Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FD87/29AA9956DE0811EAA106B62BC4F9AE02/35167F34DE0911EAA8F7452CC4F9AE02.roa
File: 35167F34DE0911EAA8F7452CC4F9AE02.roa (raw, json)
Hash identifier: 5iBEu4/lxuKcsTngGzKrbQO6HIpjDKLahJSiNgvhi+k=
Subject key identifier: 9A:2A:8A:40:15:73:20:54:47:D8:3A:16:6F:7B:F7:12:D2:FF:BF:D4
Certificate issuer: /CN=A918FD87/serialNumber=FBA7C3ADF07F80B356C113B85256F57A4069EAE6
Certificate serial: 07D8
Authority key identifier: FB:A7:C3:AD:F0:7F:80:B3:56:C1:13:B8:52:56:F5:7A:40:69:EA:E6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-6fDrfB_gLNWwRO4Ulb1ekBp6uY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FD87/29AA9956DE0811EAA106B62BC4F9AE02/35167F34DE0911EAA8F7452CC4F9AE02.roa
Signing time: Thu 06 Feb 2025 20:39:39 +0000
ROA not before: Thu 06 Feb 2025 20:39:39 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 58397
IP address blocks: 43.224.16.0/22 maxlen: 22
43.224.16.0/24 maxlen: 24
43.224.17.0/24 maxlen: 24
43.224.18.0/24 maxlen: 24
43.224.19.0/24 maxlen: 24
103.43.44.0/22 maxlen: 22
103.43.44.0/24 maxlen: 24
103.43.45.0/24 maxlen: 24
103.43.46.0/24 maxlen: 24
103.43.47.0/24 maxlen: 24
2407:180::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2008 (0x7d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FD87
Validity
Not Before: Feb 6 20:39:39 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a51e0b-c0e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1c:f6:1c:28:06:16:92:cd:dd:fe:89:75:39:
ab:cd:cd:3f:4b:ae:4a:a1:22:07:7d:35:e3:b7:a2:
7f:34:ea:40:d1:57:44:96:3a:c2:03:0c:03:0d:fe:
7f:88:39:bc:30:be:50:cc:dd:69:b3:74:51:10:65:
84:f1:08:16:07:04:5c:36:7c:53:a1:a3:f6:fe:c8:
26:0c:d8:46:74:ca:57:e8:81:74:b6:ff:e1:64:ea:
ea:76:e3:e1:e5:f9:03:38:c5:7b:36:8a:ea:f9:9e:
35:d4:82:35:3f:fe:32:ad:0d:dd:e5:67:cc:25:35:
8d:8e:1a:0a:2b:9c:7c:f2:ba:b4:f9:c6:b5:a3:ff:
8e:8b:16:fd:58:5a:29:7f:df:8d:0f:66:95:44:fc:
fb:6c:ce:10:06:1c:95:11:3c:dc:ae:75:d3:51:08:
92:23:9a:c3:50:16:73:f7:29:66:29:ad:7f:c4:24:
4f:e2:1a:e2:a4:f0:fe:37:75:87:a5:cd:4c:a4:6a:
90:d9:d8:9a:1d:85:05:6c:e1:84:ed:2c:3c:b1:ae:
c8:ca:07:98:0c:d3:15:95:27:14:6b:a9:1f:d5:93:
57:8b:1f:aa:65:f2:a6:09:84:62:62:3f:6b:63:e6:
b4:bb:d3:fd:6d:0c:05:c2:eb:2b:3d:63:46:08:a5:
c8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2A:8A:40:15:73:20:54:47:D8:3A:16:6F:7B:F7:12:D2:FF:BF:D4
X509v3 Authority Key Identifier:
keyid:FB:A7:C3:AD:F0:7F:80:B3:56:C1:13:B8:52:56:F5:7A:40:69:EA:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FD87/29AA9956DE0811EAA106B62BC4F9AE02/-6fDrfB_gLNWwRO4Ulb1ekBp6uY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-6fDrfB_gLNWwRO4Ulb1ekBp6uY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FD87/29AA9956DE0811EAA106B62BC4F9AE02/35167F34DE0911EAA8F7452CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.16.0/22
