Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/12351A24EEB311EF83B52356C4F9AE02.roa
File: 12351A24EEB311EF83B52356C4F9AE02.roa (raw, json)
Hash identifier: ZQcxVi8PS8xVNsRrOAAVTGBDRYmvTyMy9P8009pDohM=
Subject key identifier: CA:F0:D2:4A:66:AC:AA:3F:35:36:04:7F:0C:8F:75:5A:CD:03:CC:E1
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A6FA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/12351A24EEB311EF83B52356C4F9AE02.roa
Signing time: Thu 20 Feb 2025 08:11:57 +0000
ROA not before: Thu 20 Feb 2025 08:11:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.225.0.0/22 maxlen: 24
43.229.200.0/22 maxlen: 24
43.231.116.0/22 maxlen: 24
43.239.112.0/22 maxlen: 24
45.114.156.0/22 maxlen: 24
103.14.196.0/22 maxlen: 24
103.16.140.0/22 maxlen: 24
103.26.169.0/24 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.41.40.0/22 maxlen: 24
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.54.96.0/22 maxlen: 24
103.54.100.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.82.144.0/22 maxlen: 24
103.86.20.0/22 maxlen: 24
103.88.124.0/22 maxlen: 24
103.108.76.0/22 maxlen: 24
103.111.128.0/22 maxlen: 24
103.118.8.0/22 maxlen: 24
103.132.203.0/24 maxlen: 24
103.133.116.0/24 maxlen: 24
103.139.88.0/23 maxlen: 24
103.142.64.0/23 maxlen: 24
103.143.109.0/24 maxlen: 24
103.143.215.0/24 maxlen: 24
103.144.112.0/23 maxlen: 24
103.154.26.0/24 maxlen: 24
103.155.194.0/23 maxlen: 24
103.157.69.0/24 maxlen: 24
103.158.111.0/24 maxlen: 24
103.158.180.0/24 maxlen: 24
103.159.137.0/24 maxlen: 24
103.167.157.0/24 maxlen: 24
103.169.58.0/23 maxlen: 24
103.171.8.0/23 maxlen: 24
103.171.236.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.41.0/24 maxlen: 24
103.174.42.0/23 maxlen: 24
103.175.106.0/23 maxlen: 24
103.180.216.0/23 maxlen: 24
103.192.72.0/22 maxlen: 24
103.199.92.0/22 maxlen: 24
103.200.48.0/22 maxlen: 24
103.206.64.0/22 maxlen: 24
103.212.132.0/22 maxlen: 24
103.224.50.0/23 maxlen: 24
103.224.108.0/22 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
103.228.184.0/22 maxlen: 24
103.236.112.0/22 maxlen: 24
103.254.200.0/22 maxlen: 24
137.59.204.0/22 maxlen: 24
139.5.96.0/22 maxlen: 24
202.62.246.0/24 maxlen: 24
203.191.56.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42746 (0xa6fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 20 08:11:57 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67b6e3cc-8c27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cc:3c:ee:22:08:0b:a3:1e:b7:98:ea:f2:ce:
c4:f2:b1:b0:b5:05:01:ac:bf:e7:69:3e:2d:38:d2:
96:7b:4f:8e:3b:87:60:bb:b3:65:c1:ee:64:9d:38:
40:50:80:b9:3d:dc:4f:8b:d2:82:f3:e9:63:12:c0:
bf:00:56:25:78:2b:f3:3c:b3:73:68:e3:fa:7b:67:
55:b3:f6:61:db:cf:af:0f:9b:eb:94:0e:b4:c6:4a:
0a:63:72:b7:96:d4:37:75:da:c8:e5:4e:13:0b:e9:
1b:48:6b:70:00:7f:42:72:2b:23:4d:6a:cd:b8:57:
88:f1:33:1f:41:43:77:33:63:13:85:6f:98:cb:0e:
14:ed:97:ba:8b:3c:52:45:f5:78:96:e5:07:1d:e8:
f7:b9:87:78:b1:db:ca:e4:f4:99:b5:44:99:3f:21:
01:ef:b2:4b:04:8e:f1:73:75:37:98:58:46:dd:9c:
ef:2c:b2:92:96:87:0b:67:aa:81:9d:50:e1:34:5a:
1f:60:9e:ce:ae:0c:c3:14:8a:46:69:7d:1c:7a:3c:
ba:00:68:6c:49:bb:8f:64:c9:99:a3:9f:c5:32:00:
d2:83:a7:bb:bf:f4:d7:8e:28:fa:69:f7:e0:d8:7d:
27:e8:a5:64:45:b8:44:96:4c:06:e8:e4:0e:79:07:
95:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F0:D2:4A:66:AC:AA:3F:35:36:04:7F:0C:8F:75:5A:CD:03:CC:E1
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/12351A24EEB311EF83B52356C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.0.0/22
43.229.200.0/22
43.231.116.0/22
43.239.112.0/22
45.114.156.0/22
103.14.196.0/22
103.16.140.0/22
103.26.169.0/24
103.27.168.0/24
103.27.170.0/23
103.41.40.0/22
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.54.96.0/21
103.55.84.0/22
103.82.144.0/22
103.86.20.0/22
103.88.124.0/22
103.108.76.0/22
103.111.128.0/22
103.118.8.0/22
103.132.203.0/24
103.133.116.0/24
103.139.88.0/23
103.142.64.0/23
103.143.109.0/24
103.143.215.0/24
103.144.112.0/23
103.154.26.0/24
103.155.194.0/23
103.157.69.0/24
103.158.111.0/24
103.158.180.0/24
103.159.137.0/24
103.167.157.0/24
103.169.58.0/23
103.171.8.0/23
103.171.236.0/23
103.173.14.0/23
103.173.41.0/24
103.174.42.0/23
103.175.106.0/23
103.180.216.0/23
103.192.72.0/22
103.199.92.0/22
103.200.48.0/22
103.206.64.0/22
103.212.132.0/22
103.224.50.0/23
103.224.108.0/22
103.226.224.0/22
103.228.172.0/22
103.228.184.0/22
103.236.112.0/22
103.254.200.0/22
137.59.204.0/22
139.5.96.0/22
202.62.246.0/24
203.191.56.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
2f:c9:3d:5f:3c:d2:72:a9:fb:b9:81:d3:26:5c:aa:a9:c1:4d:
ed:7b:b2:99:43:44:5b:b5:0d:5e:b7:46:3d:ce:c2:ab:ab:47:
c8:bb:fe:dd:3c:97:02:73:54:c1:c3:61:0f:e9:66:85:c4:1f:
2e:f6:32:ca:31:ac:8d:67:a1:b4:f5:6f:e5:ec:c5:e4:4c:e6:
c1:9b:d6:d8:1b:e6:b4:fd:43:f5:ca:2f:03:bf:ec:85:61:d6:
