Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912A3C4/3EE64C1AB10411EAA384165AC4F9AE02/518ED8E0B10511EAA4771B5BC4F9AE02.roa
File: 518ED8E0B10511EAA4771B5BC4F9AE02.roa (raw, json)
Hash identifier: /AfMDdlUI8cvlyQqr8rioborDgBP3t18ByLX0Pcso10=
Subject key identifier: E1:1D:82:BC:02:F7:30:71:F1:80:7C:0C:39:2B:CC:6D:A8:73:20:EA
Certificate issuer: /CN=A912A3C4/serialNumber=9523AD25ECAD5CC525EC42E9EC1DAE4FDFD86057
Certificate serial: 08A0
Authority key identifier: 95:23:AD:25:EC:AD:5C:C5:25:EC:42:E9:EC:1D:AE:4F:DF:D8:60:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lSOtJeytXMUl7ELp7B2uT9_YYFc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912A3C4/3EE64C1AB10411EAA384165AC4F9AE02/518ED8E0B10511EAA4771B5BC4F9AE02.roa
Signing time: Thu 06 Feb 2025 16:04:01 +0000
ROA not before: Thu 06 Feb 2025 16:04:01 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 38887
IP address blocks: 103.150.248.0/23 maxlen: 24
2406:fc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2208 (0x8a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912A3C4
Validity
Not Before: Feb 6 16:04:01 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67a4dd70-985b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3e:a1:d5:15:df:ae:78:bd:d7:c4:3e:4f:c4:
a5:e6:c2:f9:d4:51:a0:e4:e8:12:c6:cd:a5:ff:d0:
47:72:ea:d9:ae:b1:0f:e8:31:53:e6:4b:72:ba:f2:
34:b9:1a:b9:de:ff:07:b1:cf:21:43:00:90:8c:e2:
70:5c:4f:3d:4b:37:a2:52:78:59:48:85:e5:0d:0f:
6f:1a:d5:c6:07:65:ee:94:ce:e8:85:dc:6a:76:23:
d4:c8:a5:9b:2c:78:42:2e:5b:12:2c:ef:ab:eb:e9:
5f:08:43:0d:ba:02:6a:13:46:69:d8:20:0c:e6:f3:
b5:5d:f2:64:4d:9c:7d:64:b3:a4:db:80:42:77:42:
ce:12:17:c7:47:85:f8:a9:8f:f7:35:03:f5:be:e3:
86:24:49:b7:7d:cb:a0:a8:76:b4:0a:e2:91:0a:74:
52:ca:e7:59:a6:3d:26:44:d7:df:b6:23:0c:b8:36:
20:66:8d:16:2b:24:f9:f3:41:70:b6:89:69:45:bc:
0e:80:12:84:ef:12:c8:11:ec:fd:ed:53:d5:6a:36:
76:bf:3e:c4:19:fa:05:18:e0:24:8c:5e:f3:20:d1:
e8:30:2b:ab:47:b4:cd:08:81:51:c4:41:a2:fb:0b:
5b:1f:aa:42:4a:b4:9f:80:87:60:63:6c:c7:d2:42:
ab:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:1D:82:BC:02:F7:30:71:F1:80:7C:0C:39:2B:CC:6D:A8:73:20:EA
X509v3 Authority Key Identifier:
keyid:95:23:AD:25:EC:AD:5C:C5:25:EC:42:E9:EC:1D:AE:4F:DF:D8:60:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912A3C4/3EE64C1AB10411EAA384165AC4F9AE02/lSOtJeytXMUl7ELp7B2uT9_YYFc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lSOtJeytXMUl7ELp7B2uT9_YYFc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912A3C4/3EE64C1AB10411EAA384165AC4F9AE02/518ED8E0B10511EAA4771B5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.150.248.0/23
