Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918E2AC/64171316CA3211E98BFCD352C4F9AE02/5E0043FCBF5711EEB654F77EC4F9AE02.roa
File: 5E0043FCBF5711EEB654F77EC4F9AE02.roa (raw, json)
Hash identifier: uvBrVkWyi/musd3gdynY5iVc2lubLIAs+0h38tRfy7I=
Subject key identifier: E4:E9:DB:AF:38:CE:72:A3:C0:77:A7:D8:B0:BF:51:CC:02:E0:26:A7
Certificate issuer: /CN=A918E2AC/serialNumber=F47D0FBB6E8B64ECD991168D8F730F7891E4F44E
Certificate serial: 0C8A
Authority key identifier: F4:7D:0F:BB:6E:8B:64:EC:D9:91:16:8D:8F:73:0F:78:91:E4:F4:4E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9H0Pu26LZOzZkRaNj3MPeJHk9E4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918E2AC/64171316CA3211E98BFCD352C4F9AE02/5E0043FCBF5711EEB654F77EC4F9AE02.roa
Signing time: Tue 30 Jan 2024 10:07:25 +0000
ROA not before: Tue 30 Jan 2024 10:07:25 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 138581
IP address blocks: 103.133.204.0/22 maxlen: 23
103.133.205.0/24 maxlen: 24
103.133.207.0/24 maxlen: 24
2404:5340::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3210 (0xc8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918E2AC
Validity
Not Before: Jan 30 10:07:25 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65b8ca5d-28a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:ab:20:7c:e3:81:7f:7c:76:cf:72:49:a9:5d:
e7:a7:e2:2f:96:b2:99:5a:a4:74:a8:3d:9b:7b:f6:
ae:9d:cd:b8:ec:72:3b:48:0a:3f:2e:41:07:eb:1a:
72:77:19:7f:25:af:05:07:a1:93:e9:f4:7a:3c:2f:
57:40:20:53:f6:cf:2e:0f:91:13:5b:26:4e:98:9f:
27:30:d1:28:f5:a0:a9:b5:1a:d7:df:54:ee:f3:03:
a8:44:e5:d2:8a:88:47:f4:bb:4e:6d:65:e0:92:e1:
fa:40:dd:66:96:8c:46:32:25:dc:e6:8f:d4:f5:17:
25:56:8a:b0:bc:1f:10:e0:10:9b:18:2a:47:32:08:
91:39:f8:c9:71:91:93:32:82:3b:db:f4:ae:25:5b:
c8:bb:1f:f2:89:86:9b:8d:37:74:fa:cf:c1:24:83:
bb:44:69:98:c1:c1:11:79:e4:2e:03:39:1c:01:d8:
69:29:ea:ca:99:c6:3b:5b:e3:35:1a:bd:66:dd:b1:
7b:28:b7:e6:94:00:ff:dd:61:6c:64:75:2a:37:64:
5f:0a:37:a1:18:08:6a:a2:44:89:a3:bf:aa:8d:32:
a4:b1:6b:8e:1b:5f:ab:8b:b6:1e:ba:5a:b9:9e:87:
0e:fb:f0:95:99:d7:fc:10:98:a4:08:03:33:fc:f2:
91:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E9:DB:AF:38:CE:72:A3:C0:77:A7:D8:B0:BF:51:CC:02:E0:26:A7
X509v3 Authority Key Identifier:
keyid:F4:7D:0F:BB:6E:8B:64:EC:D9:91:16:8D:8F:73:0F:78:91:E4:F4:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918E2AC/64171316CA3211E98BFCD352C4F9AE02/9H0Pu26LZOzZkRaNj3MPeJHk9E4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9H0Pu26LZOzZkRaNj3MPeJHk9E4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E2AC/64171316CA3211E98BFCD352C4F9AE02/5E0043FCBF5711EEB654F77EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.204.0/22
