Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D964379E4BC311EFA2A99028C4F9AE02.roa
File: D964379E4BC311EFA2A99028C4F9AE02.roa (raw, json)
Hash identifier: myoFqYiDMhxQjze/FMJKlZWmPEA3k23Yy7iPLI3Ru2Q=
Subject key identifier: 46:AD:37:B2:E2:D2:F9:EC:04:73:48:64:BC:D9:85:61:F1:78:D1:46
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 48BE
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D964379E4BC311EFA2A99028C4F9AE02.roa
Signing time: Thu 12 Dec 2024 09:42:13 +0000
ROA not before: Thu 12 Dec 2024 09:42:13 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 135983
IP address blocks: 36.50.26.0/24 maxlen: 24
36.50.27.0/24 maxlen: 24
103.127.198.0/24 maxlen: 24
103.127.199.0/24 maxlen: 24
103.163.24.0/23 maxlen: 24
103.167.86.0/23 maxlen: 24
103.241.42.0/23 maxlen: 23
2401:7c20::/48 maxlen: 48
2401:91a0::/48 maxlen: 48
2405:28c0::/48 maxlen: 48
2407:5c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18622 (0x48be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Dec 12 09:42:13 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=675aaff5-9b25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b8:60:f1:90:1b:b7:ff:e0:8f:14:3d:09:e4:
94:23:58:de:e4:c2:da:e2:ce:c6:ee:42:87:aa:2e:
13:77:0c:d0:dd:22:04:8c:68:42:75:32:d6:d9:02:
75:07:df:b5:5a:6a:19:4f:10:00:cb:2d:6e:48:bd:
e8:77:82:bf:82:12:5e:eb:d8:ad:7f:8b:f3:19:cf:
90:fe:41:ed:1f:ef:27:bc:00:d1:8b:5d:32:04:0b:
19:61:91:22:17:40:6c:ca:3d:65:f7:6a:23:d1:31:
90:a5:b7:e1:19:cf:30:ce:90:4d:dd:98:3e:0d:33:
2b:87:6a:1c:1f:e5:20:15:04:32:9e:37:e0:17:e4:
6c:54:fb:f1:29:83:f0:0f:57:fd:30:1e:1f:11:78:
06:83:59:9d:cc:4f:51:99:06:d7:5b:29:79:8c:dc:
43:cd:ee:f1:ad:be:14:6f:4c:5f:3c:a7:17:a2:05:
16:0e:39:fc:53:0b:1c:88:07:ad:cd:cc:7b:db:00:
f5:0b:57:d9:f2:62:d4:9b:f0:10:a2:da:7c:12:71:
78:58:ea:1b:3c:9c:d5:f1:a0:1a:c0:78:24:c9:be:
cf:4d:ad:5a:56:79:d0:1c:a0:82:2d:b5:41:4c:3e:
32:f6:65:5b:79:a0:ae:07:0c:ea:3b:44:36:50:a3:
40:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:AD:37:B2:E2:D2:F9:EC:04:73:48:64:BC:D9:85:61:F1:78:D1:46
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D964379E4BC311EFA2A99028C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.26.0/23
103.127.198.0/23
103.163.24.0/23
103.167.86.0/23
103.241.42.0/23
IPv6:
2401:7c20::/48
2401:91a0::/48
2405:28c0::/48
2407:5c0::/48
Signature Algorithm: sha256WithRSAEncryption
1a:80:b0:62:5e:cd:e1:18:c7:55:be:0d:7d:77:db:da:ba:98:
f5:b6:16:33:ff:d3:36:79:66:39:59:63:7e:7d:6b:64:10:20:
a1:0b:15:e0:3a:7f:5e:b0:5d:4b:46:ae:f9:7d:bc:c1:5d:7b:
16:78:a8:3c:c8:f6:f9:d3:2b:7f:a0:b4:bd:2b:21:6d:dd:d4:
c0:b5:7d:5c:2f:85:62:1f:87:82:c3:e2:1c:83:9c:d6:2b:83:
a1:f1:7e:7b:39:8f:1d:cb:5e:07:ec:d5:29:13:99:5f:47:37:
fc:15:06:65:28:c0:38:ca:6f:c8:4b:d0:3e:b0:5c:50:37:d4:
8a:bf:7f:29:91:34:17:3b:02:4c:f4:3d:ab:7e:bb:03:d8:be:
8d:07:dd:d9:3b:cb:81:71:05:32:7d:33:e8:d4:5c:b4:50:d4:
67:f5:f4:0f:79:ce:e3:01:d9:04:9b:c2:d6:ce:40:46:d4:34:
40:76:01:1f:08:61:be:b2:89:5c:04:dd:cc:76:7b:ee:50:de:
3d:e8:29:58:3f:95:2d:10:ec:3a:49:17:24:a8:95:20:33:c5:
6d:ec:95:a9:38:f0:3b:25:56:ff:d0:d0:73:7f:f4:d9:35:96:
e9:a9:89:d6:f6:36:d7:ac:bd:fc:7e:3f:26:ac:56:49:d8:56:
5d:8b:50:98
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgICSL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQxMjEyMDk0MjEzWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVhYWZmNS05YjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2bhg8ZAbt//gjxQ9CeSUI1je5MLa4s7G7kKHqi4TdwzQ3SIEjGhCdTLW2QJ1
B9+1WmoZTxAAyy1uSL3od4K/ghJe69itf4vzGc+Q/kHtH+8nvADRi10yBAsZYZEi
F0Bsyj1l92oj0TGQpbfhGc8wzpBN3Zg+DTMrh2ocH+UgFQQynjfgF+RsVPvxKYPw
D1f9MB4fEXgGg1mdzE9RmQbXWyl5jNxDze7xrb4Ub0xfPKcXogUWDjn8UwsciAet
zcx72wD1C1fZ8mLUm/AQotp8EnF4WOobPJzV8aAawHgkyb7PTa1aVnnQHKCCLbVB
TD4y9mVbeaCuBwzqO0Q2UKNAhwIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFEatN7Li
0vnsBHNIZLzZhWHxeNFGMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRDk2NDM3OUU0
QkMzMTFFRkEyQTk5MDI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E
VDBSMCQEAgABMB4DBAEkMhoDBAFnf8YDBAFnoxgDBAFnp1YDBAFn8SowKgQCAAIw
JAMHACQBfCAAAAMHACQBkaAAAAMHACQFKMAAAAMHACQHBcAAADANBgkqhkiG9w0B
AQsFAAOCAQEAGoCwYl7N4RjHVb4NfXfb2rqY9bYWM//TNnlmOVljfn1rZBAgoQsV
4Dp/XrBdS0au+X28wV17FnioPMj2+dMrf6C0vSshbd3UwLV9XC+FYh+HgsPiHIOc
1iuDofF+ezmPHcteB+zVKROZX0c3/BUGZSjAOMpvyEvQPrBcUDfUir9/KZE0FzsC
TPQ9q367A9i+jQfd2TvLgXEFMn0z6NRctFDUZ/X0D3nO4wHZBJvC1s5ARtQ0QHYB
HwhhvrKJXATdzHZ77lDePegpWD+VLRDsOkkXJKiVIDPFbeyVqTjwOyVW/9DQc3/0
2TWW6amJ1vY216y9/H4/JqxWSdhWXYtQmA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:38:13 2025 by rpki-client