Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/F05E8084931011EDB92FFC5FC4F9AE02.roa
File: F05E8084931011EDB92FFC5FC4F9AE02.roa (raw, json)
Hash identifier: vcEpVe8WzCy+v+J1vMGZon/z2g5FjUpW+QeDenM9Y2c=
Subject key identifier: 0A:86:6E:53:66:9E:17:5A:C8:19:3D:07:D8:CA:4C:3F:5A:6D:95:9C
Certificate issuer: /CN=A91BA164/serialNumber=2EC44B9FC165C3BC8285812C313CC7801988FF31
Certificate serial: 1153
Authority key identifier: 2E:C4:4B:9F:C1:65:C3:BC:82:85:81:2C:31:3C:C7:80:19:88:FF:31
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LsRLn8Flw7yChYEsMTzHgBmI_zE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/F05E8084931011EDB92FFC5FC4F9AE02.roa
Signing time: Fri 02 Aug 2024 18:05:50 +0000
ROA not before: Fri 02 Aug 2024 18:05:50 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 139021
IP address blocks: 43.249.0.0/23 maxlen: 23
43.249.2.0/24 maxlen: 24
43.249.3.0/24 maxlen: 24
103.24.248.0/22 maxlen: 24
103.96.148.0/23 maxlen: 24
103.96.150.0/23 maxlen: 24
103.120.80.0/23 maxlen: 23
103.120.82.0/23 maxlen: 24
2404:ccc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4435 (0x1153)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BA164
Validity
Not Before: Aug 2 18:05:50 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66ad1ffd-5d7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:42:72:5d:52:50:a4:ea:4a:b0:d1:96:ce:fd:
51:46:6a:02:bc:cc:db:70:06:7a:64:71:b8:c6:27:
e6:88:25:eb:0f:a7:a2:95:39:c8:c9:e0:c1:3c:f0:
4f:d5:fe:10:20:23:53:06:b4:6e:37:14:9d:60:80:
4f:52:d0:84:45:22:e8:ce:2e:ac:aa:5d:ba:40:a3:
bb:0c:7f:6b:4a:f6:3a:f2:f9:15:0f:55:1c:6e:0c:
e0:aa:01:a1:01:b9:46:15:c2:9e:ac:c5:0f:89:5f:
d8:6e:cf:e9:33:d1:e1:cd:67:06:d1:3d:19:53:40:
b4:f2:5e:15:ba:8e:56:f5:6f:1c:0c:68:aa:df:fe:
f5:cd:38:10:fb:2b:6c:c3:90:b3:50:4c:e9:5d:09:
d1:f1:7f:0f:66:52:38:1e:13:20:77:87:8e:db:08:
c2:a4:52:5e:31:5d:16:3e:15:ce:b0:dc:39:68:09:
dd:0f:18:9d:59:9f:4f:f0:90:04:40:d7:7e:eb:99:
9c:82:92:27:1e:d6:f1:ba:a8:6e:81:e4:54:6f:28:
52:18:ee:09:41:38:37:e5:ba:0c:24:7b:99:eb:2c:
c2:27:63:d5:fe:ca:e4:27:9c:80:3f:2f:83:13:01:
88:b9:54:85:1a:5a:af:b2:2b:47:49:2e:bf:32:d3:
87:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:86:6E:53:66:9E:17:5A:C8:19:3D:07:D8:CA:4C:3F:5A:6D:95:9C
X509v3 Authority Key Identifier:
keyid:2E:C4:4B:9F:C1:65:C3:BC:82:85:81:2C:31:3C:C7:80:19:88:FF:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/LsRLn8Flw7yChYEsMTzHgBmI_zE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LsRLn8Flw7yChYEsMTzHgBmI_zE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/F05E8084931011EDB92FFC5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.0.0/22
