Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/31B2B528217811EEBACF3324C4F9AE02.roa
File: 31B2B528217811EEBACF3324C4F9AE02.roa (raw, json)
Hash identifier: GgE2GgTXjnlE63xFP6LVosemjRTE0pIIUFRg3E+lupM=
Subject key identifier: 85:6C:7C:B0:9F:70:CA:01:2B:2F:66:1F:D2:69:5B:8A:03:3C:B3:E9
Certificate issuer: /CN=A9174685/serialNumber=A5F065FCC9EDA11DCA4D0DFC6D7C99075298D7FF
Certificate serial: 089A
Authority key identifier: A5:F0:65:FC:C9:ED:A1:1D:CA:4D:0D:FC:6D:7C:99:07:52:98:D7:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pfBl_MntoR3KTQ38bXyZB1KY1_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/31B2B528217811EEBACF3324C4F9AE02.roa
Signing time: Sat 28 Sep 2024 20:39:50 +0000
ROA not before: Sat 28 Sep 2024 20:39:49 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 133633
IP address blocks: 103.38.16.0/22 maxlen: 24
202.58.254.0/24 maxlen: 24
202.58.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2202 (0x89a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9174685
Validity
Not Before: Sep 28 20:39:49 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f86995-1e7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:85:41:82:72:fb:8c:ac:0c:47:7f:c0:7c:38:
86:ba:d3:35:96:be:4f:d3:1b:f5:8f:7c:58:56:30:
9f:0a:0f:92:e9:71:bc:e7:c3:d6:00:ba:07:dc:fc:
40:93:42:a0:d0:a5:80:86:44:7c:6a:19:4d:ce:1d:
c1:66:0a:0e:13:fc:a0:c1:32:d7:5e:1a:d5:59:77:
91:ee:91:b2:d4:a8:49:8a:b2:f8:59:fc:ff:85:4d:
ca:67:f9:4a:b8:bb:43:47:47:43:41:e7:85:32:71:
cc:18:3a:f2:df:8b:40:a2:99:64:24:5a:f9:3f:72:
b4:d8:1b:34:70:b4:a4:6a:2c:8d:07:56:b2:d2:44:
78:99:8a:ff:f7:0d:e9:5a:b0:5c:2f:27:62:09:62:
41:db:6b:29:87:cf:dc:3e:9a:b3:92:b4:a6:df:f9:
fe:7b:20:29:28:2e:e5:cf:db:1b:29:32:00:be:c0:
19:42:22:3b:c6:c0:19:6a:21:1f:ab:ef:e9:8a:d9:
b3:26:3a:2d:5a:82:65:dc:64:91:40:e9:7d:e9:c2:
0c:66:3b:fa:55:86:cb:ff:d3:8c:a7:ef:f9:85:9d:
0d:20:d1:f1:ce:b1:dc:65:3d:dc:59:ea:85:68:1b:
78:f7:96:30:29:29:2c:48:17:3c:de:7c:d7:5b:fa:
39:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6C:7C:B0:9F:70:CA:01:2B:2F:66:1F:D2:69:5B:8A:03:3C:B3:E9
X509v3 Authority Key Identifier:
keyid:A5:F0:65:FC:C9:ED:A1:1D:CA:4D:0D:FC:6D:7C:99:07:52:98:D7:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/pfBl_MntoR3KTQ38bXyZB1KY1_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pfBl_MntoR3KTQ38bXyZB1KY1_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/31B2B528217811EEBACF3324C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.38.16.0/22
