Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/D635A2BEAA6111EE851A6861C4F9AE02.roa
File: D635A2BEAA6111EE851A6861C4F9AE02.roa (raw, json)
Hash identifier: X7/wtt04QWk9x+2X3bhJ9nLStWcZ9LhUojCxV8pCE88=
Subject key identifier: 0F:55:BC:5D:C9:81:0C:F3:31:E3:9F:31:11:80:EA:B6:5F:B0:C3:01
Certificate issuer: /CN=A912E99B/serialNumber=246F6A4BE15B00CFEC0DC399A5E8439F939C9174
Certificate serial: 0670
Authority key identifier: 24:6F:6A:4B:E1:5B:00:CF:EC:0D:C3:99:A5:E8:43:9F:93:9C:91:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JG9qS-FbAM_sDcOZpehDn5OckXQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/D635A2BEAA6111EE851A6861C4F9AE02.roa
Signing time: Wed 28 Aug 2024 23:02:16 +0000
ROA not before: Wed 28 Aug 2024 23:02:16 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 142150
IP address blocks: 103.152.100.0/24 maxlen: 24
103.152.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1648 (0x670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912E99B
Validity
Not Before: Aug 28 23:02:16 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66cfac78-f170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:52:a9:95:de:91:96:84:1e:92:87:7f:94:d9:
ac:5f:75:52:90:f6:4f:35:7e:e5:df:6a:51:f7:9b:
a5:26:fd:bd:3a:87:3c:41:5b:c3:0d:ea:f7:b9:04:
ff:17:5b:bb:5c:00:88:7f:e2:c8:75:22:db:73:3f:
e5:22:6d:1d:ce:e1:29:6a:00:25:76:e2:3f:64:ff:
dd:18:95:5c:1d:83:b3:53:fc:6d:97:db:b7:da:92:
69:4b:33:24:9b:0a:76:c3:22:38:d7:ed:bb:d1:41:
fa:20:e1:a1:7b:5e:11:b9:b3:a5:d4:ca:99:14:fc:
32:a7:cf:66:fa:77:58:a0:48:38:ee:f6:d7:fe:f0:
ff:d7:31:6b:52:ce:fd:0d:43:3b:32:d7:70:47:ba:
ed:3b:da:58:47:91:ab:33:5f:92:09:4c:68:7a:62:
57:c4:6b:1b:2e:a7:99:3d:20:af:15:72:3c:2d:e7:
89:51:88:72:57:2a:39:61:1a:dc:76:53:7c:70:93:
9d:5f:a3:d8:30:8e:84:4d:cb:20:7b:96:4f:46:c9:
16:3e:24:76:2c:0b:08:76:0b:e9:11:5f:74:ba:e2:
6f:4e:45:84:00:e7:f7:9c:56:33:5b:5e:37:26:30:
da:48:54:b3:eb:6f:14:30:92:c1:83:59:5d:7d:50:
a1:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:55:BC:5D:C9:81:0C:F3:31:E3:9F:31:11:80:EA:B6:5F:B0:C3:01
X509v3 Authority Key Identifier:
keyid:24:6F:6A:4B:E1:5B:00:CF:EC:0D:C3:99:A5:E8:43:9F:93:9C:91:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/JG9qS-FbAM_sDcOZpehDn5OckXQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JG9qS-FbAM_sDcOZpehDn5OckXQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/D635A2BEAA6111EE851A6861C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.100.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:dc:48:b3:1e:85:2b:7d:49:fd:c4:a6:ba:cf:93:27:6f:25:
