Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB383/8CC2A9AADE7711EB8739EC11C4F9AE02/BA8EFE48E5D411EFA67E0112C4F9AE02.roa
File: BA8EFE48E5D411EFA67E0112C4F9AE02.roa (raw, json)
Hash identifier: PTrsZlGZCJahEmYwcjdYzVJYq42LWnB7L7jKaaAzFW0=
Subject key identifier: 8E:FB:AE:FE:D2:D3:B6:06:35:92:96:1F:30:72:0D:54:72:76:59:F0
Certificate issuer: /CN=A91AB383/serialNumber=9C2351D45A97D71D03D6BC385B37DD9BFB80CF5E
Certificate serial: 055F
Authority key identifier: 9C:23:51:D4:5A:97:D7:1D:03:D6:BC:38:5B:37:DD:9B:FB:80:CF:5E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nCNR1FqX1x0D1rw4Wzfdm_uAz14.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB383/8CC2A9AADE7711EB8739EC11C4F9AE02/BA8EFE48E5D411EFA67E0112C4F9AE02.roa
Signing time: Sat 08 Feb 2025 04:26:43 +0000
ROA not before: Sat 08 Feb 2025 04:26:43 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 932
IP address blocks: 103.214.174.0/23 maxlen: 24
182.255.44.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1375 (0x55f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB383
Validity
Not Before: Feb 8 04:26:43 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67a6dd02-6a71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a5:60:27:09:be:99:73:7e:3d:4c:ff:3a:73:
d2:dd:b3:c0:9f:89:90:77:10:57:e9:9f:5d:04:a7:
6c:6a:4b:6e:50:1a:dc:c9:b3:6b:ff:d3:14:e5:f0:
97:71:b3:1d:9e:47:82:01:29:4d:9a:bd:96:59:08:
b2:2f:65:b7:2d:8a:d7:17:a0:6d:74:29:29:43:fa:
42:28:ba:04:2a:d7:47:8f:84:df:ad:d4:e5:b3:67:
54:45:c5:fb:3c:c3:f4:42:03:cd:f9:07:93:f5:66:
8a:fa:71:bb:db:2c:18:e7:95:33:3b:5d:aa:c6:93:
27:68:45:03:f7:ad:fb:b1:e6:44:94:0a:21:11:87:
af:26:7b:56:12:95:2b:13:21:f5:63:d6:3a:be:e2:
4d:fc:d1:2c:5c:16:fb:81:cb:fa:84:2a:2b:52:15:
be:c2:a4:71:49:19:65:45:33:e6:ea:81:b1:67:89:
95:40:a9:08:02:44:0d:fc:6f:94:41:f8:2a:c3:4a:
af:12:f3:8d:68:9f:15:06:5e:04:8f:74:da:45:69:
06:f4:cf:a9:dc:c4:ee:ba:93:db:c0:98:1a:4d:6f:
e2:c2:aa:27:99:54:b7:f3:da:09:18:51:a1:4b:6a:
ff:fb:a2:49:14:49:91:55:53:4a:31:2a:5a:2a:6a:
fc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:FB:AE:FE:D2:D3:B6:06:35:92:96:1F:30:72:0D:54:72:76:59:F0
X509v3 Authority Key Identifier:
keyid:9C:23:51:D4:5A:97:D7:1D:03:D6:BC:38:5B:37:DD:9B:FB:80:CF:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB383/8CC2A9AADE7711EB8739EC11C4F9AE02/nCNR1FqX1x0D1rw4Wzfdm_uAz14.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nCNR1FqX1x0D1rw4Wzfdm_uAz14.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB383/8CC2A9AADE7711EB8739EC11C4F9AE02/BA8EFE48E5D411EFA67E0112C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.214.174.0/23
