Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/756558C6D19611ECB75A996BC4F9AE02.roa
File: 756558C6D19611ECB75A996BC4F9AE02.roa (raw, json)
Hash identifier: jBN+GZ5K5hQcx74ci+Zj74gtJO93V93U4mPbsdd8SsY=
Subject key identifier: 32:32:01:5A:CD:8F:44:BB:DB:2A:C7:6D:8F:DE:4E:9B:10:7A:B2:88
Certificate issuer: /CN=A918BDA2/serialNumber=DF677D8693477B92A1E9FE7C20422696CEA8609D
Certificate serial: 02E4
Authority key identifier: DF:67:7D:86:93:47:7B:92:A1:E9:FE:7C:20:42:26:96:CE:A8:60:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/32d9hpNHe5Kh6f58IEImls6oYJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/756558C6D19611ECB75A996BC4F9AE02.roa
Signing time: Wed 19 Feb 2025 03:15:22 +0000
ROA not before: Wed 19 Feb 2025 03:15:22 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 59322
IP address blocks: 43.247.16.0/22 maxlen: 24
103.225.36.0/22 maxlen: 22
103.225.36.0/24 maxlen: 24
103.225.37.0/24 maxlen: 24
103.225.38.0/24 maxlen: 24
103.225.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 740 (0x2e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918BDA2
Validity
Not Before: Feb 19 03:15:22 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b54cca-9d3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e5:05:9e:f3:fb:b4:a0:a6:3b:1f:5b:45:19:
a0:6b:38:3f:93:80:02:49:71:cc:1a:3c:5d:06:c0:
cf:ef:c0:6b:76:cc:c2:2e:45:3e:36:01:cd:30:cd:
b0:dc:ed:f3:49:c1:07:7a:8b:d3:a7:d8:ee:20:77:
9a:2f:7a:be:05:e5:aa:45:5a:08:fd:73:0d:19:fd:
c6:6d:5a:e0:82:ef:c5:2d:8a:18:7a:ca:c4:b5:72:
f6:3d:bd:c0:4e:cc:4e:18:a4:73:ab:2b:ee:3e:6e:
b7:f4:56:f2:e7:f6:e5:7d:3e:41:05:13:97:c8:39:
88:ad:e2:de:7a:d0:66:7b:b2:7d:09:c2:01:ac:69:
6c:e7:24:80:03:12:ff:14:6d:cc:a7:68:38:8c:b1:
a8:89:28:cb:3b:3f:49:fd:8f:79:74:99:c8:fc:f7:
20:46:94:08:10:54:30:dc:7c:44:02:9e:55:4b:20:
98:2d:c8:17:fd:46:74:d8:01:24:3c:fa:c8:6c:a4:
ae:fd:41:a3:04:1f:97:c5:80:28:60:ee:28:a3:cc:
80:cc:80:92:4b:f2:e9:72:e0:42:94:ea:94:03:27:
fc:dd:ef:f8:e9:f9:96:63:d8:e5:cc:bf:78:42:1b:
9a:aa:8e:56:d5:8d:1a:5c:18:df:cd:93:32:65:db:
d2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:32:01:5A:CD:8F:44:BB:DB:2A:C7:6D:8F:DE:4E:9B:10:7A:B2:88
X509v3 Authority Key Identifier:
keyid:DF:67:7D:86:93:47:7B:92:A1:E9:FE:7C:20:42:26:96:CE:A8:60:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/32d9hpNHe5Kh6f58IEImls6oYJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/32d9hpNHe5Kh6f58IEImls6oYJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/756558C6D19611ECB75A996BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.16.0/22
