Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917BD68/04D74B50F15311ECB07C9F26C4F9AE02/AF88A400F15711EC846A5F29C4F9AE02.roa
File: AF88A400F15711EC846A5F29C4F9AE02.roa (raw, json)
Hash identifier: cDpvh3Uhyb1LJHdjMZekAyyaNaYh9ET+ttEg2FAl8DY=
Subject key identifier: 47:D4:AD:B2:9D:39:BB:D6:A3:60:01:4F:4B:1C:69:C8:0F:12:C1:36
Certificate issuer: /CN=A917BD68/serialNumber=456320FE970F5CA4BFD7756FC3E27E06B308BE75
Certificate serial: 022D
Authority key identifier: 45:63:20:FE:97:0F:5C:A4:BF:D7:75:6F:C3:E2:7E:06:B3:08:BE:75
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RWMg_pcPXKS_13Vvw-J-BrMIvnU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917BD68/04D74B50F15311ECB07C9F26C4F9AE02/AF88A400F15711EC846A5F29C4F9AE02.roa
Signing time: Thu 01 Aug 2024 03:24:45 +0000
ROA not before: Thu 01 Aug 2024 03:24:45 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 149980
IP address blocks: 103.189.242.0/23 maxlen: 23
103.189.242.0/24 maxlen: 24
103.189.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 557 (0x22d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917BD68
Validity
Not Before: Aug 1 03:24:45 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66aafffc-153d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cd:16:d6:95:f1:50:6c:21:a1:e1:60:ef:b0:
c3:39:e4:48:4d:ac:81:84:cd:10:d8:4e:61:71:0d:
67:bc:1e:4b:da:18:da:c4:77:78:88:84:c4:7b:9f:
8d:57:1e:26:7f:f2:29:4c:4a:5d:1f:50:34:a4:4f:
9a:99:d0:e2:20:e1:dd:1a:bf:0c:50:17:77:90:7d:
43:09:bf:d2:aa:6f:d4:78:c0:33:a3:86:54:0e:73:
e9:44:19:67:e5:0d:6a:3d:fd:5f:a0:3d:61:04:6f:
78:36:18:2e:8e:df:41:21:83:84:92:45:56:84:a7:
81:2b:5b:85:42:9b:6f:fa:20:b7:bc:92:7f:50:2b:
13:68:d6:79:cd:8c:52:26:a4:c3:43:cb:58:04:04:
b6:1b:73:d6:bb:ca:57:f6:57:6a:fb:ec:bd:2e:21:
e4:56:7b:73:43:f3:8a:3d:d1:30:ec:90:ea:13:c8:
f1:6c:26:49:dc:56:8a:ce:59:29:d0:16:46:6c:1e:
f3:be:a1:20:27:c8:1a:82:a1:32:e1:4f:a1:5a:58:
d4:72:8e:fa:72:fb:a6:e4:c5:5b:e0:ac:7a:7b:55:
c1:a3:29:85:e9:96:18:ac:f5:6d:73:d4:ca:a3:dc:
c6:17:6f:b5:82:bd:25:bd:49:9e:a6:46:50:87:58:
17:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D4:AD:B2:9D:39:BB:D6:A3:60:01:4F:4B:1C:69:C8:0F:12:C1:36
X509v3 Authority Key Identifier:
keyid:45:63:20:FE:97:0F:5C:A4:BF:D7:75:6F:C3:E2:7E:06:B3:08:BE:75
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917BD68/04D74B50F15311ECB07C9F26C4F9AE02/RWMg_pcPXKS_13Vvw-J-BrMIvnU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RWMg_pcPXKS_13Vvw-J-BrMIvnU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BD68/04D74B50F15311ECB07C9F26C4F9AE02/AF88A400F15711EC846A5F29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.242.0/23
