Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913DC07/4EB9EDD6336211ECA7AC5131C4F9AE02/18612BE6DB0711EF9B67D356C4F9AE02.roa
File: 18612BE6DB0711EF9B67D356C4F9AE02.roa (raw, json)
Hash identifier: K6xw9z5FHd3cBcaSkpj6+6W0ng+CbMowA+OXIfonnos=
Subject key identifier: A9:FA:AE:D2:F5:88:8B:DE:00:7B:FA:5C:D0:3A:F5:EF:66:36:36:66
Certificate issuer: /CN=A913DC07/serialNumber=ECAA3D15FA8B14DAAAFE2059A4019B20F527F83D
Certificate serial: 0473
Authority key identifier: EC:AA:3D:15:FA:8B:14:DA:AA:FE:20:59:A4:01:9B:20:F5:27:F8:3D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Ko9FfqLFNqq_iBZpAGbIPUn-D0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913DC07/4EB9EDD6336211ECA7AC5131C4F9AE02/18612BE6DB0711EF9B67D356C4F9AE02.roa
Signing time: Sat 25 Jan 2025 10:28:19 +0000
ROA not before: Sat 25 Jan 2025 10:28:19 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 134734
IP address blocks: 103.167.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1139 (0x473)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913DC07
Validity
Not Before: Jan 25 10:28:19 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6794bcc3-a949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b8:0d:ca:dd:dc:bd:ca:a7:37:47:0f:f6:0b:
56:5b:e0:ca:12:70:8d:b8:3f:33:c8:4f:ad:c1:8f:
a9:2f:4f:d6:60:1c:16:60:32:ee:05:05:89:38:f8:
51:5a:ac:f1:a8:33:ce:a3:de:40:5b:5c:f9:2d:19:
e5:02:fa:6f:cf:f8:43:7d:7f:4c:b8:08:54:bd:95:
cd:e5:77:db:0a:a2:60:1c:75:38:5e:62:81:e9:59:
82:51:91:76:84:40:6b:5c:20:9d:3d:b9:39:cb:c3:
dd:54:7b:ba:21:7b:3f:cf:f1:13:32:ad:dd:f8:50:
dd:57:fd:d4:c9:cf:8b:e6:70:da:70:c5:38:aa:ec:
d2:4e:40:ca:b5:e5:1f:3f:22:57:5d:30:67:b1:0f:
ba:ef:18:14:87:60:22:b1:e8:18:23:f6:e8:9b:ff:
c0:ca:11:00:37:80:c7:27:a9:23:e4:3c:ba:fe:8f:
2e:e5:1d:97:9e:95:9d:1b:6d:79:18:50:70:a4:3a:
54:e8:8b:7b:48:73:47:00:df:a6:8c:ca:b1:0e:06:
3f:ba:aa:4f:80:4f:c9:2e:84:93:29:ae:1e:da:3e:
01:18:98:87:60:61:ad:3d:e2:bd:7d:16:57:6c:fb:
58:e4:e5:54:58:c9:3b:ce:f2:d1:f6:ca:3e:1c:8b:
93:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:FA:AE:D2:F5:88:8B:DE:00:7B:FA:5C:D0:3A:F5:EF:66:36:36:66
X509v3 Authority Key Identifier:
keyid:EC:AA:3D:15:FA:8B:14:DA:AA:FE:20:59:A4:01:9B:20:F5:27:F8:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913DC07/4EB9EDD6336211ECA7AC5131C4F9AE02/7Ko9FfqLFNqq_iBZpAGbIPUn-D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Ko9FfqLFNqq_iBZpAGbIPUn-D0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913DC07/4EB9EDD6336211ECA7AC5131C4F9AE02/18612BE6DB0711EF9B67D356C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.17.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:e7:bd:30:78:24:25:1d:b4:e6:16:84:4a:db:bc:10:a5:4f:
