Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919D72D/98BA46B4968D11EB93FA350AC4F9AE02/00C79724968F11EB9A79630BC4F9AE02.roa
File: 00C79724968F11EB9A79630BC4F9AE02.roa (raw, json)
Hash identifier: Y2zv5qoN2STM8iOeHa24FYyQDvrtP06yfpXTjv2gJRo=
Subject key identifier: 09:37:98:66:69:D2:4D:CF:95:DD:0C:13:1C:05:3F:18:4B:E2:33:C0
Certificate issuer: /CN=A919D72D/serialNumber=B8F61CABB9119D6C37685F0ABE34AEE26A0217E6
Certificate serial: 0607
Authority key identifier: B8:F6:1C:AB:B9:11:9D:6C:37:68:5F:0A:BE:34:AE:E2:6A:02:17:E6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uPYcq7kRnWw3aF8KvjSu4moCF-Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919D72D/98BA46B4968D11EB93FA350AC4F9AE02/00C79724968F11EB9A79630BC4F9AE02.roa
Signing time: Sat 01 Mar 2025 00:31:51 +0000
ROA not before: Sat 01 Mar 2025 00:31:51 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 136933
IP address blocks: 103.148.124.0/23 maxlen: 23
103.148.124.0/24 maxlen: 24
103.148.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1543 (0x607)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919D72D
Validity
Not Before: Mar 1 00:31:51 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c25576-0d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:29:ab:05:d1:bd:ee:0c:d1:2b:4b:a3:d0:09:
7e:5e:5a:b8:08:27:9a:1e:6e:8a:58:28:b2:1b:62:
59:93:1f:b1:c8:b7:3b:84:dd:bf:ad:a3:b2:ce:e0:
d2:23:94:5b:3f:02:b7:2e:8b:8f:3f:d6:1e:f1:dc:
40:58:b0:df:76:95:b5:1d:fb:38:8d:d8:df:d0:52:
22:c6:d1:10:50:53:16:83:73:36:3d:14:16:e5:dd:
2a:df:ea:4a:b6:0c:df:53:7b:2a:29:01:5c:e9:43:
60:b3:cb:a4:77:2b:a9:a7:f9:3f:f9:62:ae:8a:e7:
0a:50:b5:d0:b9:a7:eb:d0:f6:b5:da:7e:e9:86:ee:
90:6f:94:eb:a6:e5:45:93:78:25:23:82:ee:11:44:
d1:16:5b:fa:9b:03:05:70:dd:6a:20:14:c8:14:84:
c8:02:2f:93:5a:ef:aa:77:6e:ae:f2:88:ea:3b:fd:
bd:f8:0b:c8:32:1d:5b:0f:e5:c5:e6:50:0f:88:53:
e2:88:e9:a0:87:53:1f:a7:a0:da:3c:d3:eb:58:e1:
e1:a3:2c:e2:d7:8b:1a:9b:3b:0d:d0:7b:e6:ad:e8:
41:71:8d:bd:cd:da:76:4e:1a:82:4f:81:0c:18:a0:
b8:c4:0f:98:d5:35:e7:06:17:2b:7b:71:25:b5:44:
81:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:37:98:66:69:D2:4D:CF:95:DD:0C:13:1C:05:3F:18:4B:E2:33:C0
X509v3 Authority Key Identifier:
keyid:B8:F6:1C:AB:B9:11:9D:6C:37:68:5F:0A:BE:34:AE:E2:6A:02:17:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919D72D/98BA46B4968D11EB93FA350AC4F9AE02/uPYcq7kRnWw3aF8KvjSu4moCF-Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uPYcq7kRnWw3aF8KvjSu4moCF-Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D72D/98BA46B4968D11EB93FA350AC4F9AE02/00C79724968F11EB9A79630BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.124.0/23
