Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9174B04/3C689E0698A711EDB94DC87BC4F9AE02/576B4A9298AB11EDBC12AA81C4F9AE02.roa
File: 576B4A9298AB11EDBC12AA81C4F9AE02.roa (raw, json)
Hash identifier: CSlgFdLGV+e95mn8zR3CSgbH6nggaAqgy4bHPX51po0=
Subject key identifier: F5:83:37:2A:82:14:68:15:8C:28:E4:F8:EE:8E:20:64:54:C8:38:76
Certificate issuer: /CN=A9174B04/serialNumber=69D70B3635676E4F731B8EF1C5855B5E2F27F388
Certificate serial: 010B
Authority key identifier: 69:D7:0B:36:35:67:6E:4F:73:1B:8E:F1:C5:85:5B:5E:2F:27:F3:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/adcLNjVnbk9zG47xxYVbXi8n84g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9174B04/3C689E0698A711EDB94DC87BC4F9AE02/576B4A9298AB11EDBC12AA81C4F9AE02.roa
Signing time: Fri 07 Jun 2024 06:45:56 +0000
ROA not before: Fri 07 Jun 2024 06:45:56 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 135427
IP address blocks: 45.250.200.0/24 maxlen: 24
45.250.201.0/24 maxlen: 24
45.250.202.0/24 maxlen: 24
45.250.203.0/24 maxlen: 24
103.219.108.0/24 maxlen: 24
103.219.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 267 (0x10b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9174B04
Validity
Not Before: Jun 7 06:45:56 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6662aca3-8dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b4:09:07:18:63:b4:60:30:a8:4d:6c:54:91:
29:75:d1:af:37:9f:a2:5e:a4:26:2b:ed:b2:b2:1d:
43:82:53:c1:ce:d3:f7:eb:ff:7b:49:fe:2d:22:50:
88:67:07:20:a8:2e:af:e0:24:02:eb:c9:54:1b:29:
e7:41:b0:03:6b:5e:14:4e:b7:87:dd:72:78:90:6d:
2f:30:e2:08:42:b5:5f:dd:79:5f:17:f2:63:6a:96:
ee:df:34:01:2a:58:56:9c:9d:57:8d:79:e9:39:e2:
fb:27:fd:5f:de:c8:94:eb:ac:58:0b:21:9c:1e:89:
2d:33:05:bb:ea:e8:ce:c5:58:f8:a0:5e:6e:a0:06:
e5:03:00:4e:46:49:1e:d7:1c:90:10:16:d0:c4:25:
dd:3e:ad:99:e9:2b:8e:a4:5b:91:69:4a:9b:a1:c0:
35:8d:fd:eb:95:fc:5d:db:11:9a:4f:fa:63:67:24:
de:8c:b0:5b:58:75:e2:40:46:6d:3a:29:12:da:67:
a7:bd:cd:43:64:b9:8e:11:de:40:0b:b8:89:73:0c:
f5:83:05:a6:18:4f:4c:c7:4a:93:ec:9d:8e:08:55:
0e:8e:54:6f:4b:c6:90:07:80:c4:01:8e:c6:ed:56:
0e:ea:ea:96:67:58:3d:b9:99:f6:82:25:d7:87:3a:
d3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:83:37:2A:82:14:68:15:8C:28:E4:F8:EE:8E:20:64:54:C8:38:76
X509v3 Authority Key Identifier:
keyid:69:D7:0B:36:35:67:6E:4F:73:1B:8E:F1:C5:85:5B:5E:2F:27:F3:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9174B04/3C689E0698A711EDB94DC87BC4F9AE02/adcLNjVnbk9zG47xxYVbXi8n84g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/adcLNjVnbk9zG47xxYVbXi8n84g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174B04/3C689E0698A711EDB94DC87BC4F9AE02/576B4A9298AB11EDBC12AA81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.250.200.0/22
