Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/D4378BBA268311EE9BB21413C4F9AE02.roa
File: D4378BBA268311EE9BB21413C4F9AE02.roa (raw, json)
Hash identifier: Fn/SXrKcwrvikRaZqbM9UmvxwM1m/am9+sz8PJUtJeA=
Subject key identifier: EF:3A:EF:69:E3:36:D7:A2:2B:D6:7C:74:55:1F:7F:C1:6E:B4:54:49
Certificate issuer: /CN=A913DE7A/serialNumber=BFD41FCFD2561B53AC4CD2F83D11B0470A66A055
Certificate serial: 09B3
Authority key identifier: BF:D4:1F:CF:D2:56:1B:53:AC:4C:D2:F8:3D:11:B0:47:0A:66:A0:55
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/D4378BBA268311EE9BB21413C4F9AE02.roa
Signing time: Sat 08 Mar 2025 20:10:41 +0000
ROA not before: Sat 08 Mar 2025 20:10:41 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 141342
IP address blocks: 103.82.252.0/24 maxlen: 24
103.82.253.0/24 maxlen: 24
103.82.254.0/24 maxlen: 24
103.82.255.0/24 maxlen: 24
125.62.88.0/24 maxlen: 24
125.62.89.0/24 maxlen: 24
125.62.90.0/24 maxlen: 24
125.62.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2483 (0x9b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913DE7A
Validity
Not Before: Mar 8 20:10:41 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67cca441-69c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:2d:b4:e9:83:a3:fa:34:63:15:06:7b:53:02:
fd:a5:c7:56:41:23:b3:dc:de:ab:28:17:57:f3:31:
4a:a3:f6:ba:8b:d3:84:e5:ab:03:90:4e:cc:27:c0:
25:12:d2:f7:21:e0:34:71:39:20:fa:69:0f:b1:7d:
44:87:c0:58:c7:77:ed:ec:6e:b9:38:a6:61:ea:fe:
3f:26:bf:dd:41:db:12:41:0e:a1:63:3c:9a:62:93:
3d:dc:c8:02:0c:6a:f7:a7:d0:26:e7:0f:38:6a:e2:
41:f1:11:fe:84:05:19:7e:64:74:54:2e:1c:93:52:
60:fd:e4:d2:27:e7:f0:d7:df:50:91:7e:11:cc:65:
28:7c:66:fc:c0:15:be:d2:c8:f3:f4:9f:8a:c4:2d:
6c:33:2a:ed:69:b3:26:68:e1:e0:23:dc:73:5c:1c:
fd:ab:4d:04:dd:05:02:7e:be:22:e1:74:2e:88:0d:
12:9b:c6:f3:1c:59:ad:eb:95:90:32:04:3f:5c:c4:
db:58:29:ae:72:38:8c:51:23:41:ba:ab:70:0d:8e:
f7:04:75:cc:72:ca:13:05:d6:87:4b:17:29:c8:29:
df:42:d5:0a:ef:92:dd:d3:74:9e:d0:f9:5f:3d:70:
1c:94:50:61:52:ab:b7:f4:cb:b3:cb:94:ce:72:d3:
5e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:3A:EF:69:E3:36:D7:A2:2B:D6:7C:74:55:1F:7F:C1:6E:B4:54:49
X509v3 Authority Key Identifier:
keyid:BF:D4:1F:CF:D2:56:1B:53:AC:4C:D2:F8:3D:11:B0:47:0A:66:A0:55
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/D4378BBA268311EE9BB21413C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.252.0/22
125.62.88.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:df:fe:be:8f:93:19:a6:c9:e5:84:bf:b4:44:86:3b:04:e1:
