Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914E1F1/4FEBF24A09DA11EDA03C9817C4F9AE02/D05E16F209DE11ED92DD5D37C4F9AE02.roa
File: D05E16F209DE11ED92DD5D37C4F9AE02.roa (raw, json)
Hash identifier: Kw+thbdEELkulJ/rPW/PDwh6y1lmFkdgEl62C31osGU=
Subject key identifier: A7:73:EB:36:A4:06:37:9E:34:16:3D:3F:23:52:70:72:53:DF:BC:D1
Certificate issuer: /CN=A914E1F1/serialNumber=F3F273F3EFCE551EE33C844D440AA30EDA087E2C
Certificate serial: 0234
Authority key identifier: F3:F2:73:F3:EF:CE:55:1E:E3:3C:84:4D:44:0A:A3:0E:DA:08:7E:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8_Jz8-_OVR7jPIRNRAqjDtoIfiw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914E1F1/4FEBF24A09DA11EDA03C9817C4F9AE02/D05E16F209DE11ED92DD5D37C4F9AE02.roa
Signing time: Wed 11 Dec 2024 01:45:21 +0000
ROA not before: Wed 11 Dec 2024 01:45:21 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 149006
IP address blocks: 103.176.18.0/23 maxlen: 23
103.176.18.0/24 maxlen: 24
103.176.19.0/24 maxlen: 24
2400:1fe0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 564 (0x234)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914E1F1
Validity
Not Before: Dec 11 01:45:21 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6758eeb1-e6b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:33:68:28:83:67:d5:74:20:56:35:65:a8:12:
31:0a:79:ed:bc:ed:2a:46:f2:a5:cd:e1:46:c2:a2:
b3:f1:2b:bb:5c:61:e9:d4:d0:b0:06:a1:aa:1e:d7:
9c:dc:7b:71:a2:f9:f4:fa:b3:7f:77:73:23:01:b1:
7e:62:2a:6b:a4:b5:02:d6:21:44:1a:62:99:a8:d2:
a3:b1:1e:83:57:79:99:36:1b:5a:2f:a7:3e:1b:9d:
5f:87:17:99:3c:fd:22:b5:3a:f3:1a:0a:e2:d7:0f:
22:95:0d:11:93:f7:4a:86:ce:14:53:8d:d3:5c:9b:
dc:65:aa:af:f3:9d:d9:95:9f:f6:12:ab:44:44:44:
00:2a:f4:24:0d:c3:f7:68:dc:5f:1d:0c:ea:22:c4:
11:5d:1b:c3:f8:7d:f1:18:34:d6:6b:a7:d9:2d:67:
b2:85:45:90:8a:28:f0:d6:7b:0b:3b:a3:85:04:84:
b4:c1:6f:71:6b:00:35:7a:fc:6c:fb:34:d8:49:5c:
b3:96:cb:32:a0:d9:9c:aa:52:51:a7:0e:f9:cb:3a:
52:ea:ee:a0:cd:7e:d6:ad:ce:b0:99:6e:8d:c7:97:
e2:8e:88:e4:9f:99:40:49:a7:8a:c8:9e:dc:d0:63:
53:52:f4:b7:11:88:0a:fa:b4:42:42:35:60:ec:ff:
16:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:73:EB:36:A4:06:37:9E:34:16:3D:3F:23:52:70:72:53:DF:BC:D1
X509v3 Authority Key Identifier:
keyid:F3:F2:73:F3:EF:CE:55:1E:E3:3C:84:4D:44:0A:A3:0E:DA:08:7E:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914E1F1/4FEBF24A09DA11EDA03C9817C4F9AE02/8_Jz8-_OVR7jPIRNRAqjDtoIfiw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8_Jz8-_OVR7jPIRNRAqjDtoIfiw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E1F1/4FEBF24A09DA11EDA03C9817C4F9AE02/D05E16F209DE11ED92DD5D37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.18.0/23