103.219.108.0/23
Signature Algorithm: sha256WithRSAEncryption
c2:fc:cb:20:f3:ca:f5:44:64:d8:0a:04:ef:7b:a6:02:24:4c:
7d:06:59:fc:0c:95:28:f8:b1:12:8d:b8:c5:53:a6:c6:0f:de:
0e:9b:68:3e:3a:57:2e:43:81:36:77:7d:b8:15:70:18:03:f6:
d2:9a:c6:c5:93:b9:eb:5e:35:85:96:5f:c5:0e:23:e7:84:b0:
f3:09:e9:51:2e:79:75:d9:3c:e2:d7:ec:67:cc:1c:66:bc:2f:
a8:98:73:29:cb:4e:96:c9:92:c9:af:0a:3e:c0:e2:3b:e3:99:
af:9f:f7:48:cd:d5:46:35:b9:16:b8:4e:06:a2:04:f6:a3:f9:
e9:73:d6:2c:16:a9:de:a3:3d:4e:c1:ae:dd:39:08:b0:8c:b6:
a6:96:66:12:db:cc:77:5b:cf:a2:a1:56:07:ec:d0:b5:03:ad:
5d:b0:67:ea:8f:02:69:f9:d9:a3:40:b7:60:13:b1:d0:b9:01:
71:e2:3b:0b:4d:9d:5a:8b:3b:d5:e7:b5:2a:d0:aa:fa:18:c0:
9a:6b:ad:05:72:3c:b8:c4:d1:3c:d3:d6:f0:29:b8:87:fb:b1:
12:1a:e7:02:5e:39:f0:4c:81:de:df:b9:ef:e2:eb:91:c5:9d:
a3:f5:c7:91:9e:09:e9:43:d7:b7:69:3c:c0:d1:9d:a6:fc:1c:
c2:70:d7:b6
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAQswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzRCMDQxMTAvBgNVBAUTKDY5RDcwQjM2MzU2NzZFNEY3MzFCOEVGMUM1ODU1QjVF
MkYyN0YzODgwHhcNMjQwNjA3MDY0NTU2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjYyYWNhMy04ZGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoLQJBxhjtGAwqE1sVJEpddGvN5+iXqQmK+2ysh1DglPBztP36/97Sf4tIlCI
ZwcgqC6v4CQC68lUGynnQbADa14UTreH3XJ4kG0vMOIIQrVf3XlfF/Jjapbu3zQB
KlhWnJ1XjXnpOeL7J/1f3siU66xYCyGcHoktMwW76ujOxVj4oF5uoAblAwBORkke
1xyQEBbQxCXdPq2Z6SuOpFuRaUqbocA1jf3rlfxd2xGaT/pjZyTejLBbWHXiQEZt
OikS2menvc1DZLmOEd5AC7iJcwz1gwWmGE9Mx0qT7J2OCFUOjlRvS8aQB4DEAY7G
7VYO6uqWZ1g9uZn2giXXhzrTGQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPWDNyqC
FGgVjCjk+O6OIGRUyDh2MB8GA1UdIwQYMBaAFGnXCzY1Z25PcxuO8cWFW14vJ/OI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NEIwNC8zQzY4OUUwNjk4
QTcxMUVEQjk0REM4N0JDNEY5QUUwMi9hZGNMTmpWbmJrOXpHNDd4eFlWYlhpOG44
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FkY0xOalZuYms5ekc0N3h4WVZiWGk4bjg0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzRCMDQvM0M2ODlFMDY5OEE3MTFFREI5NERDODdCQzRGOUFFMDIvNTc2QjRBOTI5
OEFCMTFFREJDMTJBQTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIt+sgDBAFn22wwDQYJKoZIhvcNAQELBQADggEBAML8yyDz
yvVEZNgKBO97pgIkTH0GWfwMlSj4sRKNuMVTpsYP3g6baD46Vy5DgTZ3fbgVcBgD
9tKaxsWTueteNYWWX8UOI+eEsPMJ6VEueXXZPOLX7GfMHGa8L6iYcynLTpbJksmv
Cj7A4jvjma+f90jN1UY1uRa4TgaiBPaj+elz1iwWqd6jPU7Brt05CLCMtqaWZhLb
zHdbz6KhVgfs0LUDrV2wZ+qPAmn52aNAt2ATsdC5AXHiOwtNnVqLO9XntSrQqvoY
wJprrQVyPLjE0TzT1vApuIf7sRIa5wJeOfBMgd7fue/i65HFnaP1x5GeCelD17dp
PMDRnab8HMJw17Y=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:19:16 2025 by rpki-client