Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/923B6404466B11EE8B37E13CC4F9AE02.roa
File: 923B6404466B11EE8B37E13CC4F9AE02.roa (raw, json)
Hash identifier: horX5P75gumDA8WyF+ghzmHcSe0CjNBHMfSInHVl7ao=
Subject key identifier: 7F:AE:55:60:D5:9D:44:B2:6F:A0:EE:26:DF:EA:72:A5:FF:56:DC:23
Certificate issuer: /CN=A912D3CB/serialNumber=EDD2A69686865256C9B0FDDD6B714966D5378F33
Certificate serial: 0A33
Authority key identifier: ED:D2:A6:96:86:86:52:56:C9:B0:FD:DD:6B:71:49:66:D5:37:8F:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7dKmloaGUlbJsP3da3FJZtU3jzM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/923B6404466B11EE8B37E13CC4F9AE02.roa
Signing time: Fri 28 Feb 2025 20:59:33 +0000
ROA not before: Fri 28 Feb 2025 20:59:33 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 58895
IP address blocks: 103.83.20.0/22 maxlen: 22
103.83.20.0/24 maxlen: 24
103.83.21.0/24 maxlen: 24
103.83.22.0/24 maxlen: 24
103.83.23.0/24 maxlen: 24
123.108.94.0/24 maxlen: 24
123.108.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2611 (0xa33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912D3CB
Validity
Not Before: Feb 28 20:59:33 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67c223b4-f26f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:49:33:68:04:96:de:02:17:c1:f9:ad:3b:b0:
e3:80:87:ed:e1:bf:7d:40:61:28:00:a4:ac:7b:cd:
52:1b:9e:50:59:15:09:bf:76:25:15:79:d9:55:1a:
33:24:18:a1:67:4b:8f:fd:61:72:0a:84:e4:9e:dd:
8e:b1:ed:2a:7a:92:f9:16:99:bb:e3:fa:f1:7a:ef:
c1:79:c6:d4:aa:88:de:7a:39:e2:64:33:4c:58:b6:
20:20:f7:7b:b6:02:0a:bd:ad:f6:f7:bf:d4:07:9b:
ba:6a:62:ab:35:e7:9e:0d:25:b8:a4:11:4e:32:61:
7e:3d:b9:df:11:bd:cc:e9:69:26:16:34:9c:13:79:
ff:41:90:4f:ec:f9:fc:18:a4:49:1e:ae:41:d6:79:
fb:02:ee:a0:4d:3a:7c:2f:7d:e4:85:d6:72:f1:19:
3d:ce:d5:fd:bd:d2:8c:12:64:dd:a5:54:a7:3a:51:
3c:1d:0f:78:ef:ae:6a:de:9b:75:2d:2b:bd:e4:65:
c2:eb:e2:7e:3a:8e:37:71:54:95:e7:c7:29:36:03:
ba:e0:0d:4d:a7:d9:ea:df:75:c0:cd:04:58:b3:c4:
c9:0b:ef:03:72:81:c9:3d:9a:e0:66:cb:88:dd:38:
05:c8:4f:8f:a1:bb:ab:42:03:63:21:20:92:e9:9b:
40:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:AE:55:60:D5:9D:44:B2:6F:A0:EE:26:DF:EA:72:A5:FF:56:DC:23
X509v3 Authority Key Identifier:
keyid:ED:D2:A6:96:86:86:52:56:C9:B0:FD:DD:6B:71:49:66:D5:37:8F:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/7dKmloaGUlbJsP3da3FJZtU3jzM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7dKmloaGUlbJsP3da3FJZtU3jzM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/923B6404466B11EE8B37E13CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.83.20.0/22
