Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/CDA6F2D0111611EFAD808A81C4F9AE02.roa
File: CDA6F2D0111611EFAD808A81C4F9AE02.roa (raw, json)
Hash identifier: m3HRY//GpdVT+hpG8y49SxDvHAGnCrO93hZGlg6oP6I=
Subject key identifier: 3C:7D:4C:06:4F:C7:A7:F9:72:43:BE:8F:FC:A9:D3:74:D5:7A:46:A9
Certificate issuer: /CN=A917CE22/serialNumber=62C4182C003EFCFA38DDAF4EF904FB04FE5B564A
Certificate serial: 076E
Authority key identifier: 62:C4:18:2C:00:3E:FC:FA:38:DD:AF:4E:F9:04:FB:04:FE:5B:56:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YsQYLAA-_Po43a9O-QT7BP5bVko.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/CDA6F2D0111611EFAD808A81C4F9AE02.roa
Signing time: Wed 22 Jan 2025 21:31:16 +0000
ROA not before: Wed 22 Jan 2025 21:31:16 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 136251
IP address blocks: 103.204.180.0/24 maxlen: 24
103.204.181.0/24 maxlen: 24
103.204.182.0/24 maxlen: 24
103.204.183.0/24 maxlen: 24
202.181.0.0/24 maxlen: 24
202.181.1.0/24 maxlen: 24
202.181.2.0/24 maxlen: 24
202.181.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1902 (0x76e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917CE22
Validity
Not Before: Jan 22 21:31:16 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679163a3-be87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ae:70:dd:32:67:57:0b:20:70:4c:6b:9f:6a:
22:90:09:c8:fa:3b:c3:44:8c:4a:bb:0d:57:40:00:
2d:cf:35:af:c6:7b:cf:b1:91:52:a7:2d:78:18:be:
74:11:01:fc:a6:34:6f:7f:31:bc:7d:26:bb:44:0b:
b9:9e:7d:8a:cc:06:55:e3:ca:7c:bc:b7:e4:d1:0d:
5b:13:95:8f:fd:ae:aa:3a:c9:05:f7:1e:8f:4a:4a:
dc:48:07:13:d5:e4:30:c6:52:de:8f:08:1e:94:6e:
3a:3f:ab:79:e7:2d:c9:be:ef:91:79:2a:04:80:b4:
13:00:40:96:29:c6:8e:29:dd:51:2e:28:d5:d8:77:
eb:25:2a:d9:61:62:d5:02:af:de:ce:6f:b5:5c:e2:
36:4d:dd:39:d2:9b:bf:67:c5:de:b3:a4:a3:53:a3:
be:4d:dd:49:4b:8e:05:77:60:a1:ed:d4:8b:86:54:
46:94:83:8b:52:63:00:db:70:e5:33:ff:d9:9d:06:
b1:d6:aa:61:da:93:7e:c8:5a:60:98:4a:70:61:1a:
c8:a2:6a:b9:1a:fa:f9:b7:72:cc:05:08:5b:49:ca:
af:f2:75:8c:e0:97:86:88:1d:e7:fe:3c:8e:8e:01:
45:b9:3f:72:0e:4e:92:18:d8:d7:28:77:0c:a8:b7:
d3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:7D:4C:06:4F:C7:A7:F9:72:43:BE:8F:FC:A9:D3:74:D5:7A:46:A9
X509v3 Authority Key Identifier:
keyid:62:C4:18:2C:00:3E:FC:FA:38:DD:AF:4E:F9:04:FB:04:FE:5B:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/YsQYLAA-_Po43a9O-QT7BP5bVko.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YsQYLAA-_Po43a9O-QT7BP5bVko.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/CDA6F2D0111611EFAD808A81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.204.180.0/22
