Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E1729/A7A1A29ADF1611E6BABC0E26C4F9AE02/FFA62018DF1811E6805D922AC4F9AE02.roa
File: FFA62018DF1811E6805D922AC4F9AE02.roa (raw, json)
Hash identifier: rxhW+eUGuHsGzOdXNnXeavFfh2S73u8toqvlJOlu9DQ=
Subject key identifier: F2:37:48:00:13:33:A9:10:24:B5:25:88:28:0D:2D:2A:4F:36:00:DB
Certificate issuer: /CN=A91E1729/serialNumber=C1BB822B258A60FCD2F6C808A55167498A50754C
Certificate serial: 1C25
Authority key identifier: C1:BB:82:2B:25:8A:60:FC:D2:F6:C8:08:A5:51:67:49:8A:50:75:4C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wbuCKyWKYPzS9sgIpVFnSYpQdUw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E1729/A7A1A29ADF1611E6BABC0E26C4F9AE02/FFA62018DF1811E6805D922AC4F9AE02.roa
Signing time: Fri 31 Jan 2025 16:23:52 +0000
ROA not before: Fri 31 Jan 2025 16:23:52 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 64093
IP address blocks: 103.252.80.0/23 maxlen: 23
103.252.82.0/24 maxlen: 24
103.252.83.0/24 maxlen: 24
110.232.188.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7205 (0x1c25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E1729
Validity
Not Before: Jan 31 16:23:52 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679cf918-38e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d3:ac:d4:15:e4:c7:b8:ec:0e:02:63:33:6e:
6a:cd:11:8b:71:29:fd:c1:22:07:e2:cf:cf:cc:1f:
88:19:29:e4:a1:2b:7f:79:2e:a0:73:07:24:c1:37:
f1:a8:48:8b:50:7d:50:2b:02:58:d3:bd:51:8e:f3:
9e:40:a5:67:20:76:b5:df:56:62:54:84:e9:ee:c4:
1e:99:2f:84:0f:ec:a5:7f:53:9f:b7:31:1e:15:6c:
53:f0:2f:55:17:7b:87:35:a0:d8:24:db:02:d6:be:
b7:36:ac:f6:8d:a2:39:eb:fa:1e:95:43:11:44:9c:
1d:ea:a7:8b:69:f4:6b:00:a6:ad:56:ec:15:a1:e4:
8e:79:a4:81:e9:02:35:d0:57:1d:18:ba:f9:b0:04:
42:2f:1e:ed:d0:4b:17:fc:16:9f:10:cf:ab:d0:39:
72:25:dc:1c:e0:00:50:37:ba:d4:4c:2a:f0:27:59:
51:3a:65:57:d7:c5:47:9e:1b:42:31:94:2e:44:b0:
df:ad:e6:be:2a:32:cf:35:c9:9d:a3:19:e0:22:22:
0e:9c:c0:07:b4:4d:c9:d2:a1:c7:6f:1e:51:ce:ef:
d3:df:61:21:bf:93:23:00:a2:1b:84:9a:ee:c9:8f:
83:71:85:7a:b2:c8:71:88:82:ee:09:1c:bf:cf:6c:
83:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:37:48:00:13:33:A9:10:24:B5:25:88:28:0D:2D:2A:4F:36:00:DB
X509v3 Authority Key Identifier:
keyid:C1:BB:82:2B:25:8A:60:FC:D2:F6:C8:08:A5:51:67:49:8A:50:75:4C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E1729/A7A1A29ADF1611E6BABC0E26C4F9AE02/wbuCKyWKYPzS9sgIpVFnSYpQdUw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wbuCKyWKYPzS9sgIpVFnSYpQdUw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E1729/A7A1A29ADF1611E6BABC0E26C4F9AE02/FFA62018DF1811E6805D922AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.252.80.0/22