IPv6:
2406:fc0::/32
Signature Algorithm: sha256WithRSAEncryption
a8:10:22:74:df:d0:60:af:7f:0a:6b:6f:af:26:9f:a0:cc:65:
29:d3:a6:e4:0d:7a:b3:47:49:22:f5:de:fb:c9:59:dc:10:1b:
d5:3d:33:64:c3:de:8e:35:ef:5b:06:09:43:a5:6d:d4:17:d9:
66:3e:00:47:a4:0a:50:8c:21:90:e1:70:08:f9:c0:da:56:a9:
9f:5a:80:50:9f:e3:5c:b9:f3:53:97:a4:7e:5f:25:f8:84:b8:
a9:29:e8:09:18:77:b1:1f:f1:eb:29:52:0d:cb:51:00:73:10:
b6:4b:13:97:81:2c:d6:23:5d:4d:bb:fa:cc:ac:c5:6c:66:c7:
90:61:92:40:39:8b:53:54:ca:cf:f7:7f:13:dc:6e:b1:74:05:
d4:59:6a:3a:cd:6d:58:79:d0:df:62:e2:ee:56:59:d1:a1:f4:
d3:51:59:d0:85:6e:de:f7:7a:d9:5a:1d:ca:50:a2:41:84:bb:
2a:68:6b:92:01:8d:da:bd:f2:9c:7c:4d:96:36:ed:3b:2d:44:
94:cf:6b:54:26:ec:d4:f3:71:6a:45:2b:ed:cd:98:9a:e4:e3:
38:71:63:dc:96:9f:f6:31:fb:02:97:21:a1:a8:5e:87:a9:f3:
e4:85:e6:b8:65:fa:2e:24:9f:76:83:61:31:d7:56:4d:ee:2a:
df:17:f0:db
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkEzQzQxMTAvBgNVBAUTKDk1MjNBRDI1RUNBRDVDQzUyNUVDNDJFOUVDMURBRTRG
REZEODYwNTcwHhcNMjUwMjA2MTYwNDAxWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E0ZGQ3MC05ODViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtj6h1RXfrni918Q+T8Sl5sL51FGg5OgSxs2l/9BHcurZrrEP6DFT5ktyuvI0
uRq53v8Hsc8hQwCQjOJwXE89SzeiUnhZSIXlDQ9vGtXGB2XulM7ohdxqdiPUyKWb
LHhCLlsSLO+r6+lfCEMNugJqE0Zp2CAM5vO1XfJkTZx9ZLOk24BCd0LOEhfHR4X4
qY/3NQP1vuOGJEm3fcugqHa0CuKRCnRSyudZpj0mRNfftiMMuDYgZo0WKyT580Fw
tolpRbwOgBKE7xLIEez97VPVajZ2vz7EGfoFGOAkjF7zINHoMCurR7TNCIFRxEGi
+wtbH6pCSrSfgIdgY2zH0kKriwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOEdgrwC
9zBx8YB8DDkrzG2ocyDqMB8GA1UdIwQYMBaAFJUjrSXsrVzFJexC6ewdrk/f2GBX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQTNDNC8zRUU2NEMxQUIx
MDQxMUVBQTM4NDE2NUFDNEY5QUUwMi9sU090SmV5dFhNVWw3RUxwN0IydVQ5X1lZ
RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xTT3RKZXl0WE1VbDdFTHA3QjJ1VDlfWVlGYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkEzQzQvM0VFNjRDMUFCMTA0MTFFQUEzODQxNjVBQzRGOUFFMDIvNTE4RUQ4RTBC
MTA1MTFFQUE0NzcxQjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnlvgwDQQCAAIwBwMFACQGD8AwDQYJKoZIhvcNAQELBQAD
ggEBAKgQInTf0GCvfwprb68mn6DMZSnTpuQNerNHSSL13vvJWdwQG9U9M2TD3o41
71sGCUOlbdQX2WY+AEekClCMIZDhcAj5wNpWqZ9agFCf41y581OXpH5fJfiEuKkp
6AkYd7Ef8espUg3LUQBzELZLE5eBLNYjXU27+sysxWxmx5BhkkA5i1NUys/3fxPc
brF0BdRZajrNbVh50N9i4u5WWdGh9NNRWdCFbt73etlaHcpQokGEuypoa5IBjdq9
8px8TZY27TstRJTPa1Qm7NTzcWpFK+3NmJrk4zhxY9yWn/Yx+wKXIaGoXoep8+SF
5rhl+i4kn3aDYTHXVk3uKt8X8Ns=
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:01:31 2025 by rpki-client