Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913E2B3/20E67DD812F411EA89420430C4F9AE02/3AB1E0D44ED511ED84336740C4F9AE02.roa
File: 3AB1E0D44ED511ED84336740C4F9AE02.roa (raw, json)
Hash identifier: J+JzfdPnvnmB6Ay3Ml+qeWmcjb1XIfVxnUqGVNUN7Ko=
Subject key identifier: B7:6F:24:A7:4F:EB:8B:EC:14:BA:AD:E5:3A:00:36:DD:76:37:07:4C
Certificate issuer: /CN=A913E2B3/serialNumber=52868B0901F55B4078B91A73451CA6D22312C8AB
Certificate serial: 0BE0
Authority key identifier: 52:86:8B:09:01:F5:5B:40:78:B9:1A:73:45:1C:A6:D2:23:12:C8:AB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UoaLCQH1W0B4uRpzRRym0iMSyKs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913E2B3/20E67DD812F411EA89420430C4F9AE02/3AB1E0D44ED511ED84336740C4F9AE02.roa
Signing time: Tue 04 Mar 2025 19:36:59 +0000
ROA not before: Tue 04 Mar 2025 19:36:59 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 138608
IP address blocks: 103.134.152.0/24 maxlen: 24
103.134.153.0/24 maxlen: 24
103.134.154.0/24 maxlen: 24
2404:6740::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3040 (0xbe0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913E2B3
Validity
Not Before: Mar 4 19:36:59 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c7565b-7470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:a6:c7:6c:70:3b:4c:e7:df:ae:af:07:7b:22:
16:f1:09:54:9d:7f:60:fc:6b:0b:67:24:c2:9d:ba:
cf:80:9f:2b:9e:ee:bd:af:58:30:f0:1d:ab:a7:38:
ca:da:e9:fb:03:91:71:41:0c:31:66:1d:72:0b:b4:
d3:31:d1:8c:68:58:3b:6e:07:e2:cb:8b:39:f8:31:
30:7b:27:48:93:0b:9d:d6:c6:24:da:5d:b8:df:d9:
68:67:d9:75:c7:dd:72:2d:e3:1f:c5:74:f5:21:29:
0d:14:eb:fb:b4:c7:d0:c5:63:43:61:5c:cb:7b:b4:
3c:51:62:74:56:a4:f5:a9:3b:05:a7:51:da:84:40:
7f:94:80:1d:8a:9d:6f:e6:33:07:9b:7d:94:e8:2a:
77:17:c5:70:ef:43:89:0d:76:c7:a2:a5:b4:c0:46:
c2:cb:69:78:bb:fa:8c:ea:a8:9e:5b:13:c6:0e:8f:
25:fa:f3:12:94:8e:4a:7b:ab:6a:74:4a:0c:d6:c1:
c8:26:24:3c:6e:1c:a4:fe:a3:bd:07:49:85:f5:6a:
85:59:8d:d8:03:42:2b:81:bb:6e:ef:e7:cd:75:30:
44:8e:6a:c7:c7:78:48:2a:93:2e:d6:9a:e0:35:4b:
a8:f1:af:e4:0b:ba:06:62:54:ac:a9:03:80:5c:b1:
31:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:6F:24:A7:4F:EB:8B:EC:14:BA:AD:E5:3A:00:36:DD:76:37:07:4C
X509v3 Authority Key Identifier:
keyid:52:86:8B:09:01:F5:5B:40:78:B9:1A:73:45:1C:A6:D2:23:12:C8:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913E2B3/20E67DD812F411EA89420430C4F9AE02/UoaLCQH1W0B4uRpzRRym0iMSyKs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UoaLCQH1W0B4uRpzRRym0iMSyKs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E2B3/20E67DD812F411EA89420430C4F9AE02/3AB1E0D44ED511ED84336740C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.152.0-103.134.154.255