110.232.188.0/23
Signature Algorithm: sha256WithRSAEncryption
05:7b:70:40:db:f5:12:f2:0d:31:94:a2:19:07:1e:2e:69:a3:
34:1b:db:84:a3:8a:d0:9a:a9:e8:48:eb:89:5a:bf:66:cf:89:
28:49:da:ec:34:6e:f6:b5:28:54:d0:82:aa:fd:21:71:8c:61:
bc:0d:7f:71:9a:7e:db:2c:10:9e:e6:1a:16:3f:94:ff:bd:c1:
2d:e2:fa:8f:0f:00:1b:bc:6a:38:bb:82:4d:a8:b4:3e:d1:87:
a8:ad:87:df:51:02:d6:e9:97:85:ff:4a:b8:2d:b4:a5:ac:78:
cd:47:95:ee:7d:b3:5f:c3:a4:8c:0e:8e:5f:43:85:de:cd:4a:
60:4c:39:de:cf:e9:66:81:01:56:a3:84:7f:93:03:9f:76:51:
46:33:02:0d:12:9e:db:86:81:d5:d2:91:a2:01:00:6c:0f:78:
49:d5:91:d5:84:ce:a8:a9:b3:b9:ef:4e:e0:3a:dc:30:eb:bd:
9c:35:0b:cf:cb:9b:b1:57:87:23:85:67:39:7f:2b:ed:e1:57:
83:10:54:9e:3e:9f:64:e1:78:36:01:da:11:ee:03:0c:28:e4:
25:a1:6d:5f:71:fc:30:5c:53:8c:7c:0e:56:82:1d:8c:3b:2c:
d5:af:44:f3:9b:42:0b:1b:c0:11:d9:a8:9d:b1:6a:60:46:71:
b3:8a:35:c9
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICHCUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTE3MjkxMTAvBgNVBAUTKEMxQkI4MjJCMjU4QTYwRkNEMkY2QzgwOEE1NTE2NzQ5
OEE1MDc1NEMwHhcNMjUwMTMxMTYyMzUyWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljZjkxOC0zOGU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxNOs1BXkx7jsDgJjM25qzRGLcSn9wSIH4s/PzB+IGSnkoSt/eS6gcwckwTfx
qEiLUH1QKwJY071RjvOeQKVnIHa131ZiVITp7sQemS+ED+ylf1OftzEeFWxT8C9V
F3uHNaDYJNsC1r63Nqz2jaI56/oelUMRRJwd6qeLafRrAKatVuwVoeSOeaSB6QI1
0FcdGLr5sARCLx7t0EsX/BafEM+r0DlyJdwc4ABQN7rUTCrwJ1lROmVX18VHnhtC
MZQuRLDfrea+KjLPNcmdoxngIiIOnMAHtE3J0qHHbx5Rzu/T32Ehv5MjAKIbhJru
yY+DcYV6sshxiILuCRy/z2yD3wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPI3SAAT
M6kQJLUliCgNLSpPNgDbMB8GA1UdIwQYMBaAFMG7gislimD80vbICKVRZ0mKUHVM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMTcyOS9BN0ExQTI5QURG
MTYxMUU2QkFCQzBFMjZDNEY5QUUwMi93YnVDS3lXS1lQelM5c2dJcFZGblNZcFFk
VXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3didUNLeVdLWVB6UzlzZ0lwVkZuU1lwUWRVdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTE3MjkvQTdBMUEyOUFERjE2MTFFNkJBQkMwRTI2QzRGOUFFMDIvRkZBNjIwMThE
RjE4MTFFNjgwNUQ5MjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJn/FADBAFu6LwwDQYJKoZIhvcNAQELBQADggEBAAV7cEDb
9RLyDTGUohkHHi5pozQb24SjitCaqehI64lav2bPiShJ2uw0bva1KFTQgqr9IXGM
YbwNf3GaftssEJ7mGhY/lP+9wS3i+o8PABu8aji7gk2otD7Rh6ith99RAtbpl4X/
SrgttKWseM1Hle59s1/DpIwOjl9Dhd7NSmBMOd7P6WaBAVajhH+TA592UUYzAg0S
ntuGgdXSkaIBAGwPeEnVkdWEzqips7nvTuA63DDrvZw1C8/Lm7FXhyOFZzl/K+3h
V4MQVJ4+n2TheDYB2hHuAwwo5CWhbV9x/DBcU4x8DlaCHYw7LNWvRPObQgsbwBHZ
qJ2xamBGcbOKNck=
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:06:02 2025 by rpki-client