Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/ACE844F047AA11ECA0F05026C4F9AE02.roa
File: ACE844F047AA11ECA0F05026C4F9AE02.roa (raw, json)
Hash identifier: xweR0My4YSEWr28C8V1U/OMEuVwH/Ly7NJUba0hYsCg=
Subject key identifier: 24:31:81:20:6B:4F:AB:87:70:C1:E2:D7:D5:61:71:28:38:D2:FF:66
Certificate issuer: /CN=A9167CC5/serialNumber=5D2785B54D163ED01EA5418BCFA34F1B7456B713
Certificate serial: 0436
Authority key identifier: 5D:27:85:B5:4D:16:3E:D0:1E:A5:41:8B:CF:A3:4F:1B:74:56:B7:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XSeFtU0WPtAepUGLz6NPG3RWtxM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/ACE844F047AA11ECA0F05026C4F9AE02.roa
Signing time: Sun 01 Dec 2024 00:33:47 +0000
ROA not before: Sun 01 Dec 2024 00:33:47 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 132075
IP address blocks: 103.23.24.0/22 maxlen: 22
103.23.24.0/23 maxlen: 23
103.23.24.0/24 maxlen: 24
103.23.25.0/24 maxlen: 24
103.23.26.0/23 maxlen: 23
103.23.26.0/24 maxlen: 24
103.23.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1078 (0x436)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9167CC5
Validity
Not Before: Dec 1 00:33:47 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674baeea-9416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:16:30:4d:88:73:83:cf:b4:2f:7f:cd:39:5c:
37:e8:5e:ff:ee:ce:1f:ee:c9:48:cd:39:74:63:8d:
d2:c4:89:53:18:31:17:d0:0a:dd:31:1b:a6:47:74:
1f:22:88:b7:20:14:35:36:02:be:9e:d7:6e:20:37:
f6:b0:23:08:8a:20:6b:ae:28:c4:92:da:8d:48:39:
5a:47:f2:b7:75:aa:39:97:50:6a:c6:65:4e:0b:c0:
15:48:fa:82:d6:d4:2d:a1:17:3e:fe:d1:2b:43:3e:
05:3c:b4:b0:fd:c3:f7:bd:24:80:f5:0e:eb:0a:8d:
90:0a:da:7b:3f:45:83:f1:2f:c9:23:eb:ac:55:62:
65:62:5d:f3:90:64:76:19:45:4c:d7:cf:13:de:29:
a7:0e:6d:c5:3f:70:5c:ff:4b:f7:07:cf:44:05:1b:
f8:a3:58:05:d9:a7:9e:b9:8b:79:92:fb:ac:ae:a7:
f0:96:dd:e2:fd:3d:c0:82:d8:9a:7c:8d:00:ab:f1:
fd:f0:6a:dd:89:bc:6f:00:79:f3:2e:49:7f:f5:69:
68:17:54:50:e4:e1:e0:b5:f1:32:af:c1:9f:b3:1b:
64:5e:36:b4:46:1d:19:a8:16:1b:64:05:f5:85:08:
0a:e6:72:5a:af:1a:05:c9:3b:bb:9f:3b:a4:a8:76:
70:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:31:81:20:6B:4F:AB:87:70:C1:E2:D7:D5:61:71:28:38:D2:FF:66
X509v3 Authority Key Identifier:
keyid:5D:27:85:B5:4D:16:3E:D0:1E:A5:41:8B:CF:A3:4F:1B:74:56:B7:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/XSeFtU0WPtAepUGLz6NPG3RWtxM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XSeFtU0WPtAepUGLz6NPG3RWtxM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/ACE844F047AA11ECA0F05026C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.24.0/22