2c:8e:65:2f:c5:5f:53:f3:34:8e:7b:8b:2c:ac:9f:3d:b7:d7:
b0:33:97:b1:4a:dd:31:93:20:06:04:bf:c2:fc:c3:29:72:f9:
0d:b9:7a:a3:a3:94:e9:27:e4:29:65:bc:f9:d3:38:17:88:e2:
aa:4c:87:6e:5d:cf:ed:1b:78:d5:3c:25:24:17:ad:2e:5e:93:
4c:ef:19:e5:63:6c:54:b9:29:9d:78:f8:23:0c:6e:4b:5f:e2:
a5:74:b9:89:47:4e:ab:04:ea:7e:49:52:47:9b:f3:28:33:96:
00:67:57:7c:9a:ec:c9:29:9a:ff:13:a0:24:8f:77:84:3c:40:
1a:c9:ef:68:be:c0:3d:8f:92:e5:f7:eb:88:5f:81:51:71:35:
db:0b:a9:4f:9a:3d:60:e2:0b:40:4a:70:44:ac:db:0a:a1:ef:
33:83:97:c6:94:ea:2b:88:63:3b:37:e4:7c:64:e3:7d:27:e6:
9b:73:92:98:8b:6b:a2:c3:5a:ba:fb:fd:e0:8e:55:1d:0b:1a:
1d:13:34:e4:bb:2a:78:f7:e1:64:9c:37:05:94:16:cc:a4:ff:
7a:0b:62:0e:3f:e5:41:64:14:19:36:36:85:ef:e5:bf:a4:38:
ba:d6:1f:1c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0RFN0ExMTAvBgNVBAUTKEJGRDQxRkNGRDI1NjFCNTNBQzRDRDJGODNEMTFCMDQ3
MEE2NkEwNTUwHhcNMjUwMzA4MjAxMDQxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NjYTQ0MS02OWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7S206YOj+jRjFQZ7UwL9pcdWQSOz3N6rKBdX8zFKo/a6i9OE5asDkE7MJ8Al
EtL3IeA0cTkg+mkPsX1Eh8BYx3ft7G65OKZh6v4/Jr/dQdsSQQ6hYzyaYpM93MgC
DGr3p9Am5w84auJB8RH+hAUZfmR0VC4ck1Jg/eTSJ+fw199QkX4RzGUofGb8wBW+
0sjz9J+KxC1sMyrtabMmaOHgI9xzXBz9q00E3QUCfr4i4XQuiA0Sm8bzHFmt65WQ
MgQ/XMTbWCmucjiMUSNBuqtwDY73BHXMcsoTBdaHSxcpyCnfQtUK75Ld03Se0Plf
PXAclFBhUqu39Muzy5TOctNe8QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFO8672nj
NteiK9Z8dFUff8FutFRJMB8GA1UdIwQYMBaAFL/UH8/SVhtTrEzS+D0RsEcKZqBV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzREU3QS9CQzcxRUNDNjhE
NDUxMUVBODdGQUY4NThDNEY5QUUwMi92OVFmejlKV0cxT3NUTkw0UFJHd1J3cG1v
RlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Y5UWZ6OUpXRzFPc1ROTDRQUkd3UndwbW9GVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0RFN0EvQkM3MUVDQzY4RDQ1MTFFQTg3RkFGODU4QzRGOUFFMDIvRDQzNzhCQkEy
NjgzMTFFRTlCQjIxNDEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUvwDBAJ9PlgwDQYJKoZIhvcNAQELBQADggEBAGvf/r6P
kxmmyeWEv7REhjsE4SyOZS/FX1PzNI57iyysnz2317Azl7FK3TGTIAYEv8L8wyly
+Q25eqOjlOkn5CllvPnTOBeI4qpMh25dz+0beNU8JSQXrS5ek0zvGeVjbFS5KZ14
+CMMbktf4qV0uYlHTqsE6n5JUkeb8ygzlgBnV3ya7Mkpmv8ToCSPd4Q8QBrJ72i+
wD2PkuX364hfgVFxNdsLqU+aPWDiC0BKcESs2wqh7zODl8aU6iuIYzs35Hxk430n
5ptzkpiLa6LDWrr7/eCOVR0LGh0TNOS7Knj34WScNwWUFsyk/3oLYg4/5UFkFBk2
NoXv5b+kOLrWHxw=
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:26:51 2025 by rpki-client