Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911AE24/F2F675FEF3FF11ED952D741CC4F9AE02/EDDDD55C252E11EEB91A8941C4F9AE02.roa
File: EDDDD55C252E11EEB91A8941C4F9AE02.roa (raw, json)
Hash identifier: FVltAYipOD9ESgI+qOY0I+92Q4+raVRl2aTMJVFkTA0=
Subject key identifier: B1:FB:5C:58:BC:9B:0D:8F:83:D8:19:FC:00:56:A3:41:CB:40:26:BA
Certificate issuer: /CN=A911AE24/serialNumber=24223D0C7D101DB7AD7E3CB8DDB170629365CAEE
Certificate serial: 0160
Authority key identifier: 24:22:3D:0C:7D:10:1D:B7:AD:7E:3C:B8:DD:B1:70:62:93:65:CA:EE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JCI9DH0QHbetfjy43bFwYpNlyu4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911AE24/F2F675FEF3FF11ED952D741CC4F9AE02/EDDDD55C252E11EEB91A8941C4F9AE02.roa
Signing time: Thu 20 Feb 2025 15:46:09 +0000
ROA not before: Thu 20 Feb 2025 15:46:09 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 151333
IP address blocks: 103.199.140.0/24 maxlen: 24
103.199.141.0/24 maxlen: 24
2001:df2:70c0::/48 maxlen: 48
2001:df2:70c1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 352 (0x160)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AE24
Validity
Not Before: Feb 20 15:46:09 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67b74e41-851a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:37:5f:33:d0:ce:d8:8f:ef:e8:d9:05:c6:bf:
3d:07:6c:28:7f:50:7a:88:16:3c:89:1b:0a:9b:5e:
fe:8b:aa:db:7d:50:6c:88:86:72:d2:9f:a5:0c:17:
bf:c8:96:22:01:89:1c:ba:11:66:7e:1c:b8:c4:86:
51:38:d1:fe:df:f9:31:5a:4e:5f:04:a2:4a:ab:bb:
69:d9:b6:ca:3b:be:fd:ab:4a:6d:29:24:86:0e:f1:
35:8e:c3:a6:23:4d:83:63:55:17:2a:f8:9d:2e:97:
dc:e2:a9:b7:b1:ad:be:36:75:b0:39:1a:73:19:e6:
c1:a2:4c:f6:4b:20:e4:7a:c3:f4:b5:e3:19:80:cd:
ce:a0:ba:53:00:7a:e0:4d:26:ee:06:41:e1:cb:72:
0c:81:11:71:a6:62:ad:b5:54:5d:e1:9c:6e:27:8d:
81:ec:f9:f3:83:35:f3:83:85:ca:06:02:98:59:b2:
03:3b:0c:f6:dd:84:f3:a5:c5:47:0f:33:84:96:b6:
18:1a:2f:ee:f4:ab:03:bb:1f:95:a2:8c:5d:1a:bd:
3b:11:71:52:b7:de:dd:b6:9e:9c:dd:e6:bb:9f:66:
e2:12:98:61:ac:2a:25:7b:8b:3e:dc:0d:c5:49:30:
82:37:f3:ae:2f:a0:41:e8:64:b9:48:de:70:16:6f:
c6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:FB:5C:58:BC:9B:0D:8F:83:D8:19:FC:00:56:A3:41:CB:40:26:BA
X509v3 Authority Key Identifier:
keyid:24:22:3D:0C:7D:10:1D:B7:AD:7E:3C:B8:DD:B1:70:62:93:65:CA:EE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911AE24/F2F675FEF3FF11ED952D741CC4F9AE02/JCI9DH0QHbetfjy43bFwYpNlyu4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JCI9DH0QHbetfjy43bFwYpNlyu4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AE24/F2F675FEF3FF11ED952D741CC4F9AE02/EDDDD55C252E11EEB91A8941C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.199.140.0/23