202.58.254.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:1d:d6:13:34:91:f0:05:4f:1f:8b:68:63:f4:53:ad:8b:d9:
41:01:08:aa:4c:db:b9:45:30:c2:21:fe:4e:c8:aa:d3:1e:8e:
12:d7:42:97:94:04:b2:28:d0:b5:e6:90:56:59:08:7f:07:29:
6d:12:44:1b:2f:11:53:3c:38:9a:8a:84:b3:14:15:42:98:53:
fc:df:f8:0b:6f:b6:f2:bb:a5:ff:6e:72:ff:21:4f:19:11:13:
71:5d:8d:00:ce:66:66:cc:ca:e3:56:fa:4c:7d:59:72:54:87:
9f:a9:a4:51:f7:f3:37:6c:9a:2f:da:2f:f7:ee:4a:6f:c1:4d:
6b:53:10:9d:e4:ba:15:cd:32:e2:ff:98:e1:25:19:c1:34:67:
c1:72:e0:db:80:67:4a:55:c6:34:3b:84:c4:ae:fc:39:46:35:
05:ff:dd:ff:5b:3b:cb:22:9b:d1:59:5b:3c:d8:ab:e5:e8:f5:
30:77:c8:34:34:44:0c:3e:4d:3c:fc:6c:dc:5f:a6:0b:1c:c0:
66:95:7a:9d:1f:d7:c6:d9:cd:11:dc:15:2c:fb:c6:c2:09:66:
0f:54:da:3a:3b:b5:47:61:93:4c:d9:6f:27:40:f6:2e:ee:35:
61:e7:ff:4f:15:2a:3b:91:c7:18:9e:19:18:59:ab:61:94:89:
84:f0:e5:b3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQ2ODUxMTAvBgNVBAUTKEE1RjA2NUZDQzlFREExMURDQTREMERGQzZEN0M5OTA3
NTI5OEQ3RkYwHhcNMjQwOTI4MjAzOTQ5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY4Njk5NS0xZTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA/IVBgnL7jKwMR3/AfDiGutM1lr5P0xv1j3xYVjCfCg+S6XG858PWALoH3PxA
k0Kg0KWAhkR8ahlNzh3BZgoOE/ygwTLXXhrVWXeR7pGy1KhJirL4Wfz/hU3KZ/lK
uLtDR0dDQeeFMnHMGDry34tAoplkJFr5P3K02Bs0cLSkaiyNB1ay0kR4mYr/9w3p
WrBcLydiCWJB22sph8/cPpqzkrSm3/n+eyApKC7lz9sbKTIAvsAZQiI7xsAZaiEf
q+/pitmzJjotWoJl3GSRQOl96cIMZjv6VYbL/9OMp+/5hZ0NINHxzrHcZT3cWeqF
aBt495YwKSksSBc83nzXW/o59wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIVsfLCf
cMoBKy9mH9JpW4oDPLPpMB8GA1UdIwQYMBaAFKXwZfzJ7aEdyk0N/G18mQdSmNf/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDY4NS8yRDE1OTE4MkE5
NzMxMUVBOUFBQkU5MjNDNEY5QUUwMi9wZkJsX01udG9SM0tUUTM4Ylh5WkIxS1kx
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BmQmxfTW50b1IzS1RRMzhiWHlaQjFLWTFfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQ2ODUvMkQxNTkxODJBOTczMTFFQTlBQUJFOTIzQzRGOUFFMDIvMzFCMkI1Mjgy
MTc4MTFFRUJBQ0YzMzI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnJhADBAHKOv4wDQYJKoZIhvcNAQELBQADggEBAGwd1hM0
kfAFTx+LaGP0U62L2UEBCKpM27lFMMIh/k7IqtMejhLXQpeUBLIo0LXmkFZZCH8H
KW0SRBsvEVM8OJqKhLMUFUKYU/zf+AtvtvK7pf9ucv8hTxkRE3FdjQDOZmbMyuNW
+kx9WXJUh5+ppFH38zdsmi/aL/fuSm/BTWtTEJ3kuhXNMuL/mOElGcE0Z8Fy4NuA
Z0pVxjQ7hMSu/DlGNQX/3f9bO8sim9FZWzzYq+Xo9TB3yDQ0RAw+TTz8bNxfpgsc
wGaVep0f18bZzRHcFSz7xsIJZg9U2jo7tUdhk0zZbydA9i7uNWHn/08VKjuRxxie
GRhZq2GUiYTw5bM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:35:05 2025 by rpki-client