103.24.248.0/22
103.96.148.0/22
103.120.80.0/22
IPv6:
2404:ccc0::/32
Signature Algorithm: sha256WithRSAEncryption
97:dd:bf:7f:72:db:1e:64:1a:03:c8:58:81:49:6e:f3:7c:55:
54:eb:23:cc:a9:6a:94:7d:f8:48:6b:3e:90:22:a9:4a:f7:e8:
73:07:8b:8a:99:22:29:f4:42:d1:f6:23:41:17:d8:f6:c6:7f:
18:1d:39:b4:00:19:6a:2b:c0:f5:f6:1f:7b:66:97:52:9c:72:
57:bf:d6:6b:07:bb:03:90:c1:d1:3b:d2:44:7d:74:7a:fa:40:
9e:fe:97:35:bc:34:20:55:f8:c5:59:e6:a7:11:2b:7b:11:df:
d6:15:75:8f:ef:d3:e9:61:96:51:81:5d:fb:30:2a:a4:34:b8:
6e:50:98:92:07:e1:6e:36:2f:1e:8e:e9:e1:fe:dd:ac:14:88:
c2:24:eb:48:1f:61:66:95:90:71:4a:d4:92:f7:06:49:3a:ff:
d9:02:18:8f:a9:60:c0:28:74:a2:16:cb:56:1a:13:1e:78:17:
91:6b:94:40:01:90:de:3c:d1:f0:56:33:49:c0:d7:2d:dc:d1:
b3:31:10:dd:66:77:28:39:a5:fe:7a:c3:3d:04:b2:91:6e:f6:
2c:17:3f:04:9c:55:bf:4e:7e:ac:87:13:bc:4f:33:9a:ed:65:
a0:8f:95:75:62:35:5f:41:96:f6:a3:ab:19:44:71:e8:3b:da:
77:f9:6c:47
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICEVMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkExNjQxMTAvBgNVBAUTKDJFQzQ0QjlGQzE2NUMzQkM4Mjg1ODEyQzMxM0NDNzgw
MTk4OEZGMzEwHhcNMjQwODAyMTgwNTUwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFkMWZmZC01ZDdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1UJyXVJQpOpKsNGWzv1RRmoCvMzbcAZ6ZHG4xifmiCXrD6eilTnIyeDBPPBP
1f4QICNTBrRuNxSdYIBPUtCERSLozi6sql26QKO7DH9rSvY68vkVD1UcbgzgqgGh
AblGFcKerMUPiV/Ybs/pM9HhzWcG0T0ZU0C08l4Vuo5W9W8cDGiq3/71zTgQ+yts
w5CzUEzpXQnR8X8PZlI4HhMgd4eO2wjCpFJeMV0WPhXOsNw5aAndDxidWZ9P8JAE
QNd+65mcgpInHtbxuqhugeRUbyhSGO4JQTg35boMJHuZ6yzCJ2PV/srkJ5yAPy+D
EwGIuVSFGlqvsitHSS6/MtOHAwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFAqGblNm
nhdayBk9B9jKTD9abZWcMB8GA1UdIwQYMBaAFC7ES5/BZcO8goWBLDE8x4AZiP8x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTE2NC9BRkM1OTJFQ0Yz
MUUxMUU4ODNFQjdCNzlDNEY5QUUwMi9Mc1JMbjhGbHc3eUNoWUVzTVR6SGdCbUlf
ekUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xzUkxuOEZsdzd5Q2hZRXNNVHpIZ0JtSV96RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkExNjQvQUZDNTkyRUNGMzFFMTFFODgzRUI3Qjc5QzRGOUFFMDIvRjA1RTgwODQ5
MzEwMTFFREI5MkZGQzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr+QADBAJnGPgDBAJnYJQDBAJneFAwDQQCAAIwBwMFACQE
zMAwDQYJKoZIhvcNAQELBQADggEBAJfdv39y2x5kGgPIWIFJbvN8VVTrI8ypapR9
+EhrPpAiqUr36HMHi4qZIin0QtH2I0EX2PbGfxgdObQAGWorwPX2H3tml1Kccle/
1msHuwOQwdE70kR9dHr6QJ7+lzW8NCBV+MVZ5qcRK3sR39YVdY/v0+lhllGBXfsw
KqQ0uG5QmJIH4W42Lx6O6eH+3awUiMIk60gfYWaVkHFK1JL3Bkk6/9kCGI+pYMAo
dKIWy1YaEx54F5FrlEABkN480fBWM0nA1y3c0bMxEN1mdyg5pf56wz0EspFu9iwX
PwScVb9OfqyHE7xPM5rtZaCPlXViNV9BlvajqxlEceg72nf5bEc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:10:18 2025 by rpki-client