123.108.94.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:5a:31:b6:70:67:41:f3:de:82:4e:10:de:8d:49:47:f5:c2:
16:cd:27:09:5d:68:dc:a0:ff:c9:f5:3d:21:26:a7:92:46:76:
dc:6b:bf:39:4a:83:a9:c9:b2:2e:f5:bf:2a:79:5f:fb:f7:b5:
01:c3:59:ec:4e:10:6e:90:d3:a3:da:d1:37:a0:30:8f:c8:8e:
a4:e9:32:73:cd:76:69:1c:30:be:22:03:38:82:28:b4:64:06:
a2:de:38:68:47:11:f0:5c:b7:1c:3c:a4:1c:78:9d:16:ce:2b:
fb:86:0b:a5:fe:ae:b9:6d:65:93:c3:e4:eb:ff:9f:dc:a1:e3:
b4:ce:a1:d7:ce:71:43:f6:70:d0:e5:4e:53:12:2f:0b:71:f3:
3f:d7:e7:6c:ab:3b:bb:4a:3c:1d:72:20:06:bd:54:10:8c:46:
43:e9:72:f4:eb:c7:9e:56:18:93:b5:e8:f2:cd:9a:a0:21:e7:
0f:12:15:b6:9a:1c:f8:ae:81:15:56:8a:59:b4:57:a3:00:5b:
cb:bc:66:0e:7e:a3:c0:da:9f:65:b6:9b:9f:75:db:30:d7:7d:
87:77:d3:21:f9:ae:47:9e:eb:03:31:ce:25:94:f4:7a:66:61:
54:f1:56:d4:78:d0:ff:a4:cf:67:75:9c:28:7e:32:2c:03:f1:
6a:1b:3c:96
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkQzQ0IxMTAvBgNVBAUTKEVERDJBNjk2ODY4NjUyNTZDOUIwRkRERDZCNzE0OTY2
RDUzNzhGMzMwHhcNMjUwMjI4MjA1OTMzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MyMjNiNC1mMjZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyEkzaASW3gIXwfmtO7DjgIft4b99QGEoAKSse81SG55QWRUJv3YlFXnZVRoz
JBihZ0uP/WFyCoTknt2Ose0qepL5Fpm74/rxeu/BecbUqojeejniZDNMWLYgIPd7
tgIKva3297/UB5u6amKrNeeeDSW4pBFOMmF+PbnfEb3M6WkmFjScE3n/QZBP7Pn8
GKRJHq5B1nn7Au6gTTp8L33khdZy8Rk9ztX9vdKMEmTdpVSnOlE8HQ94765q3pt1
LSu95GXC6+J+Oo43cVSV58cpNgO64A1Np9nq33XAzQRYs8TJC+8DcoHJPZrgZsuI
3TgFyE+PoburQgNjISCS6ZtAwwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFH+uVWDV
nUSyb6DuJt/qcqX/VtwjMB8GA1UdIwQYMBaAFO3SppaGhlJWybD93WtxSWbVN48z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRDNDQi9BOUE0MzlGQzY5
QjIxMUVBOTc3OURENDhDNEY5QUUwMi83ZEttbG9hR1VsYkpzUDNkYTNGSlp0VTNq
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdkS21sb2FHVWxiSnNQM2RhM0ZKWnRVM2p6TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkQzQ0IvQTlBNDM5RkM2OUIyMTFFQTk3NzlERDQ4QzRGOUFFMDIvOTIzQjY0MDQ0
NjZCMTFFRThCMzdFMTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUxQDBAF7bF4wDQYJKoZIhvcNAQELBQADggEBAGpaMbZw
Z0Hz3oJOEN6NSUf1whbNJwldaNyg/8n1PSEmp5JGdtxrvzlKg6nJsi71vyp5X/v3
tQHDWexOEG6Q06Pa0TegMI/IjqTpMnPNdmkcML4iAziCKLRkBqLeOGhHEfBctxw8
pBx4nRbOK/uGC6X+rrltZZPD5Ov/n9yh47TOodfOcUP2cNDlTlMSLwtx8z/X52yr
O7tKPB1yIAa9VBCMRkPpcvTrx55WGJO16PLNmqAh5w8SFbaaHPiugRVWilm0V6MA
W8u8Zg5+o8Dan2W2m5912zDXfYd30yH5rkee6wMxziWU9HpmYVTxVtR40P+kz2d1
nCh+MiwD8WobPJY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:20:29 2025 by rpki-client