Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/369781F0FA4C11EFAEE82273C4F9AE02.roa
File: 369781F0FA4C11EFAEE82273C4F9AE02.roa (raw, json)
Hash identifier: lDUN9Xqw8ZW1y9Z6OiKMNrbe1fQZ7H8iwbmuyGmA+oo=
Subject key identifier: BA:8B:7B:30:FB:6C:49:97:F4:59:2D:7C:9F:08:88:C4:EF:DF:7C:2C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A938
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/369781F0FA4C11EFAEE82273C4F9AE02.roa
Signing time: Thu 06 Mar 2025 05:31:11 +0000
ROA not before: Thu 06 Mar 2025 05:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133252
IP address blocks: 103.233.120.0/24 maxlen: 24
103.235.64.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43320 (0xa938)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 6 05:31:11 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c9331f-ba46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:81:80:83:45:9a:7e:ff:3c:b8:9f:59:3f:f8:
c4:7b:70:69:17:29:f9:1d:51:fd:5a:95:bb:88:cd:
1f:77:ac:7e:84:6a:7d:54:4c:f8:b3:c4:eb:19:df:
db:08:73:1d:32:d4:94:cc:2b:70:93:a3:08:85:5e:
f4:c0:58:85:93:11:63:a7:c4:b2:d1:72:56:09:a7:
4c:1d:fe:74:d1:34:92:3c:74:32:fd:de:83:7a:4f:
df:a9:12:c3:95:87:62:5f:a1:c4:27:0f:f9:8b:ef:
45:bd:b1:c4:06:d7:15:98:90:e7:b7:a8:f1:3c:03:
65:4b:41:72:22:f4:4f:87:ac:51:0f:a7:3e:5a:e0:
2f:8b:c7:04:93:7f:6e:16:7c:23:1e:98:60:55:e7:
42:13:03:79:44:a1:a1:07:17:d0:5a:af:59:50:2c:
ac:d2:c5:b9:50:0e:61:e9:f3:9b:58:08:8e:b6:eb:
77:66:8b:18:4b:00:43:83:c9:2b:06:7f:b7:bf:b4:
99:4a:05:d1:f3:16:46:60:89:34:46:49:f6:12:89:
9f:40:17:ee:ea:15:32:eb:9c:1a:6f:f9:81:fe:02:
28:fc:7c:6f:62:80:d3:df:78:2a:2b:00:20:40:a5:
e0:51:df:c1:48:12:e3:6f:fa:d2:9d:28:5e:bf:a7:
75:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:8B:7B:30:FB:6C:49:97:F4:59:2D:7C:9F:08:88:C4:EF:DF:7C:2C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/369781F0FA4C11EFAEE82273C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.233.120.0/24
103.235.64.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:6a:8b:38:e2:98:e5:89:77:a0:ed:4a:f3:e8:a1:c6:0b:ed:
d4:77:bf:0a:75:df:02:5e:fd:2a:55:5d:76:38:81:78:98:7c:
7d:c1:52:0e:b2:7a:b5:e0:60:0d:75:b0:13:45:d4:30:28:d4:
01:43:89:ca:2c:a1:5f:c5:bc:dc:d7:c1:a0:e0:d8:4c:a8:93:
55:7d:3c:47:fe:28:3c:13:3d:09:75:5b:96:90:2c:80:44:b7:
f2:8f:61:d9:36:a2:7e:c0:90:f2:c0:b6:02:c3:dc:57:2a:1c:
d3:73:94:37:5d:4c:bd:7d:d9:ed:0b:35:17:4e:da:03:10:d4:
5b:87:ae:1a:24:d6:8e:f5:73:48:08:fd:00:65:86:28:51:00:
0d:69:80:fa:66:53:2e:38:c9:19:ec:55:43:34:01:3f:f5:f0:
eb:89:b2:51:10:05:6b:e3:74:a8:80:61:0a:4a:d5:bf:12:11:
f4:82:a2:ac:a3:77:9c:c5:72:5a:76:a2:e3:7f:38:be:39:c8:
bb:61:48:8b:a2:19:21:53:a5:2c:4d:e2:36:60:08:0e:c3:05:
75:4b:08:24:b5:73:69:50:ca:5f:20:0c:1c:9a:eb:b9:b8:ed:
d0:57:a4:27:e1:2f:65:d1:d0:7a:0c:ad:23:4b:00:46:a4:9c:
84:b9:f3:7b
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAKk4MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMwNjA1MzExMVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjOTMzMWYtYmE0NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaBgINFmn7/PLifWT/4xHtwaRcp+R1R/VqVu4jNH3esfoRqfVRM+LPE6xnf
2whzHTLUlMwrcJOjCIVe9MBYhZMRY6fEstFyVgmnTB3+dNE0kjx0Mv3eg3pP36kS
w5WHYl+hxCcP+YvvRb2xxAbXFZiQ57eo8TwDZUtBciL0T4esUQ+nPlrgL4vHBJN/
bhZ8Ix6YYFXnQhMDeUShoQcX0FqvWVAsrNLFuVAOYenzm1gIjrbrd2aLGEsAQ4PJ
KwZ/t7+0mUoF0fMWRmCJNEZJ9hKJn0AX7uoVMuucGm/5gf4CKPx8b2KA0994KisA
IECl4FHfwUgS42/60p0oXr+ndSsCAwEAAaOCApswggKXMB0GA1UdDgQWBBS6i3sw
+2xJl/RZLXyfCIjE7998LDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzM2OTc4MUYw
RkE0QzExRUZBRUU4MjI3M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQAZ+l4AwQAZ+tAMA0GCSqGSIb3DQEBCwUAA4IBAQCtaos4
4pjliXeg7Urz6KHGC+3Ud78Kdd8CXv0qVV12OIF4mHx9wVIOsnq14GANdbATRdQw
KNQBQ4nKLKFfxbzc18Gg4NhMqJNVfTxH/ig8Ez0JdVuWkCyARLfyj2HZNqJ+wJDy
wLYCw9xXKhzTc5Q3XUy9fdntCzUXTtoDENRbh64aJNaO9XNICP0AZYYoUQANaYD6
ZlMuOMkZ7FVDNAE/9fDribJREAVr43SogGEKStW/EhH0gqKso3ecxXJadqLjfzi+
Oci7YUiLohkhU6UsTeI2YAgOwwV1SwgktXNpUMpfIAwcmuu5uO3QV6Qn4S9l0dB6
DK0jSwBGpJyEufN7
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:26:42 2025 by rpki-client