IPv6:
2001:df2:70c0::/47
Signature Algorithm: sha256WithRSAEncryption
97:f6:90:34:bf:e7:30:86:a9:d2:6a:33:70:d2:fe:b5:b4:0a:
f3:0d:86:2a:a7:69:83:2f:9a:d6:26:ea:3e:39:1c:db:b9:83:
8a:66:79:ad:df:6a:4b:c6:0c:d7:c6:2f:4f:4e:23:d0:05:cf:
dc:5f:ca:2a:de:1a:b6:af:1c:71:d1:31:67:56:2b:06:85:04:
11:3c:09:74:3a:c4:d5:e7:7c:2e:cb:6e:15:8d:0c:ef:12:9c:
3e:d7:e1:07:d8:1d:c0:b2:6e:1e:b6:a2:df:8b:4c:49:05:26:
3b:52:30:9d:d4:52:44:59:4a:6c:67:26:e4:37:56:8a:14:eb:
45:96:da:30:a4:93:d4:82:9c:1b:5d:38:db:ef:7d:d3:2a:c8:
fe:46:ea:3c:c2:f2:21:6a:f2:0b:f9:dd:81:4f:b4:69:96:57:
44:aa:37:3e:ba:47:3e:bd:2a:3d:62:7d:6e:31:8a:3c:e8:f1:
a0:59:07:62:4b:ae:46:79:69:a5:b3:44:ae:5e:59:1c:0a:43:
60:9b:b5:94:91:ca:2b:3e:61:44:90:c5:f6:e8:9d:39:6f:ed:
5c:3b:f3:68:b6:e1:82:bd:23:44:55:c9:c5:35:cc:7a:83:b5:
11:2c:5f:6a:5e:e2:53:d8:55:0e:90:d9:0f:8d:53:65:5d:14:
3c:af:90:50
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUFFMjQxMTAvBgNVBAUTKDI0MjIzRDBDN0QxMDFEQjdBRDdFM0NCOEREQjE3MDYy
OTM2NUNBRUUwHhcNMjUwMjIwMTU0NjA5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I3NGU0MS04NTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxDdfM9DO2I/v6NkFxr89B2wof1B6iBY8iRsKm17+i6rbfVBsiIZy0p+lDBe/
yJYiAYkcuhFmfhy4xIZRONH+3/kxWk5fBKJKq7tp2bbKO779q0ptKSSGDvE1jsOm
I02DY1UXKvidLpfc4qm3sa2+NnWwORpzGebBokz2SyDkesP0teMZgM3OoLpTAHrg
TSbuBkHhy3IMgRFxpmKttVRd4ZxuJ42B7PnzgzXzg4XKBgKYWbIDOwz23YTzpcVH
DzOElrYYGi/u9KsDux+VooxdGr07EXFSt97dtp6c3ea7n2biEphhrCole4s+3A3F
STCCN/OuL6BB6GS5SN5wFm/G1wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLH7XFi8
mw2Pg9gZ/ABWo0HLQCa6MB8GA1UdIwQYMBaAFCQiPQx9EB23rX48uN2xcGKTZcru
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUUyNC9GMkY2NzVGRUYz
RkYxMUVEOTUyRDc0MUNDNEY5QUUwMi9KQ0k5REgwUUhiZXRmank0M2JGd1lwTmx5
dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pDSTlESDBRSGJldGZqeTQzYkZ3WXBObHl1NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUFFMjQvRjJGNjc1RkVGM0ZGMTFFRDk1MkQ3NDFDQzRGOUFFMDIvRUREREQ1NUMy
NTJFMTFFRUI5MUE4OTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnx4wwDwQCAAIwCQMHASABDfJwwDANBgkqhkiG9w0BAQsF
AAOCAQEAl/aQNL/nMIap0mozcNL+tbQK8w2GKqdpgy+a1ibqPjkc27mDimZ5rd9q
S8YM18YvT04j0AXP3F/KKt4atq8ccdExZ1YrBoUEETwJdDrE1ed8LstuFY0M7xKc
PtfhB9gdwLJuHrai34tMSQUmO1IwndRSRFlKbGcm5DdWihTrRZbaMKST1IKcG104
2+990yrI/kbqPMLyIWryC/ndgU+0aZZXRKo3PrpHPr0qPWJ9bjGKPOjxoFkHYkuu
RnlppbNErl5ZHApDYJu1lJHKKz5hRJDF9uidOW/tXDvzaLbhgr0jRFXJxTXMeoO1
ESxfal7iU9hVDpDZD41TZV0UPK+QUA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:04:04 2025 by rpki-client