Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A998A/522CB7347AE811EF9A4A4737C4F9AE02/B6DE83747AE811EF94E01B38C4F9AE02.roa
File: B6DE83747AE811EF94E01B38C4F9AE02.roa (raw, json)
Hash identifier: NENKWBR9x0FYQGSayxsc772B6xcKqdDax7O0tt16MtA=
Subject key identifier: 0B:1A:6D:73:0E:C3:A2:25:64:8C:C8:F1:B3:3A:21:50:D5:65:3C:CB
Certificate issuer: /CN=A91A998A/serialNumber=9C071E814D80B10E2CA1F71E9B2E535C3905CB65
Certificate serial: 75
Authority key identifier: 9C:07:1E:81:4D:80:B1:0E:2C:A1:F7:1E:9B:2E:53:5C:39:05:CB:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nAcegU2AsQ4sofcemy5TXDkFy2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A998A/522CB7347AE811EF9A4A4737C4F9AE02/B6DE83747AE811EF94E01B38C4F9AE02.roa
Signing time: Wed 05 Mar 2025 07:53:10 +0000
ROA not before: Wed 05 Mar 2025 07:53:10 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 1449
IP address blocks: 43.230.181.0/24 maxlen: 24
43.230.182.0/24 maxlen: 24
103.50.0.0/24 maxlen: 24
103.50.1.0/24 maxlen: 24
103.50.2.0/24 maxlen: 24
103.50.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117 (0x75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A998A
Validity
Not Before: Mar 5 07:53:10 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c802e6-c593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:69:c9:05:77:35:43:c2:02:74:eb:3b:42:e8:
3e:02:e4:2b:8c:69:bc:35:5c:ae:89:1c:b7:b4:17:
a0:c3:40:e5:e1:57:50:1d:df:72:b3:5c:f3:9e:f8:
21:aa:2d:e3:0a:3f:62:1c:6e:28:69:66:c3:42:3a:
41:3c:a6:1f:66:93:8c:f2:8d:72:0f:17:81:6d:26:
48:48:b8:b2:4b:16:22:25:80:88:01:ee:86:2d:80:
ba:c2:7b:a3:5f:3f:c8:f3:37:b5:de:47:9a:a7:4e:
8d:18:9a:80:2f:ff:9a:9a:15:7f:db:34:3a:98:af:
0d:e7:b2:df:e8:81:5d:b0:8b:35:09:e4:02:b2:31:
83:a7:46:a2:6a:db:e0:10:75:66:1b:f0:c4:9c:84:
9d:f5:aa:05:46:b9:8c:3a:fa:0f:50:f1:8e:5b:44:
f9:24:07:5c:9f:7c:06:f9:9b:fb:67:1b:69:26:5a:
e8:cf:5c:bd:8b:e5:fd:3e:77:93:ac:75:39:c6:b8:
26:bb:a5:ed:7c:b1:5b:02:c9:24:ca:ef:19:15:7a:
63:b6:cd:26:0d:a5:8f:d3:25:98:a9:49:0a:30:00:
b1:a9:e0:c2:8d:92:3d:bb:cf:ea:81:1b:38:4e:d3:
d0:22:ac:45:2a:17:d8:35:59:9a:db:37:a6:dc:ff:
0f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:1A:6D:73:0E:C3:A2:25:64:8C:C8:F1:B3:3A:21:50:D5:65:3C:CB
X509v3 Authority Key Identifier:
keyid:9C:07:1E:81:4D:80:B1:0E:2C:A1:F7:1E:9B:2E:53:5C:39:05:CB:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A998A/522CB7347AE811EF9A4A4737C4F9AE02/nAcegU2AsQ4sofcemy5TXDkFy2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nAcegU2AsQ4sofcemy5TXDkFy2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A998A/522CB7347AE811EF9A4A4737C4F9AE02/B6DE83747AE811EF94E01B38C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.181.0-43.230.182.255
