Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9167F52/E94666CC68AF11ECADD6B56FC4F9AE02/ED6CA80868B211EC9974F51FC4F9AE02.roa
File: ED6CA80868B211EC9974F51FC4F9AE02.roa (raw, json)
Hash identifier: hAIkEeLEWcB2wcEGanDh+e9b0MM5CnTkz5SOu7dH+to=
Subject key identifier: 81:34:9F:D7:C2:E6:CC:C5:AD:ED:07:B9:30:17:7C:8C:90:CE:CD:7F
Certificate issuer: /CN=A9167F52/serialNumber=797DFA18839F87D1310E9CA9C3410ABEB6839E74
Certificate serial: 03E7
Authority key identifier: 79:7D:FA:18:83:9F:87:D1:31:0E:9C:A9:C3:41:0A:BE:B6:83:9E:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eX36GIOfh9ExDpypw0EKvraDnnQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9167F52/E94666CC68AF11ECADD6B56FC4F9AE02/ED6CA80868B211EC9974F51FC4F9AE02.roa
Signing time: Sat 01 Feb 2025 00:33:52 +0000
ROA not before: Sat 01 Feb 2025 00:33:52 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 149309
IP address blocks: 103.178.190.0/23 maxlen: 23
103.178.190.0/24 maxlen: 24
103.178.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 999 (0x3e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9167F52
Validity
Not Before: Feb 1 00:33:52 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679d6bf0-8dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:37:9d:d5:a8:04:af:10:64:a5:eb:3e:09:3a:
a9:c2:dd:b3:8c:6a:31:cc:70:b2:1b:93:4e:2f:97:
c5:9d:5b:f7:8f:4b:1e:9a:7d:e5:40:a0:e3:bb:5c:
c0:e9:ae:9e:29:32:1c:35:fc:ca:3f:a0:fb:3c:41:
0a:d5:e1:0e:ef:f5:32:c0:ac:1f:b9:4c:af:d0:1d:
8d:b1:25:b4:a3:ac:c6:df:26:b8:c9:af:2f:84:6d:
20:15:26:75:c2:6f:96:bf:81:46:60:8e:1c:66:91:
85:9d:be:86:e0:7c:0d:d1:29:3a:d1:a9:28:ba:b2:
fa:b5:bf:b0:d2:1d:07:5c:f2:38:86:3e:a8:77:45:
2c:2d:2b:ba:e1:43:ae:d8:ec:fd:ca:4d:d6:ca:e8:
86:17:cb:33:1b:a8:b0:f8:09:b6:6e:4e:7f:f6:b6:
67:d3:85:a9:40:48:fe:9b:26:5a:26:43:fe:a3:41:
3b:e6:79:ff:6d:6a:92:3d:a5:e7:17:6b:92:95:79:
7d:6b:bb:6d:2b:f6:63:2b:1f:39:bf:e7:c2:47:98:
6f:ac:bf:5d:a2:4f:ba:81:99:37:cb:c0:e3:70:6f:
80:6c:53:89:cf:da:a1:01:5f:34:0f:0a:b1:f2:f2:
3d:19:0b:d9:3a:29:31:cd:3e:4e:f9:fc:c6:36:16:
cb:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:34:9F:D7:C2:E6:CC:C5:AD:ED:07:B9:30:17:7C:8C:90:CE:CD:7F
X509v3 Authority Key Identifier:
keyid:79:7D:FA:18:83:9F:87:D1:31:0E:9C:A9:C3:41:0A:BE:B6:83:9E:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9167F52/E94666CC68AF11ECADD6B56FC4F9AE02/eX36GIOfh9ExDpypw0EKvraDnnQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eX36GIOfh9ExDpypw0EKvraDnnQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167F52/E94666CC68AF11ECADD6B56FC4F9AE02/ED6CA80868B211EC9974F51FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.178.190.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:62:ba:a9:b7:06:8a:9e:18:87:15:06:fd:69:92:c7:1d:b1:
