Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/14D49D84671711ED91494347C4F9AE02.roa
File: 14D49D84671711ED91494347C4F9AE02.roa (raw, json)
Hash identifier: 0+yFGp4yCQ2+C7nfKNvEr5pFMe0RMN1w9SslOPfz3Vk=
Subject key identifier: 08:55:EB:FA:26:5D:2A:85:37:E9:AD:87:30:3D:42:96:10:65:BB:A3
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 464B
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/14D49D84671711ED91494347C4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:35:50 +0000
ROA not before: Thu 05 Sep 2024 03:35:50 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 38726
IP address blocks: 43.239.188.0/22 maxlen: 24
103.227.112.0/22 maxlen: 24
118.107.64.0/18 maxlen: 24
119.18.184.0/21 maxlen: 24
2400:bc80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17995 (0x464b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:35:50 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d92715-6e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4d:d7:f9:f6:ab:18:b1:91:e1:b3:7f:70:81:
b1:21:1d:7a:45:16:a8:51:2a:04:28:80:16:67:51:
48:2d:60:58:1d:e6:c6:2a:0a:3c:1f:9d:59:8d:aa:
de:e4:37:06:21:0d:f0:ca:5b:6c:d6:6d:b0:ee:0e:
ac:47:a7:cf:34:ef:78:d9:2a:ac:a3:c6:fc:fd:2a:
60:3a:b0:b2:c7:fb:1c:2a:a2:33:81:9e:a7:ed:b8:
b2:40:24:dc:1b:34:83:52:7b:90:3b:3e:17:6d:b1:
33:81:53:f7:4b:0e:96:f0:79:0d:eb:e1:5a:6e:b9:
2b:f7:d1:52:55:91:f4:91:5e:a1:90:33:78:7a:87:
87:43:6c:83:98:9d:94:f8:47:55:02:f8:c9:00:78:
c7:0c:d4:54:c9:ae:b8:3b:42:d7:e8:0e:d5:6b:a5:
e8:a9:60:b2:44:d0:72:a0:ce:37:54:f1:00:b7:9f:
3a:84:39:e3:fd:99:da:09:bd:b4:32:10:fc:81:2d:
97:5a:17:02:e9:7d:a0:7f:7c:45:92:24:a9:9a:92:
61:f1:8f:1a:7d:d1:24:b1:b7:f3:b2:b1:5f:6b:29:
a7:21:84:e2:4b:16:d4:08:6a:df:fc:bf:d8:a0:44:
d5:64:70:1d:b6:9f:24:dc:2c:7a:05:19:54:54:59:
fc:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:55:EB:FA:26:5D:2A:85:37:E9:AD:87:30:3D:42:96:10:65:BB:A3
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/14D49D84671711ED91494347C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.188.0/22
103.227.112.0/22
118.107.64.0/18
119.18.184.0/21
IPv6:
2400:bc80::/32
Signature Algorithm: sha256WithRSAEncryption
8b:a9:66:f0:bd:14:41:c0:60:17:7f:4d:64:cc:fe:13:e9:34:
b0:ca:96:21:45:06:a3:ca:1e:b0:7c:43:3f:40:4b:a1:fa:c0:
ad:10:09:2c:99:51:43:9e:d2:c3:b0:c2:6b:0b:4e:db:00:60:
78:72:fa:c0:c1:67:0e:f6:d6:ef:87:5a:0a:eb:52:c3:b7:37:
69:47:a0:a8:e5:d7:5e:6f:a4:64:7e:8d:82:af:7a:7a:74:d5:
d5:92:d3:4b:39:5a:fb:1a:4d:26:b7:0d:7f:59:b7:f3:32:28:
50:a1:18:67:1f:6e:bc:23:13:ed:9a:f9:1d:df:05:c4:98:3c:
67:8f:f3:a8:ad:34:4d:b2:95:05:26:66:e2:24:bc:2d:b7:c1:
5a:b1:89:3c:6e:0f:9f:45:b2:bc:a9:21:1d:2b:ae:e9:ca:04:
9c:24:cc:93:60:31:fd:68:e8:9a:c5:33:de:c0:14:cc:9d:a5:
cc:17:1a:e6:66:a2:06:fd:e6:b8:7f:db:92:9f:b9:d0:75:b4:
ad:da:08:80:e5:9e:82:79:f2:57:61:21:91:70:c4:da:41:fc:
6e:84:c7:45:a6:69:59:f9:6b:15:f9:1e:06:42:ad:87:b3:10:
e1:fe:dc:cc:69:42:5e:7b:39:e2:59:de:61:98:00:77:a3:fa:
69:18:4b:4d
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICRkswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzNTUwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjcxNS02ZTkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuk3X+farGLGR4bN/cIGxIR16RRaoUSoEKIAWZ1FILWBYHebGKgo8H51Zjare
5DcGIQ3wylts1m2w7g6sR6fPNO942Sqso8b8/SpgOrCyx/scKqIzgZ6n7biyQCTc
GzSDUnuQOz4XbbEzgVP3Sw6W8HkN6+Fabrkr99FSVZH0kV6hkDN4eoeHQ2yDmJ2U
+EdVAvjJAHjHDNRUya64O0LX6A7Va6XoqWCyRNByoM43VPEAt586hDnj/ZnaCb20
MhD8gS2XWhcC6X2gf3xFkiSpmpJh8Y8afdEksbfzsrFfaymnIYTiSxbUCGrf/L/Y
oETVZHAdtp8k3Cx6BRlUVFn81QIDAQABo4ICtjCCArIwHQYDVR0OBBYEFAhV6/om
XSqFN+mthzA9QpYQZbujMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMTRENDlEODQ2
NzE3MTFFRDkxNDk0MzQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr77wDBAJn43ADBAZ2a0ADBAN3ErgwDQQCAAIwBwMFACQA
vIAwDQYJKoZIhvcNAQELBQADggEBAIupZvC9FEHAYBd/TWTM/hPpNLDKliFFBqPK
HrB8Qz9AS6H6wK0QCSyZUUOe0sOwwmsLTtsAYHhy+sDBZw721u+HWgrrUsO3N2lH
oKjl115vpGR+jYKvenp01dWS00s5WvsaTSa3DX9Zt/MyKFChGGcfbrwjE+2a+R3f
BcSYPGeP86itNE2ylQUmZuIkvC23wVqxiTxuD59FsrypIR0rrunKBJwkzJNgMf1o
6JrFM97AFMydpcwXGuZmogb95rh/25KfudB1tK3aCIDlnoJ58ldhIZFwxNpB/G6E
x0WmaVn5axX5HgZCrYezEOH+3MxpQl57OeJZ3mGYAHej+mkYS00=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:48:40 2025 by rpki-client