11:ee:e6:3d:69:de:80:09:75:3c:f1:fe:e3:3d:08:01:99:b0:
e0:37:b6:04:38:95:c1:f2:41:20:47:b0:69:39:dc:85:94:19:
d4:68:a7:b4:0a:12:8f:d3:cf:7b:89:61:7b:13:b2:4b:9c:bc:
b6:c8:63:c1:05:e6:ae:2d:4e:78:fa:af:95:84:f5:e3:6f:6a:
69:0f:0e:b2:e7:f5:6a:3e:db:f7:f1:9e:1f:89:23:9f:1d:fd:
5c:cf:e5:9c:de:d3:87:98:36:78:0e:03:71:4b:b9:85:f0:47:
b5:ea:ed:4a:5c:93:e7:87:81:d4:e5:18:71:38:af:7a:48:a0:
21:03:b6:0f:de:c6:3c:f3:c5:6c:d0:98:82:fe:da:28:20:3e:
28:64:fd:cc:38:2e:da:f3:56:91:67:25:41:10:75:f0:11:42:
2d:81:b8:44:6f:30:6f:f2:f1:03:58:96:da:c2:39:f9:2b:42:
e1:c5:52:4a:e5:a9:dc:fd:c2:d4:16:0d:7f:31:ae:7a:4d:a1:
af:1d:ff:d6:fa:b0:be:90:ce:20:7e:db:57:3f:f5:cb:87:2c:
8c:d9:3f:46:16:4b:0b:56:5e:d2:ad:46:9b:25:29:75:ff:79:
c2:b3:3b:07
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBHMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0RDMDcxMTAvBgNVBAUTKEVDQUEzRDE1RkE4QjE0REFBQUZFMjA1OUE0MDE5QjIw
RjUyN0Y4M0QwHhcNMjUwMTI1MTAyODE5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk0YmNjMy1hOTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv7gNyt3cvcqnN0cP9gtWW+DKEnCNuD8zyE+twY+pL0/WYBwWYDLuBQWJOPhR
WqzxqDPOo95AW1z5LRnlAvpvz/hDfX9MuAhUvZXN5XfbCqJgHHU4XmKB6VmCUZF2
hEBrXCCdPbk5y8PdVHu6IXs/z/ETMq3d+FDdV/3Uyc+L5nDacMU4quzSTkDKteUf
PyJXXTBnsQ+67xgUh2AisegYI/bom//AyhEAN4DHJ6kj5Dy6/o8u5R2XnpWdG215
GFBwpDpU6It7SHNHAN+mjMqxDgY/uqpPgE/JLoSTKa4e2j4BGJiHYGGtPeK9fRZX
bPtY5OVUWMk7zvLR9so+HIuTFQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKn6rtL1
iIveAHv6XNA69e9mNjZmMB8GA1UdIwQYMBaAFOyqPRX6ixTaqv4gWaQBmyD1J/g9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzREMwNy80RUI5RURENjMz
NjIxMUVDQTdBQzUxMzFDNEY5QUUwMi83S285RmZxTEZOcXFfaUJacEFHYklQVW4t
RDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdLbzlGZnFMRk5xcV9pQlpwQUdiSVBVbi1EMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0RDMDcvNEVCOUVERDYzMzYyMTFFQ0E3QUM1MTMxQzRGOUFFMDIvMTg2MTJCRTZE
QjA3MTFFRjlCNjdEMzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnpxEwDQYJKoZIhvcNAQELBQADggEBAMrnvTB4JCUdtOYW
hErbvBClTxHu5j1p3oAJdTzx/uM9CAGZsOA3tgQ4lcHyQSBHsGk53IWUGdRop7QK
Eo/Tz3uJYXsTskucvLbIY8EF5q4tTnj6r5WE9eNvamkPDrLn9Wo+2/fxnh+JI58d
/VzP5Zze04eYNngOA3FLuYXwR7Xq7Upck+eHgdTlGHE4r3pIoCEDtg/exjzzxWzQ
mIL+2iggPihk/cw4LtrzVpFnJUEQdfARQi2BuERvMG/y8QNYltrCOfkrQuHFUkrl
qdz9wtQWDX8xrnpNoa8d/9b6sL6QziB+21c/9cuHLIzZP0YWSwtWXtKtRpslKXX/
ecKzOwc=
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:32:34 2025 by rpki-client