Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/883E5442DFA411EF9CB4EB68C4F9AE02.roa
File: 883E5442DFA411EF9CB4EB68C4F9AE02.roa (raw, json)
Hash identifier: 2RE/p6pnFhv9Lv3MugWIy+t+ao1pfaNjOKu/ucoRJos=
Subject key identifier: 1D:AE:27:02:B1:B5:D7:A3:09:E8:8A:1E:4F:22:18:13:67:8C:A4:A2
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A479
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/883E5442DFA411EF9CB4EB68C4F9AE02.roa
Signing time: Mon 03 Feb 2025 04:58:18 +0000
ROA not before: Mon 03 Feb 2025 04:58:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 131210
IP address blocks: 103.2.232.0/22 maxlen: 24
103.21.232.0/22 maxlen: 24
118.151.208.0/22 maxlen: 24
150.129.60.0/22 maxlen: 24
150.129.88.0/22 maxlen: 24
2400:18e0:1::/48 maxlen: 48
2400:18e0:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42105 (0xa479)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 3 04:58:18 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67a04ce9-cd95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a6:10:df:49:10:61:d8:1f:39:35:77:24:ee:
5e:38:6e:f9:61:9e:cc:43:1d:74:35:5e:2f:de:6b:
0c:e6:62:7e:8e:f6:43:73:cb:d6:1a:4e:58:59:c0:
4c:da:50:e4:3e:cd:5b:20:0a:32:ac:cc:93:3d:fc:
00:a7:1a:cf:7e:f5:8b:99:cd:65:a1:b7:de:67:de:
14:aa:31:46:9f:81:4e:56:98:18:54:a0:56:b2:69:
ab:6b:2e:60:84:e8:73:7a:fb:6c:e8:84:51:4d:10:
48:25:a5:6b:d9:db:03:0a:98:af:98:ac:e4:c6:e8:
ab:f8:39:b5:01:31:be:50:91:f0:77:a2:b8:7c:73:
5e:6d:5d:0a:74:fa:e4:d6:4a:aa:ad:9a:6c:8f:33:
ba:60:42:61:ee:30:c4:57:a5:57:bb:54:da:af:7c:
c6:2c:19:72:0d:21:c5:d6:38:8a:f5:aa:d3:45:ca:
fd:e5:e1:6c:77:1e:2f:2b:d6:c1:19:f6:2a:4c:40:
1a:52:d9:1e:82:6f:34:ad:8c:8a:e3:00:90:cd:be:
fa:54:ba:e8:9a:af:03:fd:91:94:0d:50:a0:be:04:
c7:3f:8b:ac:f6:84:b9:f3:e0:fe:a8:71:6e:d8:8e:
06:49:30:66:49:86:63:53:d8:9a:57:b5:64:6b:70:
c2:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AE:27:02:B1:B5:D7:A3:09:E8:8A:1E:4F:22:18:13:67:8C:A4:A2
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/883E5442DFA411EF9CB4EB68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.2.232.0/22
103.21.232.0/22
118.151.208.0/22
150.129.60.0/22
150.129.88.0/22
IPv6:
2400:18e0:1::-2400:18e0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3c:3c:8b:93:f3:47:09:44:15:21:a5:92:92:93:9c:bb:78:ad:
3b:33:ac:4e:7c:f6:e1:3b:31:39:7c:ca:85:05:09:3a:24:dc:
18:2b:6f:e9:45:95:10:f7:ef:95:c7:1f:a0:c7:2e:1f:74:77:
a4:94:36:13:53:2d:60:da:ac:e3:50:4f:aa:b9:91:7a:0c:17:
48:5b:0d:e9:8f:bd:b5:0e:26:7a:ce:0b:6f:70:05:a4:f2:3f:
5d:e1:96:c1:5a:b9:47:cf:9d:1f:e8:d8:9b:ad:3f:fb:c0:c9:
72:ae:e7:50:c0:28:fe:79:da:a0:27:19:3f:31:fa:61:db:52:
01:cd:43:99:03:04:aa:d6:bb:f3:9f:71:29:74:f0:4d:f6:0f:
0c:34:90:23:b4:8b:7a:6d:87:d6:8e:08:58:85:b5:62:96:92:
ce:bb:42:75:36:e2:c3:b6:cf:3b:69:8d:d6:7e:45:f0:0e:c7:
df:31:b1:a8:8d:fc:93:f1:2b:34:74:c5:f9:68:ba:70:61:fb:
24:2f:18:6f:f9:5f:2a:da:cf:80:6e:0b:4e:c7:33:76:b8:e3:
18:f4:2f:87:36:1f:f3:f5:bb:e4:d8:02:ca:8f:b1:3f:37:b5:
73:ff:90:73:82:6d:14:2e:ec:2f:4c:22:95:6a:2a:d8:cb:f3:
dd:79:d9:e5
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAKR5MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIwMzA0NTgxOFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdhMDRjZTktY2Q5NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSmEN9JEGHYHzk1dyTuXjhu+WGezEMddDVeL95rDOZifo72Q3PL1hpOWFnA
TNpQ5D7NWyAKMqzMkz38AKcaz371i5nNZaG33mfeFKoxRp+BTlaYGFSgVrJpq2su
YIToc3r7bOiEUU0QSCWla9nbAwqYr5is5Mboq/g5tQExvlCR8HeiuHxzXm1dCnT6
5NZKqq2abI8zumBCYe4wxFelV7tU2q98xiwZcg0hxdY4ivWq00XK/eXhbHceLyvW
wRn2KkxAGlLZHoJvNK2MiuMAkM2++lS66JqvA/2RlA1QoL4Exz+LrPaEufPg/qhx
btiOBkkwZkmGY1PYmle1ZGtwwqsCAwEAAaOCAskwggLFMB0GA1UdDgQWBBQdricC
sbXXownoih5PIhgTZ4ykojAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzg4M0U1NDQy
REZBNDExRUY5Q0I0RUI2OEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFMGCCsGAQUFBwEHAQH/
BEQwQjAkBAIAATAeAwQCZwLoAwQCZxXoAwQCdpfQAwQCloE8AwQCloFYMBoEAgAC
MBQwEgMHACQAGOAAAQMHACQAGOAAAjANBgkqhkiG9w0BAQsFAAOCAQEAPDyLk/NH
CUQVIaWSkpOcu3itOzOsTnz24TsxOXzKhQUJOiTcGCtv6UWVEPfvlccfoMcuH3R3
pJQ2E1MtYNqs41BPqrmRegwXSFsN6Y+9tQ4mes4Lb3AFpPI/XeGWwVq5R8+dH+jY
m60/+8DJcq7nUMAo/nnaoCcZPzH6YdtSAc1DmQMEqta7859xKXTwTfYPDDSQI7SL
em2H1o4IWIW1YpaSzrtCdTbiw7bPO2mN1n5F8A7H3zGxqI38k/ErNHTF+Wi6cGH7
JC8Yb/lfKtrPgG4LTsczdrjjGPQvhzYf8/W75NgCyo+xPze1c/+Qc4JtFC7sL0wi
lWoq2Mvz3XnZ5Q==
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:02:47 2025 by rpki-client