Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/E2846570135E11EB9D58482CC4F9AE02.roa
File: E2846570135E11EB9D58482CC4F9AE02.roa (raw, json)
Hash identifier: bXgEyT98R8thRPsYUWy4Fp7WrzYnlZBS5iobweOZ0lw=
Subject key identifier: 02:60:85:B3:8A:BC:F8:D0:EB:3B:77:6D:CA:E8:6C:F7:38:A3:8D:48
Certificate issuer: /CN=A918036A/serialNumber=57840FB441D2B34C8EE699D264712B4A5E0FED8D
Certificate serial: 0FC3
Authority key identifier: 57:84:0F:B4:41:D2:B3:4C:8E:E6:99:D2:64:71:2B:4A:5E:0F:ED:8D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V4QPtEHSs0yO5pnSZHErSl4P7Y0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/E2846570135E11EB9D58482CC4F9AE02.roa
Signing time: Thu 10 Oct 2024 17:55:40 +0000
ROA not before: Thu 10 Oct 2024 17:55:40 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 132400
IP address blocks: 103.72.188.0/22 maxlen: 22
103.72.188.0/24 maxlen: 24
103.72.189.0/24 maxlen: 24
103.72.190.0/24 maxlen: 24
103.72.191.0/24 maxlen: 24
160.20.40.0/22 maxlen: 22
160.20.40.0/24 maxlen: 24
160.20.41.0/24 maxlen: 24
160.20.42.0/24 maxlen: 24
160.20.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4035 (0xfc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918036A
Validity
Not Before: Oct 10 17:55:40 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6708151c-7bd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e4:00:eb:82:75:20:8e:aa:87:0c:72:9c:09:
9b:e9:4e:69:01:b4:a7:e7:ba:d7:67:0f:79:ec:57:
c4:cb:cc:c8:38:77:77:e0:fc:11:5d:07:a3:dd:42:
1c:45:74:cc:46:c4:bf:8d:12:1c:09:7f:1b:af:4e:
7d:0a:8e:f5:b0:4d:3d:e7:f7:b5:eb:a5:be:12:1f:
50:d0:5a:38:79:a0:01:e6:64:f2:10:fb:2e:db:94:
e4:67:c4:75:4d:9d:e2:cd:f1:77:bb:2f:64:0b:d1:
b8:18:7c:c9:14:2d:69:0c:16:41:14:04:a4:62:bd:
2d:0f:b0:68:c6:88:d0:0c:0d:cc:6f:59:9d:25:2a:
28:52:66:5a:e3:ba:22:c4:2f:6f:d0:74:40:f2:31:
1d:86:d4:da:a5:24:e7:dc:f4:08:78:5c:f3:33:86:
f2:64:95:e0:28:3a:4b:1e:d5:ec:8c:f1:f1:7e:57:
83:8e:87:4d:6e:6f:ab:bc:a1:e8:be:c2:0b:8f:83:
53:50:21:0c:c1:16:69:1a:3a:05:72:80:ea:5e:58:
68:4e:5e:55:3d:af:e0:3c:55:fc:cd:c1:c3:1b:c3:
2a:1a:d0:d3:7e:6d:cf:8c:eb:0b:45:20:be:5c:28:
6f:f3:ea:96:76:76:df:03:a7:a1:08:67:49:2f:af:
82:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:60:85:B3:8A:BC:F8:D0:EB:3B:77:6D:CA:E8:6C:F7:38:A3:8D:48
X509v3 Authority Key Identifier:
keyid:57:84:0F:B4:41:D2:B3:4C:8E:E6:99:D2:64:71:2B:4A:5E:0F:ED:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/V4QPtEHSs0yO5pnSZHErSl4P7Y0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V4QPtEHSs0yO5pnSZHErSl4P7Y0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/E2846570135E11EB9D58482CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.188.0/22
