Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915FF72/26A559D6BAA011EDAD160172C4F9AE02/13C23898BAA511EDB866A412C4F9AE02.roa
File: 13C23898BAA511EDB866A412C4F9AE02.roa (raw, json)
Hash identifier: h6q23QMfBwFmxIMVTA6ARQak7Qs7wYbVCQBIj8uPZPY=
Subject key identifier: 2D:0A:42:0D:FF:58:4B:40:81:7D:F9:E9:BF:37:34:23:85:2C:F0:34
Certificate issuer: /CN=A915FF72/serialNumber=4BD703B7FECA3AA2A836675FA0F3F329812E6F65
Certificate serial: 018E
Authority key identifier: 4B:D7:03:B7:FE:CA:3A:A2:A8:36:67:5F:A0:F3:F3:29:81:2E:6F:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S9cDt_7KOqKoNmdfoPPzKYEub2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915FF72/26A559D6BAA011EDAD160172C4F9AE02/13C23898BAA511EDB866A412C4F9AE02.roa
Signing time: Sat 29 Mar 2025 03:28:57 +0000
ROA not before: Sat 29 Mar 2025 03:28:57 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 149509
IP address blocks: 103.183.95.0/24 maxlen: 24
103.229.89.0/24 maxlen: 24
2001:df1:f340::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 398 (0x18e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915FF72
Validity
Not Before: Mar 29 03:28:57 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e768f9-333a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4d:42:51:b8:b0:cb:0c:8c:ad:59:46:fe:3c:
50:4f:42:ed:3a:23:3c:00:bf:22:97:10:16:f5:da:
9c:c2:d9:e3:a1:e7:aa:0c:9a:f6:6f:73:be:33:73:
2f:d2:c2:22:ec:33:b8:ba:bc:97:e4:b0:6b:ad:e4:
73:c5:b4:5e:f1:13:53:c5:d1:4f:8b:13:55:f0:34:
c9:fc:b8:ac:ca:28:51:22:64:20:20:8b:97:24:e7:
2f:ca:8d:5d:c1:03:4c:09:90:0e:eb:b3:93:04:1d:
b0:65:06:ae:6f:62:5f:09:97:e9:b1:5d:73:a5:7e:
1e:5e:48:6f:c1:83:37:c7:4e:f4:d8:55:16:91:4f:
10:99:86:e4:14:76:63:2a:39:e7:b0:e2:39:01:90:
20:69:b6:62:97:b5:31:06:a9:fd:e4:0b:d3:04:aa:
cf:22:f2:d6:5e:90:0a:fb:e7:c0:89:d9:a8:dc:37:
c0:ec:3e:19:d7:d6:f8:6b:6d:1c:91:96:8f:f4:a5:
b2:a3:18:f1:89:74:03:e0:c8:b4:8e:de:a9:28:b7:
39:f2:d0:4e:44:3a:bf:5e:d3:ab:98:da:26:e6:d2:
65:4a:c3:0d:a3:50:49:e9:c9:2b:43:38:b6:68:63:
20:66:9e:ee:27:07:44:20:ed:dd:0a:2a:bd:40:b4:
47:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:0A:42:0D:FF:58:4B:40:81:7D:F9:E9:BF:37:34:23:85:2C:F0:34
X509v3 Authority Key Identifier:
keyid:4B:D7:03:B7:FE:CA:3A:A2:A8:36:67:5F:A0:F3:F3:29:81:2E:6F:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915FF72/26A559D6BAA011EDAD160172C4F9AE02/S9cDt_7KOqKoNmdfoPPzKYEub2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S9cDt_7KOqKoNmdfoPPzKYEub2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FF72/26A559D6BAA011EDAD160172C4F9AE02/13C23898BAA511EDB866A412C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.183.95.0/24
