Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915B373/6372E5CA6E2611EDB0794F6FC4F9AE02/8DD33174E04511EF8BD5FA0EC4F9AE02.roa
File: 8DD33174E04511EF8BD5FA0EC4F9AE02.roa (raw, json)
Hash identifier: 94a7dFydESow3Mx39ryOCQ9SXYn7PxD6gcuiy+2sH/Q=
Subject key identifier: 56:E8:38:E5:8B:13:88:41:59:9D:76:4E:43:8A:8D:65:C0:C3:D3:99
Certificate issuer: /CN=A915B373/serialNumber=8C99F2E50A3DAA962F1CB775B4596701516A0AC1
Certificate serial: 01A2
Authority key identifier: 8C:99:F2:E5:0A:3D:AA:96:2F:1C:B7:75:B4:59:67:01:51:6A:0A:C1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jJny5Qo9qpYvHLd1tFlnAVFqCsE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915B373/6372E5CA6E2611EDB0794F6FC4F9AE02/8DD33174E04511EF8BD5FA0EC4F9AE02.roa
Signing time: Mon 03 Feb 2025 02:26:25 +0000
ROA not before: Mon 03 Feb 2025 02:26:25 +0000
ROA not after: Mon 02 Jun 2025 00:00:00 +0000
asID: 139233
IP address blocks: 103.42.14.0/23 maxlen: 23
103.42.14.0/24 maxlen: 24
103.42.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 418 (0x1a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915B373
Validity
Not Before: Feb 3 02:26:25 2025 GMT
Not After : Jun 2 00:00:00 2025 GMT
Subject: CN=67a02950-ed34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d1:2e:c6:02:15:73:88:2e:99:b7:87:36:9b:
3a:0e:02:81:90:6f:c8:29:c6:e0:91:83:25:ed:d2:
ca:bd:27:da:6f:27:0a:22:5b:42:e7:df:36:3c:3e:
ff:8c:d1:f2:16:19:3f:61:19:d0:ca:bc:b8:a4:2c:
30:ab:e9:71:b2:00:7b:5c:20:ad:e2:40:30:c6:64:
14:9a:78:6b:67:6e:a9:a1:c0:8c:38:01:9c:99:ff:
43:9a:c4:18:31:b7:40:c5:63:bc:14:83:be:5c:1b:
f1:99:09:03:91:b0:75:c0:8c:a6:8c:66:26:46:62:
ab:41:0a:fa:cf:79:08:c3:91:80:77:d0:1c:93:51:
43:ab:f9:09:30:be:85:b1:71:71:ba:8f:73:45:90:
c9:47:d3:0d:aa:f0:b1:01:11:b1:48:5f:a2:0c:17:
ec:7a:4a:f8:e5:fc:1b:1a:16:c9:e6:7b:fd:6c:5e:
13:0f:53:53:c1:f3:60:d9:98:21:e9:49:e6:54:21:
24:5d:29:7c:75:f8:e7:34:0b:df:c6:2c:0a:7d:01:
6d:dc:77:5f:68:c2:e6:3a:7c:d1:17:4d:58:f9:e4:
c1:ba:9a:98:8d:0b:c7:c6:17:7e:78:95:6e:ff:de:
fc:d2:4d:d7:94:82:4b:2a:2f:91:1a:5c:88:8e:5f:
e0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E8:38:E5:8B:13:88:41:59:9D:76:4E:43:8A:8D:65:C0:C3:D3:99
X509v3 Authority Key Identifier:
keyid:8C:99:F2:E5:0A:3D:AA:96:2F:1C:B7:75:B4:59:67:01:51:6A:0A:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915B373/6372E5CA6E2611EDB0794F6FC4F9AE02/jJny5Qo9qpYvHLd1tFlnAVFqCsE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jJny5Qo9qpYvHLd1tFlnAVFqCsE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B373/6372E5CA6E2611EDB0794F6FC4F9AE02/8DD33174E04511EF8BD5FA0EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.42.14.0/23
