Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/731A2B22B11011EE9DA67E79C4F9AE02.roa
File: 731A2B22B11011EE9DA67E79C4F9AE02.roa (raw, json)
Hash identifier: C6C3ArdzqxCVav/HlUUPQydQmzarq73z5HNt09Je4pM=
Subject key identifier: 1E:15:77:7F:3E:97:C6:75:F2:8A:C5:05:30:88:36:23:64:53:A7:BB
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8BE5
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/731A2B22B11011EE9DA67E79C4F9AE02.roa
Signing time: Thu 30 May 2024 16:09:05 +0000
ROA not before: Thu 30 May 2024 16:09:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137681
IP address blocks: 103.85.102.0/24 maxlen: 24
103.117.60.0/23 maxlen: 24
103.140.73.0/24 maxlen: 24
103.157.128.0/24 maxlen: 24
103.157.129.0/24 maxlen: 24
103.160.70.0/23 maxlen: 24
103.168.4.0/24 maxlen: 24
2401:15e0::/32 maxlen: 32
2406:1cc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35813 (0x8be5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:09:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a4a1-d620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:51:01:49:c4:fc:69:22:f9:bd:44:10:0e:86:
ef:34:61:a4:6e:dc:5b:b3:b0:1d:6e:dd:65:85:30:
a2:e6:5f:6a:30:dc:64:05:1f:e4:89:3a:19:18:b8:
65:8a:ac:eb:fb:f8:69:c1:f0:7b:8c:ec:08:b2:a4:
f6:e9:99:7c:f5:32:24:17:83:65:94:4b:85:a3:7f:
68:ea:85:f0:8a:5e:2b:ac:f1:41:9b:0d:51:71:ef:
76:d5:a0:3f:80:57:ff:62:08:e3:ad:34:51:d2:6d:
a2:f0:5d:4d:c6:ca:8a:f7:38:2e:f9:f7:54:f7:ed:
c4:3b:86:8d:73:11:67:ed:d2:bc:0e:ba:fb:c6:18:
63:0e:e0:cd:a1:82:11:5f:b2:e9:99:e9:65:fd:8b:
42:35:09:73:f1:d7:b1:dc:53:5f:f3:f9:c3:d7:26:
58:f1:33:a7:bd:ba:45:88:ac:b3:58:74:93:fb:52:
e5:ef:d1:56:3f:31:b0:87:e5:b7:68:5b:c7:59:c7:
32:74:ae:a0:5d:b8:24:46:fe:14:0e:6d:04:8d:c7:
fe:e7:51:59:15:6b:8e:85:59:fa:f7:d3:c7:ea:e5:
2d:19:d3:8c:45:44:e1:b2:72:46:11:fb:9a:60:f5:
be:68:ee:62:ab:33:2d:9d:21:18:4d:71:9d:98:23:
c6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:15:77:7F:3E:97:C6:75:F2:8A:C5:05:30:88:36:23:64:53:A7:BB
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/731A2B22B11011EE9DA67E79C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.85.102.0/24
103.117.60.0/23
103.140.73.0/24
103.157.128.0/23
103.160.70.0/23
103.168.4.0/24
IPv6:
2401:15e0::/32
2406:1cc0::/32
Signature Algorithm: sha256WithRSAEncryption
14:28:ad:36:40:23:d9:b2:15:6b:6f:ea:b5:cd:c9:7b:53:88:
25:2f:20:71:63:21:c1:85:ba:7e:ee:d8:b1:42:84:a1:98:f6:
a5:c6:48:05:f7:ba:29:f4:d6:45:55:ee:9b:41:28:89:f3:56:
82:78:fe:47:e9:c6:a4:79:a8:42:2a:2e:00:e3:a3:10:f8:1c:
c8:b6:ad:14:91:5e:27:b4:46:05:cc:3a:81:6e:3e:97:b9:f7:
dc:3f:e5:af:d3:a9:3f:02:8d:42:f3:44:e1:fa:51:26:40:c9:
06:27:4e:e1:f8:4b:34:de:c2:e4:21:3d:55:c0:47:e2:25:f1:
57:82:84:93:dd:28:ca:e8:b1:f0:ab:8a:e6:28:44:fa:dc:de:
f0:40:b2:7d:10:20:59:e9:2a:25:be:87:eb:55:e4:3b:8c:be:
e9:b3:24:bd:90:29:e2:82:23:37:4f:39:a0:75:10:c3:40:6f:
6f:38:45:8b:e8:e5:a9:ea:10:53:d2:27:9e:99:4b:e8:c2:ea:
71:d4:a0:e4:9c:fa:4a:5b:00:c3:9d:45:c2:3f:ad:10:69:59:
5d:2b:3f:28:1a:80:31:18:34:6c:a8:3d:d8:d5:96:fd:83:59:
fa:f5:20:09:88:10:71:24:46:05:c2:da:6f:8a:cf:e5:12:3c:
63:34:d6:a7
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAIvlMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDkwNVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE0YTEtZDYyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANpRAUnE/Gki+b1EEA6G7zRhpG7cW7OwHW7dZYUwouZfajDcZAUf5Ik6GRi4
ZYqs6/v4acHwe4zsCLKk9umZfPUyJBeDZZRLhaN/aOqF8IpeK6zxQZsNUXHvdtWg
P4BX/2II4600UdJtovBdTcbKivc4Lvn3VPftxDuGjXMRZ+3SvA66+8YYYw7gzaGC
EV+y6ZnpZf2LQjUJc/HXsdxTX/P5w9cmWPEzp726RYiss1h0k/tS5e/RVj8xsIfl
t2hbx1nHMnSuoF24JEb+FA5tBI3H/udRWRVrjoVZ+vfTx+rlLRnTjEVE4bJyRhH7
mmD1vmjuYqszLZ0hGE1xnZgjxpECAwEAAaOCAskwggLFMB0GA1UdDgQWBBQeFXd/
PpfGdfKKxQUwiDYjZFOnuzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzczMUEyQjIy
QjExMDExRUU5REE2N0U3OUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFMGCCsGAQUFBwEHAQH/
BEQwQjAqBAIAATAkAwQAZ1VmAwQBZ3U8AwQAZ4xJAwQBZ52AAwQBZ6BGAwQAZ6gE
MBQEAgACMA4DBQAkARXgAwUAJAYcwDANBgkqhkiG9w0BAQsFAAOCAQEAFCitNkAj
2bIVa2/qtc3Je1OIJS8gcWMhwYW6fu7YsUKEoZj2pcZIBfe6KfTWRVXum0EoifNW
gnj+R+nGpHmoQiouAOOjEPgcyLatFJFeJ7RGBcw6gW4+l7n33D/lr9OpPwKNQvNE
4fpRJkDJBidO4fhLNN7C5CE9VcBH4iXxV4KEk90oyuix8KuK5ihE+tze8ECyfRAg
WekqJb6H61XkO4y+6bMkvZAp4oIjN085oHUQw0BvbzhFi+jlqeoQU9InnplL6MLq
cdSg5Jz6SlsAw51Fwj+tEGlZXSs/KBqAMRg0bKg92NWW/YNZ+vUgCYgQcSRGBcLa
b4rP5RI8YzTWpw==
-----END CERTIFICATE-----
Generated at Fri Apr 11 09:33:12 2025 by rpki-client