Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DC070AFED16E11EF8BE9604CC4F9AE02.roa
File: DC070AFED16E11EF8BE9604CC4F9AE02.roa (raw, json)
Hash identifier: SCPWLPiHV9492RSeUoItUwNWnu+HXGL9dkavMmvoa/8=
Subject key identifier: F1:8B:F5:84:E4:4A:07:E8:4A:2B:C7:27:2E:35:64:AE:8E:18:15:C3
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A246
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DC070AFED16E11EF8BE9604CC4F9AE02.roa
Signing time: Mon 13 Jan 2025 05:25:54 +0000
ROA not before: Mon 13 Jan 2025 05:25:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136363
IP address blocks: 103.206.220.0/24 maxlen: 24
103.206.221.0/24 maxlen: 24
103.206.222.0/24 maxlen: 24
103.206.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41542 (0xa246)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 13 05:25:54 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6784a3e2-4b76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e5:7a:74:5a:0f:73:34:d9:1f:f4:27:55:7a:
59:9e:f2:c8:40:c3:47:67:af:7f:3a:87:4a:25:86:
98:b1:39:4c:95:b0:61:87:54:0f:a4:b3:ca:e9:63:
23:fd:51:43:9e:7b:b2:bc:65:62:0e:82:54:b8:47:
76:55:e5:6e:92:de:b9:0f:ed:68:cb:5d:70:28:77:
55:e5:6b:6e:32:ab:97:6b:20:fc:8e:e0:ab:1d:b6:
49:4b:12:11:c4:ad:29:60:a7:fc:0e:03:74:43:53:
eb:a5:b4:bd:44:92:c6:5b:6c:c2:26:26:73:14:1d:
79:d6:a7:7b:bb:75:af:f5:03:f9:5b:01:ef:0c:e2:
72:35:29:da:db:6a:be:b0:5f:03:f3:8e:8c:fd:36:
9b:ad:d8:fe:f1:8b:6f:c7:c4:9b:4c:de:d3:08:10:
8e:53:34:b9:72:4c:02:9e:31:09:32:e3:f4:38:1a:
41:4b:cd:a9:21:91:3f:64:c9:44:19:cd:85:61:ab:
c4:e8:ac:84:0a:a4:93:fd:df:cc:e8:e6:09:f5:bb:
34:d0:43:e8:2c:38:5b:ae:10:8b:38:58:81:0f:45:
b8:93:51:67:65:a2:cb:ca:13:cc:13:1e:57:c0:6a:
a6:1b:66:2e:6d:de:a5:57:80:d3:98:c5:fe:43:68:
20:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:8B:F5:84:E4:4A:07:E8:4A:2B:C7:27:2E:35:64:AE:8E:18:15:C3
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DC070AFED16E11EF8BE9604CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.206.220.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:a4:81:b8:59:4d:64:dc:22:05:e5:75:24:3e:ba:6c:60:51:
9b:b3:21:a9:2c:0f:14:b0:87:f0:f5:8f:a2:aa:58:00:7b:2e:
eb:33:9a:1a:8b:9f:25:fc:04:c8:f5:68:12:13:db:a8:6c:c5:
78:a8:b0:00:c6:ea:b5:71:6e:34:33:18:ea:ef:3a:c9:94:71:
1e:51:24:4e:88:a9:5f:44:ee:f8:7d:c2:d7:15:96:b9:f2:85:
53:2a:5c:c3:0c:94:b3:37:61:5e:2c:e5:21:06:20:85:20:48:
63:8c:3a:17:fc:31:8e:b2:d4:62:fc:5c:48:c7:eb:e9:b9:ab:
fe:bd:b1:40:81:fb:97:0c:d5:59:3e:d2:e6:92:cc:c9:3f:7e:
d5:25:76:97:81:e1:ba:33:e7:8c:2f:02:a5:6b:6c:1c:6b:02:
72:06:44:e8:81:ce:e9:cb:6f:0d:54:08:09:68:53:5a:fa:0b:
b0:63:eb:e9:7e:70:ae:bf:53:0e:ea:11:aa:55:dd:88:02:7d:
ae:a7:f6:08:fb:16:c5:de:f4:fc:68:fa:6d:a9:93:73:9c:f5:
a4:0b:49:66:c9:c9:13:89:1a:83:48:61:d5:ef:37:b0:f6:50:
66:72:2c:c0:d9:2d:5b:b8:0b:77:1f:44:10:55:e8:99:7f:c5:
a1:70:fe:4a
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAKJGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDExMzA1MjU1NFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc4NGEzZTItNGI3NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHlenRaD3M02R/0J1V6WZ7yyEDDR2evfzqHSiWGmLE5TJWwYYdUD6Szyulj
I/1RQ557srxlYg6CVLhHdlXlbpLeuQ/taMtdcCh3VeVrbjKrl2sg/I7gqx22SUsS
EcStKWCn/A4DdENT66W0vUSSxltswiYmcxQdedane7t1r/UD+VsB7wzicjUp2ttq
vrBfA/OOjP02m63Y/vGLb8fEm0ze0wgQjlM0uXJMAp4xCTLj9DgaQUvNqSGRP2TJ
RBnNhWGrxOishAqkk/3fzOjmCfW7NNBD6Cw4W64QizhYgQ9FuJNRZ2Wiy8oTzBMe
V8BqphtmLm3epVeA05jF/kNoIDECAwEAAaOCApUwggKRMB0GA1UdDgQWBBTxi/WE
5EoH6EorxycuNWSujhgVwzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0RDMDcwQUZF
RDE2RTExRUY4QkU5NjA0Q0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQCZ87cMA0GCSqGSIb3DQEBCwUAA4IBAQAfpIG4WU1k3CIF
5XUkPrpsYFGbsyGpLA8UsIfw9Y+iqlgAey7rM5oai58l/ATI9WgSE9uobMV4qLAA
xuq1cW40Mxjq7zrJlHEeUSROiKlfRO74fcLXFZa58oVTKlzDDJSzN2FeLOUhBiCF
IEhjjDoX/DGOstRi/FxIx+vpuav+vbFAgfuXDNVZPtLmkszJP37VJXaXgeG6M+eM
LwKla2wcawJyBkTogc7py28NVAgJaFNa+guwY+vpfnCuv1MO6hGqVd2IAn2up/YI
+xbF3vT8aPptqZNznPWkC0lmyckTiRqDSGHV7zew9lBmcizA2S1buAt3H0QQVeiZ
f8WhcP5K
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:53:49 2025 by rpki-client