Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/634556A61F8411E79BCB6D54C4F9AE02.roa
File: 634556A61F8411E79BCB6D54C4F9AE02.roa (raw, json)
Hash identifier: 4IDng3Lrs8lhaOUdN7yvdIjmCJWMny3fPwZTXINqHBU=
Subject key identifier: 32:CF:14:80:C2:8D:2B:72:8E:71:95:9E:4A:51:00:84:D1:52:EB:5D
Certificate issuer: /CN=A919BEDB/serialNumber=1EDE5C6E008028BCD2AE33651381BDE1FD07C5D4
Certificate serial: 1B0B
Authority key identifier: 1E:DE:5C:6E:00:80:28:BC:D2:AE:33:65:13:81:BD:E1:FD:07:C5:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/634556A61F8411E79BCB6D54C4F9AE02.roa
Signing time: Mon 06 Jan 2025 16:33:50 +0000
ROA not before: Mon 06 Jan 2025 16:33:50 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 134785
IP address blocks: 103.82.128.0/22 maxlen: 22
103.82.128.0/24 maxlen: 24
103.82.129.0/24 maxlen: 24
103.82.130.0/24 maxlen: 24
103.82.131.0/24 maxlen: 24
125.62.64.0/24 maxlen: 24
125.62.65.0/24 maxlen: 24
125.62.66.0/24 maxlen: 24
125.62.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6923 (0x1b0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919BEDB
Validity
Not Before: Jan 6 16:33:50 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=677c05ee-d993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1e:97:e2:23:cd:ac:0f:e8:98:71:0c:3b:48:
f4:36:a8:2b:bd:48:6c:3b:b2:4a:7e:b4:16:bc:d3:
08:09:4f:00:af:1d:c2:d0:bc:13:62:60:05:8c:ef:
18:07:e1:33:6a:9c:e2:c3:ee:4c:1f:cf:ff:a0:34:
4c:15:b9:26:93:d8:c6:f8:aa:82:86:48:b6:f3:d9:
c4:0d:cc:2e:c1:a0:e2:6d:1f:e3:51:15:d4:58:d1:
89:66:c3:d6:f2:0d:ec:3a:95:3a:20:14:b1:18:44:
0b:12:f7:ec:6d:e5:b8:f5:33:b4:f9:58:50:a8:87:
82:27:bd:04:57:96:91:aa:18:1f:c6:56:37:ec:fa:
c8:8e:8f:38:30:57:df:e7:e5:a0:00:56:95:0d:5c:
8e:21:b6:be:e2:0e:a3:ec:68:d5:47:26:9d:1b:4e:
39:44:34:06:b6:7b:b5:49:b5:9c:a4:ba:78:8e:49:
f9:f0:75:75:a5:ad:d5:60:7a:a9:44:1a:be:18:09:
15:6f:09:89:ee:f8:76:39:03:33:3a:9f:43:96:82:
5c:ff:87:63:b6:ee:ea:36:5a:ea:0e:06:fb:f4:f6:
e4:fb:c1:db:c3:59:70:fc:f3:fd:a8:65:36:c8:cc:
41:aa:0f:f1:ed:ea:55:ad:24:5e:62:e5:8c:37:5e:
fe:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CF:14:80:C2:8D:2B:72:8E:71:95:9E:4A:51:00:84:D1:52:EB:5D
X509v3 Authority Key Identifier:
keyid:1E:DE:5C:6E:00:80:28:BC:D2:AE:33:65:13:81:BD:E1:FD:07:C5:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/634556A61F8411E79BCB6D54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.128.0/22
125.62.64.0/22
Signature Algorithm: sha256WithRSAEncryption
