Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/02BFF64EE6A811EFB5943878C4F9AE02.roa
File: 02BFF64EE6A811EFB5943878C4F9AE02.roa (raw, json)
Hash identifier: 2CAgcrLv4JGzDGMPlAonDkbaG+eLBXz0G6EKid4bHfs=
Subject key identifier: 94:B5:63:E7:35:87:40:7F:02:2C:8F:5E:B9:6A:EE:5C:57:5D:48:F3
Certificate issuer: /CN=A919C47E/serialNumber=894FE11398B679AEB1B118B1BDE673E18CF6E934
Certificate serial: 132D
Authority key identifier: 89:4F:E1:13:98:B6:79:AE:B1:B1:18:B1:BD:E6:73:E1:8C:F6:E9:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iU_hE5i2ea6xsRixveZz4Yz26TQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/02BFF64EE6A811EFB5943878C4F9AE02.roa
Signing time: Sun 09 Feb 2025 05:38:51 +0000
ROA not before: Sun 09 Feb 2025 05:38:51 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 138398
IP address blocks: 103.121.34.0/23 maxlen: 23
103.121.34.0/24 maxlen: 24
103.121.35.0/24 maxlen: 24
103.130.68.0/24 maxlen: 24
103.130.69.0/24 maxlen: 24
103.139.78.0/24 maxlen: 24
2403:b4c0::/36 maxlen: 36
2403:b4c0:1000::/36 maxlen: 36
2403:b4c0:2000::/36 maxlen: 36
2403:b4c0:3000::/36 maxlen: 36
2403:b4c0:5000::/36 maxlen: 36
2403:b4c0:6000::/36 maxlen: 36
2403:b4c0:7000::/36 maxlen: 36
2403:b4c0:8000::/48 maxlen: 48
2403:b4c0:8001::/48 maxlen: 48
2403:b4c0:8002::/48 maxlen: 48
2403:b4c0:8003::/48 maxlen: 48
2403:b4c0:8004::/48 maxlen: 48
2403:b4c0:8005::/48 maxlen: 48
2403:b4c0:9000::/36 maxlen: 36
2403:b4c0:aa00::/40 maxlen: 40
2403:b4c0:ae00::/40 maxlen: 40
2403:b4c0:af00::/40 maxlen: 40
2403:b4c0:f000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4909 (0x132d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919C47E
Validity
Not Before: Feb 9 05:38:51 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67a83f6b-b50b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a2:8e:68:63:40:57:b8:19:39:45:33:2d:4f:
22:cf:e4:e1:85:b0:f9:e0:46:e6:f1:8c:46:50:5c:
28:79:22:6e:12:6b:eb:1a:65:dd:06:e4:37:29:41:
30:20:ac:0b:26:f9:65:f7:38:47:6e:03:b9:3f:cc:
d8:fc:8b:c0:28:d9:09:be:19:b9:f7:ab:0b:42:21:
3e:4f:7d:5c:bd:f4:0f:89:22:c9:77:d9:01:9e:ad:
81:d0:a9:f5:e4:36:a3:20:7e:0d:dc:d8:b3:39:c1:
de:e4:95:d0:f2:1b:e9:40:1b:c7:28:dd:d6:7f:49:
c1:62:5b:7d:90:4d:9d:d9:b7:3e:3b:69:bc:c4:f7:
98:67:e2:86:ef:23:c5:f4:86:a1:4b:db:83:8e:b6:
3c:bc:f5:52:9d:ec:bb:49:05:37:3e:70:e3:eb:da:
26:3f:38:52:ea:2d:23:69:f0:e4:0e:55:d8:b1:20:
65:3e:73:52:46:a3:97:ba:88:b2:61:15:a6:22:92:
59:ff:5b:3f:5a:7f:03:dc:d6:69:b4:cd:bd:ea:34:
3b:f3:bf:0b:c7:60:14:11:b4:fe:7a:3f:83:05:c2:
a7:74:df:65:0b:a5:27:e3:1a:77:75:04:50:83:f1:
ec:43:36:29:7e:e0:e4:3b:78:b4:23:0f:b5:09:86:
39:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:B5:63:E7:35:87:40:7F:02:2C:8F:5E:B9:6A:EE:5C:57:5D:48:F3
X509v3 Authority Key Identifier:
keyid:89:4F:E1:13:98:B6:79:AE:B1:B1:18:B1:BD:E6:73:E1:8C:F6:E9:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/iU_hE5i2ea6xsRixveZz4Yz26TQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iU_hE5i2ea6xsRixveZz4Yz26TQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/02BFF64EE6A811EFB5943878C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.34.0/23