Signature Algorithm: sha256WithRSAEncryption
18:32:b9:8b:b7:bf:5e:1f:cf:30:03:b3:e6:e9:f1:cc:76:f2:
a5:e4:33:64:e1:b7:b1:24:24:9c:05:71:ba:8d:65:7f:b1:8a:
33:d3:cb:80:71:85:21:7f:71:4f:c5:69:95:fe:f1:83:08:60:
5c:22:6d:6c:ea:e4:7b:7f:49:61:59:9b:4d:29:9f:d0:e4:80:
30:7b:73:cf:81:10:f4:ad:f6:b3:10:e9:02:79:2c:1d:4a:6f:
b1:c2:c2:46:b0:ed:19:67:48:49:4d:d7:2e:3f:7e:ce:15:b8:
fb:e9:ad:80:8e:6b:3b:f5:2b:8b:9b:93:ef:ff:4f:5f:25:c4:
a2:1f:45:7b:4e:9d:81:b8:df:33:ec:51:e8:15:80:43:11:f8:
01:53:8e:23:fa:56:0c:5a:f0:0d:42:96:98:57:66:ba:75:74:
77:9c:b2:47:9f:1a:91:e9:fe:64:4e:5b:1a:48:b6:35:f4:bd:
42:8d:ae:87:e9:72:fb:2b:85:b9:e7:3d:d6:de:a4:53:8e:0e:
fd:13:90:9d:bf:3f:8d:6c:37:1c:41:54:f6:3a:51:5c:9f:28:
ef:3a:f5:be:23:72:10:4e:a6:d9:df:42:41:21:75:8e:26:46:
59:30:3a:d2:29:28:f4:62:b5:91:ab:1d:83:01:ab:d3:91:06:
62:48:d1:92
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBgcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUQ3MkQxMTAvBgNVBAUTKEI4RjYxQ0FCQjkxMTlENkMzNzY4NUYwQUJFMzRBRUUy
NkEwMjE3RTYwHhcNMjUwMzAxMDAzMTUxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MyNTU3Ni0wZDY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4ymrBdG97gzRK0uj0Al+Xlq4CCeaHm6KWCiyG2JZkx+xyLc7hN2/raOyzuDS
I5RbPwK3LouPP9Ye8dxAWLDfdpW1Hfs4jdjf0FIixtEQUFMWg3M2PRQW5d0q3+pK
tgzfU3sqKQFc6UNgs8ukdyupp/k/+WKuiucKULXQuafr0Pa12n7phu6Qb5TrpuVF
k3glI4LuEUTRFlv6mwMFcN1qIBTIFITIAi+TWu+qd26u8ojqO/29+AvIMh1bD+XF
5lAPiFPiiOmgh1Mfp6DaPNPrWOHhoyzi14samzsN0HvmrehBcY29zdp2ThqCT4EM
GKC4xA+Y1TXnBhcre3EltUSBaQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAk3mGZp
0k3Pld0MExwFPxhL4jPAMB8GA1UdIwQYMBaAFLj2HKu5EZ1sN2hfCr40ruJqAhfm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RDcyRC85OEJBNDZCNDk2
OEQxMUVCOTNGQTM1MEFDNEY5QUUwMi91UFljcTdrUm5XdzNhRjhLdmpTdTRtb0NG
LVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VQWWNxN2tSbld3M2FGOEt2alN1NG1vQ0YtWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUQ3MkQvOThCQTQ2QjQ5NjhEMTFFQjkzRkEzNTBBQzRGOUFFMDIvMDBDNzk3MjQ5
NjhGMTFFQjlBNzk2MzBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlHwwDQYJKoZIhvcNAQELBQADggEBABgyuYu3v14fzzAD
s+bp8cx28qXkM2Tht7EkJJwFcbqNZX+xijPTy4BxhSF/cU/FaZX+8YMIYFwibWzq
5Ht/SWFZm00pn9DkgDB7c8+BEPSt9rMQ6QJ5LB1Kb7HCwkaw7RlnSElN1y4/fs4V
uPvprYCOazv1K4ubk+//T18lxKIfRXtOnYG43zPsUegVgEMR+AFTjiP6Vgxa8A1C
lphXZrp1dHecskefGpHp/mROWxpItjX0vUKNrofpcvsrhbnnPdbepFOODv0TkJ2/
P41sNxxBVPY6UVyfKO869b4jchBOptnfQkEhdY4mRlkwOtIpKPRitZGrHYMBq9OR
BmJI0ZI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:10:08 2025 by rpki-client