Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918754F/2AD16F301A4A11E59209ED72C4F9AE02/B6C42C027E7111ECA6454787C4F9AE02.roa
File: B6C42C027E7111ECA6454787C4F9AE02.roa (raw, json)
Hash identifier: sPjEV8NdOTwFwPMcdQnUOL5yo6ytt7upFB96AA18yK0=
Subject key identifier: FD:5A:12:58:F5:F3:1E:8F:75:31:26:C4:5A:E7:64:5E:4B:96:2F:4A
Certificate issuer: /CN=A918754F/serialNumber=20CB58BB7CD424E761BC393BFCB8D676685F6C0D
Certificate serial: 2580
Authority key identifier: 20:CB:58:BB:7C:D4:24:E7:61:BC:39:3B:FC:B8:D6:76:68:5F:6C:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IMtYu3zUJOdhvDk7_LjWdmhfbA0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918754F/2AD16F301A4A11E59209ED72C4F9AE02/B6C42C027E7111ECA6454787C4F9AE02.roa
Signing time: Thu 12 Sep 2024 16:22:51 +0000
ROA not before: Thu 12 Sep 2024 16:22:51 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 58752
IP address blocks: 43.245.232.0/22 maxlen: 24
103.31.176.0/23 maxlen: 24
2407:1500::/32 maxlen: 32
2407:1500:20::/48 maxlen: 48
2407:1500:21::/48 maxlen: 48
2407:1500:22::/48 maxlen: 48
2407:1500:23::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9600 (0x2580)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918754F
Validity
Not Before: Sep 12 16:22:51 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66e3155a-bbfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1c:11:97:ce:96:d3:61:19:98:55:f0:2c:d3:
12:0e:c4:6e:ba:3f:90:b4:01:84:4d:58:03:ae:86:
d5:07:2b:fe:69:a1:ff:8b:d6:89:51:9c:e2:e6:ce:
0a:e5:eb:73:c8:4e:48:3b:3c:dd:67:49:6d:b7:54:
38:b8:7f:1e:cb:67:b4:e9:0b:43:c0:b1:6e:8f:7b:
33:1e:43:3f:45:29:82:5b:c5:09:72:0e:78:62:fe:
07:ed:63:23:c3:29:4e:48:18:7d:65:b4:ca:bb:ff:
75:99:3e:a3:89:c0:fb:8b:0e:14:10:52:f2:22:b0:
34:b9:d4:18:c8:35:7e:74:a5:9f:0f:0e:54:5e:5a:
a3:9c:c5:70:71:f9:28:7a:34:b1:bd:10:66:35:f7:
75:62:5d:72:1a:86:2d:94:9f:58:6b:68:33:d9:24:
32:cb:1d:a5:63:d1:84:17:43:0e:8d:cb:96:9c:a5:
61:75:06:15:44:11:e3:97:23:f0:0b:54:e4:06:1b:
b4:d0:70:3f:f2:80:16:fb:3d:64:f8:b3:94:5c:bb:
7f:2d:f5:2a:c7:e8:f9:b3:ba:7b:1e:be:ea:81:cf:
f7:01:30:5c:d9:0b:17:19:4c:a5:48:40:53:90:3b:
d1:8c:c4:75:ad:b2:ac:60:5f:30:f5:86:50:61:4d:
95:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:5A:12:58:F5:F3:1E:8F:75:31:26:C4:5A:E7:64:5E:4B:96:2F:4A
X509v3 Authority Key Identifier:
keyid:20:CB:58:BB:7C:D4:24:E7:61:BC:39:3B:FC:B8:D6:76:68:5F:6C:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918754F/2AD16F301A4A11E59209ED72C4F9AE02/IMtYu3zUJOdhvDk7_LjWdmhfbA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IMtYu3zUJOdhvDk7_LjWdmhfbA0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918754F/2AD16F301A4A11E59209ED72C4F9AE02/B6C42C027E7111ECA6454787C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.232.0/22