202.181.0.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:ac:8c:f0:bd:91:f2:84:f9:f2:c7:48:54:00:98:00:37:d9:
35:00:86:b4:79:83:8f:82:8c:c6:8f:d8:43:cd:17:88:04:5e:
5a:8b:fb:e7:3b:dc:b7:23:f5:dc:89:91:81:8c:dd:7e:2c:7d:
d0:1f:fd:9d:b2:6d:a9:b4:49:34:95:91:d9:11:5f:e4:71:07:
fb:72:55:9e:70:9e:ae:dc:54:2d:ed:e7:be:bb:21:e3:06:6e:
06:9f:c7:ca:e9:be:f3:07:be:49:ef:d7:c6:91:69:4f:93:e9:
25:8f:20:d1:18:1f:1e:37:90:54:aa:28:68:4e:7c:96:9a:ba:
87:d9:10:d3:6c:51:9d:d1:da:4f:d7:ba:6e:5c:64:1c:50:a4:
58:51:7b:85:a9:54:9d:2b:30:2e:2d:f8:22:b7:e1:4e:a1:a0:
ae:fa:4b:66:ba:bf:55:af:eb:98:e7:ee:96:49:3f:19:cf:d0:
37:0f:ed:a7:8e:5a:d7:d3:40:f0:cc:cb:f6:99:a0:89:3f:a4:
57:81:d3:18:c4:97:63:41:ce:6d:5b:ef:ab:bc:c8:2d:28:4e:
15:73:29:67:2c:d8:b1:01:ba:0b:4e:a0:b1:01:70:fb:f5:53:
19:3f:69:35:b1:f7:23:71:e3:6c:8c:df:c5:1d:f2:55:53:03:
6c:1f:0d:14
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICB24wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0NFMjIxMTAvBgNVBAUTKDYyQzQxODJDMDAzRUZDRkEzOEREQUY0RUY5MDRGQjA0
RkU1QjU2NEEwHhcNMjUwMTIyMjEzMTE2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxNjNhMy1iZTg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3K5w3TJnVwsgcExrn2oikAnI+jvDRIxKuw1XQAAtzzWvxnvPsZFSpy14GL50
EQH8pjRvfzG8fSa7RAu5nn2KzAZV48p8vLfk0Q1bE5WP/a6qOskF9x6PSkrcSAcT
1eQwxlLejwgelG46P6t55y3Jvu+ReSoEgLQTAECWKcaOKd1RLijV2HfrJSrZYWLV
Aq/ezm+1XOI2Td050pu/Z8Xes6SjU6O+Td1JS44Fd2Ch7dSLhlRGlIOLUmMA23Dl
M//ZnQax1qph2pN+yFpgmEpwYRrIomq5Gvr5t3LMBQhbScqv8nWM4JeGiB3n/jyO
jgFFuT9yDk6SGNjXKHcMqLfTrQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDx9TAZP
x6f5ckO+j/yp03TVekapMB8GA1UdIwQYMBaAFGLEGCwAPvz6ON2vTvkE+wT+W1ZK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0UyMi8xMkZBODExQTE3
N0IxMUVCODQ2MzRDMzZDNEY5QUUwMi9Zc1FZTEFBLV9QbzQzYTlPLVFUN0JQNWJW
a28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lzUVlMQUEtX1BvNDNhOU8tUVQ3QlA1YlZrby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0NFMjIvMTJGQTgxMUExNzdCMTFFQjg0NjM0QzM2QzRGOUFFMDIvQ0RBNkYyRDAx
MTE2MTFFRkFEODA4QTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnzLQDBALKtQAwDQYJKoZIhvcNAQELBQADggEBAKCsjPC9
kfKE+fLHSFQAmAA32TUAhrR5g4+CjMaP2EPNF4gEXlqL++c73Lcj9dyJkYGM3X4s
fdAf/Z2ybam0STSVkdkRX+RxB/tyVZ5wnq7cVC3t5767IeMGbgafx8rpvvMHvknv
18aRaU+T6SWPINEYHx43kFSqKGhOfJaauofZENNsUZ3R2k/Xum5cZBxQpFhRe4Wp
VJ0rMC4t+CK34U6hoK76S2a6v1Wv65jn7pZJPxnP0DcP7aeOWtfTQPDMy/aZoIk/
pFeB0xjEl2NBzm1b76u8yC0oThVzKWcs2LEBugtOoLEBcPv1Uxk/aTWx9yNx42yM
38Ud8lVTA2wfDRQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:24:05 2025 by rpki-client