Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/33136310086F11F088067839C4F9AE02.roa
File: 33136310086F11F088067839C4F9AE02.roa (raw, json)
Hash identifier: T6TzoH13idGKn8oy/DhDX7WyaXhh+fmMhq+FDNN5wpM=
Subject key identifier: B9:96:65:FB:A1:D4:09:F1:90:93:5A:EF:DD:F8:0F:56:BF:08:82:B5
Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial: 0B7E
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/33136310086F11F088067839C4F9AE02.roa
Signing time: Mon 24 Mar 2025 05:16:54 +0000
ROA not before: Mon 24 Mar 2025 05:16:54 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 17408
IP address blocks: 43.230.52.0/24 maxlen: 24
43.230.53.0/24 maxlen: 24
43.230.54.0/24 maxlen: 24
43.230.55.0/24 maxlen: 24
43.231.189.0/24 maxlen: 24
43.231.191.0/24 maxlen: 24
43.246.197.0/24 maxlen: 24
43.246.199.0/24 maxlen: 24
43.251.185.0/24 maxlen: 24
43.251.187.0/24 maxlen: 24
45.115.33.0/24 maxlen: 24
45.115.35.0/24 maxlen: 24
103.15.76.0/24 maxlen: 24
103.15.77.0/24 maxlen: 24
103.15.78.0/24 maxlen: 24
103.21.105.0/24 maxlen: 24
103.21.107.0/24 maxlen: 24
103.248.148.0/24 maxlen: 24
103.248.149.0/24 maxlen: 24
103.248.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2942 (0xb7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4402
Validity
Not Before: Mar 24 05:16:54 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e0eac6-64b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:be:cb:07:c6:cf:08:65:38:1d:05:03:70:96:
71:8f:b1:17:ab:59:bd:82:19:f9:84:1a:9a:16:31:
5e:62:a8:20:86:bc:26:b7:fe:c5:a2:c2:5c:f5:35:
28:0c:91:db:6d:61:2f:37:f8:ce:a9:89:dc:e3:c6:
d0:2d:69:32:86:4e:87:de:7f:97:ab:44:ad:ce:68:
2e:71:dd:7b:e0:ef:ae:93:c6:bd:c1:56:dd:99:91:
69:cb:76:97:56:d1:69:da:90:81:e7:1f:50:67:52:
00:7f:82:54:f6:10:f5:97:d6:67:a8:60:ed:35:f6:
cb:8f:8a:d2:d2:d8:1d:ed:91:41:34:e1:bc:c3:5d:
ef:d1:ed:95:20:92:63:9b:c4:2c:e9:08:22:12:8a:
43:ee:5e:4e:19:e0:a1:af:57:04:35:75:a1:7f:f4:
1e:ac:69:5f:7d:8d:e6:59:f4:35:a7:52:4e:0c:b0:
12:0e:83:59:df:27:7c:1a:aa:6c:c9:51:43:0d:ac:
b1:c1:25:e9:93:e1:d6:0b:0a:19:af:7a:1b:10:6a:
0f:fd:09:43:b7:13:b4:f2:78:ec:02:da:90:65:6d:
4d:b3:96:cc:49:ff:3b:00:5e:09:b8:5a:2d:c8:2b:
46:91:3d:81:e9:2f:2a:ac:b0:04:43:92:0f:03:17:
63:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:96:65:FB:A1:D4:09:F1:90:93:5A:EF:DD:F8:0F:56:BF:08:82:B5
X509v3 Authority Key Identifier:
keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/33136310086F11F088067839C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.52.0/22