IPv6:
2404:6740::/32
Signature Algorithm: sha256WithRSAEncryption
86:e5:18:f3:50:46:af:cc:50:d2:02:89:45:a9:4a:16:2c:2e:
f1:56:08:bc:d7:02:64:ec:b1:bd:62:a9:97:2c:43:f8:e7:d8:
bd:14:df:40:00:bb:ce:03:b6:ae:bd:0e:3c:38:14:83:a2:94:
59:7c:a6:66:f3:6a:d5:5b:75:36:85:7b:6e:2b:c6:2f:58:20:
6c:b3:16:7d:2a:3d:82:f4:c4:13:aa:74:ad:a0:c0:b2:c1:9d:
04:37:fe:3c:31:09:c6:ed:23:1b:95:7c:54:08:b5:e3:17:ff:
b4:18:f6:86:c8:b3:e5:67:2e:6a:91:d6:a7:17:a8:4d:18:98:
9b:20:d5:53:2b:b7:d4:21:ad:a1:ac:ad:ff:f3:80:cd:cb:c8:
9e:48:04:04:02:06:05:20:24:74:68:b0:93:3a:f9:7a:9a:ee:
2e:53:f9:45:51:33:fc:da:16:9f:f4:7c:e1:d5:fe:1f:72:83:
51:a9:67:0c:02:55:a8:b0:10:3b:7d:45:fa:8a:88:23:81:7c:
0b:8e:fb:84:ce:cb:3e:eb:9d:28:71:d8:7d:17:35:af:b6:0d:
a7:b7:ae:f7:ca:c6:e5:3d:60:c4:7a:62:3a:48:b2:4b:82:06:
4f:6f:57:ca:e3:e4:65:71:5a:b2:88:40:c9:aa:8a:84:06:fc:
00:b5:b7:51
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICC+AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0UyQjMxMTAvBgNVBAUTKDUyODY4QjA5MDFGNTVCNDA3OEI5MUE3MzQ1MUNBNkQy
MjMxMkM4QUIwHhcNMjUwMzA0MTkzNjU5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3NTY1Yi03NDcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6abHbHA7TOffrq8HeyIW8QlUnX9g/GsLZyTCnbrPgJ8rnu69r1gw8B2rpzjK
2un7A5FxQQwxZh1yC7TTMdGMaFg7bgfiy4s5+DEweydIkwud1sYk2l2439loZ9l1
x91yLeMfxXT1ISkNFOv7tMfQxWNDYVzLe7Q8UWJ0VqT1qTsFp1HahEB/lIAdip1v
5jMHm32U6Cp3F8Vw70OJDXbHoqW0wEbCy2l4u/qM6qieWxPGDo8l+vMSlI5Ke6tq
dEoM1sHIJiQ8bhyk/qO9B0mF9WqFWY3YA0Irgbtu7+fNdTBEjmrHx3hIKpMu1prg
NUuo8a/kC7oGYlSsqQOAXLExZQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFLdvJKdP
64vsFLqt5ToANt12NwdMMB8GA1UdIwQYMBaAFFKGiwkB9VtAeLkac0UcptIjEsir
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRTJCMy8yMEU2N0REODEy
RjQxMUVBODk0MjA0MzBDNEY5QUUwMi9Vb2FMQ1FIMVcwQjR1UnB6UlJ5bTBpTVN5
S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VvYUxDUUgxVzBCNHVScHpSUnltMGlNU3lLcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0UyQjMvMjBFNjdERDgxMkY0MTFFQTg5NDIwNDMwQzRGOUFFMDIvM0FCMUUwRDQ0
RUQ1MTFFRDg0MzM2NzQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBQEAgABMA4wDAMEA2eGmAMEAGeGmjANBAIAAjAHAwUAJARnQDANBgkqhkiG
9w0BAQsFAAOCAQEAhuUY81BGr8xQ0gKJRalKFiwu8VYIvNcCZOyxvWKplyxD+OfY
vRTfQAC7zgO2rr0OPDgUg6KUWXymZvNq1Vt1NoV7bivGL1ggbLMWfSo9gvTEE6p0
raDAssGdBDf+PDEJxu0jG5V8VAi14xf/tBj2hsiz5WcuapHWpxeoTRiYmyDVUyu3
1CGtoayt//OAzcvInkgEBAIGBSAkdGiwkzr5epruLlP5RVEz/NoWn/R84dX+H3KD
UalnDAJVqLAQO31F+oqII4F8C477hM7LPuudKHHYfRc1r7YNp7eu98rG5T1gxHpi
OkiyS4IGT29XyuPkZXFasohAyaqKhAb8ALW3UQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:39:15 2025 by rpki-client