Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/2C93BE18FC3011EFBC278532C4F9AE02.roa
File: 2C93BE18FC3011EFBC278532C4F9AE02.roa (raw, json)
Hash identifier: DedeFC+K4yJi9n9A43rFGNuqEd2YYfg1kJuC4ezjkjM=
Subject key identifier: 56:9B:BF:18:EE:FC:53:88:92:CB:ED:D5:B0:C8:2D:8F:A9:76:45:18
Certificate issuer: /CN=A9161DF8/serialNumber=3FBC3AF43102CEDA4FA0F7FA9BD91B2D65346D6E
Certificate serial: 0219
Authority key identifier: 3F:BC:3A:F4:31:02:CE:DA:4F:A0:F7:FA:9B:D9:1B:2D:65:34:6D:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7w69DECztpPoPf6m9kbLWU0bW4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/2C93BE18FC3011EFBC278532C4F9AE02.roa
Signing time: Sat 08 Mar 2025 18:33:15 +0000
ROA not before: Sat 08 Mar 2025 18:33:15 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 150311
IP address blocks: 103.250.28.0/23 maxlen: 23
103.250.28.0/24 maxlen: 24
103.250.29.0/24 maxlen: 24
2001:df1:4540::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 537 (0x219)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161DF8
Validity
Not Before: Mar 8 18:33:15 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67cc8d6a-c170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c4:17:b2:3b:e9:5c:fd:66:7b:69:bc:70:bd:
c7:6f:30:58:80:7c:47:5c:c2:61:1b:08:bb:e3:41:
d6:08:25:36:3f:8d:a1:88:34:02:69:0a:a2:cf:e8:
b6:52:1d:55:34:0c:b8:f2:c6:e5:b4:d1:98:f1:cf:
cc:9c:3a:8e:31:e8:f6:cc:18:6e:38:e8:6b:3f:0f:
a3:06:8c:a0:60:e5:ce:73:1f:f9:1f:6c:09:04:96:
97:5a:2f:6f:83:63:33:85:55:41:45:0a:1b:3f:49:
14:96:d3:5e:65:a6:bf:c9:ba:22:9a:4a:14:81:44:
ec:7e:0d:35:3f:68:95:b6:b5:5b:5e:de:bf:4c:fe:
29:d4:ec:a8:c7:f5:2c:13:25:e4:be:25:fe:09:63:
f8:f5:29:b0:82:e2:d7:b3:14:64:4b:8a:8e:d8:23:
11:ae:f0:87:c9:49:84:71:bb:e6:59:17:ee:7c:ed:
3c:63:02:d4:79:1e:e9:21:12:26:e8:58:10:e1:7e:
3a:4b:0d:c3:69:55:74:d4:29:eb:e7:a5:66:42:70:
95:f7:06:e9:10:e2:21:ac:16:02:af:e3:ab:12:62:
09:a3:17:eb:e5:4e:eb:04:e6:b0:3e:60:9f:4c:5a:
0f:c5:e6:c2:96:51:1a:a6:34:8a:a3:48:27:9d:4b:
18:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:9B:BF:18:EE:FC:53:88:92:CB:ED:D5:B0:C8:2D:8F:A9:76:45:18
X509v3 Authority Key Identifier:
keyid:3F:BC:3A:F4:31:02:CE:DA:4F:A0:F7:FA:9B:D9:1B:2D:65:34:6D:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/P7w69DECztpPoPf6m9kbLWU0bW4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7w69DECztpPoPf6m9kbLWU0bW4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/2C93BE18FC3011EFBC278532C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.250.28.0/23
IPv6:
2001:df1:4540::/48
