Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/7F7231ACE18011EF8702D74DC4F9AE02.roa
File: 7F7231ACE18011EF8702D74DC4F9AE02.roa (raw, json)
Hash identifier: WZVD3OFnLCd+Z+EztJUmZvetknrgOnaCpDqtEU+1mk0=
Subject key identifier: 5E:D4:22:A8:93:BB:FD:28:72:54:32:01:BE:F1:98:A0:60:29:DA:2E
Certificate issuer: /CN=A9198847/serialNumber=A6EF06B689581821C78C88291BBDF5C512A33F41
Certificate serial: 0D6B
Authority key identifier: A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/7F7231ACE18011EF8702D74DC4F9AE02.roa
Signing time: Sun 16 Mar 2025 18:07:50 +0000
ROA not before: Sun 16 Mar 2025 18:07:50 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 149765
IP address blocks: 43.246.200.0/24 maxlen: 24
43.246.201.0/24 maxlen: 24
103.109.56.0/24 maxlen: 24
103.109.57.0/24 maxlen: 24
103.109.59.0/24 maxlen: 24
103.111.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3435 (0xd6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9198847
Validity
Not Before: Mar 16 18:07:50 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67d71376-dcc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d0:a8:bd:97:d8:2e:7e:41:1f:9e:c6:54:61:
c3:b6:de:d3:4f:f9:48:87:d5:30:fa:64:72:71:04:
c4:79:89:3b:11:92:63:9c:6c:ae:a6:d1:72:bd:f8:
ee:08:4d:71:3e:4e:d8:a0:72:c7:fd:01:d0:ca:eb:
57:8c:e4:78:3d:23:ad:b1:4a:89:c1:e4:ad:0b:70:
12:2b:08:86:6c:c9:80:51:1b:42:d0:a6:29:19:56:
71:cf:84:49:0c:ec:5e:56:e9:82:84:09:fa:93:35:
71:0a:31:1f:85:fe:03:97:48:27:8d:40:8e:33:76:
80:26:b7:ad:43:2f:ad:1b:e3:76:d4:c6:dc:b3:eb:
c8:81:8e:9f:90:17:a0:13:d8:8c:c2:7c:94:cc:04:
fe:36:a3:c2:f5:b8:65:9e:6a:55:fc:26:06:3e:58:
f5:18:14:c8:86:73:f8:ab:14:f3:6a:e6:56:b6:20:
e5:06:38:e0:7d:4b:81:8c:97:b5:db:4a:83:73:73:
27:26:8f:f5:60:f5:86:3a:fb:b2:1d:2a:9f:40:19:
d4:aa:9d:87:51:ea:63:ee:72:08:8c:89:de:eb:4d:
35:cf:61:ea:e0:04:08:d7:80:74:a4:bb:03:ab:97:
8f:ee:b9:91:c7:dd:17:62:14:0a:45:5e:2a:f5:f8:
39:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D4:22:A8:93:BB:FD:28:72:54:32:01:BE:F1:98:A0:60:29:DA:2E
X509v3 Authority Key Identifier:
keyid:A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/pu8GtolYGCHHjIgpG731xRKjP0E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/7F7231ACE18011EF8702D74DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.246.200.0/23
103.109.56.0/23
103.109.59.0/24
103.111.13.0/24
Signature Algorithm: sha256WithRSAEncryption
49:05:ba:73:5c:a4:3b:ae:72:6b:bd:ce:cf:32:ba:3b:0c:51:
