Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913E4AA/674CA29E11DB11EABF45DA55C4F9AE02/9D9E8D0C11DC11EABC4FB55AC4F9AE02.roa
File: 9D9E8D0C11DC11EABC4FB55AC4F9AE02.roa (raw, json)
Hash identifier: E2q/ZEHSPXl1Ew87PC9tVYqM/dotHBquWrnE6mAYEbI=
Subject key identifier: D3:02:18:8E:46:DB:B3:91:3E:E8:5B:08:72:F7:B5:AD:9C:66:C6:1F
Certificate issuer: /CN=A913E4AA/serialNumber=63883E4CA2C8E7DDDAC3987E484FD1D672D93949
Certificate serial: 0B93
Authority key identifier: 63:88:3E:4C:A2:C8:E7:DD:DA:C3:98:7E:48:4F:D1:D6:72:D9:39:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y4g-TKLI593aw5h-SE_R1nLZOUk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913E4AA/674CA29E11DB11EABF45DA55C4F9AE02/9D9E8D0C11DC11EABC4FB55AC4F9AE02.roa
Signing time: Sat 12 Oct 2024 18:57:29 +0000
ROA not before: Sat 12 Oct 2024 18:57:29 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 138192
IP address blocks: 103.129.212.0/22 maxlen: 24
2403:88c0::/32 maxlen: 36
2403:88c0::/48 maxlen: 48
2403:88c0:1::/48 maxlen: 48
2403:88c0:a::/48 maxlen: 48
2403:88c0:ffff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2963 (0xb93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913E4AA
Validity
Not Before: Oct 12 18:57:29 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=670ac699-b3dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7c:09:7d:66:fc:61:1c:3f:a4:1d:a6:1f:4c:
64:9e:3b:1f:29:53:4a:09:f5:5d:02:20:24:fa:76:
58:3c:76:ff:cf:42:50:e4:85:c4:c9:05:c7:36:cc:
09:1b:6c:78:78:8c:ce:b4:20:84:57:4c:00:55:61:
50:43:67:c9:76:ba:9e:7e:92:5a:0e:84:19:ee:53:
00:bd:1c:c6:05:0e:83:71:b6:5a:d1:1e:ec:6d:1f:
a2:e7:3e:ac:42:2f:77:d5:6d:47:19:48:b8:f8:4b:
be:d7:2e:67:25:71:90:c9:b6:d2:72:2e:f5:7e:28:
e5:60:90:07:f8:3f:ac:32:33:cd:62:9c:a2:c9:b3:
0a:19:f1:97:10:a3:8a:8c:15:c9:45:3b:a5:f1:8b:
72:8b:6f:d6:83:80:d4:de:58:b8:06:53:58:b2:e0:
01:9d:75:96:36:93:da:47:92:b6:53:ac:69:6c:1c:
dc:3d:99:b4:2c:f2:df:8f:57:a5:e8:86:ff:74:cf:
3a:75:73:a4:f6:b2:09:e2:45:ed:8b:da:66:31:4a:
99:ee:f0:26:02:66:5e:5c:54:44:c9:e9:42:1a:e6:
2c:50:1f:aa:81:65:29:02:44:3d:cd:90:84:14:64:
ab:73:2e:14:e0:7e:40:c1:08:38:5d:6e:9e:b8:90:
ce:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:02:18:8E:46:DB:B3:91:3E:E8:5B:08:72:F7:B5:AD:9C:66:C6:1F
X509v3 Authority Key Identifier:
keyid:63:88:3E:4C:A2:C8:E7:DD:DA:C3:98:7E:48:4F:D1:D6:72:D9:39:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913E4AA/674CA29E11DB11EABF45DA55C4F9AE02/Y4g-TKLI593aw5h-SE_R1nLZOUk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y4g-TKLI593aw5h-SE_R1nLZOUk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E4AA/674CA29E11DB11EABF45DA55C4F9AE02/9D9E8D0C11DC11EABC4FB55AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.212.0/22
