Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E86DC024320211EEBBD5FB5FC4F9AE02.roa
File: E86DC024320211EEBBD5FB5FC4F9AE02.roa (raw, json)
Hash identifier: 32JYDhJVa23POef9h6K91oqHMX5jBTW9IMgzsGG7d74=
Subject key identifier: B8:D6:37:3E:65:DC:D3:79:DE:A6:18:A8:32:35:7A:66:22:BF:2C:FC
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9028
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E86DC024320211EEBBD5FB5FC4F9AE02.roa
Signing time: Thu 30 May 2024 16:26:47 +0000
ROA not before: Thu 30 May 2024 16:26:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151139
IP address blocks: 103.246.62.0/24 maxlen: 24
103.246.63.0/24 maxlen: 24
2401:1ee0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36904 (0x9028)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:26:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a8c6-ebc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ce:75:4c:17:77:77:f8:4a:8c:c8:46:4f:7c:
22:1d:ff:2c:11:91:4b:73:95:d9:1c:d0:f8:43:07:
b7:2a:70:8d:e9:65:e9:3c:89:6a:fe:1b:07:85:46:
02:38:31:68:69:2e:65:75:4e:ea:60:3e:36:ed:52:
f9:c7:39:62:20:35:d7:09:1b:4f:85:23:a5:f4:09:
75:dd:90:54:6b:a4:e8:c5:e3:62:c7:4e:d1:cb:16:
e7:a0:c5:5f:94:4e:a8:40:3f:82:8a:23:b7:28:38:
bd:39:fb:8b:11:e6:88:d2:41:b3:9c:0a:67:3d:9f:
5e:f1:96:af:57:24:20:5d:92:d8:f5:1d:af:e4:54:
7f:1a:9c:a7:9f:56:65:78:bc:41:cc:fc:5e:29:7d:
fd:46:e1:c4:08:fe:ed:d3:18:f3:a1:9d:88:c2:5c:
bb:a6:40:4d:7e:4e:0d:17:62:8d:91:aa:12:3d:4d:
80:36:f9:2b:3b:46:4c:a7:72:4a:b2:e4:b1:f1:dd:
86:0d:5a:27:89:7d:ad:39:d9:ef:84:85:eb:b2:ef:
8d:b4:f0:ea:f2:96:52:1e:7f:01:99:6f:d7:f6:77:
65:45:cb:7d:82:d5:dc:22:26:df:3f:d0:42:aa:00:
9f:77:ba:7c:5e:1d:72:b7:37:e0:10:b1:e9:e9:0b:
96:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D6:37:3E:65:DC:D3:79:DE:A6:18:A8:32:35:7A:66:22:BF:2C:FC
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E86DC024320211EEBBD5FB5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.246.62.0/23
IPv6:
2401:1ee0::/32
Signature Algorithm: sha256WithRSAEncryption
32:ab:67:c1:83:5e:9c:a6:4e:53:93:2f:c4:e7:d2:fc:7b:99:
9c:c5:41:7f:9f:bb:07:10:74:74:0a:9a:73:a6:94:7e:78:9a:
3a:7b:8d:0c:0c:7f:ed:79:5d:a3:bf:9e:7f:b3:0b:64:5d:46:
7b:1b:46:3c:0b:c3:5f:2e:ff:e7:7c:7d:af:95:b5:a1:1e:fd:
49:95:c5:55:5e:01:14:e8:d0:67:31:e0:06:21:f9:aa:38:4e:
75:b6:a3:54:2b:2a:35:4e:e8:32:30:f7:f9:e7:ae:13:74:80:
82:b0:35:55:d1:18:36:14:7e:35:9f:44:f4:ec:e4:8b:18:ef:
1b:60:c1:14:1a:1d:3b:f4:64:63:36:35:91:51:7c:6f:0e:7a:
0d:f2:4f:06:1a:46:75:b8:24:d7:1b:55:46:3b:c9:73:b6:53:
42:f7:fe:7e:e9:39:25:f6:54:6c:d4:f0:cc:18:a8:59:55:6d:
d0:fb:02:42:a3:ff:60:37:bf:f4:5d:cc:a8:63:fa:56:e9:b5:
9b:19:b4:10:15:fb:bd:f5:41:f3:71:07:8a:81:bf:a3:ae:9e:
ca:a2:0b:e9:c7:60:18:23:35:62:5c:b0:87:79:25:89:9a:d5:
6a:64:33:d8:90:fb:ce:0f:c2:bf:c1:2d:4b:fc:7a:cc:f3:32:
a2:5e:a1:1f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJAoMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MjY0N1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE4YzYtZWJjMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbOdUwXd3f4SozIRk98Ih3/LBGRS3OV2RzQ+EMHtypwjell6TyJav4bB4VG
AjgxaGkuZXVO6mA+Nu1S+cc5YiA11wkbT4UjpfQJdd2QVGuk6MXjYsdO0csW56DF
X5ROqEA/goojtyg4vTn7ixHmiNJBs5wKZz2fXvGWr1ckIF2S2PUdr+RUfxqcp59W
ZXi8Qcz8Xil9/UbhxAj+7dMY86GdiMJcu6ZATX5ODRdijZGqEj1NgDb5KztGTKdy
SrLksfHdhg1aJ4l9rTnZ74SF67LvjbTw6vKWUh5/AZlv1/Z3ZUXLfYLV3CIm3z/Q
QqoAn3e6fF4dcrc34BCx6ekLlicCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBS41jc+
ZdzTed6mGKgyNXpmIr8s/DAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0U4NkRDMDI0
MzIwMjExRUVCQkQ1RkI1RkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMC4GCCsGAQUFBwEHAQH/
BB8wHTAMBAIAATAGAwQBZ/Y+MA0EAgACMAcDBQAkAR7gMA0GCSqGSIb3DQEBCwUA
A4IBAQAyq2fBg16cpk5Tky/E59L8e5mcxUF/n7sHEHR0CppzppR+eJo6e40MDH/t
eV2jv55/swtkXUZ7G0Y8C8NfLv/nfH2vlbWhHv1JlcVVXgEU6NBnMeAGIfmqOE51
tqNUKyo1TugyMPf5564TdICCsDVV0Rg2FH41n0T07OSLGO8bYMEUGh079GRjNjWR
UXxvDnoN8k8GGkZ1uCTXG1VGO8lztlNC9/5+6Tkl9lRs1PDMGKhZVW3Q+wJCo/9g
N7/0XcyoY/pW6bWbGbQQFfu99UHzcQeKgb+jrp7Kogvpx2AYIzViXLCHeSWJmtVq
ZDPYkPvOD8K/wS1L/HrM8zKiXqEf
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:08:09 2025 by rpki-client