Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/D6AEA2D20DE311EFA1E24F25C4F9AE02.roa
File: D6AEA2D20DE311EFA1E24F25C4F9AE02.roa (raw, json)
Hash identifier: 60v1AWfkB6F13z3L2Xfn7BvrHJoskGA1iG8Ca5+EvSE=
Subject key identifier: 5D:46:3A:AF:AB:96:51:A4:95:24:FC:C6:BF:81:E8:5F:BF:C6:5D:B6
Certificate issuer: /CN=A914E2B2/serialNumber=B70DEA6C77B9E8ECCE5839132819EF91373FC527
Certificate serial: 77
Authority key identifier: B7:0D:EA:6C:77:B9:E8:EC:CE:58:39:13:28:19:EF:91:37:3F:C5:27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tw3qbHe56OzOWDkTKBnvkTc_xSc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/D6AEA2D20DE311EFA1E24F25C4F9AE02.roa
Signing time: Sat 21 Dec 2024 05:18:54 +0000
ROA not before: Sat 21 Dec 2024 05:18:54 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 131268
IP address blocks: 103.35.92.0/24 maxlen: 24
103.35.93.0/24 maxlen: 24
103.35.94.0/24 maxlen: 24
103.35.95.0/24 maxlen: 24
202.4.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119 (0x77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914E2B2
Validity
Not Before: Dec 21 05:18:54 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67664fbe-17f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c1:6a:86:74:c8:6a:f5:14:87:2e:63:3d:75:
f1:c6:d5:a9:87:c5:eb:df:4b:53:16:1e:70:7c:38:
f8:b2:6f:cf:91:49:6b:9a:97:24:19:b0:80:5c:ac:
95:73:0d:00:49:fc:ab:d8:57:64:e7:b4:5d:5b:9d:
32:6f:ba:d1:ed:e9:1c:88:6e:f2:65:f5:26:d3:a1:
32:2b:30:ad:a9:f9:5c:bb:b0:e1:a4:ee:dc:d7:70:
c1:7a:12:34:4e:9f:f9:e4:30:23:bd:62:13:04:82:
2c:e8:24:51:0b:9d:a8:38:cb:b2:df:06:18:c6:6a:
7f:4d:84:3d:c3:20:e7:22:20:5c:4b:e8:77:3d:bd:
4c:f8:39:8d:71:02:1f:82:40:a0:c7:ea:fe:d5:58:
2c:48:39:e0:30:03:d8:e0:f7:b7:75:f7:41:6d:6e:
07:35:31:6d:08:81:7a:35:d8:5e:03:12:69:7e:fa:
94:02:dc:6d:3d:bf:1b:1a:e5:19:2d:59:36:13:3f:
a2:6c:df:61:bc:a8:97:f4:74:17:a4:a0:8a:36:ff:
2f:7d:82:33:87:7e:f7:81:ab:8a:4e:70:fc:7f:79:
2d:d9:cf:24:9e:d4:62:05:b4:ef:51:fa:65:50:05:
18:b6:0f:07:ac:7d:03:82:ca:49:dc:f5:25:78:90:
4e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:46:3A:AF:AB:96:51:A4:95:24:FC:C6:BF:81:E8:5F:BF:C6:5D:B6
X509v3 Authority Key Identifier:
keyid:B7:0D:EA:6C:77:B9:E8:EC:CE:58:39:13:28:19:EF:91:37:3F:C5:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/tw3qbHe56OzOWDkTKBnvkTc_xSc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tw3qbHe56OzOWDkTKBnvkTc_xSc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/D6AEA2D20DE311EFA1E24F25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.35.92.0/22
