Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9141274/D99F3AFAFB2311EF9F15C74AC4F9AE02/1C8955ACFB3911EFA7A85D5EC4F9AE02.roa
File: 1C8955ACFB3911EFA7A85D5EC4F9AE02.roa (raw, json)
Hash identifier: M3snfK7ggVA+iQyGKxoZGKOn/y2wDmLDbPmf0CbxKc8=
Subject key identifier: E5:C9:5F:8C:2A:F5:2F:89:D6:CE:73:EC:2A:14:D7:CD:91:0F:8B:58
Certificate issuer: /CN=A9141274/serialNumber=6958A1AB3ACF7F95EDA5AD9C9E41E449B6D117F2
Certificate serial: 05
Authority key identifier: 69:58:A1:AB:3A:CF:7F:95:ED:A5:AD:9C:9E:41:E4:49:B6:D1:17:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aVihqzrPf5Xtpa2cnkHkSbbRF_I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9141274/D99F3AFAFB2311EF9F15C74AC4F9AE02/1C8955ACFB3911EFA7A85D5EC4F9AE02.roa
Signing time: Fri 07 Mar 2025 15:18:25 +0000
ROA not before: Fri 07 Mar 2025 15:18:25 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 135357
IP address blocks: 103.20.192.0/22 maxlen: 22
103.20.192.0/24 maxlen: 24
103.20.193.0/24 maxlen: 24
103.20.194.0/24 maxlen: 24
103.20.195.0/24 maxlen: 24
103.30.4.0/22 maxlen: 22
103.30.4.0/24 maxlen: 24
103.30.5.0/24 maxlen: 24
103.30.6.0/24 maxlen: 24
103.30.7.0/24 maxlen: 24
103.226.152.0/22 maxlen: 22
103.226.152.0/24 maxlen: 24
103.226.153.0/24 maxlen: 24
103.226.154.0/24 maxlen: 24
103.226.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9141274
Validity
Not Before: Mar 7 15:18:25 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67cb0e41-c49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:74:e3:3e:6c:55:a7:fa:9d:3b:b4:bc:c2:58:
73:f0:38:aa:d9:82:59:14:65:90:9e:20:9c:f0:2a:
b9:8c:f8:af:63:5f:ba:5f:6e:7e:d6:6a:cd:17:ca:
60:25:fc:16:d4:6a:6f:87:d4:2e:83:58:58:51:6b:
43:4a:be:8b:9e:9e:58:82:99:ba:4b:b8:3d:98:cd:
8f:71:42:65:e3:c3:97:78:ba:fb:75:c1:09:88:24:
e6:69:ad:dc:1f:ff:5e:20:e4:3c:3a:c9:45:0e:a7:
b9:d9:34:0d:e7:e4:46:be:ea:6a:e8:58:b8:b9:21:
66:96:df:a1:b4:36:7e:09:69:cd:46:db:dc:80:92:
a4:a4:6b:eb:23:20:fe:9a:be:55:e6:1b:79:a0:c2:
06:4b:26:6a:ae:35:e2:2c:fb:0f:16:89:51:db:d7:
a3:09:05:46:dc:ed:97:61:43:8f:7e:c0:a6:5b:51:
e2:69:48:99:92:bb:9f:45:8e:9c:8b:ed:27:c7:60:
66:0a:81:d4:61:21:fc:9d:c7:75:8f:2c:09:12:76:
96:a1:50:9d:34:71:eb:02:42:cd:13:08:5c:b8:01:
b2:b1:04:8e:39:1b:ec:08:3e:7b:8f:82:58:76:fe:
bc:b7:68:a9:a3:1d:11:8f:98:56:63:15:6f:01:59:
6b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C9:5F:8C:2A:F5:2F:89:D6:CE:73:EC:2A:14:D7:CD:91:0F:8B:58
X509v3 Authority Key Identifier:
keyid:69:58:A1:AB:3A:CF:7F:95:ED:A5:AD:9C:9E:41:E4:49:B6:D1:17:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9141274/D99F3AFAFB2311EF9F15C74AC4F9AE02/aVihqzrPf5Xtpa2cnkHkSbbRF_I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aVihqzrPf5Xtpa2cnkHkSbbRF_I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9141274/D99F3AFAFB2311EF9F15C74AC4F9AE02/1C8955ACFB3911EFA7A85D5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.192.0/22
