Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DDF2055C6C1711EE85BF3A39C4F9AE02.roa
File: DDF2055C6C1711EE85BF3A39C4F9AE02.roa (raw, json)
Hash identifier: GmpXKe9UX0jiGNOynsCybd5LFEQpjwjMohkKbMgS5vU=
Subject key identifier: F3:3C:18:AA:94:B2:3D:37:2C:58:CF:27:15:F0:72:A7:44:77:3A:BA
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8A18
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DDF2055C6C1711EE85BF3A39C4F9AE02.roa
Signing time: Thu 30 May 2024 16:01:36 +0000
ROA not before: Thu 30 May 2024 16:01:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135208
IP address blocks: 103.88.57.0/24 maxlen: 24
103.119.199.0/24 maxlen: 24
103.131.60.0/24 maxlen: 24
103.148.170.0/23 maxlen: 24
103.168.72.0/23 maxlen: 24
103.170.70.0/23 maxlen: 24
103.204.94.0/23 maxlen: 24
103.205.244.0/23 maxlen: 24
103.206.48.0/23 maxlen: 24
2400:a620::/32 maxlen: 32
2400:a620::/48 maxlen: 48
2400:a620:1::/48 maxlen: 48
2400:a620:2::/48 maxlen: 48
2400:a620:3::/48 maxlen: 48
2400:a620:4::/48 maxlen: 48
2400:a620:5::/48 maxlen: 48
2400:a620:6::/48 maxlen: 48
2400:a620:7::/48 maxlen: 48
2400:a620:8::/48 maxlen: 48
2400:a620:9::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35352 (0x8a18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:01:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a2df-fee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:01:f4:80:f2:70:d6:4c:fd:20:a4:85:39:72:
2d:72:88:ad:85:65:b1:b9:ea:50:36:88:4a:4d:87:
c2:2f:5c:83:36:10:53:ee:5f:b0:fa:70:c2:89:ef:
50:db:e3:4c:5a:4f:a2:f3:38:62:31:30:13:0f:36:
e2:19:6e:d2:6a:c6:86:fc:74:65:a3:8c:a4:9f:8c:
2c:ad:9c:be:46:20:6c:d8:1e:df:2e:c7:f3:f2:1a:
f7:9d:b3:b1:84:14:15:34:11:95:9c:f6:26:23:5e:
1c:ea:fc:ea:47:3d:29:a7:8f:a9:af:2c:81:11:41:
5f:3b:cd:7b:e4:c7:a5:96:09:e7:8c:eb:4e:63:14:
27:b7:b8:b3:00:58:17:1d:9f:60:46:96:ca:75:95:
a8:ca:b9:e9:b5:81:0f:c2:a4:7f:ce:c8:5f:5b:2a:
ee:a6:dc:c5:32:48:e5:e8:96:e8:f5:68:42:e1:07:
7e:d6:74:80:9d:d6:4b:b8:94:3a:d5:64:48:e9:64:
48:8c:21:65:17:76:62:0c:0d:e3:54:7d:67:15:6e:
96:fd:21:4c:ee:1f:f2:c2:14:50:80:e8:b0:fb:c4:
52:01:1b:6b:28:a2:ed:68:b3:4c:c7:e3:23:68:6b:
4a:79:f1:f0:bb:36:5a:2f:c1:28:46:f2:12:0c:5c:
f3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3C:18:AA:94:B2:3D:37:2C:58:CF:27:15:F0:72:A7:44:77:3A:BA
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DDF2055C6C1711EE85BF3A39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.57.0/24
