Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/222F2952038511EFAF036327C4F9AE02.roa
File: 222F2952038511EFAF036327C4F9AE02.roa (raw, json)
Hash identifier: 0POds3yRjM0RD6yJRDt5kjZrzEVN1RcsA2tdedecI4c=
Subject key identifier: EA:E6:62:09:C2:3D:31:4E:47:1F:71:79:13:E8:78:51:74:3E:DD:64
Certificate issuer: /CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F
Certificate serial: D2
Authority key identifier: BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/222F2952038511EFAF036327C4F9AE02.roa
Signing time: Thu 27 Mar 2025 05:42:49 +0000
ROA not before: Thu 27 Mar 2025 05:42:49 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 4213
IP address blocks: 43.252.120.0/22 maxlen: 22
43.252.120.0/24 maxlen: 24
103.233.80.0/23 maxlen: 23
103.233.82.0/24 maxlen: 24
103.233.83.0/24 maxlen: 24
110.34.151.0/24 maxlen: 24
110.34.166.0/24 maxlen: 24
110.34.186.0/23 maxlen: 23
110.34.188.0/23 maxlen: 23
110.34.191.0/24 maxlen: 24
110.34.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 210 (0xd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AC532
Validity
Not Before: Mar 27 05:42:49 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e4e558-0c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:90:f7:ab:f3:bd:5a:cd:e6:e8:3e:70:1a:2b:
a1:92:7b:5a:49:d0:69:8d:22:a3:c9:ce:c6:13:9f:
7b:e7:b1:43:ab:05:f5:d3:60:b8:ef:5c:e4:20:ec:
be:3d:d2:d9:ff:8b:ae:af:d5:95:dd:d5:b0:60:fe:
08:05:02:44:67:a2:9e:67:a4:8e:31:6b:0f:cd:23:
32:7a:cc:94:31:82:f4:54:5a:7f:78:65:97:53:eb:
80:91:77:0b:f0:bc:c9:76:b6:77:82:79:a7:2b:26:
48:d7:66:a9:b0:c5:dc:18:fb:6c:27:9e:35:bb:ca:
01:25:75:b8:d1:42:84:06:c2:81:a7:dd:3d:1a:83:
2b:86:17:20:91:90:ac:b9:b5:84:91:43:3d:ba:c6:
8f:e9:71:14:2f:3a:a8:f5:47:3d:77:26:51:2f:d2:
b4:b1:b4:2c:83:d6:39:f8:3d:5a:47:43:be:43:fa:
d3:b7:62:a4:40:d0:97:43:cb:3b:c2:5b:96:48:cc:
2a:14:ef:81:5d:b1:e5:e4:ee:ac:d5:2c:d5:30:db:
19:4e:b5:23:cd:07:44:ec:cd:5c:6b:43:75:c7:94:
89:06:04:a3:63:4b:66:d7:6f:86:54:a7:2a:de:43:
84:b8:73:75:7d:88:a2:83:f7:09:51:d9:ab:2b:0a:
52:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:E6:62:09:C2:3D:31:4E:47:1F:71:79:13:E8:78:51:74:3E:DD:64
X509v3 Authority Key Identifier:
keyid:BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/222F2952038511EFAF036327C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.120.0/22
103.233.80.0/22
110.34.151.0/24
110.34.166.0/24
110.34.186.0-110.34.189.255
110.34.191.0/24
110.34.217.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:54:68:54:e4:cc:14:d9:c3:41:9b:73:e4:7a:39:d7:3b:29:
