:d6:56:3d:8c:97:74:e2:a1:93:21:
9a:8d:3b:4e:04:ee:35:c1:be:21:6a:36:07:63:17:8d:b5:8a:
0e:0d:a5:38:d9:8f:45:a0:15:df:a9:4b:71:b0:0a:28:a1:66:
88:b4:60:7a
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICND4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzJBRUIxMTAvBgNVBAUTKDBGOTUyQTI3RUYzRUYyN0NFQTA4QzU3RDIwMkEzODA2
OUVDQjU4NDAwHhcNMjQxMTA0MTUzMTA4WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI4ZThiYy0zOTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8E2RiCw2roytC/pRaDES7hlWaYvnmaB1zhUpbDWRSHf/usBIp7kidvnKRWbt
s8SjtFHUEeU+xSTyVppvjxjqYkvwmp2OSQXqUC7MXtCa7UDv97wXYfzTCxJhIXBo
OeW9btQsD7Z4fQM020+od+LRZuVGw8FdZX4VDr80G68SJYyphwgCwlq2xXmAfRAS
legkQMI2ERnzzcmuFQSbeWfXTRZXNNZT003+vQB4pLlGfxfMKdU4KxW+BA/I3pcK
fXMPCDWrqLBGz7Un0uzqvgErOlf/iEgS4DAyjNnPQzCc3S544JEsr1bcLJCUGiXZ
7mueezqBijT3iKuQ8m75BRq10QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDpIFNWU
adRt5td1qbnJ5KW+KiXWMB8GA1UdIwQYMBaAFA+VKifvPvJ86gjFfSAqOAaey1hA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkFFQi9FRjI5QkEyQTFE
QTExMUUyODY4QjY4OTQwOEIwMkNEMi9ENVVxSi04LThuenFDTVY5SUNvNEJwN0xX
RUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Q1VXFKLTgtOG56cUNNVjlJQ280QnA3TFdFQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzJBRUIvRUYyOUJBMkExREExMTFFMjg2OEI2ODk0MDhCMDJDRDIvNTE0REJERkM5
OEM3MTFFQUEwQ0ZFNTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJn5mgDBAJ7/YQDBADKBK0wDQYJKoZIhvcNAQELBQADggEB
AE6PmVwEpuf5dyj+iOIM76jacDB3g2I8AHWF1x78wxGZ+6DWPm+G8gZN5vPztmfe
XFS/yPCFIa2uy84yuds/qQkTyUNpFhmJTvmCdJl2lqPI7He4SdyLsd4iX3JdRRHO
JBNa+uNTUm/RRGEmiJ9h+s+BuZu87COU2/BR3EdNnUxXiWtOTJoEdkfEdd2ox2sd
JDUsGu1Dm7iWG4CJTrKSwwYYYe2JOUTsdNND+jICq+MkXYxG6/D6AusBQ0z2LHBs
8+6q6EBJiW6dM0dAkUvC1lY9jJd04qGTIZqNO04E7jXBviFqNgdjF421ig4NpTjZ
j0WgFd+pS3GwCiihZoi0YHo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:03:52 2025 by rpki-client