Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91995D5/163B1E7C2AAE11E9AA574E4EC4F9AE02/ADA9DA3C2AAE11E9BEFAEF4EC4F9AE02.roa
File: ADA9DA3C2AAE11E9BEFAEF4EC4F9AE02.roa (raw, json)
Hash identifier: NcGX1+0f22h9EnvK4Hf3V559zCSmDIlERyuyLCtuDE0=
Subject key identifier: 49:6A:19:14:77:6F:58:6E:44:D2:D0:2D:01:13:19:14:DE:A0:50:F0
Certificate issuer: /CN=A91995D5/serialNumber=6F2C207558764EAB50EF85066F78590CE5B1C561
Certificate serial: 1054
Authority key identifier: 6F:2C:20:75:58:76:4E:AB:50:EF:85:06:6F:78:59:0C:E5:B1:C5:61
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bywgdVh2TqtQ74UGb3hZDOWxxWE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91995D5/163B1E7C2AAE11E9AA574E4EC4F9AE02/ADA9DA3C2AAE11E9BEFAEF4EC4F9AE02.roa
Signing time: Sat 28 Dec 2024 17:15:27 +0000
ROA not before: Sat 28 Dec 2024 17:15:27 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 138443
IP address blocks: 103.125.136.0/22 maxlen: 22
103.125.136.0/24 maxlen: 24
103.125.137.0/24 maxlen: 24
103.125.138.0/24 maxlen: 24
103.125.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4180 (0x1054)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91995D5
Validity
Not Before: Dec 28 17:15:27 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6770322e-5768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e8:71:1d:9f:19:c8:dd:df:80:6a:7d:b9:a9:
ae:3c:63:30:4d:d1:c0:3e:90:c2:2b:77:40:83:63:
42:95:5e:ad:1b:01:37:4f:a6:8c:99:2f:54:9b:5b:
ef:bd:c0:20:26:b2:c4:29:5e:af:f4:7f:eb:60:d4:
f8:d6:0c:0a:be:3b:1b:b7:12:bf:22:cf:f7:b5:1a:
58:91:19:42:f7:94:df:62:f1:87:f3:b4:53:cf:61:
a4:96:b9:39:60:d4:e9:07:ae:c8:f9:e9:1c:f5:69:
71:6b:93:0b:c9:ec:6b:2c:a8:0f:10:22:e1:b9:9d:
7d:5b:17:6e:6a:53:fc:22:3e:4b:39:f6:6c:67:5f:
b0:d8:04:81:45:a0:9c:b1:74:86:3e:b5:8c:ae:39:
5c:3f:df:7d:ce:7b:6c:da:51:85:17:5c:5c:37:00:
d6:bb:bc:55:9e:e1:7f:1f:b8:3a:6b:fa:a8:80:2f:
38:3f:82:eb:21:48:5a:a4:c4:ac:ed:33:27:6c:dc:
9a:1a:dc:2f:29:0b:e4:c5:5f:bc:1e:70:ab:d7:bc:
e0:da:e4:80:b1:a8:9c:0b:d6:5f:af:6c:c2:f8:a7:
fd:98:90:5c:85:76:ba:48:a1:77:8a:d8:5c:41:3f:
6f:f7:64:1b:8c:68:e1:20:f1:06:1f:7b:11:a2:cb:
30:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:6A:19:14:77:6F:58:6E:44:D2:D0:2D:01:13:19:14:DE:A0:50:F0
X509v3 Authority Key Identifier:
keyid:6F:2C:20:75:58:76:4E:AB:50:EF:85:06:6F:78:59:0C:E5:B1:C5:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91995D5/163B1E7C2AAE11E9AA574E4EC4F9AE02/bywgdVh2TqtQ74UGb3hZDOWxxWE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bywgdVh2TqtQ74UGb3hZDOWxxWE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91995D5/163B1E7C2AAE11E9AA574E4EC4F9AE02/ADA9DA3C2AAE11E9BEFAEF4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.125.136.0/22