182.255.44.0/22
Signature Algorithm: sha256WithRSAEncryption
07:3c:96:5c:86:62:b9:a6:72:9c:86:64:c7:8c:f7:9a:07:d6:
db:34:16:4f:e8:96:93:cd:52:d3:b6:31:a3:64:66:b0:fa:6c:
75:25:e8:27:e3:aa:22:b8:dd:8d:a4:db:a3:8e:7c:34:88:70:
c7:b2:9b:70:f4:c9:60:c8:85:05:8a:11:ae:6a:63:3c:b9:b5:
0a:3e:63:a7:44:31:43:5e:95:22:c2:f1:95:bf:8e:16:fc:62:
7a:f0:80:5c:32:24:7c:8a:75:a8:3d:73:9e:07:03:33:c5:0f:
df:88:32:c6:e2:33:20:e6:35:30:e8:1e:1f:e5:d0:aa:7f:b5:
0d:86:4e:ec:4f:58:72:66:fa:6f:1b:79:09:82:51:2c:00:a2:
55:90:62:a0:e6:f9:cc:4c:65:bc:54:b8:6c:8e:e8:1e:aa:07:
7b:63:6c:bc:6e:9c:36:b8:71:79:a7:b2:3f:ba:e1:4f:36:bf:
9b:fe:dc:7d:6b:cb:57:9b:10:6f:85:53:86:93:f6:c2:cd:df:
0a:84:99:e7:3c:40:12:94:e3:c0:92:e4:6a:8b:da:8f:1a:ff:
2a:ed:96:af:a7:5d:27:51:fb:7a:47:3b:7a:e1:6c:a9:c4:7c:
59:fa:94:d7:0f:f0:bc:9e:2c:1b:e8:c2:cf:7e:ed:48:92:5e:
b5:78:b1:ad
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBV8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUIzODMxMTAvBgNVBAUTKDlDMjM1MUQ0NUE5N0Q3MUQwM0Q2QkMzODVCMzdERDlC
RkI4MENGNUUwHhcNMjUwMjA4MDQyNjQzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E2ZGQwMi02YTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtaVgJwm+mXN+PUz/OnPS3bPAn4mQdxBX6Z9dBKdsaktuUBrcybNr/9MU5fCX
cbMdnkeCASlNmr2WWQiyL2W3LYrXF6BtdCkpQ/pCKLoEKtdHj4TfrdTls2dURcX7
PMP0QgPN+QeT9WaK+nG72ywY55UzO12qxpMnaEUD9637seZElAohEYevJntWEpUr
EyH1Y9Y6vuJN/NEsXBb7gcv6hCorUhW+wqRxSRllRTPm6oGxZ4mVQKkIAkQN/G+U
Qfgqw0qvEvONaJ8VBl4Ej3TaRWkG9M+p3MTuupPbwJgaTW/iwqonmVS389oJGFGh
S2r/+6JJFEmRVVNKMSpaKmr8xQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFI77rv7S
07YGNZKWHzByDVRydlnwMB8GA1UdIwQYMBaAFJwjUdRal9cdA9a8OFs33Zv7gM9e
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjM4My84Q0MyQTlBQURF
NzcxMUVCODczOUVDMTFDNEY5QUUwMi9uQ05SMUZxWDF4MEQxcnc0V3pmZG1fdUF6
MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25DTlIxRnFYMXgwRDFydzRXemZkbV91QXoxNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUIzODMvOENDMkE5QUFERTc3MTFFQjg3MzlFQzExQzRGOUFFMDIvQkE4RUZFNDhF
NUQ0MTFFRkE2N0UwMTEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFn1q4DBAK2/ywwDQYJKoZIhvcNAQELBQADggEBAAc8llyG
YrmmcpyGZMeM95oH1ts0Fk/olpPNUtO2MaNkZrD6bHUl6CfjqiK43Y2k26OOfDSI
cMeym3D0yWDIhQWKEa5qYzy5tQo+Y6dEMUNelSLC8ZW/jhb8YnrwgFwyJHyKdag9
c54HAzPFD9+IMsbiMyDmNTDoHh/l0Kp/tQ2GTuxPWHJm+m8beQmCUSwAolWQYqDm
+cxMZbxUuGyO6B6qB3tjbLxunDa4cXmnsj+64U82v5v+3H1ry1ebEG+FU4aT9sLN
3wqEmec8QBKU48CS5GqL2o8a/yrtlq+nXSdR+3pHO3rhbKnEfFn6lNcP8LyeLBvo
ws9+7UiSXrV4sa0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:30:15 2025 by rpki-client