IPv6:
2404:5340::/32
Signature Algorithm: sha256WithRSAEncryption
8d:68:9f:74:a2:38:d5:18:3e:1c:76:0f:f0:c2:06:dd:b1:99:
3c:1e:ed:1e:b3:0a:0e:e8:84:04:f4:a8:81:c3:fd:fa:d0:27:
93:94:c0:c2:aa:e3:e9:5c:4c:8f:53:59:84:0a:50:b1:e5:a5:
15:23:20:d4:54:18:9e:29:03:a5:ac:bd:ad:5b:72:d1:40:90:
3c:ce:91:c6:2e:eb:45:dc:43:a9:b4:a6:e0:25:22:0f:2d:1f:
6d:17:30:77:d8:bb:bd:6e:f6:2a:ac:b9:2e:c9:14:6d:0d:44:
93:76:3c:ce:4a:c6:07:ab:77:f0:b4:e9:93:a1:09:5b:f2:96:
5c:72:12:4a:83:39:d2:c8:58:41:a8:1a:2b:35:89:d2:c5:1b:
f3:e5:e9:f2:2c:d3:75:b4:b4:62:bd:b9:93:4d:cd:6c:0f:7a:
80:9c:56:49:a6:86:59:e8:02:90:23:4d:51:de:ff:e0:5b:c6:
26:31:86:b0:b9:36:fe:da:a8:03:a5:e1:5e:1f:b4:82:9f:7a:
7e:89:61:5b:aa:80:16:97:fa:6d:95:01:72:4f:e3:f5:96:df:
10:b7:d9:39:63:b0:02:e4:49:ed:89:0a:2f:18:25:6e:24:99:
4b:29:16:8f:93:88:71:19:aa:af:62:e8:0e:40:4b:1e:ed:ed:
2b:4d:fd:54
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDIowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEUyQUMxMTAvBgNVBAUTKEY0N0QwRkJCNkU4QjY0RUNEOTkxMTY4RDhGNzMwRjc4
OTFFNEY0NEUwHhcNMjQwMTMwMTAwNzI1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI4Y2E1ZC0yOGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA76sgfOOBf3x2z3JJqV3np+IvlrKZWqR0qD2be/aunc247HI7SAo/LkEH6xpy
dxl/Ja8FB6GT6fR6PC9XQCBT9s8uD5ETWyZOmJ8nMNEo9aCptRrX31Tu8wOoROXS
iohH9LtObWXgkuH6QN1mloxGMiXc5o/U9RclVoqwvB8Q4BCbGCpHMgiROfjJcZGT
MoI72/SuJVvIux/yiYabjTd0+s/BJIO7RGmYwcEReeQuAzkcAdhpKerKmcY7W+M1
Gr1m3bF7KLfmlAD/3WFsZHUqN2RfCjehGAhqokSJo7+qjTKksWuOG1+ri7Yeulq5
nocO+/CVmdf8EJikCAMz/PKRdwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOTp2684
znKjwHen2LC/UcwC4CanMB8GA1UdIwQYMBaAFPR9D7tui2Ts2ZEWjY9zD3iR5PRO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTJBQy82NDE3MTMxNkNB
MzIxMUU5OEJGQ0QzNTJDNEY5QUUwMi85SDBQdTI2TFpPelprUmFOajNNUGVKSGs5
RTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlIMFB1MjZMWk96WmtSYU5qM01QZUpIazlFNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEUyQUMvNjQxNzEzMTZDQTMyMTFFOThCRkNEMzUyQzRGOUFFMDIvNUUwMDQzRkNC
RjU3MTFFRUI2NTRGNzdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnhcwwDQQCAAIwBwMFACQEU0AwDQYJKoZIhvcNAQELBQAD
ggEBAI1on3SiONUYPhx2D/DCBt2xmTwe7R6zCg7ohAT0qIHD/frQJ5OUwMKq4+lc
TI9TWYQKULHlpRUjINRUGJ4pA6Wsva1bctFAkDzOkcYu60XcQ6m0puAlIg8tH20X
MHfYu71u9iqsuS7JFG0NRJN2PM5Kxgerd/C06ZOhCVvyllxyEkqDOdLIWEGoGis1
idLFG/Pl6fIs03W0tGK9uZNNzWwPeoCcVkmmhlnoApAjTVHe/+BbxiYxhrC5Nv7a
qAOl4V4ftIKfen6JYVuqgBaX+m2VAXJP4/WW3xC32TljsALkSe2JCi8YJW4kmUsp
Fo+TiHEZqq9i6A5ASx7t7StN/VQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:10:17 2025 by rpki-client