ed:76:45:54:4d:a7:a6:2e:ee:d4:fc:11:90:49:5a:40:4c:3b:
f8:8f:53:62:d7:b3:53:9b:a9:60:b0:19:8f:e3:1e:ec:99:84:
90:ba:0e:3b:56:63:7c:98:41:cc:35:1b:09:84:c7:f7:46:b2:
cd:34:40:98:c7:a2:61:b1:86:4c:1c:73:d8:15:ee:96:03:29:
ee:a3:e9:72:fb:03:1a:0f:aa:05:a0:50:65:72:9d:cd:e6:ba:
3a:d2:4d:00:ab:f4:59:6a:ab:da:84:f1:54:72:4a:8c:9a:4d:
8d:80:bc:79:52:01:65:0f:23:76:ac:0c:ad:55:ea:fa:6b:68:
8c:98:fb:a3:3c:9b:24:cd:06:41:f8:9c:0c:c1:5b:58:57:d3:
3a:07:67:9b:fc:c5:4d:66:40:2c:4e:97:9f:ba:cf:ef:34:4e:
50:fa:00:bf:8c:be:17:39:ad:44:26:3f:dc:01:9b:de:e7:bb:
ce:03:48:80:b7:59:5f:6b:71:17:06:04:5f:94:f6:05:87:d1:
03:0e:60:33:c6:7c:0c:e9:88:fe:46:a7:a5:38:ee:07:01:a8:
23:be:c0:14:e9:69:31:41:c5:99:57:e0:d2:0a:6c:b8:ad:6a:
7d:35:7a:db
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBnAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkU5OUIxMTAvBgNVBAUTKDI0NkY2QTRCRTE1QjAwQ0ZFQzBEQzM5OUE1RTg0MzlG
OTM5QzkxNzQwHhcNMjQwODI4MjMwMjE2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmNmYWM3OC1mMTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy1Kpld6RloQekod/lNmsX3VSkPZPNX7l32pR95ulJv29Ooc8QVvDDer3uQT/
F1u7XACIf+LIdSLbcz/lIm0dzuEpagAlduI/ZP/dGJVcHYOzU/xtl9u32pJpSzMk
mwp2wyI41+270UH6IOGhe14RubOl1MqZFPwyp89m+ndYoEg47vbX/vD/1zFrUs79
DUM7MtdwR7rtO9pYR5GrM1+SCUxoemJXxGsbLqeZPSCvFXI8LeeJUYhyVyo5YRrc
dlN8cJOdX6PYMI6ETcsge5ZPRskWPiR2LAsIdgvpEV90uuJvTkWEAOf3nFYzW143
JjDaSFSz628UMJLBg1ldfVChBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFA9VvF3J
gQzzMeOfMRGA6rZfsMMBMB8GA1UdIwQYMBaAFCRvakvhWwDP7A3DmaXoQ5+TnJF0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTk5Qi83MzNEQTRFODVC
MzMxMUVCODAwQ0I4MENDNEY5QUUwMi9KRzlxUy1GYkFNX3NEY09acGVoRG41T2Nr
WFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pHOXFTLUZiQU1fc0RjT1pwZWhEbjVPY2tYUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkU5OUIvNzMzREE0RTg1QjMzMTFFQjgwMENCODBDQzRGOUFFMDIvRDYzNUEyQkVB
QTYxMTFFRTg1MUE2ODYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmGQwDQYJKoZIhvcNAQELBQADggEBAB7cSLMehSt9Sf3E
prrPkydvJe12RVRNp6Yu7tT8EZBJWkBMO/iPU2LXs1ObqWCwGY/jHuyZhJC6DjtW
Y3yYQcw1GwmEx/dGss00QJjHomGxhkwcc9gV7pYDKe6j6XL7AxoPqgWgUGVync3m
ujrSTQCr9Flqq9qE8VRySoyaTY2AvHlSAWUPI3asDK1V6vpraIyY+6M8myTNBkH4
nAzBW1hX0zoHZ5v8xU1mQCxOl5+6z+80TlD6AL+Mvhc5rUQmP9wBm97nu84DSIC3
WV9rcRcGBF+U9gWH0QMOYDPGfAzpiP5Gp6U47gcBqCO+wBTpaTFBxZlX4NIKbLit
an01ets=
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:21:52 2025 by rpki-client