Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A1EDF4623F4D11EF8E276409C4F9AE02.roa
File: A1EDF4623F4D11EF8E276409C4F9AE02.roa (raw, json)
Hash identifier: XA5uudgWrx3qWbBZYyZLbrtmRgK16PFtLY0zTxcjviw=
Subject key identifier: E7:72:66:1C:04:23:B1:C3:0C:63:66:EE:0A:DF:B6:31:2A:10:DA:52
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A0BF
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A1EDF4623F4D11EF8E276409C4F9AE02.roa
Signing time: Mon 30 Dec 2024 10:42:30 +0000
ROA not before: Mon 30 Dec 2024 10:42:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139555
IP address blocks: 103.126.32.0/22 maxlen: 24
103.147.238.0/24 maxlen: 24
103.176.138.0/23 maxlen: 24
103.181.212.0/23 maxlen: 24
2001:df3:d7c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41151 (0xa0bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 30 10:42:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67727916-330b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e7:c4:f4:84:0d:ce:22:e9:bc:8c:e3:a8:7b:
04:a4:1a:81:d8:44:80:05:8a:91:cc:7f:bb:6f:a3:
6e:d5:b7:14:9c:c9:23:7f:85:ae:27:e5:06:34:ec:
9b:08:a2:44:a6:f6:ba:03:e1:ab:fe:6d:3b:85:68:
7e:65:68:75:34:ce:4d:dd:9c:ea:26:a7:0a:4b:45:
22:f2:89:cf:17:83:1c:12:5b:89:28:c7:bf:38:99:
64:9d:2b:2c:02:78:5b:4e:38:47:78:32:aa:6f:0e:
c7:fe:76:cf:69:b6:35:3d:55:e0:f3:64:3e:15:03:
3b:43:52:ab:9a:4c:a3:2c:82:58:f6:2b:f3:da:0a:
f5:60:97:9e:87:61:96:e5:1b:6f:77:88:64:88:7a:
b7:b6:76:66:86:73:03:df:46:85:59:cf:c7:3b:a5:
24:aa:32:15:75:bc:5c:86:ee:bd:fd:7e:c7:40:85:
6a:30:28:84:06:9f:be:c9:46:f2:59:61:5d:a3:ab:
83:49:f9:93:c0:bb:1d:a3:c9:63:db:6d:c4:40:63:
e3:9c:e3:72:31:71:c4:66:ce:1e:fd:5e:5a:89:e7:
ef:6a:52:55:4e:50:8f:d7:f9:20:8c:fb:f9:80:45:
ee:50:a4:c3:1a:36:19:b7:3e:7d:10:5b:82:78:41:
b3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:72:66:1C:04:23:B1:C3:0C:63:66:EE:0A:DF:B6:31:2A:10:DA:52
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A1EDF4623F4D11EF8E276409C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.126.32.0/22
103.147.238.0/24
103.176.138.0/23
103.181.212.0/23
IPv6:
2001:df3:d7c0::/48
Signature Algorithm: sha256WithRSAEncryption
27:f9:19:d1:ba:b7:5c:15:bc:27:24:cb:6c:1f:30:95:a2:cd:
f3:20:72:ba:40:a2:87:0b:5b:a3:a3:54:67:79:97:00:8d:47:
fd:96:54:e5:1c:b2:22:cc:56:3a:3f:a1:04:5c:c1:65:17:e8:
8a:7f:5d:8c:06:a5:b7:65:ef:b6:c2:18:34:d2:8a:1d:be:91:
48:f8:42:9c:92:8f:f4:28:b0:74:2e:32:64:2c:cb:08:71:43:
ea:71:b4:46:27:e3:c9:63:af:c1:78:f0:3e:42:f3:ed:2f:38:
29:c5:8b:f9:9f:ac:f0:49:d9:00:58:fa:68:3d:fe:92:bb:cf:
a4:a6:24:dd:ed:a9:55:fa:30:7e:6c:fd:35:03:0f:ca:a5:02:
c2:af:0b:72:5b:41:22:0d:78:a6:60:b5:a7:76:ee:30:19:59:
ce:99:f6:9d:92:58:4b:38:19:0d:02:f4:31:c1:2a:d4:7f:26:
8e:f7:68:ac:f4:f6:0d:27:67:35:69:30:69:68:1e:db:a4:86:
56:3a:6e:85:40:3b:a0:a5:b5:d5:7e:8f:29:87:86:d9:c1:18:
46:97:24:06:53:0a:d1:c9:8b:92:5d:47:45:e4:3b:18:b1:4c:
b7:a2:36:49:2b:e1:44:9e:5e:a7:ff:91:77:76:93:0c:3e:1a:
89:9d:18:d2
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDAKC/MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIzMDEwNDIzMFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc3Mjc5MTYtMzMwYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3nxPSEDc4i6byM46h7BKQagdhEgAWKkcx/u2+jbtW3FJzJI3+FriflBjTs
mwiiRKb2ugPhq/5tO4VofmVodTTOTd2c6ianCktFIvKJzxeDHBJbiSjHvziZZJ0r
LAJ4W044R3gyqm8Ox/52z2m2NT1V4PNkPhUDO0NSq5pMoyyCWPYr89oK9WCXnodh
luUbb3eIZIh6t7Z2ZoZzA99GhVnPxzulJKoyFXW8XIbuvf1+x0CFajAohAafvslG
8llhXaOrg0n5k8C7HaPJY9ttxEBj45zjcjFxxGbOHv1eWonn72pSVU5Qj9f5IIz7
+YBF7lCkwxo2Gbc+fRBbgnhBs1kCAwEAAaOCArgwggK0MB0GA1UdDgQWBBTncmYc
BCOxwwxjZu4K37YxKhDaUjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0ExRURGNDYy
M0Y0RDExRUY4RTI3NjQwOUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEIGCCsGAQUFBwEHAQH/
BDMwMTAeBAIAATAYAwQCZ34gAwQAZ5PuAwQBZ7CKAwQBZ7XUMA8EAgACMAkDBwAg
AQ3z18AwDQYJKoZIhvcNAQELBQADggEBACf5GdG6t1wVvCcky2wfMJWizfMgcrpA
oocLW6OjVGd5lwCNR/2WVOUcsiLMVjo/oQRcwWUX6Ip/XYwGpbdl77bCGDTSih2+
kUj4QpySj/QosHQuMmQsywhxQ+pxtEYn48ljr8F48D5C8+0vOCnFi/mfrPBJ2QBY
+mg9/pK7z6SmJN3tqVX6MH5s/TUDD8qlAsKvC3JbQSINeKZgtad27jAZWc6Z9p2S
WEs4GQ0C9DHBKtR/Jo73aKz09g0nZzVpMGloHtukhlY6boVAO6CltdV+jymHhtnB
GEaXJAZTCtHJi5JdR0XkOxixTLeiNkkr4USeXqf/kXd2kww+GomdGNI=
-----END CERTIFICATE-----
Generated at Fri Apr 11 15:51:27 2025 by rpki-client