Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/EA4E0296BAA611EE8FED5E46C4F9AE02.roa
File: EA4E0296BAA611EE8FED5E46C4F9AE02.roa (raw, json)
Hash identifier: VAcDF5oaMX8/MDZjbwOR5bleWXPEPpXMbzw7BPzDepg=
Subject key identifier: F3:2C:36:74:5A:E6:29:BB:4C:E5:FC:84:40:67:E8:D5:3B:DD:BC:5E
Certificate issuer: /CN=A9161DF8/serialNumber=3FBC3AF43102CEDA4FA0F7FA9BD91B2D65346D6E
Certificate serial: 01DA
Authority key identifier: 3F:BC:3A:F4:31:02:CE:DA:4F:A0:F7:FA:9B:D9:1B:2D:65:34:6D:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7w69DECztpPoPf6m9kbLWU0bW4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/EA4E0296BAA611EE8FED5E46C4F9AE02.roa
Signing time: Sat 21 Dec 2024 02:05:45 +0000
ROA not before: Sat 21 Dec 2024 02:05:45 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 150311
IP address blocks: 103.250.28.0/24 maxlen: 24
103.250.29.0/24 maxlen: 24
2001:df1:4540::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 474 (0x1da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161DF8
Validity
Not Before: Dec 21 02:05:45 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67662279-e46d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:89:0a:0d:2c:c3:2d:1b:af:85:a1:6d:a2:b3:
ab:e8:67:83:bd:0f:77:61:0d:d0:81:b7:79:8f:df:
53:04:6d:64:bd:47:3a:1a:ce:13:5f:62:1c:4c:6f:
c6:13:a7:44:63:bb:9d:00:82:a5:2e:28:5d:87:b9:
31:68:75:31:2e:ea:fc:a8:75:c8:f7:1b:ff:d3:6b:
b9:ac:21:27:9d:14:c1:14:78:95:33:9b:f1:d7:3e:
48:4d:9e:04:94:a4:97:ed:8c:ea:36:1d:69:c0:11:
fc:34:3b:cd:d1:ff:dd:68:f0:4e:18:f7:46:75:d0:
12:c9:8e:4e:08:98:84:27:0c:1a:c9:f2:8b:c6:e3:
aa:f7:6e:1c:bf:68:23:b9:3a:72:07:dd:c2:a2:e2:
b8:66:e6:b3:4b:7a:6d:fb:3c:b4:53:be:9f:78:ae:
81:aa:37:f7:1e:55:50:24:bb:de:6c:01:34:e8:3e:
0a:34:09:cb:48:db:c0:47:c0:76:0c:91:6d:e7:13:
6d:5d:99:4e:f3:cd:7e:c7:4d:f9:7a:14:86:84:13:
1f:c3:f1:72:c0:7c:bf:10:09:09:8f:2c:bb:88:7e:
df:57:47:be:63:37:b6:d6:c6:e3:1d:21:87:2b:f3:
94:7f:df:55:8d:ae:15:20:d8:d0:a7:81:a6:3e:bb:
59:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:2C:36:74:5A:E6:29:BB:4C:E5:FC:84:40:67:E8:D5:3B:DD:BC:5E
X509v3 Authority Key Identifier:
keyid:3F:BC:3A:F4:31:02:CE:DA:4F:A0:F7:FA:9B:D9:1B:2D:65:34:6D:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/P7w69DECztpPoPf6m9kbLWU0bW4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7w69DECztpPoPf6m9kbLWU0bW4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/EA4E0296BAA611EE8FED5E46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.250.28.0/23
IPv6:
2001:df1:4540::/48
