Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/CD87789870C411EF9CC65F6BC4F9AE02.roa
File: CD87789870C411EF9CC65F6BC4F9AE02.roa (raw, json)
Hash identifier: Z8+h4C3SXJhbXUua72HJRAWsoLtqFLLA8RRdoFt4VPk=
Subject key identifier: 63:24:F6:97:02:CA:A1:EF:FD:6A:B6:61:5E:75:36:20:C5:E6:E7:49
Certificate issuer: /CN=A91B3D30/serialNumber=01EE089DD4867B2CB276582AA97B318F509EA6EE
Certificate serial: 0AD6
Authority key identifier: 01:EE:08:9D:D4:86:7B:2C:B2:76:58:2A:A9:7B:31:8F:50:9E:A6:EE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ae4IndSGeyyydlgqqXsxj1Cepu4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/CD87789870C411EF9CC65F6BC4F9AE02.roa
Signing time: Mon 02 Dec 2024 19:38:13 +0000
ROA not before: Mon 02 Dec 2024 19:38:13 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 17408
IP address blocks: 43.239.104.0/24 maxlen: 24
43.239.105.0/24 maxlen: 24
43.239.106.0/24 maxlen: 24
103.23.128.0/22 maxlen: 22
103.244.220.0/24 maxlen: 24
103.244.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2774 (0xad6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B3D30
Validity
Not Before: Dec 2 19:38:13 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=674e0ca4-0314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c9:32:1d:64:18:2f:ea:7f:1c:fe:c9:29:68:
01:14:25:dc:77:d5:e5:49:55:b8:d1:fe:de:b0:21:
3b:30:1e:86:8f:5e:7d:e5:91:34:a1:d1:0a:4a:5e:
b5:38:29:1e:bb:12:50:78:f7:e8:ac:fa:f8:06:01:
f1:2a:c7:a4:99:e4:b8:44:b9:78:a6:ec:7f:65:9c:
65:72:f4:bd:95:35:70:5e:86:b4:16:35:37:8b:d3:
93:a0:5e:0f:46:d9:f8:32:a5:2a:55:b6:51:f7:16:
14:ce:c7:f8:ce:07:0b:fd:b1:5e:63:c2:d2:4e:cc:
c8:23:72:21:35:61:49:37:1a:f9:53:08:93:59:b8:
97:5e:23:40:dd:66:c8:b4:75:9b:2e:0d:2b:9a:88:
25:dd:7a:23:af:4b:cd:6c:57:62:b9:f8:a2:41:a4:
38:d1:ed:65:b7:9f:25:79:f2:5a:9d:04:ee:bd:d0:
cb:13:fc:49:03:77:bc:32:76:77:88:3e:47:f2:2d:
c5:8b:a6:b7:2a:8c:01:2a:0e:9b:a7:88:fb:be:70:
8a:09:cc:c9:56:bc:2c:24:0a:20:2c:b4:f0:b5:68:
ea:08:48:67:37:1b:38:aa:ea:2a:65:1a:6b:26:4e:
c2:fc:80:51:4f:49:6d:6b:87:aa:5d:c8:dc:04:2b:
bd:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:24:F6:97:02:CA:A1:EF:FD:6A:B6:61:5E:75:36:20:C5:E6:E7:49
X509v3 Authority Key Identifier:
keyid:01:EE:08:9D:D4:86:7B:2C:B2:76:58:2A:A9:7B:31:8F:50:9E:A6:EE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/Ae4IndSGeyyydlgqqXsxj1Cepu4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ae4IndSGeyyydlgqqXsxj1Cepu4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/CD87789870C411EF9CC65F6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.104.0-43.239.106.255
103.23.128.0/22
