Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/04366E6A063B11F08DB48038C4F9AE02.roa
File: 04366E6A063B11F08DB48038C4F9AE02.roa (raw, json)
Hash identifier: XjlAgYjUk8lTVc5MezzWCPoEQ3UX2TvMjwNwcXwmZC0=
Subject key identifier: 79:41:E1:CF:9C:5A:DA:99:77:BC:CA:7E:65:02:60:37:AC:8D:9E:CD
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: ABE2
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/04366E6A063B11F08DB48038C4F9AE02.roa
Signing time: Fri 21 Mar 2025 10:03:06 +0000
ROA not before: Fri 21 Mar 2025 10:03:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138795
IP address blocks: 103.136.64.0/22 maxlen: 24
2001:df2:7040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44002 (0xabe2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 21 10:03:06 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67dd3959-6c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d4:ee:29:08:1e:ae:87:61:3c:2f:e7:c1:39:
4a:29:3d:16:09:c8:ee:a0:59:9b:3f:af:f5:dc:af:
3a:c5:a2:58:2d:9b:62:25:f2:bf:ed:c0:5b:9a:d0:
ad:fe:17:f7:a5:8e:d8:dc:4f:a1:84:ba:90:ba:dc:
da:14:47:58:cf:b4:80:07:27:8d:81:ff:7f:a7:26:
82:e5:b2:cf:0c:ee:52:1b:50:56:18:2e:d1:ea:7f:
bd:90:e5:6e:3b:b2:06:3c:19:99:30:a9:a7:bd:60:
44:26:d2:3f:e4:e8:9c:c6:e4:7e:44:96:8f:f5:74:
83:95:e1:c4:e3:45:bf:56:3e:f9:44:90:27:51:32:
8a:56:39:e0:99:64:e2:cf:75:63:30:1e:db:6c:13:
88:a1:5f:50:13:ac:d8:ad:39:f2:09:fe:7c:20:32:
68:2b:dc:1c:94:f7:20:39:0d:82:45:3e:93:89:a7:
ce:ca:33:d6:71:96:72:bb:b3:cd:74:35:b8:f7:dd:
bc:7c:69:02:c8:b8:48:98:63:0c:81:b4:b1:0f:5d:
ba:e4:4f:5f:3a:aa:3e:76:0d:77:1a:e0:93:6d:4f:
94:c0:60:eb:72:df:a9:ba:26:ca:89:e8:ea:9e:98:
af:4c:95:c0:79:94:76:f3:7d:1b:98:da:4b:6e:e8:
00:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:41:E1:CF:9C:5A:DA:99:77:BC:CA:7E:65:02:60:37:AC:8D:9E:CD
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/04366E6A063B11F08DB48038C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.64.0/22
IPv6:
2001:df2:7040::/48
Signature Algorithm: sha256WithRSAEncryption
40:51:ee:83:68:74:d8:9c:89:12:f3:55:5a:b6:76:5c:73:23:
ea:18:31:cf:4a:87:51:b2:f5:9e:4b:12:ad:ad:16:2c:53:be:
4b:38:24:b6:24:13:02:b7:35:76:2a:73:6f:fd:d7:93:39:84:
6a:79:ba:2d:34:49:7b:3e:d7:21:57:77:ee:40:c8:a2:bc:c7:
d3:13:e5:4c:d3:26:d4:c6:f9:42:1f:3b:b7:5e:9f:e3:c1:37:
60:a2:00:9e:fd:c9:c6:7b:0a:8e:e0:a0:e3:70:85:1f:a1:8d:
78:c7:6d:f4:95:f7:fa:35:55:d4:10:51:59:11:83:84:13:2c:
30:73:d3:3d:a8:f5:08:b6:54:cf:03:66:a2:7a:3f:0b:38:5e:
0e:c5:55:ff:d7:5a:9a:b0:60:81:f0:da:19:84:2a:06:48:b2:
71:b9:e0:68:cb:fa:d8:53:b1:8d:ea:8b:f2:1e:2f:eb:6b:b5:
fb:09:fe:b0:d1:14:fe:30:cb:e4:fd:3c:c3:b2:76:19:93:21:
23:6e:8e:70:53:42:00:bf:85:89:7b:6a:5f:01:7b:0e:12:85:
19:88:fb:59:6f:f1:21:48:1a:ee:53:66:e2:33:7a:5d:84:6b:
6e:d9:fb:e7:ee:a9:9b:6a:fe:9f:c6:c6:9c:2b:76:ca:15:e8:
fb:59:4d:08
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIDAKviMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMyMTEwMDMwNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdkZDM5NTktNmM2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7U7ikIHq6HYTwv58E5Sik9FgnI7qBZmz+v9dyvOsWiWC2bYiXyv+3AW5rQ
rf4X96WO2NxPoYS6kLrc2hRHWM+0gAcnjYH/f6cmguWyzwzuUhtQVhgu0ep/vZDl
bjuyBjwZmTCpp71gRCbSP+TonMbkfkSWj/V0g5XhxONFv1Y++USQJ1EyilY54Jlk
4s91YzAe22wTiKFfUBOs2K058gn+fCAyaCvcHJT3IDkNgkU+k4mnzsoz1nGWcruz
zXQ1uPfdvHxpAsi4SJhjDIG0sQ9duuRPXzqqPnYNdxrgk21PlMBg63Lfqbomyono
6p6Yr0yVwHmUdvN9G5jaS27oAHcCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBR5QeHP
nFramXe8yn5lAmA3rI2ezTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzA0MzY2RTZB
MDYzQjExRjA4REI0ODAzOEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBwEHAQH/
BCEwHzAMBAIAATAGAwQCZ4hAMA8EAgACMAkDBwAgAQ3ycEAwDQYJKoZIhvcNAQEL
BQADggEBAEBR7oNodNiciRLzVVq2dlxzI+oYMc9Kh1Gy9Z5LEq2tFixTvks4JLYk
EwK3NXYqc2/915M5hGp5ui00SXs+1yFXd+5AyKK8x9MT5UzTJtTG+UIfO7den+PB
N2CiAJ79ycZ7Co7goONwhR+hjXjHbfSV9/o1VdQQUVkRg4QTLDBz0z2o9Qi2VM8D
ZqJ6Pws4Xg7FVf/XWpqwYIHw2hmEKgZIsnG54GjL+thTsY3qi/IeL+trtfsJ/rDR
FP4wy+T9PMOydhmTISNujnBTQgC/hYl7al8Bew4ShRmI+1lv8SFIGu5TZuIzel2E
a27Z++fuqZtq/p/GxpwrdsoV6PtZTQg=
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:34:03 2025 by rpki-client