Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/A50B2F32C68611EFB4077137C4F9AE02.roa
File: A50B2F32C68611EFB4077137C4F9AE02.roa (raw, json)
Hash identifier: lagg7XqNxsfyb1w3gTP+tCUMQSRTn5F81GdacPwOxBo=
Subject key identifier: 47:05:8E:92:75:83:C7:08:7E:91:73:02:EA:36:C4:19:54:77:4B:EB
Certificate issuer: /CN=A91A8D22/serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3
Certificate serial: 3486
Authority key identifier: A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/A50B2F32C68611EFB4077137C4F9AE02.roa
Signing time: Mon 30 Dec 2024 08:18:27 +0000
ROA not before: Mon 30 Dec 2024 08:18:27 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 151605
IP address blocks: 103.112.36.0/22 maxlen: 24
180.189.160.0/20 maxlen: 24
2405:1f00::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13446 (0x3486)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A8D22
Validity
Not Before: Dec 30 08:18:27 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67725753-6bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b0:f9:7f:a8:e8:f7:66:07:f2:47:6b:dd:47:
b6:2e:66:39:3b:55:4b:c3:a6:d0:ed:6b:ec:51:e8:
c7:06:72:34:18:e9:0b:d6:03:17:39:06:9e:03:1f:
ac:ea:a0:a0:b9:f4:65:78:a8:b2:a9:44:3d:7e:6f:
41:ae:dd:2d:38:00:7a:e6:c4:e0:98:a4:2a:2b:96:
1d:7a:31:5d:02:33:3e:35:c2:a1:cd:c5:85:3f:e4:
14:bc:85:37:b3:68:36:7a:c4:53:8b:69:6e:a3:96:
18:66:07:7c:c5:76:f6:e4:f3:aa:ae:fa:cc:a2:a2:
36:60:81:68:fb:99:b6:bb:d8:64:4d:7f:49:13:e5:
fd:dd:33:00:7d:b5:0d:17:16:44:09:e6:de:07:a5:
5b:f1:0a:64:00:c4:73:d6:f6:12:23:4e:67:a8:4b:
fc:0f:41:d0:76:d4:52:37:d4:8f:62:88:5f:9c:b0:
63:6d:dc:76:99:50:f2:c2:53:6a:ba:e4:4a:db:f2:
4d:78:1b:98:03:8a:bf:0f:30:fa:a5:c5:71:2d:01:
7c:8b:a8:28:db:56:cf:2f:e0:40:34:20:49:3d:84:
32:7a:b1:61:3b:49:30:33:02:3e:0c:63:de:14:9d:
75:cf:75:7d:39:c2:8c:71:5f:63:2a:3a:8e:bd:fb:
8a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:05:8E:92:75:83:C7:08:7E:91:73:02:EA:36:C4:19:54:77:4B:EB
X509v3 Authority Key Identifier:
keyid:A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/A50B2F32C68611EFB4077137C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.36.0/22
180.189.160.0/20
IPv6:
2405:1f00::/32
Signature Algorithm: sha256WithRSAEncryption
1a:4d:26:6f:9b:37:54:a4:32:d9:52:c2:c7:8c:57:78:94:55:
c5:c7:21:65:0d:ea:67:04:f1:68:de:65:f4:85:f1:2b:3d:97:
80:5d:3d:3a:5a:69:24:20:7c:2e:4c:ff:d0:cf:1d:dc:18:e0:
14:de:c0:8d:c4:c5:bd:7f:5d:6a:3a:1f:17:5f:6b:60:d4:cf:
d5:81:e4:76:59:ed:ce:11:db:70:e3:e8:6d:c2:06:95:d7:ea:
f9:a7:89:b5:ed:2b:d8:65:4b:0d:c5:7b:c3:ee:e1:c3:4c:f8:
31:3a:e8:d5:a3:39:2a:16:f3:12:79:75:d4:7b:03:39:3f:4d:
98:48:36:fd:4b:51:b3:97:43:69:02:f3:fc:e0:4a:f0:fc:24:
97:64:82:73:bd:dc:e7:99:ab:51:04:16:63:33:be:4e:9a:66:
4b:dc:88:89:4b:72:e2:05:16:06:0c:35:80:b6:39:3b:c8:59:
d0:ea:9f:3e:90:a8:f5:aa:02:3a:35:5b:dd:63:dd:2b:74:f1:
ab:41:7d:02:87:4f:37:31:98:ac:13:43:fc:f3:50:1d:d6:e1:
52:63:16:77:bc:17:30:84:f2:67:d0:6d:c7:6f:90:64:80:7e:
e4:2f:d8:da:93:68:fb:87:31:12:e1:cd:1c:4a:b4:eb:1f:8d:
c9:e5:5e:bf
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICNIYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QThEMjIxMTAvBgNVBAUTKEE2ODNGNjcyNEMwMkExM0YyRDM5Q0YyRjIxNTAwQkUw
MDM4MERERTMwHhcNMjQxMjMwMDgxODI3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzcyNTc1My02YmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtLD5f6jo92YH8kdr3Ue2LmY5O1VLw6bQ7WvsUejHBnI0GOkL1gMXOQaeAx+s
6qCgufRleKiyqUQ9fm9Brt0tOAB65sTgmKQqK5YdejFdAjM+NcKhzcWFP+QUvIU3
s2g2esRTi2luo5YYZgd8xXb25POqrvrMoqI2YIFo+5m2u9hkTX9JE+X93TMAfbUN
FxZECebeB6Vb8QpkAMRz1vYSI05nqEv8D0HQdtRSN9SPYohfnLBjbdx2mVDywlNq
uuRK2/JNeBuYA4q/DzD6pcVxLQF8i6go21bPL+BANCBJPYQyerFhO0kwMwI+DGPe
FJ11z3V9OcKMcV9jKjqOvfuKrQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEcFjpJ1
g8cIfpFzAuo2xBlUd0vrMB8GA1UdIwQYMBaAFKaD9nJMAqE/LTnPLyFQC+ADgN3j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOEQyMi8yNTI2OTc5ODFE
OTIxMUUyQjYxOENBRjQwOEIwMkNEMi9wb1AyY2t3Q29UOHRPYzh2SVZBTDRBT0Ez
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BvUDJja3dDb1Q4dE9jOHZJVkFMNEFPQTNlTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QThEMjIvMjUyNjk3OTgxRDkyMTFFMkI2MThDQUY0MDhCMDJDRDIvQTUwQjJGMzJD
Njg2MTFFRkI0MDc3MTM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJncCQDBAS0vaAwDQQCAAIwBwMFACQFHwAwDQYJKoZIhvcN
AQELBQADggEBABpNJm+bN1SkMtlSwseMV3iUVcXHIWUN6mcE8WjeZfSF8Ss9l4Bd
PTpaaSQgfC5M/9DPHdwY4BTewI3Exb1/XWo6Hxdfa2DUz9WB5HZZ7c4R23Dj6G3C
BpXX6vmnibXtK9hlSw3Fe8Pu4cNM+DE66NWjOSoW8xJ5ddR7Azk/TZhINv1LUbOX
Q2kC8/zgSvD8JJdkgnO93OeZq1EEFmMzvk6aZkvciIlLcuIFFgYMNYC2OTvIWdDq
nz6QqPWqAjo1W91j3St08atBfQKHTzcxmKwTQ/zzUB3W4VJjFne8FzCE8mfQbcdv
kGSAfuQv2NqTaPuHMRLhzRxKtOsfjcnlXr8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:58:37 2025 by rpki-client