Signature Algorithm: sha256WithRSAEncryption
32:1a:b5:6a:43:ad:ae:5d:24:2e:2f:1b:a1:0a:45:df:87:6a:
65:57:b5:f0:c0:19:d9:91:bb:12:88:6d:c3:55:bf:49:37:23:
c8:a6:af:ed:43:54:28:26:4b:97:a9:4c:83:c0:4c:f4:59:b0:
49:e8:05:94:2a:49:f1:3f:3c:e0:d9:fd:40:ad:ff:aa:b1:e1:
6d:3e:58:6d:19:86:ba:61:41:ee:62:e5:c6:e7:22:37:77:c4:
fd:dd:5d:94:d6:4d:4c:71:e8:a8:4f:b9:7d:52:89:15:1b:ea:
b2:be:56:68:ca:e9:a3:7d:1b:28:9e:b7:2d:3b:d9:c8:dd:51:
a2:cc:d6:1d:4b:7c:4f:19:b0:79:a6:68:56:50:33:55:f9:de:
da:2c:2c:e8:7f:20:50:c6:09:ce:1d:00:31:3f:cb:63:4f:eb:
d7:b9:43:0c:53:45:3f:8e:c0:77:99:99:35:cb:72:c3:b8:cb:
d5:65:88:39:8d:e7:f7:2c:0a:6c:91:e6:6f:10:c2:bd:c6:57:
b4:33:04:3f:6c:25:22:70:73:8c:61:3b:c1:5b:70:af:1d:f3:
9b:3f:6e:9d:4f:a6:8c:3c:e5:db:30:be:15:fd:08:2d:32:1a:
2d:b2:51:a5:93:89:46:9d:01:01:1a:9c:0d:16:9c:b6:42:85:
f8:b1:0b:6a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAaIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUIzNzMxMTAvBgNVBAUTKDhDOTlGMkU1MEEzREFBOTYyRjFDQjc3NUI0NTk2NzAx
NTE2QTBBQzEwHhcNMjUwMjAzMDIyNjI1WhcNMjUwNjAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EwMjk1MC1lZDM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA19EuxgIVc4gumbeHNps6DgKBkG/IKcbgkYMl7dLKvSfabycKIltC5982PD7/
jNHyFhk/YRnQyry4pCwwq+lxsgB7XCCt4kAwxmQUmnhrZ26pocCMOAGcmf9DmsQY
MbdAxWO8FIO+XBvxmQkDkbB1wIymjGYmRmKrQQr6z3kIw5GAd9Ack1FDq/kJML6F
sXFxuo9zRZDJR9MNqvCxARGxSF+iDBfsekr45fwbGhbJ5nv9bF4TD1NTwfNg2Zgh
6UnmVCEkXSl8dfjnNAvfxiwKfQFt3HdfaMLmOnzRF01Y+eTBupqYjQvHxhd+eJVu
/9780k3XlIJLKi+RGlyIjl/gAwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFboOOWL
E4hBWZ12TkOKjWXAw9OZMB8GA1UdIwQYMBaAFIyZ8uUKPaqWLxy3dbRZZwFRagrB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QjM3My82MzcyRTVDQTZF
MjYxMUVEQjA3OTRGNkZDNEY5QUUwMi9qSm55NVFvOXFwWXZITGQxdEZsbkFWRnFD
c0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pKbnk1UW85cXBZdkhMZDF0RmxuQVZGcUNzRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUIzNzMvNjM3MkU1Q0E2RTI2MTFFREIwNzk0RjZGQzRGOUFFMDIvOEREMzMxNzRF
MDQ1MTFFRjhCRDVGQTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnKg4wDQYJKoZIhvcNAQELBQADggEBADIatWpDra5dJC4v
G6EKRd+HamVXtfDAGdmRuxKIbcNVv0k3I8imr+1DVCgmS5epTIPATPRZsEnoBZQq
SfE/PODZ/UCt/6qx4W0+WG0ZhrphQe5i5cbnIjd3xP3dXZTWTUxx6KhPuX1SiRUb
6rK+VmjK6aN9Gyiety072cjdUaLM1h1LfE8ZsHmmaFZQM1X53tosLOh/IFDGCc4d
ADE/y2NP69e5QwxTRT+OwHeZmTXLcsO4y9VliDmN5/csCmyR5m8Qwr3GV7QzBD9s
JSJwc4xhO8FbcK8d85s/bp1Ppow85dswvhX9CC0yGi2yUaWTiUadAQEanA0WnLZC
hfixC2o=
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:45:00 2025 by rpki-client