103.119.199.0/24
103.131.60.0/24
103.148.170.0/23
103.168.72.0/23
103.170.70.0/23
103.204.94.0/23
103.205.244.0/23
103.206.48.0/23
IPv6:
2400:a620::/32
Signature Algorithm: sha256WithRSAEncryption
49:41:d8:3a:ac:c8:0b:88:68:51:2a:24:4b:d1:5d:23:b0:85:
53:1d:f9:39:73:85:10:63:be:d4:8c:71:20:da:ed:92:26:12:
04:ef:fc:8d:df:d4:b0:82:22:e8:57:fa:2f:18:ce:51:ff:63:
42:c2:92:f6:72:f4:bd:9b:8d:3b:49:2b:c7:b8:db:1f:43:17:
25:7c:d7:66:85:79:05:fb:1e:b8:98:32:2d:24:18:4d:03:aa:
7e:62:2b:b8:23:07:ac:9f:09:82:93:7e:1b:a8:e0:9f:2e:45:
90:ea:b5:14:39:d8:94:f9:04:28:8e:c5:7a:23:11:bd:6e:aa:
ea:26:e8:f6:d2:5a:df:0b:43:6b:6b:47:a9:42:6e:be:77:31:
dc:20:bc:be:b9:41:44:f9:34:e8:f1:29:8b:b0:69:45:ad:87:
d5:bf:44:b9:58:e9:de:89:76:32:b2:f0:18:f8:f4:d1:69:aa:
28:8f:a3:b8:f4:95:69:15:7e:7e:11:61:c4:d0:d4:59:20:d3:
38:6e:4f:76:f2:08:09:40:f8:82:cf:97:2b:a4:7a:cb:d1:0a:
cc:d8:f1:cd:de:15:db:41:89:6d:8c:75:8c:3f:69:36:0f:05:
84:43:38:3d:26:35:04:37:22:f5:42:63:7c:02:7c:6b:09:28:
69:74:6f:70
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgIDAIoYMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDEzNVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEyZGYtZmVlNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMB9IDycNZM/SCkhTlyLXKIrYVlsbnqUDaISk2Hwi9cgzYQU+5fsPpwwonv
UNvjTFpPovM4YjEwEw824hlu0mrGhvx0ZaOMpJ+MLK2cvkYgbNge3y7H8/Ia952z
sYQUFTQRlZz2JiNeHOr86kc9KaePqa8sgRFBXzvNe+THpZYJ54zrTmMUJ7e4swBY
Fx2fYEaWynWVqMq56bWBD8Kkf87IX1sq7qbcxTJI5eiW6PVoQuEHftZ0gJ3WS7iU
OtVkSOlkSIwhZRd2YgwN41R9ZxVulv0hTO4f8sIUUIDosPvEUgEbayii7WizTMfj
I2hrSnnx8Ls2Wi/BKEbyEgxc83kCAwEAAaOCAtQwggLQMB0GA1UdDgQWBBTzPBiq
lLI9NyxYzycV8HKnRHc6ujAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0RERjIwNTVD
NkMxNzExRUU4NUJGM0EzOUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMF4GCCsGAQUFBwEHAQH/
BE8wTTA8BAIAATA2AwQAZ1g5AwQAZ3fHAwQAZ4M8AwQBZ5SqAwQBZ6hIAwQBZ6pG
AwQBZ8xeAwQBZ830AwQBZ84wMA0EAgACMAcDBQAkAKYgMA0GCSqGSIb3DQEBCwUA
A4IBAQBJQdg6rMgLiGhRKiRL0V0jsIVTHfk5c4UQY77UjHEg2u2SJhIE7/yN39Sw
giLoV/ovGM5R/2NCwpL2cvS9m407SSvHuNsfQxclfNdmhXkF+x64mDItJBhNA6p+
Yiu4IwesnwmCk34bqOCfLkWQ6rUUOdiU+QQojsV6IxG9bqrqJuj20lrfC0Nra0ep
Qm6+dzHcILy+uUFE+TTo8SmLsGlFrYfVv0S5WOneiXYysvAY+PTRaaooj6O49JVp
FX5+EWHE0NRZINM4bk928ggJQPiCz5crpHrL0QrM2PHN3hXbQYltjHWMP2k2DwWE
Qzg9JjUENyL1QmN8AnxrCShpdG9w
-----END CERTIFICATE-----
Generated at Fri Apr 11 06:00:56 2025 by rpki-client