103.225.36.0/22
Signature Algorithm: sha256WithRSAEncryption
be:9d:bf:bf:00:47:95:25:92:34:ab:4e:57:88:9f:d7:67:55:
c8:9e:e5:f6:c9:6f:3e:5d:c2:75:eb:50:e2:b2:e5:0d:69:ad:
f6:41:b4:7f:fe:eb:2c:ee:08:40:df:1f:4c:96:39:b8:b6:1a:
ad:0e:b1:56:48:ac:41:85:3c:3d:b1:4e:fc:7e:3b:f2:c8:aa:
13:7b:0e:19:3d:78:73:11:d7:24:49:06:d5:33:86:65:df:55:
42:31:49:20:31:7a:04:15:6d:49:c3:a4:06:9c:21:ef:44:68:
83:d7:59:65:a9:cc:3d:0a:28:85:24:36:38:f3:45:3d:8e:39:
1e:97:db:81:43:2f:47:46:8a:86:ad:ef:19:12:c4:0c:ef:a6:
18:a7:e4:ac:d6:9e:22:b3:b7:99:eb:0b:08:77:d7:8b:24:52:
1f:71:f1:4c:1b:41:90:3a:54:32:12:69:41:29:f3:17:a0:03:
85:b3:b8:b0:7d:dc:0a:63:c0:83:eb:ed:82:c3:64:7e:58:c4:
c6:aa:de:e0:ee:bc:ee:2a:ed:14:57:9b:da:69:fd:25:93:20:
31:47:8d:b1:15:36:cc:57:d7:ec:1b:9a:0a:93:80:07:c3:40:
54:26:9c:b1:d5:b2:a1:cb:9c:f0:7d:10:ab:7f:4a:fb:9d:5d:
03:8a:41:f7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAuQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEJEQTIxMTAvBgNVBAUTKERGNjc3RDg2OTM0NzdCOTJBMUU5RkU3QzIwNDIyNjk2
Q0VBODYwOUQwHhcNMjUwMjE5MDMxNTIyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I1NGNjYS05ZDNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAluUFnvP7tKCmOx9bRRmgazg/k4ACSXHMGjxdBsDP78BrdszCLkU+NgHNMM2w
3O3zScEHeovTp9juIHeaL3q+BeWqRVoI/XMNGf3GbVrggu/FLYoYesrEtXL2Pb3A
TsxOGKRzqyvuPm639Fby5/blfT5BBROXyDmIreLeetBme7J9CcIBrGls5ySAAxL/
FG3Mp2g4jLGoiSjLOz9J/Y95dJnI/PcgRpQIEFQw3HxEAp5VSyCYLcgX/UZ02AEk
PPrIbKSu/UGjBB+XxYAoYO4oo8yAzICSS/LpcuBClOqUAyf83e/46fmWY9jlzL94
Qhuaqo5W1Y0aXBjfzZMyZdvSrQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDIyAVrN
j0S72yrHbY/eTpsQerKIMB8GA1UdIwQYMBaAFN9nfYaTR3uSoen+fCBCJpbOqGCd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkRBMi83MEU2OUMxOEQw
RUUxMUVDQkM1QzQ5NzNDNEY5QUUwMi8zMmQ5aHBOSGU1S2g2ZjU4SUVJbWxzNm9Z
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzMyZDlocE5IZTVLaDZmNThJRUltbHM2b1lKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEJEQTIvNzBFNjlDMThEMEVFMTFFQ0JDNUM0OTczQzRGOUFFMDIvNzU2NTU4QzZE
MTk2MTFFQ0I3NUE5OTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr9xADBAJn4SQwDQYJKoZIhvcNAQELBQADggEBAL6dv78A
R5UlkjSrTleIn9dnVcie5fbJbz5dwnXrUOKy5Q1prfZBtH/+6yzuCEDfH0yWObi2
Gq0OsVZIrEGFPD2xTvx+O/LIqhN7Dhk9eHMR1yRJBtUzhmXfVUIxSSAxegQVbUnD
pAacIe9EaIPXWWWpzD0KKIUkNjjzRT2OOR6X24FDL0dGioat7xkSxAzvphin5KzW
niKzt5nrCwh314skUh9x8UwbQZA6VDISaUEp8xegA4WzuLB93ApjwIPr7YLDZH5Y
xMaq3uDuvO4q7RRXm9pp/SWTIDFHjbEVNsxX1+wbmgqTgAfDQFQmnLHVsqHLnPB9
EKt/SvudXQOKQfc=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:05:47 2025 by rpki-client