34:39:00:00:53:d5:0a:9d:e9:ca:f2:db:ac:69:a1:b9:a4:f9:
b4:ec:2c:f2:23:56:c0:3f:90:df:ac:d4:01:d7:ee:bc:5c:d6:
52:81:34:ee:9d:d5:cf:de:c3:90:79:70:e1:f2:08:e3:5a:54:
8d:bf:57:ad:04:34:43:16:de:94:e2:5b:39:00:31:20:48:e5:
71:fa:22:46:7c:06:71:17:89:d1:15:14:08:7b:52:50:02:35:
7d:ea:35:6c:ea:3b:1c:09:ee:3e:c6:7e:a6:b9:83:0f:68:03:
34:df:26:4c:7d:b6:94:f5:5e:ff:20:72:36:8e:45:c0:4c:49:
f5:2e:c6:92:bd:bf:0f:aa:b4:3f:b2:ed:e3:cf:d0:df:e0:59:
7c:4d:11:d8:17:f2:61:df:4c:45:59:36:cf:2e:f6:54:cd:0b:
6e:38:14:fe:5a:a8:b1:23:6b:73:da:98:34:bc:7c:66:c4:a5:
34:5c:7d:1d:9c:04:a7:5f:df:f1:7a:19:70:e5:28:b0:bf:f8:
71:7a:46:9d:a2:6f:74:9e:d1:80:80:05:6a:19:35:ff:55:32:
d5:50:3e:be:b9:86:f3:8b:f0:46:13:ce:43:43:4a:e7:1c:c7:
a1:e1:1a:2a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA+cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjdGNTIxMTAvBgNVBAUTKDc5N0RGQTE4ODM5Rjg3RDEzMTBFOUNBOUMzNDEwQUJF
QjY4MzlFNzQwHhcNMjUwMjAxMDAzMzUyWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzlkNmJmMC04ZGZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtTed1agErxBkpes+CTqpwt2zjGoxzHCyG5NOL5fFnVv3j0semn3lQKDju1zA
6a6eKTIcNfzKP6D7PEEK1eEO7/UywKwfuUyv0B2NsSW0o6zG3ya4ya8vhG0gFSZ1
wm+Wv4FGYI4cZpGFnb6G4HwN0Sk60akourL6tb+w0h0HXPI4hj6od0UsLSu64UOu
2Oz9yk3WyuiGF8szG6iw+Am2bk5/9rZn04WpQEj+myZaJkP+o0E75nn/bWqSPaXn
F2uSlXl9a7ttK/ZjKx85v+fCR5hvrL9dok+6gZk3y8DjcG+AbFOJz9qhAV80Dwqx
8vI9GQvZOikxzT5O+fzGNhbL4wIDAQABo4IClTCCApEwHQYDVR0OBBYEFIE0n9fC
5szFre0HuTAXfIyQzs1/MB8GA1UdIwQYMBaAFHl9+hiDn4fRMQ6cqcNBCr62g550
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0Y1Mi9FOTQ2NjZDQzY4
QUYxMUVDQURENkI1NkZDNEY5QUUwMi9lWDM2R0lPZmg5RXhEcHlwdzBFS3ZyYURu
blEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VYMzZHSU9maDlFeERweXB3MEVLdnJhRG5uUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjdGNTIvRTk0NjY2Q0M2OEFGMTFFQ0FERDZCNTZGQzRGOUFFMDIvRUQ2Q0E4MDg2
OEIyMTFFQzk5NzRGNTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnsr4wDQYJKoZIhvcNAQELBQADggEBAMBiuqm3BoqeGIcV
Bv1pkscdsTQ5AABT1Qqd6cry26xpobmk+bTsLPIjVsA/kN+s1AHX7rxc1lKBNO6d
1c/ew5B5cOHyCONaVI2/V60ENEMW3pTiWzkAMSBI5XH6IkZ8BnEXidEVFAh7UlAC
NX3qNWzqOxwJ7j7Gfqa5gw9oAzTfJkx9tpT1Xv8gcjaORcBMSfUuxpK9vw+qtD+y
7ePP0N/gWXxNEdgX8mHfTEVZNs8u9lTNC244FP5aqLEja3PamDS8fGbEpTRcfR2c
BKdf3/F6GXDlKLC/+HF6Rp2ib3Se0YCABWoZNf9VMtVQPr65hvOL8EYTzkNDSucc
x6HhGio=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:25:22 2025 by rpki-client