57:b1:c7:97:76:14:a3:3f:75:1a:a3:ff:48:a5:21:63:3a:31:
09:1c:fe:64:ab:7f:a1:f0:cb:b4:5d:5b:51:d8:d2:99:fc:5c:
e8:d7:6a:d1:59:8d:c4:f1:3b:4e:ed:2a:c7:d3:7b:65:4c:8a:
b1:13:df:14:7b:e5:58:1b:83:d7:98:8d:65:24:7b:23:55:a2:
0e:3d:1e:24:84:a5:74:f6:5a:e6:0c:27:c8:6f:a7:ba:21:d8:
42:6d:3b:26:09:6b:db:c3:f1:8c:73:6f:0c:11:cb:25:f3:22:
00:6b:fc:dd:c1:1d:b3:90:da:e4:73:25:3a:de:65:c5:25:9a:
92:4c:14:50:02:8b:28:5a:4a:18:f7:79:90:06:00:36:cf:e6:
5e:0b:55:c1:24:4b:6f:4a:12:8d:50:97:ec:82:f5:63:36:d7:
7c:cb:94:76:e8:a7:bd:01:c4:d5:49:9e:63:cf:39:ac:56:ef:
8a:40:e8:fe:ff:49:50:9a:af:ec:5b:98:ae:df:84:84:54:d3:
f8:fa:6d:85:27:18:1d:a6:a6:de:66:e2:12:46:8e:3f:f7:fb:
88:d3:de:1b:43:72:46:c3:1d:66:18:6f:90:8e:93:0f:8a:97:
4d:ac:06:35
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDWswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTg4NDcxMTAvBgNVBAUTKEE2RUYwNkI2ODk1ODE4MjFDNzhDODgyOTFCQkRGNUM1
MTJBMzNGNDEwHhcNMjUwMzE2MTgwNzUwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q3MTM3Ni1kY2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4tCovZfYLn5BH57GVGHDtt7TT/lIh9Uw+mRycQTEeYk7EZJjnGyuptFyvfju
CE1xPk7YoHLH/QHQyutXjOR4PSOtsUqJweStC3ASKwiGbMmAURtC0KYpGVZxz4RJ
DOxeVumChAn6kzVxCjEfhf4Dl0gnjUCOM3aAJretQy+tG+N21Mbcs+vIgY6fkBeg
E9iMwnyUzAT+NqPC9bhlnmpV/CYGPlj1GBTIhnP4qxTzauZWtiDlBjjgfUuBjJe1
20qDc3MnJo/1YPWGOvuyHSqfQBnUqp2HUepj7nIIjIne6001z2Hq4AQI14B0pLsD
q5eP7rmRx90XYhQKRV4q9fg5XQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFF7UIqiT
u/0oclQyAb7xmKBgKdouMB8GA1UdIwQYMBaAFKbvBraJWBghx4yIKRu99cUSoz9B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODg0Ny9EREZCQjBCOEQ3
ODExMUU5QjQyM0FDNEJDNEY5QUUwMi9wdThHdG9sWUdDSEhqSWdwRzczMXhSS2pQ
MEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3B1OEd0b2xZR0NISGpJZ3BHNzMxeFJLalAwRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTg4NDcvRERGQkIwQjhENzgxMTFFOUI0MjNBQzRCQzRGOUFFMDIvN0Y3MjMxQUNF
MTgwMTFFRjg3MDJENzREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAEr9sgDBAFnbTgDBABnbTsDBABnbw0wDQYJKoZIhvcNAQEL
BQADggEBAEkFunNcpDuucmu9zs8yujsMUVexx5d2FKM/dRqj/0ilIWM6MQkc/mSr
f6Hwy7RdW1HY0pn8XOjXatFZjcTxO07tKsfTe2VMirET3xR75Vgbg9eYjWUkeyNV
og49HiSEpXT2WuYMJ8hvp7oh2EJtOyYJa9vD8YxzbwwRyyXzIgBr/N3BHbOQ2uRz
JTreZcUlmpJMFFACiyhaShj3eZAGADbP5l4LVcEkS29KEo1Ql+yC9WM213zLlHbo
p70BxNVJnmPPOaxW74pA6P7/SVCar+xbmK7fhIRU0/j6bYUnGB2mpt5m4hJGjj/3
+4jT3htDckbDHWYYb5COkw+Kl02sBjU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:45:02 2025 by rpki-client