Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D529/20CF2E14C36011E98A5C026DC4F9AE02/1E573054C36111E9A37AC46EC4F9AE02.roa
File: 1E573054C36111E9A37AC46EC4F9AE02.roa (raw, json)
Hash identifier: dbAsxfzu6f+yImX351fMIh4a0dyPHR7GYgrAqsT4PFg=
Subject key identifier: 6D:09:16:10:3F:4C:45:C2:B7:82:E3:46:A4:83:D1:83:4D:6B:78:90
Certificate issuer: /CN=A915D529/serialNumber=C98AFBB4BB9AE9B1A27A3DD3AD5956B34EDA9C63
Certificate serial: 0CF2
Authority key identifier: C9:8A:FB:B4:BB:9A:E9:B1:A2:7A:3D:D3:AD:59:56:B3:4E:DA:9C:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yYr7tLua6bGiej3TrVlWs07anGM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D529/20CF2E14C36011E98A5C026DC4F9AE02/1E573054C36111E9A37AC46EC4F9AE02.roa
Signing time: Fri 14 Jun 2024 19:42:41 +0000
ROA not before: Fri 14 Jun 2024 19:42:41 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 58976
IP address blocks: 103.29.28.0/24 maxlen: 24
103.250.31.0/24 maxlen: 24
2001:df7:6000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3314 (0xcf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D529
Validity
Not Before: Jun 14 19:42:41 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=666c9d30-7c86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:09:9e:69:40:58:34:e5:92:11:e1:19:10:a5:
5a:2b:d0:22:08:0e:b9:6a:85:c4:a0:e4:6a:c1:03:
19:82:b2:15:00:d8:a1:1c:31:7e:7b:57:33:7a:1f:
dd:7b:c5:cd:2b:1f:06:c3:30:05:78:6b:1a:fd:6b:
f6:0d:a0:3d:db:6d:0b:db:f6:95:4f:c9:76:e8:01:
d3:97:d2:62:d3:27:5d:61:d9:7f:8c:90:a0:e3:e5:
77:75:ec:e7:ec:64:f6:58:bb:1e:5e:5d:89:de:80:
e1:7a:87:a2:51:c1:2d:ca:d9:5f:8b:9d:c9:1d:45:
b2:7d:1d:e5:f0:97:05:a0:da:6c:5e:51:27:9b:8e:
78:5d:2e:19:84:9e:0e:d5:7e:eb:d4:ad:30:c5:4e:
0d:e6:a4:b6:66:d9:ea:b8:2f:84:7b:32:0c:41:9c:
47:34:c7:3b:36:fc:77:b0:ea:f6:ec:c6:b0:bf:6e:
de:1b:79:ba:a5:64:7b:73:9b:b4:1a:ad:08:0a:61:
e5:f6:31:e4:36:14:c5:92:de:15:74:96:04:e4:29:
05:86:d3:91:ca:2e:25:ec:45:97:8f:1d:6a:88:67:
6c:c3:a8:66:9a:26:ba:93:24:fe:03:d3:27:ae:cf:
f7:7b:93:42:52:03:53:1f:96:8d:fc:42:20:1a:eb:
d3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:09:16:10:3F:4C:45:C2:B7:82:E3:46:A4:83:D1:83:4D:6B:78:90
X509v3 Authority Key Identifier:
keyid:C9:8A:FB:B4:BB:9A:E9:B1:A2:7A:3D:D3:AD:59:56:B3:4E:DA:9C:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D529/20CF2E14C36011E98A5C026DC4F9AE02/yYr7tLua6bGiej3TrVlWs07anGM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yYr7tLua6bGiej3TrVlWs07anGM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D529/20CF2E14C36011E98A5C026DC4F9AE02/1E573054C36111E9A37AC46EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.29.28.0/24