d5:62:cb:5e:ed:34:c0:73:f6:ea:55:e6:60:a5:26:b4:04:99:
d9:16:c3:7a:81:d3:da:41:05:c8:7d:49:83:60:5d:7d:d3:44:
50:12:ea:73:e3:2d:3f:e8:67:27:7a:42:d2:d4:60:ca:04:89:
be:b0:fd:6f:16:f8:bf:d1:1f:de:c8:0c:da:e5:8f:cf:cf:d7:
5e:5e:d8:e0:ef:fc:0c:ba:a9:44:2c:eb:c1:b8:92:45:fb:fe:
ba:ea:82:59:88:01:3a:1d:e2:f8:ea:f3:11:b3:8e:d6:d7:49:
c0:9a:f7:9e:44:38:b1:df:16:16:3a:75:0d:f8:33:3d:88:25:
ff:96:78:86:5b:b0:6e:8a:26:1b:ed:42:b4:38:46:c6:e0:42:
8b:5f:47:71:57:1b:bb:d0:0e:2a:61:44:8e:72:79:1f:3c:e6:
28:71:b5:94:57:c1:69:5f:aa:1d:89:be:4a:b8:10:7b:dc:ed:
5c:80:cf:39:92:66:ee:d5:c9:99:7f:3b:54:e2:8a:0d:31:d7:
c5:05:9c:8d:e5:0b:8c:6f:2f:45:ea:e6:3c:3f:3f:75:c0:d4:
a9:98:f0:e9:a6:79:00:ca:bd:1f:fb:c6:c5:b8:f8:4f:cf:30:
a8:a6:c3:c6
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICANIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUM1MzIxMTAvBgNVBAUTKEJDQUIzRTc2Rjg0RUQ0Mzc0MkYyQTA4MTI0MjcwOEU3
OTlDRTFCNUYwHhcNMjUwMzI3MDU0MjQ5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U0ZTU1OC0wYzA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0ZD3q/O9Ws3m6D5wGiuhkntaSdBpjSKjyc7GE59757FDqwX102C471zkIOy+
PdLZ/4uur9WV3dWwYP4IBQJEZ6KeZ6SOMWsPzSMyesyUMYL0VFp/eGWXU+uAkXcL
8LzJdrZ3gnmnKyZI12apsMXcGPtsJ541u8oBJXW40UKEBsKBp909GoMrhhcgkZCs
ubWEkUM9usaP6XEULzqo9Uc9dyZRL9K0sbQsg9Y5+D1aR0O+Q/rTt2KkQNCXQ8s7
wluWSMwqFO+BXbHl5O6s1SzVMNsZTrUjzQdE7M1ca0N1x5SJBgSjY0tm12+GVKcq
3kOEuHN1fYiig/cJUdmrKwpSEwIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFOrmYgnC
PTFORx9xeRPoeFF0Pt1kMB8GA1UdIwQYMBaAFLyrPnb4TtQ3QvKggSQnCOeZzhtf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQzUzMi9EQUEwRDBCNDAz
N0UxMUVGODUyMEU3NThDNEY5QUUwMi92S3MtZHZoTzFEZEM4cUNCSkNjSTU1bk9H
MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZLcy1kdmhPMURkQzhxQ0JKQ2NJNTVuT0cxOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUM1MzIvREFBMEQwQjQwMzdFMTFFRjg1MjBFNzU4QzRGOUFFMDIvMjIyRjI5NTIw
Mzg1MTFFRkFGMDM2MzI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MDgEAgABMDIDBAIr/HgDBAJn6VADBABuIpcDBABuIqYwDAMEAW4iugMEAW4i
vAMEAG4ivwMEAG4i2TANBgkqhkiG9w0BAQsFAAOCAQEAt1RoVOTMFNnDQZtz5Ho5
1zsp1WLLXu00wHP26lXmYKUmtASZ2RbDeoHT2kEFyH1Jg2BdfdNEUBLqc+MtP+hn
J3pC0tRgygSJvrD9bxb4v9Ef3sgM2uWPz8/XXl7Y4O/8DLqpRCzrwbiSRfv+uuqC
WYgBOh3i+OrzEbOO1tdJwJr3nkQ4sd8WFjp1DfgzPYgl/5Z4hluwboomG+1CtDhG
xuBCi19HcVcbu9AOKmFEjnJ5HzzmKHG1lFfBaV+qHYm+SrgQe9ztXIDPOZJm7tXJ
mX87VOKKDTHXxQWcjeULjG8vRermPD8/dcDUqZjw6aZ5AMq9H/vGxbj4T88wqKbD
xg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:53:15 2025 by rpki-client