Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/D4F3A2B4DBCD11EE9B6F4669C4F9AE02.roa
File: D4F3A2B4DBCD11EE9B6F4669C4F9AE02.roa (raw, json)
Hash identifier: EHJm/HiHyHS2wDLaVYk3k6uReoau+etZZWwlwm0AUaM=
Subject key identifier: CE:05:6D:44:84:6F:0C:D6:40:15:52:35:0F:D1:2B:0E:4D:17:6D:77
Certificate issuer: /CN=A918D3A9/serialNumber=1968423ED6D2495880A56A6DB02BC67298C5E686
Certificate serial: 1028
Authority key identifier: 19:68:42:3E:D6:D2:49:58:80:A5:6A:6D:B0:2B:C6:72:98:C5:E6:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GWhCPtbSSViApWptsCvGcpjF5oY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/D4F3A2B4DBCD11EE9B6F4669C4F9AE02.roa
Signing time: Sat 04 Jan 2025 17:25:39 +0000
ROA not before: Sat 04 Jan 2025 17:25:39 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 137955
IP address blocks: 103.103.194.0/24 maxlen: 24
103.116.192.0/24 maxlen: 24
2405:1340::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4136 (0x1028)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D3A9
Validity
Not Before: Jan 4 17:25:39 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67796f13-9591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4b:a6:d7:34:6f:62:c7:81:3e:c4:54:00:77:
79:0c:22:06:61:85:b3:87:34:66:97:22:d3:f8:16:
67:66:c0:87:da:30:e1:e4:27:81:ac:0d:df:aa:dc:
8d:5e:ca:cd:5b:65:0c:0b:83:20:29:bb:fd:4c:d7:
dc:2b:30:eb:37:1f:5a:1a:29:e4:60:89:2d:02:61:
45:ff:66:51:d3:b9:22:a2:c6:a7:45:b7:cc:db:0a:
af:8c:8d:a2:27:37:fd:7c:f6:f2:40:63:f1:15:72:
ee:8e:d4:94:7f:7d:92:f8:04:d1:c8:ce:0c:c1:9c:
8b:11:9a:54:6e:f0:a0:f2:0f:45:b1:3b:d1:84:ad:
d5:96:d5:f9:4a:f3:12:49:d9:75:d6:7c:db:24:9d:
bf:45:d3:99:52:00:25:56:f5:a1:83:9b:e4:60:d5:
73:6d:45:c7:d6:09:04:e2:f3:b7:7a:6b:62:c5:ef:
de:f4:c1:dd:e8:cf:44:16:89:d4:20:0e:d4:7b:b5:
89:b7:69:d2:d1:41:b7:bd:b2:db:da:d4:cb:2f:3b:
e2:5b:eb:e6:b9:85:06:54:2d:24:71:fc:3b:30:e7:
59:51:55:c7:31:75:f1:88:fe:b6:15:a4:e5:c2:aa:
5d:95:b5:37:7c:14:1a:b6:5a:d9:58:93:0d:a9:5c:
2a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:05:6D:44:84:6F:0C:D6:40:15:52:35:0F:D1:2B:0E:4D:17:6D:77
X509v3 Authority Key Identifier:
keyid:19:68:42:3E:D6:D2:49:58:80:A5:6A:6D:B0:2B:C6:72:98:C5:E6:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/GWhCPtbSSViApWptsCvGcpjF5oY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GWhCPtbSSViApWptsCvGcpjF5oY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/D4F3A2B4DBCD11EE9B6F4669C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.103.194.0/24
103.116.192.0/24
IPv6:
2405:1340::/32