Signature Algorithm: sha256WithRSAEncryption
29:9b:ae:45:71:12:b5:08:e9:03:78:90:e0:6a:9d:89:e4:87:
73:80:20:63:fb:db:b4:5a:ad:8b:9e:57:d5:10:a5:8f:f9:20:
d3:41:7f:2c:06:3e:df:02:55:f6:55:ae:2e:03:19:ad:26:4c:
b3:b6:69:c5:d6:d0:77:05:45:57:ee:21:85:51:43:6b:31:4b:
e4:92:47:b8:08:c3:2b:6d:4e:5f:3c:33:37:c0:57:b4:ed:cc:
12:97:32:e6:25:25:cd:b6:7e:41:ec:2e:47:13:f5:be:81:a1:
b9:a8:a1:af:aa:f6:dd:f6:a6:16:9b:1b:b4:e0:51:6f:21:36:
eb:9a:57:9c:d1:13:bc:0e:ee:f1:e7:2c:f9:39:b8:4f:c6:a1:
3c:9d:57:99:e3:dc:84:20:fe:3e:59:8f:ba:5c:0f:94:fa:eb:
42:e6:b6:35:58:af:e9:ff:98:72:45:08:e3:86:6e:b0:e0:5a:
6c:4e:d6:36:ec:32:16:01:ab:f6:3f:1d:95:70:5b:fc:a6:81:
2e:38:72:b2:af:c1:06:83:ee:91:4d:2d:7d:5c:98:7e:df:bf:
81:fc:ba:43:25:17:7e:d9:41:1e:8f:ad:45:48:97:51:34:67:
c6:fc:72:df:d1:d9:92:99:42:e7:e1:a4:e5:b3:a0:33:fe:a8:
8a:cf:a1:5d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEFQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTk1RDUxMTAvBgNVBAUTKDZGMkMyMDc1NTg3NjRFQUI1MEVGODUwNjZGNzg1OTBD
RTVCMUM1NjEwHhcNMjQxMjI4MTcxNTI3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzcwMzIyZS01NzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlehxHZ8ZyN3fgGp9uamuPGMwTdHAPpDCK3dAg2NClV6tGwE3T6aMmS9Um1vv
vcAgJrLEKV6v9H/rYNT41gwKvjsbtxK/Is/3tRpYkRlC95TfYvGH87RTz2Gklrk5
YNTpB67I+ekc9Wlxa5MLyexrLKgPECLhuZ19WxdualP8Ij5LOfZsZ1+w2ASBRaCc
sXSGPrWMrjlcP999znts2lGFF1xcNwDWu7xVnuF/H7g6a/qogC84P4LrIUhapMSs
7TMnbNyaGtwvKQvkxV+8HnCr17zg2uSAsaicC9Zfr2zC+Kf9mJBchXa6SKF3ithc
QT9v92QbjGjhIPEGH3sRosswbwIDAQABo4IClTCCApEwHQYDVR0OBBYEFElqGRR3
b1huRNLQLQETGRTeoFDwMB8GA1UdIwQYMBaAFG8sIHVYdk6rUO+FBm94WQzlscVh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTVENS8xNjNCMUU3QzJB
QUUxMUU5QUE1NzRFNEVDNEY5QUUwMi9ieXdnZFZoMlRxdFE3NFVHYjNoWkRPV3h4
V0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2J5d2dkVmgyVHF0UTc0VUdiM2haRE9XeHhXRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTk1RDUvMTYzQjFFN0MyQUFFMTFFOUFBNTc0RTRFQzRGOUFFMDIvQURBOURBM0My
QUFFMTFFOUJFRkFFRjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnfYgwDQYJKoZIhvcNAQELBQADggEBACmbrkVxErUI6QN4
kOBqnYnkh3OAIGP727RarYueV9UQpY/5INNBfywGPt8CVfZVri4DGa0mTLO2acXW
0HcFRVfuIYVRQ2sxS+SSR7gIwyttTl88MzfAV7TtzBKXMuYlJc22fkHsLkcT9b6B
obmooa+q9t32phabG7TgUW8hNuuaV5zRE7wO7vHnLPk5uE/GoTydV5nj3IQg/j5Z
j7pcD5T660LmtjVYr+n/mHJFCOOGbrDgWmxO1jbsMhYBq/Y/HZVwW/ymgS44crKv
wQaD7pFNLX1cmH7fv4H8ukMlF37ZQR6PrUVIl1E0Z8b8ct/R2ZKZQufhpOWzoDP+
qIrPoV0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:15:43 2025 by rpki-client