IPv6:
2400:1fe0::/32
Signature Algorithm: sha256WithRSAEncryption
62:f5:c3:99:88:f4:7d:2a:e8:5d:04:24:88:1b:5f:8d:29:f1:
26:72:7d:0a:6f:8e:66:50:06:38:9b:46:57:52:91:e9:3b:39:
8e:08:23:ae:65:58:5c:e8:7f:82:0e:98:7e:00:bd:ed:98:d3:
fa:c3:3b:a6:72:97:12:fb:a8:f7:8f:80:77:e1:b0:a4:b0:90:
25:5f:43:4d:1e:cc:28:6d:51:be:80:96:4c:7e:58:18:22:1c:
88:0f:d6:d7:7a:8e:b9:f5:87:83:71:24:1a:81:ee:fa:ae:0b:
f7:37:69:20:e2:bb:35:24:8d:0e:52:3b:1f:8c:e0:5d:ab:b7:
43:58:4e:01:4d:45:48:f5:35:8b:07:ec:70:30:86:4b:4a:30:
ff:fa:ea:63:ca:eb:f6:ff:a3:e7:23:5c:78:b7:ea:58:c2:d4:
21:85:92:a7:76:16:3c:19:8f:48:f0:c9:40:74:31:a4:15:8f:
a1:d0:f1:5d:a8:c2:7a:7b:2c:2c:a7:29:4d:18:dc:cd:8d:59:
68:c7:b1:69:94:73:98:92:2b:ca:df:be:14:eb:66:04:f3:55:
c4:e4:bd:04:e8:5a:59:07:aa:25:04:66:6c:e8:64:2d:7e:1b:
d3:9f:00:b2:75:c0:c1:62:93:56:fd:98:ca:ee:77:57:bf:e1:
11:01:48:98
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAjQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEUxRjExMTAvBgNVBAUTKEYzRjI3M0YzRUZDRTU1MUVFMzNDODQ0RDQ0MEFBMzBF
REEwODdFMkMwHhcNMjQxMjExMDE0NTIxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4ZWViMS1lNmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApjNoKINn1XQgVjVlqBIxCnntvO0qRvKlzeFGwqKz8Su7XGHp1NCwBqGqHtec
3Htxovn0+rN/d3MjAbF+YiprpLUC1iFEGmKZqNKjsR6DV3mZNhtaL6c+G51fhxeZ
PP0itTrzGgri1w8ilQ0Rk/dKhs4UU43TXJvcZaqv853ZlZ/2EqtEREQAKvQkDcP3
aNxfHQzqIsQRXRvD+H3xGDTWa6fZLWeyhUWQiijw1nsLO6OFBIS0wW9xawA1evxs
+zTYSVyzlssyoNmcqlJRpw75yzpS6u6gzX7Wrc6wmW6Nx5fijojkn5lASaeKyJ7c
0GNTUvS3EYgK+rRCQjVg7P8WvQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFKdz6zak
BjeeNBY9PyNScHJT37zRMB8GA1UdIwQYMBaAFPPyc/PvzlUe4zyETUQKow7aCH4s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTFGMS80RkVCRjI0QTA5
REExMUVEQTAzQzk4MTdDNEY5QUUwMi84X0p6OC1fT1ZSN2pQSVJOUkFxakR0b0lm
aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhfSno4LV9PVlI3alBJUk5SQXFqRHRvSWZpdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEUxRjEvNEZFQkYyNEEwOURBMTFFREEwM0M5ODE3QzRGOUFFMDIvRDA1RTE2RjIw
OURFMTFFRDkyREQ1RDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnsBIwDQQCAAIwBwMFACQAH+AwDQYJKoZIhvcNAQELBQAD
ggEBAGL1w5mI9H0q6F0EJIgbX40p8SZyfQpvjmZQBjibRldSkek7OY4II65lWFzo
f4IOmH4Ave2Y0/rDO6ZylxL7qPePgHfhsKSwkCVfQ00ezChtUb6Alkx+WBgiHIgP
1td6jrn1h4NxJBqB7vquC/c3aSDiuzUkjQ5SOx+M4F2rt0NYTgFNRUj1NYsH7HAw
hktKMP/66mPK6/b/o+cjXHi36ljC1CGFkqd2FjwZj0jwyUB0MaQVj6HQ8V2ownp7
LCynKU0Y3M2NWWjHsWmUc5iSK8rfvhTrZgTzVcTkvQToWlkHqiUEZmzoZC1+G9Of
ALJ1wMFik1b9mMrud1e/4REBSJg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:57:30 2025 by rpki-client