Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/845D92BAFC5111EFA8505536C4F9AE02.roa
File: 845D92BAFC5111EFA8505536C4F9AE02.roa (raw, json)
Hash identifier: b6MhCI2q2jPGB8Vadu+OAGml/y/4nQ509qbcxbzKawM=
Subject key identifier: BD:98:98:58:7D:37:8F:88:D3:78:DF:EE:11:A0:4C:BD:45:88:D8:75
Certificate issuer: /CN=A9161DF8/serialNumber=3FBC3AF43102CEDA4FA0F7FA9BD91B2D65346D6E
Certificate serial: 021C
Authority key identifier: 3F:BC:3A:F4:31:02:CE:DA:4F:A0:F7:FA:9B:D9:1B:2D:65:34:6D:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7w69DECztpPoPf6m9kbLWU0bW4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/845D92BAFC5111EFA8505536C4F9AE02.roa
Signing time: Sat 08 Mar 2025 19:14:12 +0000
ROA not before: Sat 08 Mar 2025 19:14:12 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 150311
IP address blocks: 103.250.28.0/24 maxlen: 24
103.250.29.0/24 maxlen: 24
2001:df1:4540::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 540 (0x21c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161DF8
Validity
Not Before: Mar 8 19:14:12 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67cc9703-980c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:23:c8:9d:ed:06:1b:89:45:14:8f:45:e4:aa:
26:61:41:1c:72:07:95:68:55:01:e0:cd:fd:1b:2b:
fe:d1:95:78:7d:69:de:0f:34:3a:73:b8:9e:b7:1e:
25:9e:1c:2b:6f:3b:85:87:a7:36:1d:98:16:bc:c8:
49:c2:62:d7:7e:b2:af:b8:9f:0f:4b:d4:7b:99:98:
1f:b4:e6:e7:7b:1d:13:ee:73:91:f8:d0:6b:25:c9:
71:7b:27:33:2f:a3:4b:68:e3:05:44:9e:fb:9a:36:
9f:d5:86:c9:39:e0:bf:b7:4d:76:5f:4d:f1:9a:01:
55:82:43:2c:bc:2f:74:b1:ba:3c:63:1c:37:c2:4f:
3e:0a:05:84:09:18:97:87:62:be:b6:b8:f0:da:35:
25:af:2c:60:68:86:f3:e2:8e:01:18:8e:64:58:36:
a1:ba:8d:4a:02:97:9a:2c:9d:82:52:c4:4f:52:7f:
ce:ff:05:42:ff:7f:57:a3:de:cc:13:f1:82:1e:4b:
f9:8c:86:13:50:13:7b:ee:0d:fa:2d:d2:a4:a4:c2:
91:62:14:05:aa:68:c3:d8:b2:cc:d2:ce:03:a6:9a:
12:b3:30:a3:ee:11:09:c4:3a:99:db:b1:b5:67:99:
bd:3d:3f:23:2a:96:10:77:5a:1b:df:0c:37:a7:48:
04:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:98:98:58:7D:37:8F:88:D3:78:DF:EE:11:A0:4C:BD:45:88:D8:75
X509v3 Authority Key Identifier:
keyid:3F:BC:3A:F4:31:02:CE:DA:4F:A0:F7:FA:9B:D9:1B:2D:65:34:6D:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/P7w69DECztpPoPf6m9kbLWU0bW4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7w69DECztpPoPf6m9kbLWU0bW4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/845D92BAFC5111EFA8505536C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.250.28.0/23
IPv6:
2001:df1:4540::/48