202.4.188.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:63:e6:cf:49:cd:6e:31:57:63:14:ae:fb:56:5e:9a:4d:75:
5f:64:50:6e:58:4e:ca:01:20:f5:e6:9b:7c:ad:75:f0:82:be:
d2:4a:75:7d:0f:ad:b9:0d:3a:4d:51:d5:e1:1a:bd:5c:38:1d:
33:db:7f:1f:32:90:cc:ef:db:45:5a:c2:d6:71:42:09:9e:51:
4c:e9:f4:17:4a:f2:4d:cb:c0:b8:b5:97:8a:2c:d3:19:35:c2:
bb:4c:c2:19:72:6d:03:18:1f:f4:1f:46:11:c9:b8:62:ab:55:
6c:2b:76:3e:42:4d:64:e5:eb:06:7f:6c:7c:fd:ec:c0:ce:f3:
92:9a:6f:8c:2f:af:2a:42:55:67:db:69:cd:86:1b:67:9f:08:
56:b8:a9:c0:af:09:a9:68:65:f3:62:78:ca:61:81:bd:bf:c5:
49:71:1c:5a:8e:30:64:fb:c8:71:7e:04:49:a8:a4:35:77:13:
78:64:6d:f9:aa:d8:e6:65:31:d8:58:9d:0a:d9:05:57:a3:9d:
c8:82:dd:5b:00:e7:99:27:67:a8:03:7d:cf:2c:9a:72:97:90:
7e:db:80:e9:97:a6:46:c5:c1:fd:0c:4c:c2:66:2b:e3:30:2a:
b4:95:b3:df:41:cd:24:cb:e9:6d:25:78:b9:9f:f8:1b:3b:a4:
8e:11:67:18
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBdzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
RTJCMjExMC8GA1UEBRMoQjcwREVBNkM3N0I5RThFQ0NFNTgzOTEzMjgxOUVGOTEz
NzNGQzUyNzAeFw0yNDEyMjEwNTE4NTRaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NjY0ZmJlLTE3ZjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQwWqGdMhq9RSHLmM9dfHG1amHxevfS1MWHnB8OPiyb8+RSWualyQZsIBcrJVz
DQBJ/KvYV2TntF1bnTJvutHt6RyIbvJl9SbToTIrMK2p+Vy7sOGk7tzXcMF6EjRO
n/nkMCO9YhMEgizoJFELnag4y7LfBhjGan9NhD3DIOciIFxL6Hc9vUz4OY1xAh+C
QKDH6v7VWCxIOeAwA9jg97d190Ftbgc1MW0IgXo12F4DEml++pQC3G09vxsa5Rkt
WTYTP6Js32G8qJf0dBekoIo2/y99gjOHfveBq4pOcPx/eS3ZzySe1GIFtO9R+mVQ
BRi2DwesfQOCyknc9SV4kE6BAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUXUY6r6uW
UaSVJPzGv4HoX7/GXbYwHwYDVR0jBBgwFoAUtw3qbHe56OzOWDkTKBnvkTc/xScw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRFMkIyLzJCNDZFQTU4MERF
MzExRUY4MDNGNkYwRUM0RjlBRTAyL3R3M3FiSGU1Nk96T1dEa1RLQm52a1RjX3hT
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdHczcWJIZTU2T3pPV0RrVEtCbnZrVGNfeFNjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RTJCMi8yQjQ2RUE1ODBERTMxMUVGODAzRjZGMEVDNEY5QUUwMi9ENkFFQTJEMjBE
RTMxMUVGQTFFMjRGMjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAmcjXAMEAMoEvDANBgkqhkiG9w0BAQsFAAOCAQEAtGPmz0nN
bjFXYxSu+1Zemk11X2RQblhOygEg9eabfK118IK+0kp1fQ+tuQ06TVHV4Rq9XDgd
M9t/HzKQzO/bRVrC1nFCCZ5RTOn0F0ryTcvAuLWXiizTGTXCu0zCGXJtAxgf9B9G
Ecm4YqtVbCt2PkJNZOXrBn9sfP3swM7zkppvjC+vKkJVZ9tpzYYbZ58IVripwK8J
qWhl82J4ymGBvb/FSXEcWo4wZPvIcX4ESaikNXcTeGRt+arY5mUx2FidCtkFV6Od
yILdWwDnmSdnqAN9zyyacpeQftuA6ZemRsXB/QxMwmYr4zAqtJWz30HNJMvpbSV4
uZ/4GzukjhFnGA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:25:07 2025 by rpki-client