Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/128C8D62C36711EF9BC0BB70C4F9AE02.roa
File: 128C8D62C36711EF9BC0BB70C4F9AE02.roa (raw, json)
Hash identifier: 81VJpzrpzZjfh48hoxhOc+MY0fqxflq2lYz1CnYLa4U=
Subject key identifier: 78:BF:6F:67:0C:5D:13:6A:1B:54:EC:FF:82:FE:07:A8:2A:DE:0D:88
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A02F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/128C8D62C36711EF9BC0BB70C4F9AE02.roa
Signing time: Thu 26 Dec 2024 08:54:54 +0000
ROA not before: Thu 26 Dec 2024 08:54:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 140180
IP address blocks: 103.155.108.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41007 (0xa02f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 26 08:54:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=676d19dd-36d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:35:a2:a4:ba:f6:0b:8a:e9:d2:d4:a5:82:e9:
94:e9:e1:68:a8:96:f0:09:4c:d9:5c:4a:bd:d3:d7:
51:a4:7c:9e:9b:2f:ea:67:bf:83:66:7b:b3:41:e1:
74:36:27:13:dd:d5:86:d8:99:da:0e:49:f5:e4:0e:
77:22:20:c2:a5:dc:3a:82:8f:1e:0b:84:31:91:bc:
62:d5:d8:ed:f6:c8:d4:7e:31:50:39:b0:0d:e5:d4:
d5:d3:e8:83:fb:2d:b4:09:97:be:1c:23:1c:95:9a:
43:a7:a2:74:42:63:e7:8a:fb:1d:38:74:13:3a:94:
bb:49:88:a0:f7:4e:27:b9:14:93:fb:8f:9e:0f:dc:
a7:12:9f:dc:a8:fe:c8:86:b3:df:1b:c4:d9:e4:d4:
8c:55:5b:36:2d:3b:cf:12:e9:cd:e9:71:9d:37:53:
31:69:46:9f:5c:55:1c:96:11:b5:9d:73:b0:cd:d3:
f4:ae:3e:18:ad:4d:b4:fc:ea:50:94:5d:0f:95:5a:
cd:fc:7c:fb:64:cd:66:ed:8d:0c:75:d6:f9:47:24:
d7:f6:31:df:18:bb:ec:28:4e:df:cd:8d:2c:0c:2d:
2c:67:66:f1:5f:21:11:07:66:e9:b9:24:73:da:46:
f5:dd:35:a9:b7:21:c0:04:ff:51:15:be:df:c3:eb:
7a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:BF:6F:67:0C:5D:13:6A:1B:54:EC:FF:82:FE:07:A8:2A:DE:0D:88
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/128C8D62C36711EF9BC0BB70C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.155.108.0/23
Signature Algorithm: sha256WithRSAEncryption
90:05:69:46:c4:80:73:b2:2d:6f:39:bc:f2:63:fe:75:e7:45:
81:c8:99:f7:3a:6b:99:67:66:e7:2c:ed:73:3f:9c:52:d5:a9:
4c:e6:c0:e1:98:16:d9:9d:a8:43:42:56:6a:d0:4e:eb:db:5d:
38:8a:f7:f6:2c:48:d0:d3:38:55:cd:42:ad:9c:79:e1:d7:ee:
be:af:1b:9b:88:28:ee:73:4c:7c:d1:01:9b:52:fb:b4:8b:f8:
b1:90:fb:47:70:d0:9a:9e:9a:7b:24:ee:c2:b0:a3:59:4c:d3:
48:20:6d:00:c8:e6:ef:b9:2b:2f:f2:5f:5a:1f:ae:61:58:e9:
5e:05:cb:c4:df:e6:3e:d7:39:6c:22:0c:06:3c:59:d0:aa:3d:
ae:44:d1:9a:cc:2b:3d:14:0f:f3:49:3a:6b:e1:f6:50:45:f7:
e3:62:fb:8f:9b:d5:6b:06:b6:63:32:9b:45:9c:18:17:e1:a0:
7f:60:29:b9:25:53:bb:38:9f:d8:0f:cd:75:9b:64:51:42:c0:
d1:ad:19:6f:78:50:00:0c:a7:ae:ab:48:9d:96:ca:6f:a1:a8:
e7:df:bd:60:59:a7:d7:25:95:e2:90:66:3b:5d:3f:00:1d:7b:
66:2e:35:99:d2:9d:70:4d:4b:34:f3:a6:17:36:39:8d:15:9a:
55:47:0b:0c
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAKAvMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIyNjA4NTQ1NFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc2ZDE5ZGQtMzZkMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMc1oqS69guK6dLUpYLplOnhaKiW8AlM2VxKvdPXUaR8npsv6me/g2Z7s0Hh
dDYnE93VhtiZ2g5J9eQOdyIgwqXcOoKPHguEMZG8YtXY7fbI1H4xUDmwDeXU1dPo
g/sttAmXvhwjHJWaQ6eidEJj54r7HTh0EzqUu0mIoPdOJ7kUk/uPng/cpxKf3Kj+
yIaz3xvE2eTUjFVbNi07zxLpzelxnTdTMWlGn1xVHJYRtZ1zsM3T9K4+GK1NtPzq
UJRdD5Vazfx8+2TNZu2NDHXW+Uck1/Yx3xi77ChO382NLAwtLGdm8V8hEQdm6bkk
c9pG9d01qbchwAT/URW+38PrerECAwEAAaOCApUwggKRMB0GA1UdDgQWBBR4v29n
DF0TahtU7P+C/geoKt4NiDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzEyOEM4RDYy
QzM2NzExRUY5QkMwQkI3MEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBZ5tsMA0GCSqGSIb3DQEBCwUAA4IBAQCQBWlGxIBzsi1v
ObzyY/5150WByJn3OmuZZ2bnLO1zP5xS1alM5sDhmBbZnahDQlZq0E7r2104ivf2
LEjQ0zhVzUKtnHnh1+6+rxubiCjuc0x80QGbUvu0i/ixkPtHcNCanpp7JO7CsKNZ
TNNIIG0AyObvuSsv8l9aH65hWOleBcvE3+Y+1zlsIgwGPFnQqj2uRNGazCs9FA/z
STpr4fZQRffjYvuPm9VrBrZjMptFnBgX4aB/YCm5JVO7OJ/YD811m2RRQsDRrRlv
eFAADKeuq0idlspvoajn371gWafXJZXikGY7XT8AHXtmLjWZ0p1wTUs086YXNjmN
FZpVRwsM
-----END CERTIFICATE-----
Generated at Fri Apr 11 12:33:25 2025 by rpki-client