Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/4865DD00A13B11E687921078C4F9AE02.roa
File: 4865DD00A13B11E687921078C4F9AE02.roa (raw, json)
Hash identifier: MaFWYkY2HcnSI16cq7zrf3Xg1TMrKe+K2OOU5n2vPcU=
Subject key identifier: 19:D2:62:60:0E:1C:36:98:82:AE:72:13:1A:14:C1:29:31:8B:77:1A
Certificate issuer: /CN=A91561B7/serialNumber=E4713C1B9D75759295AF64CDFBA62B70DB9A0537
Certificate serial: 1D79
Authority key identifier: E4:71:3C:1B:9D:75:75:92:95:AF:64:CD:FB:A6:2B:70:DB:9A:05:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5HE8G511dZKVr2TN-6YrcNuaBTc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/4865DD00A13B11E687921078C4F9AE02.roa
Signing time: Thu 20 Feb 2025 16:53:36 +0000
ROA not before: Thu 20 Feb 2025 16:53:36 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133896
IP address blocks: 103.46.216.0/22 maxlen: 22
103.46.216.0/23 maxlen: 23
103.46.216.0/24 maxlen: 24
103.46.217.0/24 maxlen: 24
103.46.218.0/23 maxlen: 23
103.46.218.0/24 maxlen: 24
103.46.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7545 (0x1d79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91561B7
Validity
Not Before: Feb 20 16:53:36 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67b75e0f-fdd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:36:b5:ad:c7:a3:c5:0e:77:6d:21:00:c8:55:
a2:f4:50:b2:75:38:76:c2:e5:80:f9:17:52:77:94:
50:26:fe:59:4b:ec:25:b1:c6:63:58:6b:67:63:0b:
f4:62:13:3e:f3:dd:56:16:fa:07:d3:4d:6d:ff:50:
b6:a5:2a:87:39:f2:91:95:32:91:cf:9e:ab:b9:1c:
a7:02:46:e0:38:7a:88:63:16:24:5f:59:15:9d:99:
34:2d:49:3c:be:33:cf:48:8b:cf:7b:a8:dc:e7:81:
99:96:f7:9e:05:b6:3e:2d:5f:44:50:7d:8f:66:47:
4c:22:3a:f1:43:b7:9c:a5:90:2a:e0:43:ee:45:43:
f9:00:a5:a8:07:4a:9e:16:ca:95:53:5c:df:18:5a:
9e:c0:0b:22:4b:54:29:0f:8c:c7:f1:30:e2:5d:60:
21:08:74:42:21:4c:3f:87:35:21:ae:cc:da:bd:9e:
15:79:c7:9c:68:8e:d4:68:77:54:68:0f:7c:13:4c:
77:b4:0c:01:eb:9e:ca:47:c5:c2:b3:db:c3:10:47:
7c:3c:cf:e3:92:6a:87:98:75:95:85:a7:c4:48:a7:
27:4e:44:9f:d8:01:8f:f1:94:9e:4e:ac:1e:df:18:
5c:7c:b2:1e:66:5c:7c:9f:6a:98:06:d9:02:dd:f2:
43:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:D2:62:60:0E:1C:36:98:82:AE:72:13:1A:14:C1:29:31:8B:77:1A
X509v3 Authority Key Identifier:
keyid:E4:71:3C:1B:9D:75:75:92:95:AF:64:CD:FB:A6:2B:70:DB:9A:05:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/5HE8G511dZKVr2TN-6YrcNuaBTc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5HE8G511dZKVr2TN-6YrcNuaBTc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/4865DD00A13B11E687921078C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.46.216.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:22:2e:c4:be:89:91:57:37:69:45:9a:7c:f1:16:c7:32:9e:
01:0a:b4:d4:06:10:13:ea:ce:1c:6a:ed:80:95:06:2c:47:c0:
95:a5:b4:54:79:6c:22:6f:1d:60:cf:a2:2e:89:e9:e7:55:1f:
fd:f8:e7:d9:8b:e7:4e:80:5e:9a:16:de:8f:c5:1e:cf:92:9e:
3c:65:6d:c6:3d:d3:93:4f:7c:e8:7e:37:3c:82:ce:dd:e8:05:
1b:ca:01:0c:71:52:f7:5d:e9:1d:81:aa:11:a6:af:a2:01:6d:
d3:96:d9:a4:b3:b0:91:2a:27:67:4c:db:d6:b3:2e:e9:6c:55:
be:30:72:42:45:2f:02:df:9d:83:14:3c:ef:1d:1a:49:98:b9:
91:9e:eb:84:cf:f4:1e:21:61:6d:c3:01:35:17:b5:8e:48:62:
db:f8:84:44:38:16:50:47:30:45:11:09:0b:97:86:9c:0f:6b:
87:c9:cf:58:5a:9f:62:6a:de:0f:be:cb:df:41:3d:6f:47:3d:
09:5b:d1:9b:c9:12:2b:87:44:1f:67:a1:5d:5c:f8:4b:dd:61:
15:dc:81:57:d0:54:c3:5a:c3:90:b0:5d:b9:f9:2f:bd:67:0f:
4e:d7:7f:fc:35:ab:bb:e5:68:42:0c:38:f5:fb:5f:44:53:5e:
59:eb:b8:b2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHXkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTYxQjcxMTAvBgNVBAUTKEU0NzEzQzFCOUQ3NTc1OTI5NUFGNjRDREZCQTYyQjcw
REI5QTA1MzcwHhcNMjUwMjIwMTY1MzM2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I3NWUwZi1mZGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuDa1rcejxQ53bSEAyFWi9FCydTh2wuWA+RdSd5RQJv5ZS+wlscZjWGtnYwv0
YhM+891WFvoH001t/1C2pSqHOfKRlTKRz56ruRynAkbgOHqIYxYkX1kVnZk0LUk8
vjPPSIvPe6jc54GZlveeBbY+LV9EUH2PZkdMIjrxQ7ecpZAq4EPuRUP5AKWoB0qe
FsqVU1zfGFqewAsiS1QpD4zH8TDiXWAhCHRCIUw/hzUhrszavZ4VececaI7UaHdU
aA98E0x3tAwB657KR8XCs9vDEEd8PM/jkmqHmHWVhafESKcnTkSf2AGP8ZSeTqwe
3xhcfLIeZlx8n2qYBtkC3fJDfwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBnSYmAO
HDaYgq5yExoUwSkxi3caMB8GA1UdIwQYMBaAFORxPBuddXWSla9kzfumK3DbmgU3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjFCNy81RkExRUQzMDlF
RjAxMUU2ODExMDI3MzNDNEY5QUUwMi81SEU4RzUxMWRaS1ZyMlROLTZZcmNOdWFC
VGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVIRThHNTExZFpLVnIyVE4tNllyY051YUJUYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTYxQjcvNUZBMUVEMzA5RUYwMTFFNjgxMTAyNzMzQzRGOUFFMDIvNDg2NUREMDBB
MTNCMTFFNjg3OTIxMDc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnLtgwDQYJKoZIhvcNAQELBQADggEBAKAiLsS+iZFXN2lF
mnzxFscyngEKtNQGEBPqzhxq7YCVBixHwJWltFR5bCJvHWDPoi6J6edVH/3459mL
506AXpoW3o/FHs+SnjxlbcY905NPfOh+NzyCzt3oBRvKAQxxUvdd6R2BqhGmr6IB
bdOW2aSzsJEqJ2dM29azLulsVb4wckJFLwLfnYMUPO8dGkmYuZGe64TP9B4hYW3D
ATUXtY5IYtv4hEQ4FlBHMEURCQuXhpwPa4fJz1han2Jq3g++y99BPW9HPQlb0ZvJ
EiuHRB9noV1c+EvdYRXcgVfQVMNaw5CwXbn5L71nD07Xf/w1q7vlaEIMOPX7X0RT
XlnruLI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:56:56 2025 by rpki-client