103.244.220.0/24
103.244.222.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:e0:99:3a:f2:d8:cf:7f:6d:22:1b:fc:ff:8b:a1:6a:04:9f:
c4:97:5a:5c:d3:de:5f:0c:6f:c3:75:54:2f:31:58:e8:8d:65:
15:95:e7:48:a3:93:d0:7c:15:20:6c:b7:cf:d4:17:24:73:94:
fa:e7:16:e3:21:05:05:67:c6:2b:39:6b:01:70:cb:6f:14:01:
01:68:32:6b:0c:08:4a:3d:55:c5:6e:45:5f:10:2e:6c:63:24:
ef:06:7d:96:ce:1b:de:03:f9:47:16:6b:1f:af:d7:c8:b8:c7:
95:0e:91:bd:89:fc:dd:82:63:0f:35:81:39:cd:4b:5c:cc:78:
ff:b3:dc:9e:1b:6d:a5:5f:57:3e:6a:71:b7:d6:49:d8:0c:44:
ac:dd:a1:55:fb:93:38:2c:e7:88:17:f0:e5:b5:1a:14:9d:34:
d4:da:83:3b:a4:fe:3d:75:11:34:1e:a6:1a:a5:50:02:90:52:
10:59:41:aa:db:d7:f5:e9:a3:3f:16:b6:c0:dd:1e:65:ac:3d:
01:1e:06:d2:27:f4:96:bf:f7:06:13:d3:66:19:80:1e:13:c7:
09:e4:c4:08:78:48:48:38:0a:38:b2:7d:8b:ff:30:27:8f:9d:
a4:f6:df:79:dd:b1:56:da:a5:f2:3b:80:a0:2d:79:a6:e7:ec:
7d:86:85:ee
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICCtYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjNEMzAxMTAvBgNVBAUTKDAxRUUwODlERDQ4NjdCMkNCMjc2NTgyQUE5N0IzMThG
NTA5RUE2RUUwHhcNMjQxMjAyMTkzODEzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlMGNhNC0wMzE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyckyHWQYL+p/HP7JKWgBFCXcd9XlSVW40f7esCE7MB6Gj1595ZE0odEKSl61
OCkeuxJQePforPr4BgHxKsekmeS4RLl4pux/ZZxlcvS9lTVwXoa0FjU3i9OToF4P
Rtn4MqUqVbZR9xYUzsf4zgcL/bFeY8LSTszII3IhNWFJNxr5UwiTWbiXXiNA3WbI
tHWbLg0rmogl3Xojr0vNbFdiufiiQaQ40e1lt58lefJanQTuvdDLE/xJA3e8MnZ3
iD5H8i3Fi6a3KowBKg6bp4j7vnCKCczJVrwsJAogLLTwtWjqCEhnNxs4quoqZRpr
Jk7C/IBRT0lta4eqXcjcBCu9eQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFGMk9pcC
yqHv/Wq2YV51NiDF5udJMB8GA1UdIwQYMBaAFAHuCJ3UhnsssnZYKql7MY9Qnqbu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0QzMC9FM0RGNDY5QzQx
NjgxMUVBQUU4QTc3NTBDNEY5QUUwMi9BZTRJbmRTR2V5eXlkbGdxcVhzeGoxQ2Vw
dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FlNEluZFNHZXl5eWRsZ3FxWHN4ajFDZXB1NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjNEMzAvRTNERjQ2OUM0MTY4MTFFQUFFOEE3NzUwQzRGOUFFMDIvQ0Q4Nzc4OTg3
MEM0MTFFRjlDQzY1RjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCAwDAMEAyvvaAMEACvvagMEAmcXgAMEAGf03AMEAGf03jANBgkq
hkiG9w0BAQsFAAOCAQEAHOCZOvLYz39tIhv8/4uhagSfxJdaXNPeXwxvw3VULzFY
6I1lFZXnSKOT0HwVIGy3z9QXJHOU+ucW4yEFBWfGKzlrAXDLbxQBAWgyawwISj1V
xW5FXxAubGMk7wZ9ls4b3gP5RxZrH6/XyLjHlQ6RvYn83YJjDzWBOc1LXMx4/7Pc
nhttpV9XPmpxt9ZJ2AxErN2hVfuTOCzniBfw5bUaFJ001NqDO6T+PXURNB6mGqVQ
ApBSEFlBqtvX9emjPxa2wN0eZaw9AR4G0if0lr/3BhPTZhmAHhPHCeTECHhISDgK
OLJ9i/8wJ4+dpPbfed2xVtql8juAoC15pufsfYaF7g==
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:34:56 2025 by rpki-client