Signature Algorithm: sha256WithRSAEncryption
27:a7:73:68:c0:18:96:36:35:93:d1:65:a0:19:26:2e:8c:49:
de:c9:07:b4:a9:80:01:e2:54:60:55:97:87:e9:5a:33:db:4c:
30:a3:5a:a0:64:61:53:bb:6b:d2:92:1c:2f:0f:29:53:a1:29:
f1:eb:2a:59:50:03:96:14:30:ea:43:d9:01:f6:33:eb:7e:6f:
15:ef:75:df:0c:0e:9a:0d:51:7f:9c:e3:b0:a4:d6:ee:e2:f5:
65:60:e2:c1:f2:6d:eb:74:bb:51:c2:9c:f8:c7:5c:e9:0e:eb:
3a:3a:73:1f:44:06:b5:1a:25:89:31:eb:22:ab:e9:ef:66:6f:
d7:84:77:d5:92:01:d1:dd:50:3d:27:c7:6d:40:e0:76:65:4b:
c1:d2:58:e4:1b:45:12:79:77:19:1f:70:5f:88:ff:a6:bf:93:
ef:01:c2:d2:bd:76:08:b9:29:07:75:5a:cf:38:7a:48:fd:04:
35:8e:2c:43:13:5d:7e:3a:13:58:36:81:36:cc:84:fa:62:86:
f0:e7:81:2e:b7:03:65:b9:5f:f5:db:91:a1:ee:fe:5a:9b:34:
07:47:93:14:81:b4:ae:9a:52:a0:ac:e6:9d:62:e7:cf:6f:d2:
25:f0:96:8d:8a:06:c4:f8:83:88:87:ee:35:67:03:e7:80:8b:
6c:4f:5e:3a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAdowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjFERjgxMTAvBgNVBAUTKDNGQkMzQUY0MzEwMkNFREE0RkEwRjdGQTlCRDkxQjJE
NjUzNDZENkUwHhcNMjQxMjIxMDIwNTQ1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY2MjI3OS1lNDZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuokKDSzDLRuvhaFtorOr6GeDvQ93YQ3Qgbd5j99TBG1kvUc6Gs4TX2IcTG/G
E6dEY7udAIKlLihdh7kxaHUxLur8qHXI9xv/02u5rCEnnRTBFHiVM5vx1z5ITZ4E
lKSX7YzqNh1pwBH8NDvN0f/daPBOGPdGddASyY5OCJiEJwwayfKLxuOq924cv2gj
uTpyB93CouK4ZuazS3pt+zy0U76feK6Bqjf3HlVQJLvebAE06D4KNAnLSNvAR8B2
DJFt5xNtXZlO881+x035ehSGhBMfw/FywHy/EAkJjyy7iH7fV0e+Yze21sbjHSGH
K/OUf99Vja4VINjQp4GmPrtZPwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPMsNnRa
5im7TOX8hEBn6NU73bxeMB8GA1UdIwQYMBaAFD+8OvQxAs7aT6D3+pvZGy1lNG1u
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MURGOC8yNkU1MzExNDU1
MDYxMUVEOTUwNkMwNDVDNEY5QUUwMi9QN3c2OURFQ3p0cFBvUGY2bTlrYkxXVTBi
VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1A3dzY5REVDenRwUG9QZjZtOWtiTFdVMGJXNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjFERjgvMjZFNTMxMTQ1NTA2MTFFRDk1MDZDMDQ1QzRGOUFFMDIvRUE0RTAyOTZC
QUE2MTFFRThGRUQ1RTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFn+hwwDwQCAAIwCQMHACABDfFFQDANBgkqhkiG9w0BAQsF
AAOCAQEAJ6dzaMAYljY1k9FloBkmLoxJ3skHtKmAAeJUYFWXh+laM9tMMKNaoGRh
U7tr0pIcLw8pU6Ep8esqWVADlhQw6kPZAfYz635vFe913wwOmg1Rf5zjsKTW7uL1
ZWDiwfJt63S7UcKc+Mdc6Q7rOjpzH0QGtRoliTHrIqvp72Zv14R31ZIB0d1QPSfH
bUDgdmVLwdJY5BtFEnl3GR9wX4j/pr+T7wHC0r12CLkpB3Vazzh6SP0ENY4sQxNd
fjoTWDaBNsyE+mKG8OeBLrcDZblf9duRoe7+Wps0B0eTFIG0rppSoKzmnWLnz2/S
JfCWjYoGxPiDiIfuNWcD54CLbE9eOg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 07:41:18 2025 by rpki-client