103.229.89.0/24
IPv6:
2001:df1:f340::/48
Signature Algorithm: sha256WithRSAEncryption
af:a5:95:5c:2f:6f:3e:c2:7f:55:72:b5:eb:4b:ed:d7:12:82:
ba:a3:19:d9:a9:70:c0:31:76:e8:75:cb:d5:d6:02:52:a7:0e:
8b:38:ab:d3:3b:5e:42:79:64:52:d1:a5:81:8a:3d:92:47:fc:
f0:52:59:85:b3:67:31:fa:09:85:e4:7c:a3:00:f9:e9:e5:89:
c5:80:2a:f3:5c:38:fc:b8:5d:74:66:71:4e:09:cb:97:64:3e:
90:0f:68:cb:61:5a:4e:2d:de:53:2b:bc:56:bb:3d:5e:4e:1c:
eb:4a:7a:9e:5f:a4:f3:df:dc:9c:5f:6a:e2:e5:c8:a1:e6:59:
c2:43:70:a6:e2:58:8d:ef:a0:17:4f:48:7f:b2:17:59:4c:dc:
90:93:25:da:61:8d:cc:0b:0b:53:56:35:75:e7:8f:a8:54:d6:
13:2c:38:cd:21:dc:63:49:92:59:b1:26:ed:f0:d7:cf:84:f4:
96:2c:2c:92:8d:4b:b7:47:94:fd:37:62:22:8c:b0:20:85:cb:
aa:d5:12:c8:26:ad:1f:d2:c5:3d:73:9e:e2:8a:ae:93:d1:ac:
5a:0d:9d:11:da:b7:34:31:f6:99:30:6c:e9:60:66:0e:64:07:
18:a6:16:bc:9f:47:74:0f:e8:c6:8c:1d:f0:ae:8c:f9:3f:d4:
2c:2d:06:cd
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICAY4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUZGNzIxMTAvBgNVBAUTKDRCRDcwM0I3RkVDQTNBQTJBODM2Njc1RkEwRjNGMzI5
ODEyRTZGNjUwHhcNMjUwMzI5MDMyODU3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U3NjhmOS0zMzNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl01CUbiwywyMrVlG/jxQT0LtOiM8AL8ilxAW9dqcwtnjoeeqDJr2b3O+M3Mv
0sIi7DO4uryX5LBrreRzxbRe8RNTxdFPixNV8DTJ/LisyihRImQgIIuXJOcvyo1d
wQNMCZAO67OTBB2wZQaub2JfCZfpsV1zpX4eXkhvwYM3x0702FUWkU8QmYbkFHZj
KjnnsOI5AZAgabZil7UxBqn95AvTBKrPIvLWXpAK++fAidmo3DfA7D4Z19b4a20c
kZaP9KWyoxjxiXQD4Mi0jt6pKLc58tBORDq/XtOrmNom5tJlSsMNo1BJ6ckrQzi2
aGMgZp7uJwdEIO3dCiq9QLRHyQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFC0KQg3/
WEtAgX356b83NCOFLPA0MB8GA1UdIwQYMBaAFEvXA7f+yjqiqDZnX6Dz8ymBLm9l
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RkY3Mi8yNkE1NTlENkJB
QTAxMUVEQUQxNjAxNzJDNEY5QUUwMi9TOWNEdF83S09xS29ObWRmb1BQektZRXVi
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1M5Y0R0XzdLT3FLb05tZGZvUFB6S1lFdWIyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUZGNzIvMjZBNTU5RDZCQUEwMTFFREFEMTYwMTcyQzRGOUFFMDIvMTNDMjM4OThC
QUE1MTFFREI4NjZBNDEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnt18DBABn5VkwDwQCAAIwCQMHACABDfHzQDANBgkqhkiG
9w0BAQsFAAOCAQEAr6WVXC9vPsJ/VXK160vt1xKCuqMZ2alwwDF26HXL1dYCUqcO
izir0zteQnlkUtGlgYo9kkf88FJZhbNnMfoJheR8owD56eWJxYAq81w4/LhddGZx
TgnLl2Q+kA9oy2FaTi3eUyu8Vrs9Xk4c60p6nl+k89/cnF9q4uXIoeZZwkNwpuJY
je+gF09If7IXWUzckJMl2mGNzAsLU1Y1deePqFTWEyw4zSHcY0mSWbEm7fDXz4T0
liwsko1Lt0eU/TdiIoywIIXLqtUSyCatH9LFPXOe4oquk9GsWg2dEdq3NDH2mTBs
6WBmDmQHGKYWvJ9HdA/oxowd8K6M+T/ULC0GzQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:50:10 2025 by rpki-client