Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9123D9C/455942D650B211E9B5DB6A6BC4F9AE02/04C5DE76FF2711EAB7D5F235C4F9AE02.roa
File: 04C5DE76FF2711EAB7D5F235C4F9AE02.roa (raw, json)
Hash identifier: DMn88YNhtANf7oJNpEm/YcL69wX9rnoBHpOTc6fAMAs=
Subject key identifier: 1B:90:39:6E:58:7F:49:55:54:E6:81:D9:79:36:8C:57:AF:BC:18:D9
Certificate issuer: /CN=A9123D9C/serialNumber=5B2CF0FB62F160F1838AEE3E6CDE07544DFF8BFF
Certificate serial: 102B
Authority key identifier: 5B:2C:F0:FB:62:F1:60:F1:83:8A:EE:3E:6C:DE:07:54:4D:FF:8B:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wyzw-2LxYPGDiu4-bN4HVE3_i_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9123D9C/455942D650B211E9B5DB6A6BC4F9AE02/04C5DE76FF2711EAB7D5F235C4F9AE02.roa
Signing time: Wed 12 Feb 2025 18:06:13 +0000
ROA not before: Wed 12 Feb 2025 18:06:13 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 41378
IP address blocks: 103.136.184.0/24 maxlen: 24
103.136.185.0/24 maxlen: 24
103.136.186.0/24 maxlen: 24
103.136.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4139 (0x102b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9123D9C
Validity
Not Before: Feb 12 18:06:13 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ace315-944c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8d:09:7f:27:11:fb:f6:25:0d:4d:86:eb:3f:
72:ce:40:f7:6e:b7:86:3d:26:89:c1:0e:b6:25:59:
97:67:b9:bf:60:a9:ea:12:e2:e7:bb:62:68:a2:e9:
d8:26:a8:4e:f0:f9:7e:22:7d:e3:ec:16:1b:c8:2e:
0d:5e:74:ff:21:4f:95:09:05:f0:b9:4b:3c:e4:d6:
52:50:44:15:73:41:67:00:98:df:c9:52:f9:11:66:
98:cc:5b:21:44:f7:52:cd:60:da:de:a0:cf:15:a5:
b6:a7:3a:8d:3e:10:f9:c4:76:36:eb:c1:a5:b5:b4:
b8:eb:be:17:46:18:0b:36:6d:d4:51:ce:8f:5d:d1:
12:c0:19:1a:c6:fb:d9:7f:9a:ac:95:8b:1a:af:b3:
ce:95:60:5c:2f:4d:90:33:5c:c9:2f:f2:34:40:a0:
89:2d:92:ae:ff:3d:48:20:f7:d5:62:73:55:3d:7d:
65:e7:a1:b4:08:8a:b6:cc:2d:43:93:a6:69:6e:ee:
39:a7:4b:2b:69:95:6a:e9:94:fb:c3:44:70:14:82:
c6:12:a8:32:20:d6:99:9c:11:34:3c:dd:b9:a1:02:
40:9d:dc:ec:8b:dc:7b:85:40:ea:a9:e1:16:dc:5e:
7e:f4:90:3c:4b:ad:23:17:20:c6:d2:62:a3:ad:e9:
67:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:90:39:6E:58:7F:49:55:54:E6:81:D9:79:36:8C:57:AF:BC:18:D9
X509v3 Authority Key Identifier:
keyid:5B:2C:F0:FB:62:F1:60:F1:83:8A:EE:3E:6C:DE:07:54:4D:FF:8B:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9123D9C/455942D650B211E9B5DB6A6BC4F9AE02/Wyzw-2LxYPGDiu4-bN4HVE3_i_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wyzw-2LxYPGDiu4-bN4HVE3_i_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123D9C/455942D650B211E9B5DB6A6BC4F9AE02/04C5DE76FF2711EAB7D5F235C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.184.0/22