Signature Algorithm: sha256WithRSAEncryption
3e:83:19:93:4d:3e:c7:d9:ee:53:65:92:12:dd:26:02:da:ff:
87:d6:13:24:93:e9:a9:71:5d:d6:fa:8a:e9:9d:76:7b:56:a5:
56:2d:b8:14:28:97:47:0b:15:0c:76:1a:2f:53:a2:e2:b1:ed:
3d:fb:0a:79:ec:f6:82:0a:0c:1b:8a:c3:3d:40:8a:04:bc:4a:
bf:69:0e:30:6c:bc:60:9d:98:61:d1:89:05:e9:6f:2b:cf:ee:
e0:89:2e:8e:e4:e7:fa:10:8b:2a:3e:e7:31:81:b5:4d:84:2a:
4a:99:68:32:7f:b6:7f:92:9e:9d:18:35:65:5b:b6:73:d4:7a:
aa:51:09:6a:be:42:ec:72:d5:9b:20:3f:50:c2:1b:5a:58:44:
4c:1c:83:d7:05:37:d7:62:df:c9:18:83:41:d9:cb:4c:35:e1:
18:8a:7a:2a:f7:72:50:21:f6:fb:8c:b3:57:cb:b7:ee:18:6d:
4e:15:b2:1a:32:4d:a7:8c:00:60:49:c0:77:86:ff:83:e5:ee:
59:41:f3:d3:21:8b:c2:04:50:99:cd:2d:46:3b:c7:a9:f9:02:
2e:e9:ea:22:7d:1b:b4:80:13:cf:26:4b:dc:1e:5a:f8:e8:9b:
e5:d0:dd:c6:fb:0b:b0:89:75:d3:b3:f5:08:ae:ec:13:62:2c:
59:49:e6:ec
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAhkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjFERjgxMTAvBgNVBAUTKDNGQkMzQUY0MzEwMkNFREE0RkEwRjdGQTlCRDkxQjJE
NjUzNDZENkUwHhcNMjUwMzA4MTgzMzE1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NjOGQ2YS1jMTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA28QXsjvpXP1me2m8cL3HbzBYgHxHXMJhGwi740HWCCU2P42hiDQCaQqiz+i2
Uh1VNAy48sbltNGY8c/MnDqOMej2zBhuOOhrPw+jBoygYOXOcx/5H2wJBJaXWi9v
g2MzhVVBRQobP0kUltNeZaa/yboimkoUgUTsfg01P2iVtrVbXt6/TP4p1Oyox/Us
EyXkviX+CWP49SmwguLXsxRkS4qO2CMRrvCHyUmEcbvmWRfufO08YwLUeR7pIRIm
6FgQ4X46Sw3DaVV01Cnr56VmQnCV9wbpEOIhrBYCr+OrEmIJoxfr5U7rBOawPmCf
TFoPxebCllEapjSKo0gnnUsYHwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFFabvxju
/FOIksvt1bDILY+pdkUYMB8GA1UdIwQYMBaAFD+8OvQxAs7aT6D3+pvZGy1lNG1u
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MURGOC8yNkU1MzExNDU1
MDYxMUVEOTUwNkMwNDVDNEY5QUUwMi9QN3c2OURFQ3p0cFBvUGY2bTlrYkxXVTBi
VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1A3dzY5REVDenRwUG9QZjZtOWtiTFdVMGJXNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjFERjgvMjZFNTMxMTQ1NTA2MTFFRDk1MDZDMDQ1QzRGOUFFMDIvMkM5M0JFMThG
QzMwMTFFRkJDMjc4NTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFn+hwwDwQCAAIwCQMHACABDfFFQDANBgkqhkiG9w0BAQsF
AAOCAQEAPoMZk00+x9nuU2WSEt0mAtr/h9YTJJPpqXFd1vqK6Z12e1alVi24FCiX
RwsVDHYaL1Oi4rHtPfsKeez2ggoMG4rDPUCKBLxKv2kOMGy8YJ2YYdGJBelvK8/u
4IkujuTn+hCLKj7nMYG1TYQqSploMn+2f5KenRg1ZVu2c9R6qlEJar5C7HLVmyA/
UMIbWlhETByD1wU312LfyRiDQdnLTDXhGIp6KvdyUCH2+4yzV8u37hhtThWyGjJN
p4wAYEnAd4b/g+XuWUHz0yGLwgRQmc0tRjvHqfkCLunqIn0btIATzyZL3B5a+Oib
5dDdxvsLsIl107P1CK7sE2IsWUnm7A==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:43:05 2025 by rpki-client