Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C32691C8EE9511EF9E12112EC4F9AE02.roa
File: C32691C8EE9511EF9E12112EC4F9AE02.roa (raw, json)
Hash identifier: gqutApmCKSL/vg8fmrOwr3C/K3OG/Dd7IvPX5qXeKsE=
Subject key identifier: A1:8B:8B:09:00:6A:B0:75:08:03:B7:53:72:7F:BE:D6:81:BE:A5:89
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A6D1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C32691C8EE9511EF9E12112EC4F9AE02.roa
Signing time: Wed 19 Feb 2025 10:47:05 +0000
ROA not before: Wed 19 Feb 2025 10:47:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55470
IP address blocks: 49.50.123.0/24 maxlen: 24
103.36.104.0/24 maxlen: 24
103.36.105.0/24 maxlen: 24
103.36.106.0/24 maxlen: 24
103.36.107.0/24 maxlen: 24
103.158.65.0/24 maxlen: 24
103.170.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42705 (0xa6d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 19 10:47:05 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67b5b6a9-a83d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:38:8b:a3:69:53:55:37:87:c4:c4:f6:d1:fd:
5e:a2:cb:98:bf:a8:de:ad:aa:2f:91:72:b1:a2:1f:
4d:ea:f0:e4:c9:8b:4a:70:76:9f:8b:c8:9e:57:3e:
23:56:b3:c4:9f:ac:db:c6:9f:08:44:91:32:13:bd:
9d:7c:e7:20:fd:87:0d:81:30:8f:68:9f:fb:4d:32:
ea:96:02:5a:3c:c6:3d:32:07:24:44:bb:5d:40:ea:
69:13:5a:2b:78:94:29:3b:8d:e5:a2:c7:da:27:6f:
7c:dc:fe:b1:ad:66:d4:7a:32:7d:53:a4:ca:ea:dc:
97:65:5b:30:b0:09:0d:0d:bd:a9:16:33:e3:bc:06:
23:50:62:7e:29:54:e4:84:ec:dc:1d:84:4f:75:b1:
e5:c9:cb:7b:83:08:4b:aa:8f:11:bf:62:4e:71:92:
2c:24:4e:e1:b9:c9:62:47:35:03:4b:51:d6:35:3c:
10:c5:8b:44:e6:06:ae:2e:54:7a:e4:1c:c4:15:7b:
9d:8f:44:75:17:e1:5d:d1:b6:9f:53:f8:f8:8a:07:
50:d4:03:4b:6b:e9:0a:65:25:7a:61:c7:92:a1:af:
7c:41:47:26:70:b8:63:ba:bd:a6:45:ae:f3:7e:a8:
9e:6a:3d:6f:75:f4:14:50:1b:8e:65:e9:ed:97:81:
a9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:8B:8B:09:00:6A:B0:75:08:03:B7:53:72:7F:BE:D6:81:BE:A5:89
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C32691C8EE9511EF9E12112EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.50.123.0/24
103.36.104.0/22
103.158.65.0/24
103.170.3.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:de:1f:61:61:65:bf:3b:2e:f5:2a:f8:cf:5b:91:e1:d3:d6:
d1:25:b4:fe:4e:68:54:1b:0b:1d:ee:c0:1e:30:2b:07:40:3a:
60:26:4c:d4:bd:ec:9d:ad:dc:df:7e:7d:71:02:8f:3e:df:7b:
e6:3c:de:18:ab:54:6f:93:6f:56:96:7e:c3:ca:e0:3b:ca:12:
e3:3e:1f:38:5a:37:e9:32:de:ad:01:39:29:68:1e:46:2e:8d:
47:0c:39:54:3f:0b:01:ed:75:c9:fb:98:2c:da:3b:75:cf:a7:
28:73:c6:1d:88:96:57:84:75:55:7e:a9:36:25:eb:69:83:e6:
f5:62:8e:09:6b:c6:d5:b8:07:87:20:02:80:d8:3c:35:b1:9e:
93:84:c1:fe:7b:2e:87:cd:b2:84:8a:d5:ca:3a:02:bb:60:f8:
98:3b:4c:0d:48:41:29:d0:ca:cb:56:a7:e6:4d:4c:74:38:08:
3c:87:d6:37:e7:21:df:69:dd:0b:25:c8:1a:5f:27:12:4c:5c:
7f:99:b6:9a:5b:11:f3:59:93:ff:53:52:3a:d8:f1:47:cc:71:
f2:53:84:3e:c2:11:d2:c0:a0:1c:c3:01:73:b0:3b:95:e3:88:
1d:92:88:1d:6e:ad:9d:bf:be:06:1c:c6:41:1a:e9:51:50:39:
61:7d:10:8b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKbRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIxOTEwNDcwNVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdiNWI2YTktYTgzZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMc4i6NpU1U3h8TE9tH9XqLLmL+o3q2qL5FysaIfTerw5MmLSnB2n4vInlc+
I1azxJ+s28afCESRMhO9nXznIP2HDYEwj2if+00y6pYCWjzGPTIHJES7XUDqaRNa
K3iUKTuN5aLH2idvfNz+sa1m1HoyfVOkyurcl2VbMLAJDQ29qRYz47wGI1BifilU
5ITs3B2ET3Wx5cnLe4MIS6qPEb9iTnGSLCRO4bnJYkc1A0tR1jU8EMWLROYGri5U
euQcxBV7nY9EdRfhXdG2n1P4+IoHUNQDS2vpCmUlemHHkqGvfEFHJnC4Y7q9pkWu
836onmo9b3X0FFAbjmXp7ZeBqScCAwEAAaOCAqcwggKjMB0GA1UdDgQWBBShi4sJ
AGqwdQgDt1Nyf77Wgb6liTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0MzMjY5MUM4
RUU5NTExRUY5RTEyMTEyRUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDEGCCsGAQUFBwEHAQH/
BCIwIDAeBAIAATAYAwQAMTJ7AwQCZyRoAwQAZ55BAwQAZ6oDMA0GCSqGSIb3DQEB
CwUAA4IBAQB+3h9hYWW/Oy71KvjPW5Hh09bRJbT+TmhUGwsd7sAeMCsHQDpgJkzU
veydrdzffn1xAo8+33vmPN4Yq1Rvk29Wln7DyuA7yhLjPh84WjfpMt6tATkpaB5G
Lo1HDDlUPwsB7XXJ+5gs2jt1z6coc8YdiJZXhHVVfqk2Jetpg+b1Yo4Ja8bVuAeH
IAKA2Dw1sZ6ThMH+ey6HzbKEitXKOgK7YPiYO0wNSEEp0MrLVqfmTUx0OAg8h9Y3
5yHfad0LJcgaXycSTFx/mbaaWxHzWZP/U1I62PFHzHHyU4Q+whHSwKAcwwFzsDuV
44gdkogdbq2dv74GHMZBGulRUDlhfRCL
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:04:54 2025 by rpki-client