Signature Algorithm: sha256WithRSAEncryption
41:a6:88:48:0d:01:e1:c2:97:00:16:95:cc:b1:9b:45:a6:74:
ce:90:15:d6:40:c2:96:fb:3e:14:13:72:b2:13:22:b2:4f:36:
00:3b:b4:6e:1d:58:74:7a:81:8f:0e:69:d8:fc:5d:5f:06:4a:
1a:02:d7:b9:64:52:38:e8:6c:a2:3a:06:3c:47:74:81:7c:bc:
8d:9d:e3:37:aa:61:dd:82:c3:6b:f3:c8:20:6d:e6:e6:a6:f9:
3b:a9:41:c5:0f:bc:ba:49:ca:bd:8f:83:a4:8d:55:cc:ef:70:
6f:21:03:45:95:71:82:75:d5:27:b3:0a:1a:81:c3:c6:e1:5d:
ee:46:ca:9e:27:21:8b:fd:3b:01:69:53:95:fc:d1:08:86:fc:
98:e6:d4:6c:be:9f:2a:35:84:84:75:87:0e:ad:bd:bd:30:bd:
c5:e6:40:3e:b7:c5:62:3c:69:65:32:04:1d:2e:6a:27:e1:28:
6c:8b:40:e6:fb:9d:58:08:0b:6a:c2:c3:de:45:18:1c:38:61:
3f:55:13:f3:4f:a2:0c:ea:b1:97:52:63:d4:26:7b:ae:ef:3e:
ca:a1:0e:47:e1:14:9d:68:44:73:24:a1:5c:4e:c7:ad:d3:b7:
61:7f:e9:d5:ab:0e:53:5f:33:ff:70:76:dc:c1:da:af:2a:42:
f0:ba:33:22
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICECswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjNEOUMxMTAvBgNVBAUTKDVCMkNGMEZCNjJGMTYwRjE4MzhBRUUzRTZDREUwNzU0
NERGRjhCRkYwHhcNMjUwMjEyMTgwNjEzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FjZTMxNS05NDRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuo0JfycR+/YlDU2G6z9yzkD3breGPSaJwQ62JVmXZ7m/YKnqEuLnu2JoounY
JqhO8Pl+In3j7BYbyC4NXnT/IU+VCQXwuUs85NZSUEQVc0FnAJjfyVL5EWaYzFsh
RPdSzWDa3qDPFaW2pzqNPhD5xHY268GltbS4674XRhgLNm3UUc6PXdESwBkaxvvZ
f5qslYsar7POlWBcL02QM1zJL/I0QKCJLZKu/z1IIPfVYnNVPX1l56G0CIq2zC1D
k6Zpbu45p0sraZVq6ZT7w0RwFILGEqgyINaZnBE0PN25oQJAndzsi9x7hUDqqeEW
3F5+9JA8S60jFyDG0mKjrelnwwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBuQOW5Y
f0lVVOaB2Xk2jFevvBjZMB8GA1UdIwQYMBaAFFss8Pti8WDxg4ruPmzeB1RN/4v/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0Q5Qy80NTU5NDJENjUw
QjIxMUU5QjVEQjZBNkJDNEY5QUUwMi9XeXp3LTJMeFlQR0RpdTQtYk40SFZFM19p
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1d5enctMkx4WVBHRGl1NC1iTjRIVkUzX2lfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjNEOUMvNDU1OTQyRDY1MEIyMTFFOUI1REI2QTZCQzRGOUFFMDIvMDRDNURFNzZG
RjI3MTFFQUI3RDVGMjM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJniLgwDQYJKoZIhvcNAQELBQADggEBAEGmiEgNAeHClwAW
lcyxm0WmdM6QFdZAwpb7PhQTcrITIrJPNgA7tG4dWHR6gY8Oadj8XV8GShoC17lk
UjjobKI6BjxHdIF8vI2d4zeqYd2Cw2vzyCBt5uam+TupQcUPvLpJyr2Pg6SNVczv
cG8hA0WVcYJ11SezChqBw8bhXe5Gyp4nIYv9OwFpU5X80QiG/Jjm1Gy+nyo1hIR1
hw6tvb0wvcXmQD63xWI8aWUyBB0uaifhKGyLQOb7nVgIC2rCw95FGBw4YT9VE/NP
ogzqsZdSY9Qme67vPsqhDkfhFJ1oRHMkoVxOx63Tt2F/6dWrDlNfM/9wdtzB2q8q
QvC6MyI=
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:23:41 2025 by rpki-client