103.130.68.0/23
103.139.78.0/24
IPv6:
2403:b4c0::/34
2403:b4c0:5000::-2403:b4c0:8005:ffff:ffff:ffff:ffff:ffff
2403:b4c0:9000::/36
2403:b4c0:aa00::/40
2403:b4c0:ae00::/39
2403:b4c0:f000::/36
Signature Algorithm: sha256WithRSAEncryption
6b:3e:25:44:4a:ea:80:b6:85:a5:29:30:b0:4c:21:9e:b6:5c:
91:b0:96:8b:36:6e:e5:bd:e7:91:09:a3:dd:29:2b:9c:6e:fe:
a8:8e:69:1e:95:ae:76:72:f6:ee:78:9a:ed:55:13:d8:27:6b:
28:fe:01:99:46:df:65:db:ba:95:bd:47:41:46:a5:0d:ed:23:
6a:8e:70:1b:d3:3c:f3:ae:07:7e:73:eb:85:7f:77:26:0c:40:
bb:07:0c:c5:39:8f:7d:0f:cb:a9:13:32:0c:24:34:59:8f:fa:
6f:2b:09:fb:60:38:51:1c:17:99:30:4c:fe:da:7c:8e:ee:65:
b3:c3:24:6e:65:9d:c1:4f:24:85:7d:25:a2:d6:c3:fc:00:18:
20:d4:e3:f5:86:db:ea:81:58:52:83:47:fa:92:5a:f2:69:fb:
0b:a6:93:e9:d9:ec:ad:b2:69:fd:18:10:7f:28:08:14:1d:da:
62:ec:71:c3:7d:4f:f3:cc:f7:fc:cf:19:3f:b0:6b:89:97:12:
0c:de:48:1e:49:ae:f4:f0:65:28:28:20:70:cd:e1:7b:8a:32:
df:ea:04:00:e7:f3:77:13:e6:49:0e:05:46:5e:e5:af:da:35:
7c:4a:36:c5:97:a1:8a:f5:5a:72:a7:03:35:d1:32:65:b2:7f:
89:b3:f0:33
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgICEy0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUM0N0UxMTAvBgNVBAUTKDg5NEZFMTEzOThCNjc5QUVCMUIxMThCMUJERTY3M0Ux
OENGNkU5MzQwHhcNMjUwMjA5MDUzODUxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E4M2Y2Yi1iNTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvKKOaGNAV7gZOUUzLU8iz+ThhbD54Ebm8YxGUFwoeSJuEmvrGmXdBuQ3KUEw
IKwLJvll9zhHbgO5P8zY/IvAKNkJvhm596sLQiE+T31cvfQPiSLJd9kBnq2B0Kn1
5DajIH4N3NizOcHe5JXQ8hvpQBvHKN3Wf0nBYlt9kE2d2bc+O2m8xPeYZ+KG7yPF
9IahS9uDjrY8vPVSney7SQU3PnDj69omPzhS6i0jafDkDlXYsSBlPnNSRqOXuoiy
YRWmIpJZ/1s/Wn8D3NZptM296jQ7878Lx2AUEbT+ej+DBcKndN9lC6Un4xp3dQRQ
g/HsQzYpfuDkO3i0Iw+1CYY56QIDAQABo4IC5DCCAuAwHQYDVR0OBBYEFJS1Y+c1
h0B/AiyPXrlq7lxXXUjzMB8GA1UdIwQYMBaAFIlP4ROYtnmusbEYsb3mc+GM9uk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzQ3RS9CQ0VERjQ0MkIw
QkYxMUU4ODYzOTIyMzdDNEY5QUUwMi9pVV9oRTVpMmVhNnhzUml4dmVaejRZejI2
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lVX2hFNWkyZWE2eHNSaXh2ZVp6NFl6MjZUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUM0N0UvQkNFREY0NDJCMEJGMTFFODg2MzkyMjM3QzRGOUFFMDIvMDJCRkY2NEVF
NkE4MTFFRkI1OTQzODc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbgYIKwYBBQUHAQcBAf8E
XzBdMBgEAgABMBIDBAFneSIDBAFngkQDBABni04wQQQCAAIwOwMGBiQDtMAAMBED
BgQkA7TAUAMHASQDtMCABAMGBCQDtMCQAwYAJAO0wKoDBgEkA7TArgMGBCQDtMDw
MA0GCSqGSIb3DQEBCwUAA4IBAQBrPiVESuqAtoWlKTCwTCGetlyRsJaLNm7lveeR
CaPdKSucbv6ojmkela52cvbueJrtVRPYJ2so/gGZRt9l27qVvUdBRqUN7SNqjnAb
0zzzrgd+c+uFf3cmDEC7BwzFOY99D8upEzIMJDRZj/pvKwn7YDhRHBeZMEz+2nyO
7mWzwyRuZZ3BTySFfSWi1sP8ABgg1OP1htvqgVhSg0f6klryafsLppPp2eytsmn9
GBB/KAgUHdpi7HHDfU/zzPf8zxk/sGuJlxIM3kgeSa708GUoKCBwzeF7ijLf6gQA
5/N3E+ZJDgVGXuWv2jV8SjbFl6GK9VpypwM10TJlsn+Js/Az
-----END CERTIFICATE-----
Generated at Thu Apr 10 23:48:25 2025 by rpki-client