Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/72C90EBE528911EC8E8FCB87C4F9AE02.roa
File: 72C90EBE528911EC8E8FCB87C4F9AE02.roa (raw, json)
Hash identifier: KJX3e4AW/fIoRGZXA7xM2Snv9OfnonkyvaVj+h61LGo=
Subject key identifier: EB:6D:AE:E3:06:E2:62:B7:29:35:5C:D6:24:3B:A2:23:82:EE:66:52
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9C68
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/72C90EBE528911EC8E8FCB87C4F9AE02.roa
Signing time: Tue 05 Nov 2024 06:41:03 +0000
ROA not before: Tue 05 Nov 2024 06:41:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138565
IP address blocks: 103.133.22.0/24 maxlen: 24
103.152.6.0/24 maxlen: 24
2001:df3:6640::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40040 (0x9c68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Nov 5 06:41:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6729bdff-f1ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:94:12:f9:54:08:b7:4b:9c:c9:18:44:a5:22:
90:60:94:3a:cc:90:2a:3f:20:36:3a:3f:bc:8e:a4:
64:99:8f:9f:59:31:b4:1c:37:72:1f:4c:9a:a7:14:
6d:ad:cc:5a:a6:70:32:7d:e6:b1:58:d8:b4:de:74:
91:74:2b:97:f0:fa:c7:7b:f1:4e:f5:98:48:21:6c:
3d:f1:ad:1a:14:b8:a2:9a:e0:5a:a6:01:f0:5d:15:
1e:94:80:2e:d4:b8:11:f7:17:ac:8a:ca:ee:e8:e7:
97:33:02:ce:1e:fb:d4:e0:c0:6e:c8:a0:a9:69:eb:
f5:4a:d9:e8:dc:e8:07:ec:31:77:79:83:d0:69:ef:
b8:b1:0a:2d:f6:0a:27:04:f2:73:b2:14:dc:89:e6:
b4:f6:a0:24:d3:11:58:27:2b:b5:09:c8:61:bd:26:
34:71:10:81:52:2d:c0:d7:39:4a:d1:c3:22:fa:1d:
e4:1d:38:fa:11:e6:ab:46:76:de:ed:c3:d9:41:91:
40:74:00:16:65:bd:84:cd:0b:14:d4:d3:e6:37:e0:
ff:cc:f8:7b:2f:3b:37:46:c1:14:a8:f2:8e:8d:68:
df:fa:d2:2d:76:2d:eb:62:58:b7:a2:c9:d8:a3:e0:
f5:c7:29:4b:7a:47:ae:bf:1e:8f:b6:d0:e6:d2:0a:
0d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:6D:AE:E3:06:E2:62:B7:29:35:5C:D6:24:3B:A2:23:82:EE:66:52
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/72C90EBE528911EC8E8FCB87C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.22.0/24
103.152.6.0/24
IPv6:
2001:df3:6640::/48
Signature Algorithm: sha256WithRSAEncryption
64:bc:04:21:6c:f4:ab:b7:3d:e4:fe:ff:a4:db:80:5a:c6:ae:
7e:0c:7b:72:c2:f9:e9:e4:4e:da:33:dd:59:46:b3:38:58:94:
00:e5:92:68:03:48:22:00:78:15:d1:29:48:7e:6b:cf:b2:1d:
4e:fc:05:45:7c:e1:f5:0c:96:ff:84:e7:81:53:20:cc:33:ce:
fc:42:5a:6a:28:71:2e:d9:e8:66:b4:63:b4:f8:6e:51:bb:d5:
5a:6a:cd:fc:ad:3d:77:4b:85:78:fb:16:6e:d3:a6:5c:db:75:
d3:fc:77:3c:79:a6:a4:1d:4f:8a:a3:70:0c:b2:7e:04:95:cd:
f9:be:ca:b6:69:57:48:15:32:3e:b7:cb:bd:c7:45:1b:7b:e8:
d9:2d:c7:1a:8d:ae:81:3e:ad:97:10:6c:5d:0c:bd:c0:bb:18:
f8:1b:c7:7b:f1:d3:6e:e1:31:f8:2d:58:0a:73:d5:c0:c0:d4:
35:ed:95:41:84:d3:90:5e:fa:b3:a4:ad:c1:88:ef:0b:74:f6:
ce:ea:ba:9c:7f:ea:3e:6b:f7:99:b5:43:be:11:e7:7e:95:23:
b8:d2:8d:b4:49:19:34:6c:4b:ad:d7:00:b9:af:45:72:56:19:
51:41:44:ee:06:0b:91:57:96:de:a7:4d:3f:c4:91:30:ff:36:
4b:c2:56:70
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAJxoMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTEwNTA2NDEwM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjcyOWJkZmYtZjFlZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJmUEvlUCLdLnMkYRKUikGCUOsyQKj8gNjo/vI6kZJmPn1kxtBw3ch9MmqcU
ba3MWqZwMn3msVjYtN50kXQrl/D6x3vxTvWYSCFsPfGtGhS4oprgWqYB8F0VHpSA
LtS4EfcXrIrK7ujnlzMCzh771ODAbsigqWnr9UrZ6NzoB+wxd3mD0GnvuLEKLfYK
JwTyc7IU3InmtPagJNMRWCcrtQnIYb0mNHEQgVItwNc5StHDIvod5B04+hHmq0Z2
3u3D2UGRQHQAFmW9hM0LFNTT5jfg/8z4ey87N0bBFKjyjo1o3/rSLXYt62JYt6LJ
2KPg9ccpS3pHrr8ej7bQ5tIKDVECAwEAAaOCAqwwggKoMB0GA1UdDgQWBBTrba7j
BuJityk1XNYkO6Ijgu5mUjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzcyQzkwRUJF
NTI4OTExRUM4RThGQ0I4N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDYGCCsGAQUFBwEHAQH/
BCcwJTASBAIAATAMAwQAZ4UWAwQAZ5gGMA8EAgACMAkDBwAgAQ3zZkAwDQYJKoZI
hvcNAQELBQADggEBAGS8BCFs9Ku3PeT+/6TbgFrGrn4Me3LC+enkTtoz3VlGszhY
lADlkmgDSCIAeBXRKUh+a8+yHU78BUV84fUMlv+E54FTIMwzzvxCWmoocS7Z6Ga0
Y7T4blG71VpqzfytPXdLhXj7Fm7TplzbddP8dzx5pqQdT4qjcAyyfgSVzfm+yrZp
V0gVMj63y73HRRt76NktxxqNroE+rZcQbF0MvcC7GPgbx3vx027hMfgtWApz1cDA
1DXtlUGE05Be+rOkrcGI7wt09s7qupx/6j5r95m1Q74R536VI7jSjbRJGTRsS63X
ALmvRXJWGVFBRO4GC5FXlt6nTT/EkTD/NkvCVnA=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:03:48 2025 by rpki-client