c0:f0:71:32:90:2f:8d:df:8b:03:42:a9:67:6c:83:45:80:91:
9e:bf:d2:a1:08:48:7f:dc:4c:10:8e:3c:a9:22:a4:7a:85:87:
4a:ec:c9:e4:84:94:b9:0a:4b:a9:53:ac:df:d1:5a:d3:8d:a7:
20:2c:44:e4:e3:3f:7b:ac:49:14:a2:55:f5:05:dd:5d:28:e7:
ba:c7:83:bb:7b:73:c2:98:71:20:30:7f:09:a4:c8:1a:d2:36:
a3:ce:76:e2:21:64:6f:82:9d:06:e4:96:c7:fe:6e:2a:d0:52:
9b:0c:49:10:b2:4e:e7:f6:b1:14:8b:06:9d:cb:c7:00:67:72:
2a:8c:ec:6b:54:e7:25:28:f6:d9:0d:0c:c7:7d:26:2b:a7:cc:
1d:54:68:1e:f8:2f:f5:0f:74:bb:85:26:91:18:8d:79:06:b1:
2d:03:b4:59
-----BEGIN CERTIFICATE-----
MIIHAzCCBeugAwIBAgIDAKb6MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIyMDA4MTE1N1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdiNmUzY2MtOGMyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3MPO4iCAujHreY6vLOxPKxsLUFAay/52k+LTjSlntPjjuHYLuzZcHuZJ04
QFCAuT3cT4vSgvPpYxLAvwBWJXgr8zyzc2jj+ntnVbP2YdvPrw+b65QOtMZKCmNy
t5bUN3XayOVOEwvpG0hrcAB/QnIrI01qzbhXiPEzH0FDdzNjE4VvmMsOFO2Xuos8
UkX1eJblBx3o97mHeLHbyuT0mbVEmT8hAe+ySwSO8XN1N5hYRt2c7yyykpaHC2eq
gZ1Q4TRaH2Cezq4MwxSKRml9HHo8ugBobEm7j2TJmaOfxTIA0oOnu7/0144o+mn3
4Nh9J+ilZEW4RJZMBujkDnkHlfkCAwEAAaOCBCYwggQiMB0GA1UdDgQWBBTK8NJK
ZqyqPzU2BH8Mj3VazQPM4TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzEyMzUxQTI0
RUVCMzExRUY4M0I1MjM1NkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBrgYIKwYBBQUHAQcB
Af8EggGdMIIBmTCCAXAEAgABMIIBaAMEAivhAAMEAivlyAMEAivndAMEAivvcAME
Ai1ynAMEAmcOxAMEAmcQjAMEAGcaqQMEAGcbqAMEAWcbqgMEAmcpKAMEAGcvmAME
AmczXAMEAmc0MAMEA2c2YAMEAmc3VAMEAmdSkAMEAmdWFAMEAmdYfAMEAmdsTAME
AmdvgAMEAmd2CAMEAGeEywMEAGeFdAMEAWeLWAMEAWeOQAMEAGePbQMEAGeP1wME
AWeQcAMEAGeaGgMEAWebwgMEAGedRQMEAGeebwMEAGeetAMEAGefiQMEAGennQME
AWepOgMEAWerCAMEAWer7AMEAWetDgMEAGetKQMEAWeuKgMEAWevagMEAWe02AME
AmfASAMEAmfHXAMEAmfIMAMEAmfOQAMEAmfUhAMEAWfgMgMEAmfgbAMEAmfi4AME
AmfkrAMEAmfkuAMEAmfscAMEAmf+yAMEAok7zAMEAosFYAMEAMo+9gMEAsu/ODAj
BAIAAjAdMBIDBwEkANGAAGYDBwEkANGAAGgDBwEkANGAAHAwDQYJKoZIhvcNAQEL
BQADggEBAC/JPV880nKp+7mB0yZcqqnBTe17splDRFu1DV63Rj3OwqurR8i7/t08
lwJzVMHDYQ/pZoXEHy72MsoxrI1nobT1b+XsxeRM5sGb1tgb5rT9Q/XKLwO/7IVh
1sDwcTKQL43fiwNCqWdsg0WAkZ6/0qEISH/cTBCOPKkipHqFh0rsyeSElLkKS6lT
rN/RWtONpyAsROTjP3usSRSiVfUF3V0o57rHg7t7c8KYcSAwfwmkyBrSNqPOduIh
ZG+CnQbklsf+birQUpsMSRCyTuf2sRSLBp3LxwBnciqM7GtU5yUo9tkNDMd9Jiun
zB1UaB74L/UPdLuFJpEYjXkGsS0DtFk=
-----END CERTIFICATE-----
Generated at Fri Apr 11 18:44:57 2025 by rpki-client