Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9184AB8/3B0A9C64D1B011EF8C20DD32C4F9AE02/ED63E306F5EC11EFBB174335C4F9AE02.roa
File: ED63E306F5EC11EFBB174335C4F9AE02.roa (raw, json)
Hash identifier: sDxPGPWuMnoYPL5SXwZzSX89Yi7Im2b2Bj3YLGK0a00=
Subject key identifier: 6D:3C:0B:ED:CC:B6:06:91:A6:51:EC:45:9F:E9:57:B6:55:EB:60:06
Certificate issuer: /CN=A9184AB8/serialNumber=3188F9B9F5E90AFB0DB0DE6565F02C90BEEA48D0
Certificate serial: 22
Authority key identifier: 31:88:F9:B9:F5:E9:0A:FB:0D:B0:DE:65:65:F0:2C:90:BE:EA:48:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MYj5ufXpCvsNsN5lZfAskL7qSNA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9184AB8/3B0A9C64D1B011EF8C20DD32C4F9AE02/ED63E306F5EC11EFBB174335C4F9AE02.roa
Signing time: Fri 28 Feb 2025 15:59:02 +0000
ROA not before: Fri 28 Feb 2025 15:59:02 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 136988
IP address blocks: 103.101.128.0/22 maxlen: 22
173.234.104.0/21 maxlen: 21
2401:d040::/36 maxlen: 36
2401:d040:1000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34 (0x22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9184AB8
Validity
Not Before: Feb 28 15:59:02 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67c1dd45-533f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c6:22:40:77:8d:1f:61:2d:13:3d:70:62:c3:
d9:70:d2:d8:c9:6a:16:30:53:93:26:02:1a:4a:20:
86:41:4a:38:71:16:34:49:d1:44:7c:56:1d:8c:df:
55:e9:cd:3a:0c:eb:ae:08:6d:95:12:2b:bd:fb:d9:
df:58:8c:2c:6a:d3:8d:3d:b0:9c:03:f3:64:b1:07:
ae:e7:6b:7e:05:b2:ee:9a:f6:78:de:1b:d3:d1:40:
67:b2:b6:9d:05:88:42:57:24:d4:d2:76:da:30:2d:
46:9c:ad:a7:74:ec:2a:b2:e8:00:d3:87:40:cf:c8:
68:35:ca:e9:1a:b7:72:76:85:8d:ea:7c:3d:75:35:
db:34:35:5c:ce:db:04:b5:62:76:9d:5f:d4:8e:2b:
82:73:d0:82:38:69:d0:ee:cd:12:b6:57:a0:1f:d2:
4f:a9:48:b4:53:a4:b5:68:4e:84:ac:31:1e:67:6b:
77:62:82:fc:68:00:06:50:d7:6c:6e:7d:54:31:dc:
4e:aa:0c:59:2e:f5:9d:f0:53:87:23:fa:30:9c:52:
09:fd:53:69:b8:0f:0f:b2:c2:ed:e5:a7:7a:62:ee:
a8:df:dc:73:45:d8:96:27:bb:85:74:2a:ef:b9:07:
de:18:b0:88:77:47:78:8d:c5:a2:ce:8f:b2:e5:f4:
d1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:3C:0B:ED:CC:B6:06:91:A6:51:EC:45:9F:E9:57:B6:55:EB:60:06
X509v3 Authority Key Identifier:
keyid:31:88:F9:B9:F5:E9:0A:FB:0D:B0:DE:65:65:F0:2C:90:BE:EA:48:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9184AB8/3B0A9C64D1B011EF8C20DD32C4F9AE02/MYj5ufXpCvsNsN5lZfAskL7qSNA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MYj5ufXpCvsNsN5lZfAskL7qSNA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9184AB8/3B0A9C64D1B011EF8C20DD32C4F9AE02/ED63E306F5EC11EFBB174335C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.128.0/22