Signature Algorithm: sha256WithRSAEncryption
72:02:ee:a1:e8:2b:d8:fa:a9:b8:4d:e8:f7:04:9e:5e:10:f7:
57:43:b6:76:23:3b:e3:cd:ea:84:e4:13:33:0e:89:c9:7f:4f:
5b:cf:35:ba:9a:cc:80:33:af:80:1e:96:86:be:aa:8c:f1:ff:
62:ca:a2:67:58:4b:62:98:2e:e0:35:f6:9a:8f:03:a6:bf:59:
d5:f1:64:95:f1:4a:2a:f7:76:60:c8:0e:e5:0b:94:e0:e9:57:
e5:24:2e:fc:d2:f7:cc:46:93:45:de:fd:8b:de:1c:cf:e9:e8:
f9:a6:8e:7b:34:af:9e:46:d1:d3:85:11:bf:70:d8:49:3b:bf:
dd:60:a8:81:04:a8:bb:51:d9:40:0d:e8:4a:8e:49:b6:a7:ed:
02:cd:cc:9c:9b:5d:f4:2b:9e:c7:a1:02:6f:ca:d3:72:df:8b:
bf:c0:72:ec:b4:c4:05:d3:b9:7d:36:6c:1b:78:47:70:00:cb:
32:ea:21:5c:6d:be:d9:1b:c0:1a:c2:d7:fe:96:d4:28:cd:6b:
f6:e8:73:3a:b1:4a:bd:ae:2c:98:f3:3f:ec:7a:66:7f:a1:3d:
fa:0b:06:f3:94:8f:ec:13:df:52:89:8b:c5:20:48:c1:51:54:
fd:f3:ed:d7:01:8f:2d:ee:94:6b:71:f0:c2:ad:2c:1f:93:93:
f6:8d:d0:5c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjdDQzUxMTAvBgNVBAUTKDVEMjc4NUI1NEQxNjNFRDAxRUE1NDE4QkNGQTM0RjFC
NzQ1NkI3MTMwHhcNMjQxMjAxMDAzMzQ3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRiYWVlYS05NDE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzhYwTYhzg8+0L3/NOVw36F7/7s4f7slIzTl0Y43SxIlTGDEX0ArdMRumR3Qf
Ioi3IBQ1NgK+ntduIDf2sCMIiiBrrijEktqNSDlaR/K3dao5l1BqxmVOC8AVSPqC
1tQtoRc+/tErQz4FPLSw/cP3vSSA9Q7rCo2QCtp7P0WD8S/JI+usVWJlYl3zkGR2
GUVM188T3imnDm3FP3Bc/0v3B89EBRv4o1gF2aeeuYt5kvusrqfwlt3i/T3Agtia
fI0Aq/H98GrdibxvAHnzLkl/9WloF1RQ5OHgtfEyr8GfsxtkXja0Rh0ZqBYbZAX1
hQgK5nJarxoFyTu7nzukqHZwMwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCQxgSBr
T6uHcMHi19VhcSg40v9mMB8GA1UdIwQYMBaAFF0nhbVNFj7QHqVBi8+jTxt0VrcT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0NDNS8yQUM0RDMzRTQ2
QjExMUVDOTQ1QjRGNTdDNEY5QUUwMi9YU2VGdFUwV1B0QWVwVUdMejZOUEczUld0
eE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hTZUZ0VTBXUHRBZXBVR0x6Nk5QRzNSV3R4TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjdDQzUvMkFDNEQzM0U0NkIxMTFFQzk0NUI0RjU3QzRGOUFFMDIvQUNFODQ0RjA0
N0FBMTFFQ0EwRjA1MDI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnFxgwDQYJKoZIhvcNAQELBQADggEBAHIC7qHoK9j6qbhN
6PcEnl4Q91dDtnYjO+PN6oTkEzMOicl/T1vPNbqazIAzr4Aeloa+qozx/2LKomdY
S2KYLuA19pqPA6a/WdXxZJXxSir3dmDIDuULlODpV+UkLvzS98xGk0Xe/YveHM/p
6Pmmjns0r55G0dOFEb9w2Ek7v91gqIEEqLtR2UAN6EqOSban7QLNzJybXfQrnseh
Am/K03Lfi7/Acuy0xAXTuX02bBt4R3AAyzLqIVxtvtkbwBrC1/6W1CjNa/boczqx
Sr2uLJjzP+x6Zn+hPfoLBvOUj+wT31KJi8UgSMFRVP3z7dcBjy3ulGtx8MKtLB+T
k/aN0Fw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:12:48 2025 by rpki-client