103.43.44.0/22
IPv6:
2407:180::/32
Signature Algorithm: sha256WithRSAEncryption
b6:ff:10:23:eb:20:a2:49:27:25:d2:86:1c:f7:3b:4e:c8:f2:
16:5e:13:ca:01:45:4e:5b:2b:c6:d6:77:4d:b0:cf:b5:77:08:
5e:e4:8b:15:1f:94:0c:64:ba:bd:54:02:27:59:3b:aa:d9:b8:
8e:49:d3:24:a8:42:43:b5:5f:57:d5:b8:6d:d8:2c:b0:34:5c:
a3:21:a6:80:78:c8:51:ff:90:ad:1e:f0:85:ff:45:ce:a7:9d:
00:a1:b3:ad:f7:85:03:e0:6d:22:d5:0e:39:31:c8:3e:cf:e6:
e7:a7:cc:4d:14:4d:3f:b0:27:9d:95:8c:0a:7f:15:dd:f5:20:
d5:86:54:19:fa:f8:3f:aa:3a:79:92:fc:aa:8a:55:ae:17:0e:
95:1f:9b:96:63:f0:5a:15:bf:29:0e:7f:1b:99:fb:01:0b:cc:
60:21:f1:a4:57:7e:65:0a:f8:f6:8b:12:e9:db:a7:93:7a:f4:
f3:49:6a:d3:05:14:0d:f9:2c:c9:d2:3f:0e:c5:95:25:7a:55:
01:92:26:0e:6d:7f:4a:2b:78:f4:3b:c1:11:a0:1f:ce:3b:6c:
f5:94:ee:e1:a2:46:c8:4f:a1:8c:3e:c5:24:f9:c4:a8:6a:f8:
c4:43:cb:84:69:18:4e:68:f3:a0:09:c8:99:fc:88:c9:99:15:
be:ff:ba:40
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICB9gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZEODcxMTAvBgNVBAUTKEZCQTdDM0FERjA3RjgwQjM1NkMxMTNCODUyNTZGNTdB
NDA2OUVBRTYwHhcNMjUwMjA2MjAzOTM5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E1MWUwYi1jMGUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwRz2HCgGFpLN3f6JdTmrzc0/S65KoSIHfTXjt6J/NOpA0VdEljrCAwwDDf5/
iDm8ML5QzN1ps3RREGWE8QgWBwRcNnxToaP2/sgmDNhGdMpX6IF0tv/hZOrqduPh
5fkDOMV7Norq+Z411II1P/4yrQ3d5WfMJTWNjhoKK5x88rq0+ca1o/+Oixb9WFop
f9+ND2aVRPz7bM4QBhyVETzcrnXTUQiSI5rDUBZz9ylmKa1/xCRP4hripPD+N3WH
pc1MpGqQ2diaHYUFbOGE7Sw8sa7IygeYDNMVlScUa6kf1ZNXix+qZfKmCYRiYj9r
Y+a0u9P9bQwFwusrPWNGCKXIKQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJoqikAV
cyBUR9g6Fm979xLS/7/UMB8GA1UdIwQYMBaAFPunw63wf4CzVsETuFJW9XpAaerm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkQ4Ny8yOUFBOTk1NkRF
MDgxMUVBQTEwNkI2MkJDNEY5QUUwMi8tNmZEcmZCX2dMTld3Uk80VWxiMWVrQnA2
dVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy02ZkRyZkJfZ0xOV3dSTzRVbGIxZWtCcDZ1WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZEODcvMjlBQTk5NTZERTA4MTFFQUExMDZCNjJCQzRGOUFFMDIvMzUxNjdGMzRE
RTA5MTFFQUE4Rjc0NTJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIr4BADBAJnKywwDQQCAAIwBwMFACQHAYAwDQYJKoZIhvcN
AQELBQADggEBALb/ECPrIKJJJyXShhz3O07I8hZeE8oBRU5bK8bWd02wz7V3CF7k
ixUflAxkur1UAidZO6rZuI5J0ySoQkO1X1fVuG3YLLA0XKMhpoB4yFH/kK0e8IX/
Rc6nnQChs633hQPgbSLVDjkxyD7P5uenzE0UTT+wJ52VjAp/Fd31INWGVBn6+D+q
OnmS/KqKVa4XDpUfm5Zj8FoVvykOfxuZ+wELzGAh8aRXfmUK+PaLEunbp5N69PNJ
atMFFA35LMnSPw7FlSV6VQGSJg5tf0orePQ7wRGgH847bPWU7uGiRshPoYw+xST5
xKhq+MRDy4RpGE5o86AJyJn8iMmZFb7/ukA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:20:47 2025 by rpki-client