Signature Algorithm: sha256WithRSAEncryption
56:60:1f:d3:bf:64:ff:82:b2:53:66:76:d4:ad:7b:a1:ee:ff:
51:8b:8f:d4:a3:2c:69:14:b9:fa:ae:f8:87:59:07:9e:a7:c2:
ef:33:2d:02:dd:13:2f:d3:0a:88:62:69:ac:d7:99:7b:d1:5d:
ff:6c:ac:8c:01:c2:83:d4:c6:4e:78:bb:4c:56:be:00:bd:e6:
5d:f2:e0:b6:9c:56:7f:da:89:74:10:ba:31:88:81:43:ee:f3:
c8:84:7b:9b:e6:8f:78:0b:c9:36:71:c9:11:df:7d:4e:b6:db:
ae:1c:86:cb:33:82:fe:0e:08:08:b1:c2:de:c9:5c:d3:9b:13:
d3:1a:2c:d2:86:c5:cd:ad:c6:f1:0b:58:59:68:bd:5c:f9:9b:
fa:78:6f:33:86:d3:f7:88:a0:6f:5d:ed:94:92:9f:f3:34:b6:
eb:ac:71:ae:8c:c5:00:77:52:72:f8:e7:25:c3:63:92:7e:45:
63:4d:ba:d3:87:2a:7a:8e:ae:49:ba:a4:03:14:51:ee:c9:f0:
d2:34:0d:e0:60:d3:96:03:1b:98:d7:2e:0f:97:86:98:3e:96:
8b:c6:83:fe:2a:3f:c0:ff:be:c4:0c:9e:a2:06:bc:70:7a:e4:
d6:3b:20:a8:34:5c:37:40:31:ab:84:34:62:69:2d:09:f8:e8:
ee:57:44:c1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAhwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjFERjgxMTAvBgNVBAUTKDNGQkMzQUY0MzEwMkNFREE0RkEwRjdGQTlCRDkxQjJE
NjUzNDZENkUwHhcNMjUwMzA4MTkxNDEyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NjOTcwMy05ODBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoCPIne0GG4lFFI9F5KomYUEccgeVaFUB4M39Gyv+0ZV4fWneDzQ6c7ietx4l
nhwrbzuFh6c2HZgWvMhJwmLXfrKvuJ8PS9R7mZgftObnex0T7nOR+NBrJclxeycz
L6NLaOMFRJ77mjaf1YbJOeC/t012X03xmgFVgkMsvC90sbo8Yxw3wk8+CgWECRiX
h2K+trjw2jUlryxgaIbz4o4BGI5kWDahuo1KApeaLJ2CUsRPUn/O/wVC/39Xo97M
E/GCHkv5jIYTUBN77g36LdKkpMKRYhQFqmjD2LLM0s4DppoSszCj7hEJxDqZ27G1
Z5m9PT8jKpYQd1ob3ww3p0gEuQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFL2YmFh9
N4+I03jf7hGgTL1FiNh1MB8GA1UdIwQYMBaAFD+8OvQxAs7aT6D3+pvZGy1lNG1u
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MURGOC8yNkU1MzExNDU1
MDYxMUVEOTUwNkMwNDVDNEY5QUUwMi9QN3c2OURFQ3p0cFBvUGY2bTlrYkxXVTBi
VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1A3dzY5REVDenRwUG9QZjZtOWtiTFdVMGJXNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjFERjgvMjZFNTMxMTQ1NTA2MTFFRDk1MDZDMDQ1QzRGOUFFMDIvODQ1RDkyQkFG
QzUxMTFFRkE4NTA1NTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFn+hwwDwQCAAIwCQMHACABDfFFQDANBgkqhkiG9w0BAQsF
AAOCAQEAVmAf079k/4KyU2Z21K17oe7/UYuP1KMsaRS5+q74h1kHnqfC7zMtAt0T
L9MKiGJprNeZe9Fd/2ysjAHCg9TGTni7TFa+AL3mXfLgtpxWf9qJdBC6MYiBQ+7z
yIR7m+aPeAvJNnHJEd99TrbbrhyGyzOC/g4ICLHC3slc05sT0xos0obFza3G8QtY
WWi9XPmb+nhvM4bT94igb13tlJKf8zS266xxrozFAHdScvjnJcNjkn5FY02604cq
eo6uSbqkAxRR7snw0jQN4GDTlgMbmNcuD5eGmD6Wi8aD/io/wP++xAyeoga8cHrk
1jsgqDRcN0Axq4Q0YmktCfjo7ldEwQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:35:13 2025 by rpki-client