160.20.40.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:01:29:7c:c1:84:f4:98:09:80:f9:ef:ea:a8:98:76:c9:04:
4c:0d:68:b0:1f:a4:32:da:1b:59:a0:d2:ca:00:58:33:fc:a4:
9e:70:d0:31:86:52:08:64:88:03:50:cd:13:70:6c:a1:51:c2:
16:e2:44:b6:bd:7a:32:39:8c:19:74:08:69:13:9b:a1:90:40:
75:25:5a:8e:9a:7b:ec:91:bf:e9:45:b7:41:fe:0e:68:83:e0:
ca:03:16:88:38:2e:57:15:c3:a4:66:57:03:5c:16:8d:b9:06:
d4:bf:0b:8a:90:fe:ef:ed:cc:44:72:ca:05:50:5c:7f:ca:8e:
4b:d4:d5:5f:87:ba:80:9c:d4:2d:93:e1:13:84:ce:f5:84:a6:
49:b7:4c:9f:d0:05:c0:67:ec:3a:2b:5a:e7:ed:fa:b5:aa:84:
e0:27:27:61:0a:3a:0c:68:4b:8e:66:ae:df:29:2f:77:8b:6a:
9f:d0:7c:34:88:0c:9b:18:74:7d:9f:34:14:32:14:8a:17:59:
aa:49:09:25:dd:3d:71:d2:00:22:6e:5e:ac:89:34:86:05:a4:
36:c2:60:09:eb:93:9c:3a:d4:a6:de:71:dd:8a:8c:4a:4e:37:
44:85:1b:32:de:3b:c6:96:67:06:b8:b3:cc:5d:19:5c:86:71:
37:8e:9f:31
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICD8MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzNkExMTAvBgNVBAUTKDU3ODQwRkI0NDFEMkIzNEM4RUU2OTlEMjY0NzEyQjRB
NUUwRkVEOEQwHhcNMjQxMDEwMTc1NTQwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA4MTUxYy03YmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo+QA64J1II6qhwxynAmb6U5pAbSn57rXZw957FfEy8zIOHd34PwRXQej3UIc
RXTMRsS/jRIcCX8br059Co71sE095/e166W+Eh9Q0Fo4eaAB5mTyEPsu25TkZ8R1
TZ3izfF3uy9kC9G4GHzJFC1pDBZBFASkYr0tD7BoxojQDA3Mb1mdJSooUmZa47oi
xC9v0HRA8jEdhtTapSTn3PQIeFzzM4byZJXgKDpLHtXsjPHxfleDjodNbm+rvKHo
vsILj4NTUCEMwRZpGjoFcoDqXlhoTl5VPa/gPFX8zcHDG8MqGtDTfm3PjOsLRSC+
XChv8+qWdnbfA6ehCGdJL6+CoQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAJghbOK
vPjQ6zt3bcrobPc4o41IMB8GA1UdIwQYMBaAFFeED7RB0rNMjuaZ0mRxK0peD+2N
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDM2QS80MzNBRjc4QzQ2
QzcxMUU5QURFOUQ0MjRDNEY5QUUwMi9WNFFQdEVIU3MweU81cG5TWkhFclNsNFA3
WTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1Y0UVB0RUhTczB5TzVwblNaSEVyU2w0UDdZMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzNkEvNDMzQUY3OEM0NkM3MTFFOUFERTlENDI0QzRGOUFFMDIvRTI4NDY1NzAx
MzVFMTFFQjlENTg0ODJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnSLwDBAKgFCgwDQYJKoZIhvcNAQELBQADggEBAH8BKXzB
hPSYCYD57+qomHbJBEwNaLAfpDLaG1mg0soAWDP8pJ5w0DGGUghkiANQzRNwbKFR
whbiRLa9ejI5jBl0CGkTm6GQQHUlWo6ae+yRv+lFt0H+DmiD4MoDFog4LlcVw6Rm
VwNcFo25BtS/C4qQ/u/tzERyygVQXH/KjkvU1V+HuoCc1C2T4ROEzvWEpkm3TJ/Q
BcBn7DorWuft+rWqhOAnJ2EKOgxoS45mrt8pL3eLap/QfDSIDJsYdH2fNBQyFIoX
WapJCSXdPXHSACJuXqyJNIYFpDbCYAnrk5w61Kbecd2KjEpON0SFGzLeO8aWZwa4
s8xdGVyGcTeOnzE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:26:21 2025 by rpki-client