43.231.189.0/24
43.231.191.0/24
43.246.197.0/24
43.246.199.0/24
43.251.185.0/24
43.251.187.0/24
45.115.33.0/24
45.115.35.0/24
103.15.76.0-103.15.78.255
103.21.105.0/24
103.21.107.0/24
103.248.148.0/23
103.248.151.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:de:20:f9:a5:cf:f1:0d:55:6b:c5:aa:33:9e:8b:06:db:20:
a3:76:d8:ff:59:ee:1f:e0:8c:70:b3:04:3d:7e:fc:0d:56:8b:
b1:8f:b9:e6:2a:85:f7:e5:82:66:ff:eb:d3:2a:7b:1b:c6:90:
d1:dd:d4:ec:07:44:ee:a2:9f:83:ef:f0:ee:d2:9c:15:56:1f:
88:a7:a3:b3:bf:8f:8d:86:3e:67:74:9f:71:5c:13:4a:1d:57:
85:11:9e:b8:80:85:bd:56:0d:ee:f1:59:14:dc:61:86:1d:17:
e9:f8:9d:22:c3:84:7f:d6:57:11:7b:90:e1:91:4c:b2:c9:de:
ea:14:79:f5:d3:26:e2:84:16:74:f2:e8:90:3b:8f:a4:03:09:
74:3c:6a:04:bb:52:72:10:3a:a2:5d:3b:6d:e8:83:8a:6d:fc:
6c:6d:93:b2:d1:a3:47:66:19:b0:dd:af:e2:d5:ab:94:d6:d0:
1d:89:7c:8d:92:4f:99:27:c8:36:e6:2c:eb:5a:13:1b:5c:d3:
21:0c:df:3e:0b:76:7e:d3:eb:f5:17:c2:01:cf:e9:25:63:6d:
2f:36:5f:a6:ec:3d:1a:60:4a:d5:3a:7c:b8:17:37:9d:e4:be:
ec:a9:57:a6:20:9a:49:21:4e:43:aa:4d:6f:6c:c5:e3:12:69:
d2:21:00:5a
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgICC34wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjUwMzI0MDUxNjU0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UwZWFjNi02NGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsr7LB8bPCGU4HQUDcJZxj7EXq1m9ghn5hBqaFjFeYqgghrwmt/7FosJc9TUo
DJHbbWEvN/jOqYnc48bQLWkyhk6H3n+Xq0Stzmgucd174O+uk8a9wVbdmZFpy3aX
VtFp2pCB5x9QZ1IAf4JU9hD1l9ZnqGDtNfbLj4rS0tgd7ZFBNOG8w13v0e2VIJJj
m8Qs6QgiEopD7l5OGeChr1cENXWhf/QerGlffY3mWfQ1p1JODLASDoNZ3yd8Gqps
yVFDDayxwSXpk+HWCwoZr3obEGoP/QlDtxO08njsAtqQZW1Ns5bMSf87AF4JuFot
yCtGkT2B6S8qrLAEQ5IPAxdjLQIDAQABo4IC6zCCAucwHQYDVR0OBBYEFLmWZfuh
1AnxkJNa7934D1a/CIK1MB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvMzMxMzYzMTAw
ODZGMTFGMDg4MDY3ODM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdQYIKwYBBQUHAQcBAf8E
ZjBkMGIEAgABMFwDBAIr5jQDBAAr570DBAAr578DBAAr9sUDBAAr9scDBAAr+7kD
BAAr+7sDBAAtcyEDBAAtcyMwDAMEAmcPTAMEAGcPTgMEAGcVaQMEAGcVawMEAWf4
lAMEAGf4lzANBgkqhkiG9w0BAQsFAAOCAQEA0N4g+aXP8Q1Va8WqM56LBtsgo3bY
/1nuH+CMcLMEPX78DVaLsY+55iqF9+WCZv/r0yp7G8aQ0d3U7AdE7qKfg+/w7tKc
FVYfiKejs7+PjYY+Z3SfcVwTSh1XhRGeuICFvVYN7vFZFNxhhh0X6fidIsOEf9ZX
EXuQ4ZFMssne6hR59dMm4oQWdPLokDuPpAMJdDxqBLtSchA6ol07beiDim38bG2T
stGjR2YZsN2v4tWrlNbQHYl8jZJPmSfINuYs61oTG1zTIQzfPgt2ftPr9RfCAc/p
JWNtLzZfpuw9GmBK1Tp8uBc3neS+7KlXpiCaSSFOQ6pNb2zF4xJp0iEAWg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:53:56 2025 by rpki-client