Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/8A1AF86E94BC11EC9E49DB41C4F9AE02.roa
File: 8A1AF86E94BC11EC9E49DB41C4F9AE02.roa (raw, json)
Hash identifier: n6ab3BTwAcpH4LegBC83qaXuTY61rSuzXQeixKGRCQ8=
Subject key identifier: 9D:F6:47:1D:91:F4:1F:F5:23:2C:57:A2:8C:67:24:DD:37:14:B1:4A
Certificate issuer: /CN=A917DBF2/serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748
Certificate serial: 1D00
Authority key identifier: 1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/8A1AF86E94BC11EC9E49DB41C4F9AE02.roa
Signing time: Tue 18 Feb 2025 16:43:43 +0000
ROA not before: Tue 18 Feb 2025 16:43:43 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 31898
IP address blocks: 103.81.184.0/22 maxlen: 24
202.144.196.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7424 (0x1d00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917DBF2
Validity
Not Before: Feb 18 16:43:43 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67b4b8bf-3bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:59:60:42:fc:87:0e:d7:1a:76:ec:46:31:f7:
2f:8e:f6:9f:b7:0e:6b:19:34:0c:9d:80:c7:10:13:
0c:50:6e:b5:45:26:3f:59:01:c2:55:d3:b5:3f:5c:
e6:e2:c0:40:7d:c0:28:4a:7f:85:fe:c4:64:90:3c:
e2:55:ff:b3:1a:26:a9:18:c1:6e:01:89:47:df:76:
c2:ea:e7:16:c6:28:db:79:d0:6e:a3:68:cc:63:48:
1d:33:0d:11:df:90:24:85:eb:f8:27:72:e3:9a:2b:
90:e0:f8:ab:14:5f:1d:21:d6:91:c8:cb:84:0e:23:
d4:4b:a4:39:55:04:a0:ff:41:c7:b9:08:54:c8:cc:
09:b1:db:73:09:ea:c4:c4:2a:ec:42:59:fb:6e:25:
c0:b7:62:e7:d4:a2:1f:a7:d7:35:e1:25:71:c0:9f:
ab:1f:f8:84:b2:67:8f:e9:15:b7:ef:f3:c6:13:69:
13:b5:31:60:b5:c8:52:b5:3c:ae:34:eb:1e:0c:c0:
27:f5:ef:38:55:14:3a:45:74:e8:af:d9:4b:41:73:
b9:7a:0c:9f:29:21:8b:30:29:f4:a9:38:a6:e9:72:
53:6a:77:79:b5:51:0d:9d:f7:5e:ce:9f:96:fd:96:
42:53:94:0f:62:02:e4:17:e9:f7:40:3c:40:00:ce:
43:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F6:47:1D:91:F4:1F:F5:23:2C:57:A2:8C:67:24:DD:37:14:B1:4A
X509v3 Authority Key Identifier:
keyid:1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/8A1AF86E94BC11EC9E49DB41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.81.184.0/22
202.144.196.0/22
Signature Algorithm: sha256WithRSAEncryption
36:8c:43:74:e9:1e:60:fe:51:ba:34:f4:cf:37:ad:91:29:37:
a1:68:3c:09:9f:62:84:0b:a5:86:fe:e3:60:b8:26:04:a0:d1:
bf:e1:7c:42:f6:61:aa:f0:0b:89:51:84:21:56:3d:1b:fe:c3:
56:0c:c8:c9:9e:ed:44:e9:b9:ed:f6:85:4d:43:12:08:6b:0f:
75:38:c7:18:15:3d:f6:8e:11:1d:e0:30:11:da:d5:f0:d2:05:
51:9b:3a:11:0e:11:14:31:39:7f:cf:3d:d3:d9:36:10:a2:54:
08:5a:eb:36:52:e7:7a:a5:8c:d0:d3:f6:ce:7b:1e:35:d5:ed:
cb:a6:19:91:9c:44:ce:b2:4d:f0:2e:7c:9a:4a:9f:a9:6e:8d:
43:d4:27:e1:68:51:ae:53:19:36:47:8e:c9:f8:d5:53:6d:04:
b1:a0:56:ff:38:53:e6:32:34:75:8d:7b:5b:7c:95:0b:ce:af:
93:68:9c:e8:56:98:48:b0:6a:dc:f4:10:57:52:d9:b9:34:a1:
0f:8e:46:78:96:06:af:5e:aa:4e:8e:20:80:27:ae:a8:62:74:
94:76:96:e4:11:74:ce:cf:59:52:78:6b:25:d1:73:c0:21:1b:
af:ae:48:af:8f:19:6c:2f:e7:05:7f:90:05:06:6f:0b:c5:d9:
53:c6:c3:f5
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICHQAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RCRjIxMTAvBgNVBAUTKDFCMTdBQzNEQzk2Q0EyMzQ1MjUwMjNFRkQzNjI3RTky
Q0Q4ODQ3NDgwHhcNMjUwMjE4MTY0MzQzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0YjhiZi0zYmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApFlgQvyHDtcaduxGMfcvjvaftw5rGTQMnYDHEBMMUG61RSY/WQHCVdO1P1zm
4sBAfcAoSn+F/sRkkDziVf+zGiapGMFuAYlH33bC6ucWxijbedBuo2jMY0gdMw0R
35Akhev4J3LjmiuQ4PirFF8dIdaRyMuEDiPUS6Q5VQSg/0HHuQhUyMwJsdtzCerE
xCrsQln7biXAt2Ln1KIfp9c14SVxwJ+rH/iEsmeP6RW37/PGE2kTtTFgtchStTyu
NOseDMAn9e84VRQ6RXTor9lLQXO5egyfKSGLMCn0qTim6XJTand5tVENnfdezp+W
/ZZCU5QPYgLkF+n3QDxAAM5DpQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJ32Rx2R
9B/1IyxXooxnJN03FLFKMB8GA1UdIwQYMBaAFBsXrD3JbKI0UlAj79NifpLNiEdI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REJGMi9FMzQ0NTAxNkMy
RjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29qUlNVQ1B2MDJKLWtzMklS
MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d4ZXNQY2xzb2pSU1VDUHYwMkota3MySVIwZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RCRjIvRTM0NDUwMTZDMkY4MTFFNjk5N0FFQjZCQzRGOUFFMDIvOEExQUY4NkU5
NEJDMTFFQzlFNDlEQjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUbgDBALKkMQwDQYJKoZIhvcNAQELBQADggEBADaMQ3Tp
HmD+Ubo09M83rZEpN6FoPAmfYoQLpYb+42C4JgSg0b/hfEL2YarwC4lRhCFWPRv+
w1YMyMme7UTpue32hU1DEghrD3U4xxgVPfaOER3gMBHa1fDSBVGbOhEOERQxOX/P
PdPZNhCiVAha6zZS53qljNDT9s57HjXV7cumGZGcRM6yTfAufJpKn6lujUPUJ+Fo
Ua5TGTZHjsn41VNtBLGgVv84U+YyNHWNe1t8lQvOr5NonOhWmEiwatz0EFdS2bk0
oQ+ORniWBq9eqk6OIIAnrqhidJR2luQRdM7PWVJ4ayXRc8AhG6+uSK+PGWwv5wV/
kAUGbwvF2VPGw/U=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:09:31 2025 by rpki-client