173.234.104.0/21
IPv6:
2401:d040::/35
Signature Algorithm: sha256WithRSAEncryption
63:ac:c4:50:a2:0b:8a:bc:4b:2b:52:5f:72:ac:f9:40:b7:2a:
d6:ed:b6:6a:21:d2:f8:32:52:f7:b2:14:27:3c:07:27:a1:9d:
e1:18:8c:5f:b9:71:72:c2:63:0d:40:3e:06:a4:76:08:f9:17:
97:bb:d2:34:b4:b4:9d:39:18:3e:30:3d:e9:70:3e:1d:7a:cf:
21:65:36:38:50:9c:6b:a2:2b:a4:5c:4d:cf:8d:c8:a8:17:ba:
d5:bf:ea:d4:40:34:09:d2:23:3a:07:cd:3e:95:27:c5:37:89:
a3:64:92:81:35:83:92:86:38:ef:27:aa:10:b6:19:f2:85:81:
6c:d2:d5:29:32:9b:63:77:af:ae:9e:0b:94:9e:e8:db:16:d9:
d7:d9:e6:39:b9:a2:fe:36:36:bb:34:d9:f8:85:cd:db:84:8d:
68:74:01:ff:e1:5d:76:17:a9:23:2a:09:5d:38:3d:01:82:50:
fb:ba:51:42:71:e4:13:1e:a5:a1:d7:e1:00:bd:d2:2f:93:16:
a5:70:b1:e2:dd:3c:38:44:98:1c:06:c2:3b:bb:f6:24:81:6f:
8b:7d:61:2b:2f:5e:6f:78:06:91:d7:14:ff:31:54:65:b2:95:
03:dc:db:6b:c8:a9:4e:53:ad:2c:e4:54:57:01:9f:73:be:98:
b4:b3:be:27
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
NEFCODExMC8GA1UEBRMoMzE4OEY5QjlGNUU5MEFGQjBEQjBERTY1NjVGMDJDOTBC
RUVBNDhEMDAeFw0yNTAyMjgxNTU5MDJaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YzFkZDQ1LTUzM2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMxiJAd40fYS0TPXBiw9lw0tjJahYwU5MmAhpKIIZBSjhxFjRJ0UR8Vh2M31Xp
zToM664IbZUSK7372d9YjCxq0409sJwD82SxB67na34Fsu6a9njeG9PRQGeytp0F
iEJXJNTSdtowLUacrad07Cqy6ADTh0DPyGg1yukat3J2hY3qfD11Nds0NVzO2wS1
YnadX9SOK4Jz0II4adDuzRK2V6Af0k+pSLRTpLVoToSsMR5na3digvxoAAZQ12xu
fVQx3E6qDFku9Z3wU4cj+jCcUgn9U2m4Dw+ywu3lp3pi7qjf3HNF2JYnu4V0Ku+5
B94YsIh3R3iNxaLOj7Ll9NGxAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUbTwL7cy2
BpGmUexFn+lXtlXrYAYwHwYDVR0jBBgwFoAUMYj5ufXpCvsNsN5lZfAskL7qSNAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg0QUI4LzNCMEE5QzY0RDFC
MDExRUY4QzIwREQzMkM0RjlBRTAyL01ZajV1ZlhwQ3ZzTnNONWxaZkFza0w3cVNO
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTVlqNXVmWHBDdnNOc041bFpmQXNrTDdxU05BLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NEFCOC8zQjBBOUM2NEQxQjAxMUVGOEMyMEREMzJDNEY5QUUwMi9FRDYzRTMwNkY1
RUMxMUVGQkIxNzQzMzVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA1BggrBgEFBQcBBwEB/wQm
MCQwEgQCAAEwDAMEAmdlgAMEA63qaDAOBAIAAjAIAwYFJAHQQAAwDQYJKoZIhvcN
AQELBQADggEBAGOsxFCiC4q8SytSX3Ks+UC3Ktbttmoh0vgyUveyFCc8ByehneEY
jF+5cXLCYw1APgakdgj5F5e70jS0tJ05GD4wPelwPh16zyFlNjhQnGuiK6RcTc+N
yKgXutW/6tRANAnSIzoHzT6VJ8U3iaNkkoE1g5KGOO8nqhC2GfKFgWzS1Skym2N3
r66eC5Se6NsW2dfZ5jm5ov42Nrs02fiFzduEjWh0Af/hXXYXqSMqCV04PQGCUPu6
UUJx5BMepaHX4QC90i+TFqVwseLdPDhEmBwGwju79iSBb4t9YSsvXm94BpHXFP8x
VGWylQPc22vIqU5TrSzkVFcBn3O+mLSzvic=
-----END CERTIFICATE-----
Generated at Fri Apr 11 19:52:17 2025 by rpki-client