Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/B7BC4714BEF011ED9634C070C4F9AE02.roa
File: B7BC4714BEF011ED9634C070C4F9AE02.roa (raw, json)
Hash identifier: hCJDcBpZnY511Q8RFEjySoDwZo6yKwsip9nLzCPAimM=
Subject key identifier: 2B:28:D0:74:FA:4C:06:9B:B4:A9:B8:81:4D:26:47:9D:D3:EB:63:1D
Certificate issuer: /CN=A918FC40/serialNumber=1601D8650DD556B2AFB083B233FF65AE3DAD1571
Certificate serial: 0ACA
Authority key identifier: 16:01:D8:65:0D:D5:56:B2:AF:B0:83:B2:33:FF:65:AE:3D:AD:15:71
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/B7BC4714BEF011ED9634C070C4F9AE02.roa
Signing time: Mon 02 Dec 2024 19:38:02 +0000
ROA not before: Mon 02 Dec 2024 19:38:02 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 9311
IP address blocks: 103.23.75.0/24 maxlen: 24
103.246.252.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2762 (0xaca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC40
Validity
Not Before: Dec 2 19:38:02 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=674e0c9a-f2ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1f:de:49:a0:98:dd:3b:69:a8:86:40:20:70:
2b:67:16:a1:a6:cb:2e:61:50:74:c9:35:89:11:4d:
c8:ff:45:71:33:80:65:08:90:0f:ec:f5:12:14:24:
6c:c7:fa:b5:06:7b:14:ce:45:60:2e:fc:9b:f0:44:
4c:12:cf:f8:74:40:7c:42:de:a2:b8:f2:d5:e0:94:
59:53:4b:22:22:f5:a3:f1:bb:72:fd:51:9e:18:b2:
99:38:70:08:61:7c:17:50:f3:7c:b0:ea:43:be:e2:
72:14:70:3d:d9:72:89:fd:99:42:80:b5:40:0b:17:
52:00:ee:f2:e2:4b:32:a1:c3:0f:16:36:4b:4c:fb:
ac:c5:af:53:52:c7:b8:01:b3:60:3f:69:2b:64:0e:
2f:cd:bd:5e:84:93:c8:3b:d0:c4:1b:b8:79:b8:89:
08:05:61:75:3d:94:ee:22:c7:fc:a5:24:ef:68:99:
19:9b:2e:ac:97:7f:b8:16:17:e1:d2:e0:89:df:c0:
e5:04:01:88:ba:1d:4a:a1:19:b8:c6:11:f6:0c:24:
32:d2:43:43:ba:5e:71:df:b8:33:13:c1:fd:70:2d:
4b:b8:1d:0e:d9:c0:29:35:89:4e:76:12:08:67:27:
b6:d7:a3:78:73:f3:50:d7:a9:29:3d:ef:a3:84:3e:
f2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:28:D0:74:FA:4C:06:9B:B4:A9:B8:81:4D:26:47:9D:D3:EB:63:1D
X509v3 Authority Key Identifier:
keyid:16:01:D8:65:0D:D5:56:B2:AF:B0:83:B2:33:FF:65:AE:3D:AD:15:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/B7BC4714BEF011ED9634C070C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.75.0/24
103.246.252.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:7e:22:95:92:07:9b:88:84:e8:d5:d4:79:33:d3:fd:3e:1c:
ae:8e:0b:0f:4a:b0:5a:04:0f:b0:dc:7e:c3:c0:f1:21:1c:52:
09:ab:af:dd:60:d9:4b:70:73:db:e4:8a:a3:50:86:60:68:e2:
47:f6:39:48:44:ee:7b:a3:2d:0a:ec:c2:dd:8a:38:aa:c9:6d:
10:b6:0c:fd:dd:be:41:6e:31:ac:35:a0:e5:c5:18:fe:2d:5b:
f8:db:58:11:51:7c:bc:1c:97:61:3a:73:51:67:b2:95:b6:7c:
e9:8b:fd:0e:84:e3:ec:d6:79:30:d4:1f:4c:76:07:3f:bb:05:
67:65:28:4b:0b:d3:0d:16:a9:a3:54:cf:fe:60:1d:1d:03:81:
81:c9:e4:27:d9:61:b4:99:d9:fd:35:1c:30:3e:41:63:47:56:
07:1d:2c:35:19:4a:53:96:ea:4e:e8:e2:07:e8:0c:d5:17:72:
c7:7f:b0:67:e5:ae:da:f6:a1:3a:c3:1a:e6:f6:af:53:5c:ba:
d6:46:b1:29:83:98:99:15:62:5e:95:c9:21:38:86:58:41:8d:
ec:28:de:f9:f4:ef:7d:89:3b:f6:9c:0e:ed:67:21:ed:5c:ae:
98:62:de:13:1d:32:12:9b:27:cd:80:1b:9f:80:62:7d:f6:31:
6a:f0:36:a3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCsowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNDAxMTAvBgNVBAUTKDE2MDFEODY1MERENTU2QjJBRkIwODNCMjMzRkY2NUFF
M0RBRDE1NzEwHhcNMjQxMjAyMTkzODAyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlMGM5YS1mMmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqB/eSaCY3TtpqIZAIHArZxahpssuYVB0yTWJEU3I/0VxM4BlCJAP7PUSFCRs
x/q1BnsUzkVgLvyb8ERMEs/4dEB8Qt6iuPLV4JRZU0siIvWj8bty/VGeGLKZOHAI
YXwXUPN8sOpDvuJyFHA92XKJ/ZlCgLVACxdSAO7y4ksyocMPFjZLTPusxa9TUse4
AbNgP2krZA4vzb1ehJPIO9DEG7h5uIkIBWF1PZTuIsf8pSTvaJkZmy6sl3+4Fhfh
0uCJ38DlBAGIuh1KoRm4xhH2DCQy0kNDul5x37gzE8H9cC1LuB0O2cApNYlOdhII
Zye216N4c/NQ16kpPe+jhD7ykQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCso0HT6
TAabtKm4gU0mR53T62MdMB8GA1UdIwQYMBaAFBYB2GUN1Vayr7CDsjP/Za49rRVx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM0MC82MTdGMzUzNjQw
RTExMUVBQkM2MkRCMjZDNEY5QUUwMi9GZ0hZWlEzVlZyS3ZzSU95TV85bHJqMnRG
WEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZnSFlaUTNWVnJLdnNJT3lNXzlscmoydEZYRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNDAvNjE3RjM1MzY0MEUxMTFFQUJDNjJEQjI2QzRGOUFFMDIvQjdCQzQ3MTRC
RUYwMTFFRDk2MzRDMDcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnF0sDBAFn9vwwDQYJKoZIhvcNAQELBQADggEBAI5+IpWS
B5uIhOjV1Hkz0/0+HK6OCw9KsFoED7DcfsPA8SEcUgmrr91g2Utwc9vkiqNQhmBo
4kf2OUhE7nujLQrswt2KOKrJbRC2DP3dvkFuMaw1oOXFGP4tW/jbWBFRfLwcl2E6
c1FnspW2fOmL/Q6E4+zWeTDUH0x2Bz+7BWdlKEsL0w0WqaNUz/5gHR0DgYHJ5CfZ
YbSZ2f01HDA+QWNHVgcdLDUZSlOW6k7o4gfoDNUXcsd/sGflrtr2oTrDGub2r1Nc
utZGsSmDmJkVYl6VySE4hlhBjewo3vn0732JO/acDu1nIe1crphi3hMdMhKbJ82A
G5+AYn32MWrwNqM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:47:10 2025 by rpki-client