Signature Algorithm: sha256WithRSAEncryption
c2:c6:78:0e:ab:37:73:31:63:be:be:7f:ef:35:9a:0b:53:56:
76:32:e5:6c:87:52:31:dc:5c:e4:d4:5f:96:9e:93:a5:29:a7:
7d:04:3c:24:13:fb:b1:f8:4b:fc:6f:38:62:14:41:bc:53:e3:
93:29:72:95:c5:90:87:cf:80:56:6a:c4:3d:6a:8d:8d:43:61:
69:a3:3a:db:20:6d:a9:08:21:73:0e:3f:00:d7:a9:5d:0e:9e:
f1:eb:03:6c:2b:83:36:32:9f:8d:fc:93:91:f7:d4:47:eb:59:
f8:55:1c:70:d3:40:64:31:ec:f9:95:9f:26:e5:99:d7:8b:af:
cd:7c:d6:0c:82:2d:1d:08:f6:d5:2e:95:19:7a:e4:84:db:6a:
b3:b5:f5:0d:48:7e:15:0c:99:a1:00:fc:b4:d2:f4:3b:15:b4:
1d:2f:58:c8:81:6d:ec:84:8e:c2:0b:a1:17:19:c8:c1:c9:c6:
c2:cd:f2:2b:f0:03:fe:30:20:fa:0f:39:2e:44:b6:11:3e:20:
27:b6:a1:2a:b6:45:db:d6:c5:63:24:89:10:3b:32:5b:7e:f2:
34:de:76:bb:f0:91:e6:5b:c4:c4:95:10:75:8f:c7:36:42:6c:
1c:90:0c:bf:ab:6a:e5:e6:1a:c3:27:5c:04:94:f4:e5:dd:6f:
2b:ac:4f:e0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAi0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0JENjgxMTAvBgNVBAUTKDQ1NjMyMEZFOTcwRjVDQTRCRkQ3NzU2RkMzRTI3RTA2
QjMwOEJFNzUwHhcNMjQwODAxMDMyNDQ1WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFhZmZmYy0xNTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz80W1pXxUGwhoeFg77DDOeRITayBhM0Q2E5hcQ1nvB5L2hjaxHd4iITEe5+N
Vx4mf/IpTEpdH1A0pE+amdDiIOHdGr8MUBd3kH1DCb/Sqm/UeMAzo4ZUDnPpRBln
5Q1qPf1foD1hBG94Nhgujt9BIYOEkkVWhKeBK1uFQptv+iC3vJJ/UCsTaNZ5zYxS
JqTDQ8tYBAS2G3PWu8pX9ldq++y9LiHkVntzQ/OKPdEw7JDqE8jxbCZJ3FaKzlkp
0BZGbB7zvqEgJ8gagqEy4U+hWljUco76cvum5MVb4Kx6e1XBoymF6ZYYrPVtc9TK
o9zGF2+1gr0lvUmepkZQh1gX0wIDAQABo4IClTCCApEwHQYDVR0OBBYEFEfUrbKd
ObvWo2ABT0scacgPEsE2MB8GA1UdIwQYMBaAFEVjIP6XD1ykv9d1b8PifgazCL51
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkQ2OC8wNEQ3NEI1MEYx
NTMxMUVDQjA3QzlGMjZDNEY5QUUwMi9SV01nX3BjUFhLU18xM1Z2dy1KLUJyTUl2
blUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JXTWdfcGNQWEtTXzEzVnZ3LUotQnJNSXZuVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0JENjgvMDRENzRCNTBGMTUzMTFFQ0IwN0M5RjI2QzRGOUFFMDIvQUY4OEE0MDBG
MTU3MTFFQzg0NkE1RjI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnvfIwDQYJKoZIhvcNAQELBQADggEBAMLGeA6rN3MxY76+
f+81mgtTVnYy5WyHUjHcXOTUX5aek6Upp30EPCQT+7H4S/xvOGIUQbxT45MpcpXF
kIfPgFZqxD1qjY1DYWmjOtsgbakIIXMOPwDXqV0OnvHrA2wrgzYyn438k5H31Efr
WfhVHHDTQGQx7PmVnyblmdeLr8181gyCLR0I9tUulRl65ITbarO19Q1IfhUMmaEA
/LTS9DsVtB0vWMiBbeyEjsILoRcZyMHJxsLN8ivwA/4wIPoPOS5EthE+ICe2oSq2
RdvWxWMkiRA7Mlt+8jTedrvwkeZbxMSVEHWPxzZCbByQDL+rauXmGsMnXASU9OXd
byusT+A=
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:48:31 2025 by rpki-client