103.30.4.0/22
103.226.152.0/22
Signature Algorithm: sha256WithRSAEncryption
98:4a:72:47:af:dd:89:ed:ca:49:b8:19:1a:aa:f9:ee:d0:78:
14:40:5a:b2:00:bf:94:1c:41:d2:bc:7a:b2:6a:9c:2e:aa:54:
b2:93:2f:80:66:7b:2d:85:53:07:cc:6f:2c:85:56:97:4c:04:
32:e4:85:26:93:cc:d3:77:df:ac:cf:b2:a9:ab:14:81:03:0e:
e7:d9:8c:57:0c:7f:ce:29:4c:e1:4b:b2:1a:ed:38:02:f0:6c:
65:45:a0:6d:d6:93:cd:d3:e6:45:8c:4d:38:7c:67:e1:99:bb:
b4:69:92:bd:93:65:87:c0:66:9f:e6:7f:c7:e5:a6:90:37:63:
18:fa:5e:10:76:50:32:60:4f:3e:85:b2:83:f0:21:42:3d:ea:
c8:30:85:9c:f0:9b:50:c1:48:4e:66:e7:a8:34:a4:9e:99:b5:
d8:b1:d9:4e:ba:24:1e:94:f1:c4:0c:de:6c:9d:e7:8d:ba:47:
a7:04:29:28:d0:e9:20:5b:41:cb:48:4b:42:6b:78:35:aa:fc:
f4:46:65:fe:32:5e:e5:bb:cd:6f:79:a7:82:2f:6a:eb:28:fb:
25:83:c8:af:5b:27:c8:fa:33:e6:95:15:e3:eb:63:46:6d:6d:
55:7c:f5:bb:a4:dd:93:59:6b:93:46:83:e7:20:91:af:f1:c2:
9c:4b:bd:82
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
MTI3NDExMC8GA1UEBRMoNjk1OEExQUIzQUNGN0Y5NUVEQTVBRDlDOUU0MUU0NDlC
NkQxMTdGMjAeFw0yNTAzMDcxNTE4MjVaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3Y2IwZTQxLWM0OWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIdOM+bFWn+p07tLzCWHPwOKrZglkUZZCeIJzwKrmM+K9jX7pfbn7Was0XymAl
/BbUam+H1C6DWFhRa0NKvouenliCmbpLuD2YzY9xQmXjw5d4uvt1wQmIJOZprdwf
/14g5Dw6yUUOp7nZNA3n5Ea+6mroWLi5IWaW36G0Nn4Jac1G29yAkqSka+sjIP6a
vlXmG3mgwgZLJmquNeIs+w8WiVHb16MJBUbc7ZdhQ49+wKZbUeJpSJmSu59FjpyL
7SfHYGYKgdRhIfydx3WPLAkSdpahUJ00cesCQs0TCFy4AbKxBI45G+wIPnuPglh2
/ry3aKmjHRGPmFZjFW8BWWsPAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQU5clfjCr1
L4nWznPsKhTXzZEPi1gwHwYDVR0jBBgwFoAUaVihqzrPf5Xtpa2cnkHkSbbRF/Iw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQxMjc0L0Q5OUYzQUZBRkIy
MzExRUY5RjE1Qzc0QUM0RjlBRTAyL2FWaWhxenJQZjVYdHBhMmNua0hrU2JiUkZf
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYVZpaHF6clBmNVh0cGEyY25rSGtTYmJSRl9JLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MTI3NC9EOTlGM0FGQUZCMjMxMUVGOUYxNUM3NEFDNEY5QUUwMi8xQzg5NTVBQ0ZC
MzkxMUVGQTdBODVENUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEAmcUwAMEAmceBAMEAmfimDANBgkqhkiG9w0BAQsFAAOCAQEA
mEpyR6/die3KSbgZGqr57tB4FEBasgC/lBxB0rx6smqcLqpUspMvgGZ7LYVTB8xv
LIVWl0wEMuSFJpPM03ffrM+yqasUgQMO59mMVwx/zilM4UuyGu04AvBsZUWgbdaT
zdPmRYxNOHxn4Zm7tGmSvZNlh8Bmn+Z/x+WmkDdjGPpeEHZQMmBPPoWyg/AhQj3q
yDCFnPCbUMFITmbnqDSknpm12LHZTrokHpTxxAzebJ3njbpHpwQpKNDpIFtBy0hL
Qmt4Nar89EZl/jJe5bvNb3mngi9q6yj7JYPIr1snyPoz5pUV4+tjRm1tVXz1u6Td
k1lrk0aD5yCRr/HCnEu9gg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:23:07 2025 by rpki-client