103.31.176.0/23
IPv6:
2407:1500::/32
Signature Algorithm: sha256WithRSAEncryption
7e:bf:51:66:76:0c:1e:c6:62:56:3c:bd:a7:52:46:67:88:c0:
30:79:2e:94:0e:ad:e6:9a:c0:f1:a4:44:4e:27:c4:d9:ae:d9:
8a:db:1f:92:58:fd:37:db:af:f8:c0:8d:4c:9e:68:d9:58:3c:
15:70:4c:ee:73:be:58:80:16:24:cf:55:3d:ad:ae:d5:2a:97:
3f:be:19:8a:1d:62:32:00:27:33:cb:b1:06:2c:2f:cb:04:8f:
1f:d9:97:e3:14:01:d2:5e:78:98:9f:87:36:ff:85:eb:a5:37:
ac:37:8a:0e:d0:be:87:f6:2d:72:35:9c:72:5e:61:e4:87:4a:
5e:03:23:9e:f4:df:ac:9d:0c:6b:ce:3e:5a:21:e9:ce:2f:62:
63:bc:49:46:08:85:5e:a3:d0:70:bc:af:13:c2:22:2f:68:75:
1c:de:b0:ea:a6:13:a7:ae:0b:06:81:25:b2:58:9f:6b:36:5e:
ec:c2:b0:93:da:77:ca:e9:7a:7f:1c:20:f8:33:c2:dd:1b:27:
fe:03:48:ff:04:54:e2:d9:60:3a:f7:77:b7:f1:dd:e2:78:24:
8b:fa:99:f2:fd:f8:c7:63:44:4c:67:01:96:03:e1:0e:01:44:
a6:6e:dc:af:05:a1:39:54:40:39:d1:54:b7:8c:06:a4:06:57:
95:f5:4f:c5
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICJYAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODc1NEYxMTAvBgNVBAUTKDIwQ0I1OEJCN0NENDI0RTc2MUJDMzkzQkZDQjhENjc2
Njg1RjZDMEQwHhcNMjQwOTEyMTYyMjUxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmUzMTU1YS1iYmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnhwRl86W02EZmFXwLNMSDsRuuj+QtAGETVgDrobVByv+aaH/i9aJUZzi5s4K
5etzyE5IOzzdZ0ltt1Q4uH8ey2e06QtDwLFuj3szHkM/RSmCW8UJcg54Yv4H7WMj
wylOSBh9ZbTKu/91mT6jicD7iw4UEFLyIrA0udQYyDV+dKWfDw5UXlqjnMVwcfko
ejSxvRBmNfd1Yl1yGoYtlJ9Ya2gz2SQyyx2lY9GEF0MOjcuWnKVhdQYVRBHjlyPw
C1TkBhu00HA/8oAW+z1k+LOUXLt/LfUqx+j5s7p7Hr7qgc/3ATBc2QsXGUylSEBT
kDvRjMR1rbKsYF8w9YZQYU2VawIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFP1aElj1
8x6PdTEmxFrnZF5Lli9KMB8GA1UdIwQYMBaAFCDLWLt81CTnYbw5O/y41nZoX2wN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzU0Ri8yQUQxNkYzMDFB
NEExMUU1OTIwOUVENzJDNEY5QUUwMi9JTXRZdTN6VUpPZGh2RGs3X0xqV2RtaGZi
QTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lNdFl1M3pVSk9kaHZEazdfTGpXZG1oZmJBMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODc1NEYvMkFEMTZGMzAxQTRBMTFFNTkyMDlFRDcyQzRGOUFFMDIvQjZDNDJDMDI3
RTcxMTFFQ0E2NDU0Nzg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIr9egDBAFnH7AwDQQCAAIwBwMFACQHFQAwDQYJKoZIhvcN
AQELBQADggEBAH6/UWZ2DB7GYlY8vadSRmeIwDB5LpQOreaawPGkRE4nxNmu2Yrb
H5JY/Tfbr/jAjUyeaNlYPBVwTO5zvliAFiTPVT2trtUqlz++GYodYjIAJzPLsQYs
L8sEjx/Zl+MUAdJeeJifhzb/heulN6w3ig7Qvof2LXI1nHJeYeSHSl4DI57036yd
DGvOPloh6c4vYmO8SUYIhV6j0HC8rxPCIi9odRzesOqmE6euCwaBJbJYn2s2XuzC
sJPad8rpen8cIPgzwt0bJ/4DSP8EVOLZYDr3d7fx3eJ4JIv6mfL9+MdjRExnAZYD
4Q4BRKZu3K8FoTlUQDnRVLeMBqQGV5X1T8U=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:58:18 2025 by rpki-client