Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/019032D8873A11EBBB90457BC4F9AE02.roa
File: 019032D8873A11EBBB90457BC4F9AE02.roa (raw, json)
Hash identifier: wguzJbiQPRogdnaTmDlQ1CrPJoRV3ZpyLJ8McbUOvhY=
Subject key identifier: EC:17:48:0D:F3:60:29:AE:F8:15:1E:DC:E2:7A:1D:97:F1:41:F3:75
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A8F0
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/019032D8873A11EBBB90457BC4F9AE02.roa
Signing time: Tue 04 Mar 2025 05:11:29 +0000
ROA not before: Tue 04 Mar 2025 05:11:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133653
IP address blocks: 103.47.44.0/22 maxlen: 24
2407:39c0::/32 maxlen: 34
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43248 (0xa8f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 4 05:11:29 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c68b81-9e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2e:e0:9c:09:b7:19:43:f3:4e:fd:80:d1:16:
f9:47:b4:8b:f9:66:d5:b3:fb:7e:c0:d9:74:d0:c7:
7e:9a:bd:d6:21:fb:0a:7c:36:9f:c3:50:ee:95:3a:
5a:77:f5:5d:bc:23:92:52:d1:5c:a7:fd:85:e1:4d:
5f:19:68:a4:5f:05:2f:b7:40:ba:79:fb:09:4d:c7:
29:cc:15:57:93:dc:85:b3:63:58:17:f3:fb:7f:d0:
1f:e3:5e:1e:2e:c0:93:4a:39:b7:a1:77:fc:a2:9c:
15:42:8d:93:ff:65:81:df:ff:83:94:26:89:8c:93:
64:25:a2:12:7a:33:7a:a8:ee:78:be:04:28:98:6b:
ed:4d:22:c2:9c:88:4e:b0:f9:9a:eb:00:a0:7c:62:
e1:19:5a:76:b0:40:6a:01:75:70:f0:70:d4:5e:bf:
99:65:34:ca:ae:7c:1c:58:34:d0:ec:21:25:5a:41:
7f:53:3b:bb:20:a2:ac:cb:3c:01:be:0b:43:7f:cf:
bf:24:31:19:58:77:80:ab:50:d6:ce:4b:8b:df:98:
a6:d6:ac:b3:a7:ce:a4:9e:51:47:07:36:30:35:2e:
2c:62:c6:3f:07:d0:b0:8d:57:d3:49:6d:8e:0f:65:
bd:50:5c:f0:dc:31:33:0d:6a:e3:f9:53:46:9c:23:
3a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:17:48:0D:F3:60:29:AE:F8:15:1E:DC:E2:7A:1D:97:F1:41:F3:75
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/019032D8873A11EBBB90457BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.47.44.0/22
IPv6:
2407:39c0::/32
Signature Algorithm: sha256WithRSAEncryption
aa:0d:a4:c9:ff:40:4d:08:77:9c:7f:2b:78:90:50:6b:6e:7e:
ab:57:4f:89:ab:e4:ac:fd:e4:ca:eb:23:e3:d8:4c:18:91:6b:
a4:29:93:9c:5b:3d:84:aa:16:86:c0:c8:77:2f:f7:d9:17:e0:
ca:8f:94:3e:29:d1:4a:29:07:b3:4d:88:01:36:35:c9:c2:fa:
cd:76:5c:5e:d3:84:e2:7c:01:44:c0:49:12:4d:a8:6c:a2:24:
f3:84:a4:a2:dd:ae:c1:c7:7e:d9:a0:f4:5d:b2:6a:d4:88:0a:
6b:f5:b5:71:9e:bf:79:75:75:96:7d:87:0a:2b:22:f6:65:02:
40:0e:02:3d:c5:db:99:b3:71:1f:23:80:95:c4:01:0e:ce:2a:
2c:ca:c0:f9:78:79:94:57:72:12:2a:68:e5:fb:18:a4:a9:a6:
b6:d8:8d:9f:b7:bd:1e:ce:3c:de:30:72:f2:66:9c:0c:c9:ba:
35:56:10:29:c5:d4:d7:ea:e6:e9:12:17:d2:a1:81:a8:51:1e:
70:fd:fb:02:a6:f6:da:56:8e:50:ef:22:96:c4:8c:3a:f1:e7:
a9:8e:ae:0e:d5:a9:89:df:55:b2:b2:ad:72:70:84:78:87:e8:
a4:49:49:72:a9:ef:76:ad:cd:26:92:8c:af:52:cc:ca:3d:69:
50:7c:b4:9d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKjwMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMwNDA1MTEyOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjNjhiODEtOWU3ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwu4JwJtxlD8079gNEW+Ue0i/lm1bP7fsDZdNDHfpq91iH7Cnw2n8NQ7pU6
Wnf1XbwjklLRXKf9heFNXxlopF8FL7dAunn7CU3HKcwVV5PchbNjWBfz+3/QH+Ne
Hi7Ak0o5t6F3/KKcFUKNk/9lgd//g5QmiYyTZCWiEnozeqjueL4EKJhr7U0iwpyI
TrD5musAoHxi4RladrBAagF1cPBw1F6/mWU0yq58HFg00OwhJVpBf1M7uyCirMs8
Ab4LQ3/PvyQxGVh3gKtQ1s5Li9+Yptass6fOpJ5RRwc2MDUuLGLGPwfQsI1X00lt
jg9lvVBc8NwxMw1q4/lTRpwjOiMCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBTsF0gN
82AprvgVHtzieh2X8UHzdTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzAxOTAzMkQ4
ODczQTExRUJCQjkwNDU3QkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMC4GCCsGAQUFBwEHAQH/
BB8wHTAMBAIAATAGAwQCZy8sMA0EAgACMAcDBQAkBznAMA0GCSqGSIb3DQEBCwUA
A4IBAQCqDaTJ/0BNCHecfyt4kFBrbn6rV0+Jq+Ss/eTK6yPj2EwYkWukKZOcWz2E
qhaGwMh3L/fZF+DKj5Q+KdFKKQezTYgBNjXJwvrNdlxe04TifAFEwEkSTahsoiTz
hKSi3a7Bx37ZoPRdsmrUiApr9bVxnr95dXWWfYcKKyL2ZQJADgI9xduZs3EfI4CV
xAEOziosysD5eHmUV3ISKmjl+xikqaa22I2ft70ezjzeMHLyZpwMybo1VhApxdTX
6ubpEhfSoYGoUR5w/fsCpvbaVo5Q7yKWxIw68eepjq4O1amJ31Wysq1ycIR4h+ik
SUlyqe92rc0mkoyvUszKPWlQfLSd
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:06:16 2025 by rpki-client