Signature Algorithm: sha256WithRSAEncryption
6f:32:48:a8:58:d2:15:d0:0b:f6:59:72:db:32:a2:16:e0:a8:
14:64:ec:ab:9c:90:f4:74:c3:1a:6f:0a:80:d8:c4:0d:84:1e:
f6:1e:64:87:91:11:dc:f7:de:f2:d8:ef:fb:c3:91:b3:54:2c:
cd:64:fd:d5:5f:0d:f8:c5:29:99:14:56:bb:b7:fe:0f:6c:66:
2a:d1:4e:ae:50:11:ae:a6:4a:52:d3:a0:89:b4:8c:c7:62:bf:
39:19:fa:0e:08:10:5c:d2:d0:6f:50:70:bb:df:62:7e:b6:a0:
ed:bb:0f:4f:7a:07:84:53:4b:ed:19:e0:4b:93:ec:79:b3:a6:
d4:cc:46:21:56:14:de:de:29:a7:de:5a:56:e6:34:ae:b0:19:
65:b8:5f:37:cc:f5:d0:54:9b:70:b6:7c:11:65:d4:6b:df:1d:
a5:92:c3:41:9b:95:69:9c:dd:c3:4d:a6:5d:a7:1c:dc:19:a9:
f2:61:e3:d0:8a:46:c4:91:41:8a:1b:f1:54:a7:13:96:87:ec:
ef:b6:b1:03:03:94:3e:4d:e7:5d:66:ea:42:e6:59:61:40:62:
90:72:14:e7:39:fb:d7:e3:64:6b:f0:f9:68:c9:d0:2d:d4:60:
8c:df:25:0d:12:f2:1d:2f:58:c5:80:52:36:59:e0:41:d3:83:
cd:7e:d5:4e
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICECgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQzQTkxMTAvBgNVBAUTKDE5Njg0MjNFRDZEMjQ5NTg4MEE1NkE2REIwMkJDNjcy
OThDNUU2ODYwHhcNMjUwMTA0MTcyNTM5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc5NmYxMy05NTkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtEum1zRvYseBPsRUAHd5DCIGYYWzhzRmlyLT+BZnZsCH2jDh5CeBrA3fqtyN
XsrNW2UMC4MgKbv9TNfcKzDrNx9aGinkYIktAmFF/2ZR07kiosanRbfM2wqvjI2i
Jzf9fPbyQGPxFXLujtSUf32S+ATRyM4MwZyLEZpUbvCg8g9FsTvRhK3VltX5SvMS
Sdl11nzbJJ2/RdOZUgAlVvWhg5vkYNVzbUXH1gkE4vO3emtixe/e9MHd6M9EFonU
IA7Ue7WJt2nS0UG3vbLb2tTLLzviW+vmuYUGVC0kcfw7MOdZUVXHMXXxiP62FaTl
wqpdlbU3fBQatlrZWJMNqVwqPQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFM4FbUSE
bwzWQBVSNQ/RKw5NF213MB8GA1UdIwQYMBaAFBloQj7W0klYgKVqbbArxnKYxeaG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDNBOS9CQjdGRkI4RTNB
OTIxMUU5QjUyRENGNTNDNEY5QUUwMi9HV2hDUHRiU1NWaUFwV3B0c0N2R2NwakY1
b1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dXaENQdGJTU1ZpQXBXcHRzQ3ZHY3BqRjVvWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQzQTkvQkI3RkZCOEUzQTkyMTFFOUI1MkRDRjUzQzRGOUFFMDIvRDRGM0EyQjRE
QkNEMTFFRTlCNkY0NjY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABnZ8IDBABndMAwDQQCAAIwBwMFACQFE0AwDQYJKoZIhvcN
AQELBQADggEBAG8ySKhY0hXQC/ZZctsyohbgqBRk7KuckPR0wxpvCoDYxA2EHvYe
ZIeREdz33vLY7/vDkbNULM1k/dVfDfjFKZkUVru3/g9sZirRTq5QEa6mSlLToIm0
jMdivzkZ+g4IEFzS0G9QcLvfYn62oO27D096B4RTS+0Z4EuT7HmzptTMRiFWFN7e
KafeWlbmNK6wGWW4XzfM9dBUm3C2fBFl1GvfHaWSw0GblWmc3cNNpl2nHNwZqfJh
49CKRsSRQYob8VSnE5aH7O+2sQMDlD5N511m6kLmWWFAYpByFOc5+9fjZGvw+WjJ
0C3UYIzfJQ0S8h0vWMWAUjZZ4EHTg81+1U4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:37:03 2025 by rpki-client