Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/94226178C82E11EF9C2E137CC4F9AE02.roa
File: 94226178C82E11EF9C2E137CC4F9AE02.roa (raw, json)
Hash identifier: iUuoI4LuWxP+VobWehG4aSOBkucnJ9BXE6jTFaqXgtQ=
Subject key identifier: 57:E6:53:82:5C:B4:09:DD:B0:FB:00:8B:40:4A:95:8F:63:DC:9A:7D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A15D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/94226178C82E11EF9C2E137CC4F9AE02.roa
Signing time: Thu 02 Jan 2025 08:49:37 +0000
ROA not before: Thu 02 Jan 2025 08:49:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141549
IP address blocks: 103.66.76.0/22 maxlen: 24
103.74.136.0/22 maxlen: 24
103.119.178.0/23 maxlen: 24
103.163.112.0/23 maxlen: 24
2407:2640::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41309 (0xa15d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 2 08:49:37 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67765321-4b7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d5:11:1b:63:6b:b4:da:d9:53:96:5e:09:c1:
ba:12:bb:d9:69:31:cd:e5:c5:78:94:f6:4c:8e:9d:
80:cf:ac:f6:6f:ce:b8:c0:9c:b8:0c:c9:fd:1c:08:
91:fd:c8:d8:f1:a9:be:a6:d6:42:1f:29:f2:98:a3:
7f:4e:be:0c:d4:02:0c:6a:7f:9e:64:bf:79:b1:d6:
40:88:70:69:c7:7e:02:0f:ee:a2:f0:76:2b:90:7b:
59:5b:ad:4d:77:85:c9:ea:92:ae:7f:3e:1f:af:71:
28:45:a9:70:b3:7a:fe:37:a9:48:3c:52:4a:c5:65:
7a:49:34:d8:2e:95:89:26:f7:0a:22:3f:f2:62:99:
3c:13:74:2b:89:d5:08:37:66:16:49:75:45:77:e3:
b5:f7:73:8a:c4:e4:65:a3:ca:d0:93:f2:21:da:74:
c1:5a:ad:7d:b9:39:b2:39:49:90:b3:82:16:09:c4:
64:44:95:27:a1:cd:10:2f:04:fc:34:08:c0:7f:39:
aa:06:21:87:d7:a1:33:95:5c:94:d8:08:c8:cd:a2:
fd:4c:b4:bb:d7:c2:6f:87:a9:46:b2:0a:61:59:d0:
e4:23:d2:80:69:86:85:f2:24:78:52:98:96:c7:f1:
cb:6d:f4:fb:fe:2f:6d:c8:7c:ee:70:6e:18:7e:2b:
1d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:E6:53:82:5C:B4:09:DD:B0:FB:00:8B:40:4A:95:8F:63:DC:9A:7D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/94226178C82E11EF9C2E137CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.76.0/22
103.74.136.0/22
103.119.178.0/23
103.163.112.0/23
IPv6:
2407:2640::/32
Signature Algorithm: sha256WithRSAEncryption
74:3b:a4:db:96:18:68:e2:d9:e7:f4:86:25:a5:60:ce:11:48:
bf:54:99:ae:a0:fa:71:8e:53:0e:f6:dc:72:ee:5a:f2:44:33:
97:35:77:c7:e9:68:58:2b:d1:79:9c:ce:c0:67:d9:69:0b:1f:
f6:23:ba:7c:26:b0:a9:8e:40:12:2c:81:f2:e0:22:d4:af:7a:
79:37:f8:96:2d:cb:d2:e8:bc:f3:30:36:fa:23:d5:17:dd:76:
e9:11:bc:1f:35:2d:8e:d8:c6:4b:aa:08:2a:ee:47:27:35:72:
fe:31:a1:4e:df:3f:89:b6:aa:07:7b:c6:a3:e8:b8:11:ce:92:
bb:81:d7:20:03:a9:90:2c:11:14:9f:39:5e:25:75:49:6f:48:
02:65:71:0a:5f:d2:87:4b:de:f9:d3:09:19:7f:12:a1:18:97:
d6:9a:f4:95:ce:6f:d7:ba:f0:43:55:39:4e:60:cd:66:70:4b:
9a:7a:9b:8e:df:23:2b:ca:c4:1e:a5:f6:b9:a4:47:0d:91:62:
90:5d:cd:6b:a7:b5:34:60:22:d2:28:e2:82:2e:0e:1c:70:3b:
8e:55:a7:cb:64:81:b1:7f:ee:a7:4b:57:c4:67:c4:11:a7:b9:
46:9d:87:2c:8d:85:33:0a:0f:05:2f:72:dd:15:16:96:12:27:
ca:f2:a1:0a
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIDAKFdMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDEwMjA4NDkzN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc3NjUzMjEtNGI3ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbVERtja7Ta2VOWXgnBuhK72WkxzeXFeJT2TI6dgM+s9m/OuMCcuAzJ/RwI
kf3I2PGpvqbWQh8p8pijf06+DNQCDGp/nmS/ebHWQIhwacd+Ag/uovB2K5B7WVut
TXeFyeqSrn8+H69xKEWpcLN6/jepSDxSSsVlekk02C6ViSb3CiI/8mKZPBN0K4nV
CDdmFkl1RXfjtfdzisTkZaPK0JPyIdp0wVqtfbk5sjlJkLOCFgnEZESVJ6HNEC8E
/DQIwH85qgYhh9ehM5VclNgIyM2i/Uy0u9fCb4epRrIKYVnQ5CPSgGmGhfIkeFKY
lsfxy230+/4vbch87nBuGH4rHSMCAwEAAaOCArYwggKyMB0GA1UdDgQWBBRX5lOC
XLQJ3bD7AItASpWPY9yafTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzk0MjI2MTc4
QzgyRTExRUY5QzJFMTM3Q0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEAGCCsGAQUFBwEHAQH/
BDEwLzAeBAIAATAYAwQCZ0JMAwQCZ0qIAwQBZ3eyAwQBZ6NwMA0EAgACMAcDBQAk
ByZAMA0GCSqGSIb3DQEBCwUAA4IBAQB0O6Tblhho4tnn9IYlpWDOEUi/VJmuoPpx
jlMO9txy7lryRDOXNXfH6WhYK9F5nM7AZ9lpCx/2I7p8JrCpjkASLIHy4CLUr3p5
N/iWLcvS6LzzMDb6I9UX3XbpEbwfNS2O2MZLqggq7kcnNXL+MaFO3z+JtqoHe8aj
6LgRzpK7gdcgA6mQLBEUnzleJXVJb0gCZXEKX9KHS9750wkZfxKhGJfWmvSVzm/X
uvBDVTlOYM1mcEuaepuO3yMrysQepfa5pEcNkWKQXc1rp7U0YCLSKOKCLg4ccDuO
VafLZIGxf+6nS1fEZ8QRp7lGnYcsjYUzCg8FL3LdFRaWEifK8qEK
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:16:04 2025 by rpki-client