103.250.31.0/24
IPv6:
2001:df7:6000::/48
Signature Algorithm: sha256WithRSAEncryption
0e:26:d9:52:95:d7:86:24:79:5a:f8:05:85:70:f7:bc:f8:15:
75:ee:20:62:9b:65:77:31:e1:b8:85:77:67:5e:f5:d7:ca:0a:
e2:57:cd:0f:44:da:30:58:f5:92:0c:69:43:c9:77:b5:68:98:
1c:2f:fb:1a:40:11:c1:97:5e:90:a6:e8:a2:62:3c:d4:17:c1:
e0:d1:35:fc:bb:0e:81:93:5b:b6:8b:10:60:00:e2:f2:a4:bf:
08:71:28:db:1d:09:1b:94:8b:48:6c:bb:00:97:3e:33:30:dd:
a7:d5:9d:dd:69:95:db:e0:9d:05:c5:9a:bc:fd:43:e5:86:b6:
ac:ae:c9:54:62:f7:20:9f:b7:88:b9:c8:4e:2a:af:c2:24:ab:
73:1b:34:12:c5:81:b8:39:45:22:c0:ed:72:d5:96:74:8f:b4:
11:7a:cc:63:ad:da:9a:c0:db:73:5d:39:4b:4b:22:6e:d7:e1:
b0:da:60:26:8f:a4:da:c7:5a:b8:04:a3:0f:f3:69:e2:c1:6f:
c8:08:13:6a:01:49:8a:c7:12:28:de:a4:71:f7:d2:ff:3e:92:
85:86:21:f8:84:62:d9:2e:f1:53:9d:b1:2a:5a:8b:ab:5d:62:
1d:e3:4d:95:d1:75:f2:8a:e0:59:16:df:91:6d:af:e8:3f:47:
15:39:6b:a1
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICDPIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQ1MjkxMTAvBgNVBAUTKEM5OEFGQkI0QkI5QUU5QjFBMjdBM0REM0FENTk1NkIz
NEVEQTlDNjMwHhcNMjQwNjE0MTk0MjQxWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZjOWQzMC03Yzg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4wmeaUBYNOWSEeEZEKVaK9AiCA65aoXEoORqwQMZgrIVANihHDF+e1czeh/d
e8XNKx8GwzAFeGsa/Wv2DaA9220L2/aVT8l26AHTl9Ji0yddYdl/jJCg4+V3dezn
7GT2WLseXl2J3oDheoeiUcEtytlfi53JHUWyfR3l8JcFoNpsXlEnm454XS4ZhJ4O
1X7r1K0wxU4N5qS2ZtnquC+EezIMQZxHNMc7Nvx3sOr27Mawv27eG3m6pWR7c5u0
Gq0ICmHl9jHkNhTFkt4VdJYE5CkFhtORyi4l7EWXjx1qiGdsw6hmmia6kyT+A9Mn
rs/3e5NCUgNTH5aN/EIgGuvTEQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFG0JFhA/
TEXCt4LjRqSD0YNNa3iQMB8GA1UdIwQYMBaAFMmK+7S7mumxono9061ZVrNO2pxj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDUyOS8yMENGMkUxNEMz
NjAxMUU5OEE1QzAyNkRDNEY5QUUwMi95WXI3dEx1YTZiR2llajNUclZsV3MwN2Fu
R00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lZcjd0THVhNmJHaWVqM1RyVmxXczA3YW5HTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQ1MjkvMjBDRjJFMTRDMzYwMTFFOThBNUMwMjZEQzRGOUFFMDIvMUU1NzMwNTRD
MzYxMTFFOUEzN0FDNDZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnHRwDBABn+h8wDwQCAAIwCQMHACABDfdgADANBgkqhkiG
9w0BAQsFAAOCAQEADibZUpXXhiR5WvgFhXD3vPgVde4gYptldzHhuIV3Z17118oK
4lfND0TaMFj1kgxpQ8l3tWiYHC/7GkARwZdekKboomI81BfB4NE1/LsOgZNbtosQ
YADi8qS/CHEo2x0JG5SLSGy7AJc+MzDdp9Wd3WmV2+CdBcWavP1D5Ya2rK7JVGL3
IJ+3iLnITiqvwiSrcxs0EsWBuDlFIsDtctWWdI+0EXrMY63amsDbc105S0sibtfh
sNpgJo+k2sdauASjD/Np4sFvyAgTagFJiscSKN6kcffS/z6ShYYh+IRi2S7xU52x
KlqLq11iHeNNldF18orgWRbfkW2v6D9HFTlroQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:04:21 2025 by rpki-client