103.50.0.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:7c:16:8a:4b:24:b6:e3:be:08:95:4e:25:0e:52:de:b1:43:
b4:f7:41:72:93:c6:44:8e:66:e7:24:71:e3:a8:f3:ec:be:7b:
fe:0c:52:d9:73:f9:1b:91:8d:d5:af:0e:8c:b2:58:c0:ed:ba:
df:70:44:ad:7a:7b:a8:06:f0:6e:b7:4c:8e:dd:68:2b:f7:d9:
cf:5f:cd:6e:9f:c8:75:64:ce:b1:93:9d:d5:8e:6d:50:12:ec:
c0:b0:72:98:af:52:63:04:0b:18:9c:8d:d4:8b:3c:54:7e:49:
66:ae:73:d0:4f:15:e7:7a:32:30:4f:b4:73:75:72:83:bf:f4:
4c:39:9d:41:21:f1:37:4d:c3:91:70:9d:6b:a4:a0:0f:73:ee:
0a:3f:7a:1f:84:dd:32:b2:3e:74:b1:e9:ea:1c:b0:5a:3f:7d:
40:57:47:09:73:6d:e4:be:08:d3:a5:10:96:f7:fc:44:a4:23:
7f:4b:80:48:3a:91:d9:13:94:6d:c6:a6:4f:00:ee:e4:4a:a1:
13:20:25:72:85:19:14:ef:cb:d8:d1:ab:e5:3b:93:b5:81:4e:
b8:3d:f2:b0:cd:09:25:84:f7:0e:00:7f:f2:43:96:02:d1:d7:
fb:ab:06:b3:13:f4:6e:6d:d3:86:39:45:4c:ef:ed:b2:8e:39:
16:cb:38:fb
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIBdTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
OTk4QTExMC8GA1UEBRMoOUMwNzFFODE0RDgwQjEwRTJDQTFGNzFFOUIyRTUzNUMz
OTA1Q0I2NTAeFw0yNTAzMDUwNzUzMTBaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YzgwMmU2LWM1OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDkackFdzVDwgJ06ztC6D4C5CuMabw1XK6JHLe0F6DDQOXhV1Ad33KzXPOe+CGq
LeMKP2IcbihpZsNCOkE8ph9mk4zyjXIPF4FtJkhIuLJLFiIlgIgB7oYtgLrCe6Nf
P8jzN7XeR5qnTo0YmoAv/5qaFX/bNDqYrw3nst/ogV2wizUJ5AKyMYOnRqJq2+AQ
dWYb8MSchJ31qgVGuYw6+g9Q8Y5bRPkkB1yffAb5m/tnG2kmWujPXL2L5f0+d5Os
dTnGuCa7pe18sVsCySTK7xkVemO2zSYNpY/TJZipSQowALGp4MKNkj27z+qBGzhO
09AirEUqF9g1WZrbN6bc/w9DAgMBAAGjggKjMIICnzAdBgNVHQ4EFgQUCxptcw7D
oiVkjMjxszohUNVlPMswHwYDVR0jBBgwFoAUnAcegU2AsQ4sofcemy5TXDkFy2Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5OThBLzUyMkNCNzM0N0FF
ODExRUY5QTRBNDczN0M0RjlBRTAyL25BY2VnVTJBc1E0c29mY2VteTVUWERrRnky
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbkFjZWdVMkFzUTRzb2ZjZW15NVRYRGtGeTJVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
OTk4QS81MjJDQjczNDdBRTgxMUVGOUE0QTQ3MzdDNEY5QUUwMi9CNkRFODM3NDdB
RTgxMUVGOTRFMDFCMzhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAtBggrBgEFBQcBBwEB/wQe
MBwwGgQCAAEwFDAMAwQAK+a1AwQAK+a2AwQCZzIAMA0GCSqGSIb3DQEBCwUAA4IB
AQCtfBaKSyS2474IlU4lDlLesUO090Fyk8ZEjmbnJHHjqPPsvnv+DFLZc/kbkY3V
rw6MsljA7brfcEStenuoBvBut0yO3Wgr99nPX81un8h1ZM6xk53Vjm1QEuzAsHKY
r1JjBAsYnI3UizxUfklmrnPQTxXnejIwT7RzdXKDv/RMOZ1BIfE3TcORcJ1rpKAP
c+4KP3ofhN0ysj50senqHLBaP31AV0cJc23kvgjTpRCW9/xEpCN/S4BIOpHZE5Rt
xqZPAO7kSqETICVyhRkU78vY0avlO5O1gU64PfKwzQklhPcOAH/yQ5YC0df7qwaz
E/RubdOGOUVM7+2yjjkWyzj7
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:23:23 2025 by rpki-client