37:cc:5e:e5:d7:ef:19:4b:f6:81:9e:5a:a8:ef:e2:3c:cb:99:
cb:f5:09:1b:a9:9a:1a:67:9b:f4:83:24:3d:94:83:83:d0:76:
f8:cd:d6:09:46:96:59:89:50:40:de:3c:f7:28:2b:4f:52:82:
e3:61:77:81:2d:c5:f6:ae:23:f0:f3:fb:77:68:20:ba:ab:a8:
98:e1:ea:99:ce:dc:fc:f8:b9:6b:ae:ac:0b:b8:06:62:bf:d1:
5d:b0:1b:4b:f8:d2:68:fa:59:83:3a:81:b0:07:95:c4:54:cc:
3c:c3:a7:00:fc:be:1a:2c:97:82:d4:d3:ca:7e:52:e1:2e:af:
6f:71:04:cf:63:35:47:1d:0a:1e:26:80:29:bf:de:6c:c8:23:
a1:cd:c1:b4:28:ad:7c:cc:60:c5:64:05:2d:fc:52:7f:c3:e4:
f6:53:c2:25:1a:6b:25:32:f3:f2:84:f0:23:b6:cc:98:ee:57:
6d:b7:32:3b:d3:05:19:1d:1e:e6:2b:83:1a:e9:50:ac:f5:e5:
33:5f:8c:0e:60:ac:c6:b6:db:65:38:fc:10:d9:80:38:17:33:
9f:70:75:9a:07:2d:3a:d9:c7:67:be:40:c3:3a:4e:75:94:4d:
aa:42:33:96:58:33:b7:41:6e:07:4d:0b:8a:35:da:35:9a:ba:
cb:80:26:bc
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICGwswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUJFREIxMTAvBgNVBAUTKDFFREU1QzZFMDA4MDI4QkNEMkFFMzM2NTEzODFCREUx
RkQwN0M1RDQwHhcNMjUwMTA2MTYzMzUwWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdjMDVlZS1kOTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsB6X4iPNrA/omHEMO0j0NqgrvUhsO7JKfrQWvNMICU8Arx3C0LwTYmAFjO8Y
B+Ezapziw+5MH8//oDRMFbkmk9jG+KqChki289nEDcwuwaDibR/jURXUWNGJZsPW
8g3sOpU6IBSxGEQLEvfsbeW49TO0+VhQqIeCJ70EV5aRqhgfxlY37PrIjo84MFff
5+WgAFaVDVyOIba+4g6j7GjVRyadG045RDQGtnu1SbWcpLp4jkn58HV1pa3VYHqp
RBq+GAkVbwmJ7vh2OQMzOp9DloJc/4djtu7qNlrqDgb79Pbk+8Hbw1lw/PP9qGU2
yMxBqg/x7epVrSReYuWMN17+NwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDLPFIDC
jStyjnGVnkpRAITRUutdMB8GA1UdIwQYMBaAFB7eXG4AgCi80q4zZROBveH9B8XU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QkVEQi81RDg2N0VCQzFG
ODMxMUU3QjU3RTYwNTNDNEY5QUUwMi9IdDVjYmdDQUtMelNyak5sRTRHOTRmMEh4
ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0h0NWNiZ0NBS0x6U3JqTmxFNEc5NGYwSHhkUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUJFREIvNUQ4NjdFQkMxRjgzMTFFN0I1N0U2MDUzQzRGOUFFMDIvNjM0NTU2QTYx
Rjg0MTFFNzlCQ0I2RDU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUoADBAJ9PkAwDQYJKoZIhvcNAQELBQADggEBADfMXuXX
7xlL9oGeWqjv4jzLmcv1CRupmhpnm/SDJD2Ug4PQdvjN1glGllmJUEDePPcoK09S
guNhd4EtxfauI/Dz+3doILqrqJjh6pnO3Pz4uWuurAu4BmK/0V2wG0v40mj6WYM6
gbAHlcRUzDzDpwD8vhosl4LU08p+UuEur29xBM9jNUcdCh4mgCm/3mzII6HNwbQo
rXzMYMVkBS38Un/D5PZTwiUaayUy8/KE8CO2zJjuV223MjvTBRkdHuYrgxrpUKz1
5TNfjA5grMa222U4/BDZgDgXM59wdZoHLTrZx2e+QMM6TnWUTapCM5ZYM7dBbgdN
C4o12jWausuAJrw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:17:15 2025 by rpki-client