IPv6:
2403:88c0::/32
Signature Algorithm: sha256WithRSAEncryption
64:5a:70:4e:73:b5:f4:57:24:e9:ae:d0:0c:9e:d7:87:42:4b:
7f:3a:4b:9a:7e:6b:3d:0e:3f:0d:a0:91:42:0b:df:df:d7:13:
c9:98:5c:af:ee:8d:ea:5c:ab:eb:5f:f9:6d:19:3c:a3:8e:db:
6b:12:aa:bd:ef:29:84:58:8a:16:d7:80:bb:10:27:58:13:5f:
55:13:e7:2f:6b:4d:76:1e:d5:2d:0c:bd:bf:fe:b9:92:ac:66:
ed:c1:72:dc:d0:f7:f2:46:ae:3e:b6:56:20:e7:d1:ec:8b:d5:
5d:ed:5c:99:d9:ec:3d:4d:1d:bf:22:2e:90:6e:6c:b1:7a:e4:
02:dd:1b:28:08:ec:ef:b2:8d:48:5b:7b:f4:17:1e:03:59:c6:
47:3a:e8:d4:3d:b8:29:7c:96:2a:d7:c5:f1:a6:71:ae:e0:4f:
ac:f6:52:7e:97:ac:36:ec:da:4f:ec:52:cc:b1:8e:40:a5:b7:
cc:07:fa:a7:08:fc:65:7c:e3:28:30:41:ec:74:1d:8c:e0:77:
0a:79:78:5b:44:8d:d7:ce:35:aa:30:8d:b8:6e:c2:6f:eb:2e:
69:d7:54:16:5d:43:80:68:0a:50:0c:a3:85:1a:53:97:f7:3c:
e4:f9:df:6e:bd:06:a2:5c:5f:a4:cc:6b:be:dc:ab:82:5b:bc:
4e:68:aa:2d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC5MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0U0QUExMTAvBgNVBAUTKDYzODgzRTRDQTJDOEU3REREQUMzOTg3RTQ4NEZEMUQ2
NzJEOTM5NDkwHhcNMjQxMDEyMTg1NzI5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzBhYzY5OS1iM2RkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtnwJfWb8YRw/pB2mH0xknjsfKVNKCfVdAiAk+nZYPHb/z0JQ5IXEyQXHNswJ
G2x4eIzOtCCEV0wAVWFQQ2fJdrqefpJaDoQZ7lMAvRzGBQ6DcbZa0R7sbR+i5z6s
Qi931W1HGUi4+Eu+1y5nJXGQybbSci71fijlYJAH+D+sMjPNYpyiybMKGfGXEKOK
jBXJRTul8Ytyi2/Wg4DU3li4BlNYsuABnXWWNpPaR5K2U6xpbBzcPZm0LPLfj1el
6Ib/dM86dXOk9rIJ4kXti9pmMUqZ7vAmAmZeXFREyelCGuYsUB+qgWUpAkQ9zZCE
FGSrcy4U4H5AwQg4XW6euJDOXQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFNMCGI5G
27ORPuhbCHL3ta2cZsYfMB8GA1UdIwQYMBaAFGOIPkyiyOfd2sOYfkhP0dZy2TlJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRTRBQS82NzRDQTI5RTEx
REIxMUVBQkY0NURBNTVDNEY5QUUwMi9ZNGctVEtMSTU5M2F3NWgtU0VfUjFuTFpP
VWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1k0Zy1US0xJNTkzYXc1aC1TRV9SMW5MWk9Vay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0U0QUEvNjc0Q0EyOUUxMURCMTFFQUJGNDVEQTU1QzRGOUFFMDIvOUQ5RThEMEMx
MURDMTFFQUJDNEZCNTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJngdQwDQQCAAIwBwMFACQDiMAwDQYJKoZIhvcNAQELBQAD
ggEBAGRacE5ztfRXJOmu0Aye14dCS386S5p+az0OPw2gkUIL39/XE8mYXK/ujepc
q+tf+W0ZPKOO22sSqr3vKYRYihbXgLsQJ1gTX1UT5y9rTXYe1S0Mvb/+uZKsZu3B
ctzQ9/JGrj62ViDn0eyL1V3tXJnZ7D1NHb8iLpBubLF65ALdGygI7O+yjUhbe/QX
HgNZxkc66NQ9uCl8lirXxfGmca7gT6z2Un6XrDbs2k/sUsyxjkClt8wH+qcI/GV8
4ygwQex0HYzgdwp5eFtEjdfONaowjbhuwm/rLmnXVBZdQ4BoClAMo4UaU5f3POT5
3269BqJcX6TMa77cq4JbvE5oqi0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:12:30 2025 by rpki-client