Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1421108E532411EFB9C46B60C4F9AE02.roa
File: 1421108E532411EFB9C46B60C4F9AE02.roa (raw, json)
Hash identifier: nKZYUthF6yutfKlS8VSZlbJT/pFBQnpoZUmMrvt5L4E=
Subject key identifier: 65:4C:33:DD:7A:C6:D0:C2:2A:34:31:3F:2C:C0:EF:A0:04:03:F9:A9
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9FCD
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1421108E532411EFB9C46B60C4F9AE02.roa
Signing time: Fri 20 Dec 2024 10:47:33 +0000
ROA not before: Fri 20 Dec 2024 10:47:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136357
IP address blocks: 103.93.200.0/24 maxlen: 24
103.93.201.0/24 maxlen: 24
103.93.202.0/24 maxlen: 24
103.93.203.0/24 maxlen: 24
2001:df4:7940::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40909 (0x9fcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 20 10:47:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67654b45-1edb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d9:84:44:f8:bc:c5:02:19:74:af:2c:37:a5:
67:d7:ec:c5:d8:9d:90:d1:69:dc:9e:cd:d7:bc:ef:
dd:cb:4f:ac:c2:70:e6:70:a9:c7:19:c0:2d:8b:6f:
f1:26:a3:b2:28:66:49:bf:3f:4d:c1:9f:fd:7d:b6:
6b:0f:9d:44:5a:d4:d8:c3:f6:9c:06:9a:08:b3:29:
89:ba:bc:a3:3b:0b:19:84:d9:e0:ac:a0:61:a3:9e:
f9:ba:66:45:df:90:02:44:79:f6:3d:45:6c:e3:72:
f8:3f:83:66:80:77:ea:62:0f:02:9d:93:84:ce:87:
2a:34:e2:19:33:f8:84:96:9a:a0:e7:a9:5c:89:2a:
ba:aa:06:64:0c:9a:97:7a:25:2b:b0:ed:52:ea:4f:
15:54:35:2e:a1:f6:9a:f6:0d:1e:f1:b2:1f:2c:33:
50:4b:46:71:76:ea:72:0f:8c:ec:6f:1c:05:66:f6:
73:1a:44:02:3c:b8:56:d2:66:a2:a7:b7:17:ab:a9:
f8:59:b9:21:54:88:ea:fe:9a:45:81:9c:8d:75:75:
17:bf:15:48:ab:fe:1b:f7:39:5b:9c:30:37:03:c9:
3c:62:4f:67:84:c8:7c:e0:72:bc:63:70:6b:70:c6:
70:ae:da:d6:1c:2f:13:5d:4d:6b:24:b8:5c:21:8a:
20:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4C:33:DD:7A:C6:D0:C2:2A:34:31:3F:2C:C0:EF:A0:04:03:F9:A9
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1421108E532411EFB9C46B60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.93.200.0/22
IPv6:
2001:df4:7940::/48
Signature Algorithm: sha256WithRSAEncryption
23:6a:92:74:39:68:95:39:51:23:75:6d:c0:f1:99:d0:40:a0:
9d:07:c3:cf:29:2a:b2:0e:fe:e2:55:c0:26:54:c8:77:30:fd:
81:18:6f:14:02:d1:89:88:c1:17:cf:d5:6a:15:54:93:ec:5c:
bb:82:09:27:3a:7a:2d:02:bc:f1:88:c2:e9:6c:3c:a9:81:6d:
9c:e1:0f:ae:2a:e6:31:38:f5:39:20:9c:90:fa:8d:bd:8d:21:
ec:c9:ac:ad:43:24:b8:58:ed:0a:9f:40:02:97:ac:e1:7a:f4:
c4:43:8b:ab:17:fd:34:64:1e:b2:f8:21:0c:cc:0c:5c:a4:8f:
c5:b6:f9:ef:de:9a:7c:f2:8b:1c:d7:21:e5:a4:2a:2d:64:0b:
c8:60:78:4c:2c:a3:91:25:9d:17:9d:d1:6e:5b:02:65:49:f1:
fb:04:16:63:95:f8:3b:f5:ca:d2:86:5a:a0:cf:9f:b1:56:d7:
dd:63:d1:08:75:64:64:46:53:a5:08:b6:4a:ff:03:8f:16:8a:
b5:54:6f:ff:34:0a:75:9b:4c:c4:7f:e0:a1:fd:38:de:ab:35:
2d:2a:0f:c4:fc:8a:1a:be:fd:20:bd:db:82:7a:79:d0:a2:29:
9b:c4:b7:0b:e5:6b:f6:4a:ef:24:9f:ef:a0:6f:2e:eb:e8:b5:
d0:5e:24:df
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIDAJ/NMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIyMDEwNDczM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc2NTRiNDUtMWVkYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOrZhET4vMUCGXSvLDelZ9fsxdidkNFp3J7N17zv3ctPrMJw5nCpxxnALYtv
8SajsihmSb8/TcGf/X22aw+dRFrU2MP2nAaaCLMpibq8ozsLGYTZ4KygYaOe+bpm
Rd+QAkR59j1FbONy+D+DZoB36mIPAp2ThM6HKjTiGTP4hJaaoOepXIkquqoGZAya
l3olK7DtUupPFVQ1LqH2mvYNHvGyHywzUEtGcXbqcg+M7G8cBWb2cxpEAjy4VtJm
oqe3F6up+Fm5IVSI6v6aRYGcjXV1F78VSKv+G/c5W5wwNwPJPGJPZ4TIfOByvGNw
a3DGcK7a1hwvE11NayS4XCGKIIECAwEAAaOCAqYwggKiMB0GA1UdDgQWBBRlTDPd
esbQwio0MT8swO+gBAP5qTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzE0MjExMDhF
NTMyNDExRUZCOUM0NkI2MEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBwEHAQH/
BCEwHzAMBAIAATAGAwQCZ13IMA8EAgACMAkDBwAgAQ30eUAwDQYJKoZIhvcNAQEL
BQADggEBACNqknQ5aJU5USN1bcDxmdBAoJ0Hw88pKrIO/uJVwCZUyHcw/YEYbxQC
0YmIwRfP1WoVVJPsXLuCCSc6ei0CvPGIwulsPKmBbZzhD64q5jE49TkgnJD6jb2N
IezJrK1DJLhY7QqfQAKXrOF69MRDi6sX/TRkHrL4IQzMDFykj8W2+e/emnzyixzX
IeWkKi1kC8hgeEwso5ElnRed0W5bAmVJ8fsEFmOV+Dv1ytKGWqDPn7FW191j0Qh1
ZGRGU6UItkr/A48WirVUb/80CnWbTMR/4KH9ON6rNS0qD8T8ihq+/SC924J6edCi
KZvEtwvla/ZK7ySf76BvLuvotdBeJN8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:12:24 2025 by rpki-client