Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/C2EECBA0E85C11EBA2171A25C4F9AE02.roa
File: C2EECBA0E85C11EBA2171A25C4F9AE02.roa (raw, json)
Hash identifier: i8SkLvPy/XtXc4ZuxfbQ0jMccOT4jPJgyB/aqJ2e6A0=
Subject key identifier: 89:B1:6E:A4:B6:68:50:40:3E:80:2A:95:E4:6F:57:CB:7F:3D:5A:C6
Certificate issuer: /CN=A917DBF2/serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748
Certificate serial: 1D02
Authority key identifier: 1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/C2EECBA0E85C11EBA2171A25C4F9AE02.roa
Signing time: Tue 18 Feb 2025 16:43:45 +0000
ROA not before: Tue 18 Feb 2025 16:43:45 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 42962
IP address blocks: 103.81.184.0/22 maxlen: 24
202.144.196.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7426 (0x1d02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917DBF2
Validity
Not Before: Feb 18 16:43:45 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67b4b8c0-c805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cd:fb:34:ec:30:08:94:fd:54:61:74:57:8d:
c8:c2:c4:da:5a:46:0e:f9:f1:75:3f:e5:90:dc:98:
e3:19:b8:8c:31:7f:b3:9b:74:a4:9f:91:c8:7e:8d:
70:3f:89:83:42:c3:4c:87:30:86:e4:69:e5:11:d2:
f2:64:94:e1:e1:ef:1f:b9:17:86:73:a4:a7:2c:4b:
b5:d3:32:a5:c3:24:f7:75:a4:d5:da:dd:45:8b:0a:
44:60:3e:e5:61:ca:ad:04:74:03:54:16:78:59:f0:
74:e8:4f:06:49:91:44:0b:d8:31:cf:d4:e6:df:ee:
f3:37:5a:ca:81:45:40:8a:73:e3:65:91:17:12:8f:
54:f4:d9:8a:3a:34:46:88:55:03:64:b4:8d:47:8d:
09:86:45:99:fe:3c:54:f6:c3:10:b6:2b:a1:44:45:
8b:6e:b0:d6:79:2a:07:11:1c:b7:41:f5:47:15:bc:
8a:fd:e9:53:1f:93:f1:5f:38:26:e8:1a:7c:95:2f:
9c:8b:9d:9a:7e:fd:83:81:1a:e5:28:ee:39:43:9a:
47:ef:5a:57:2a:aa:d7:f0:9c:48:54:cc:4d:f4:04:
e0:ee:59:71:78:da:15:76:3b:63:15:22:37:6b:f0:
80:4b:7f:d4:61:d8:04:55:d7:41:d4:0c:6a:8c:d9:
15:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B1:6E:A4:B6:68:50:40:3E:80:2A:95:E4:6F:57:CB:7F:3D:5A:C6
X509v3 Authority Key Identifier:
keyid:1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/C2EECBA0E85C11EBA2171A25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.81.184.0/22
202.144.196.0/22
Signature Algorithm: sha256WithRSAEncryption
93:55:33:3e:c4:dd:3d:b2:3a:8f:d3:b3:e7:35:ea:8a:43:7b:
9d:43:2c:aa:2e:48:ea:0d:0a:62:3a:48:a2:a9:61:82:12:36:
68:04:4a:2d:0a:26:6c:84:13:38:39:23:23:42:09:7a:c0:e1:
2d:54:f2:00:0d:a9:d5:6e:ad:b1:a4:04:0e:d4:c9:64:22:2f:
06:e5:c0:f7:f1:64:0e:27:73:b1:b9:8f:a0:91:9c:af:21:b0:
27:aa:05:78:b8:a9:ac:05:8c:d8:66:d8:2d:9a:0a:6a:62:cf:
34:42:16:d1:14:6b:ef:bc:bf:c4:4a:1a:6a:c6:55:d5:63:3d:
09:d3:95:27:f2:ba:c6:dc:4a:c6:52:f8:32:82:68:dc:b6:08:
14:bb:01:e8:a3:72:6a:68:30:77:4c:1f:5e:68:d4:9c:f5:5a:
e9:8e:10:89:5c:af:bc:03:88:f8:54:94:3b:c5:7f:55:e2:81:
2d:71:80:08:7b:f1:17:09:15:bf:39:77:8e:c1:f8:5f:ae:7e:
2b:36:d3:0e:69:6f:63:3c:67:ee:d4:20:87:0e:0e:3e:bb:92:
0b:7e:94:b5:4c:94:02:1d:59:de:2f:03:aa:5b:a0:c8:d6:e8:
1c:0f:82:43:6d:97:66:2e:d6:48:a5:bd:a5:42:a3:55:72:78:
39:94:e6:48
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICHQIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RCRjIxMTAvBgNVBAUTKDFCMTdBQzNEQzk2Q0EyMzQ1MjUwMjNFRkQzNjI3RTky
Q0Q4ODQ3NDgwHhcNMjUwMjE4MTY0MzQ1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0YjhjMC1jODA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzM37NOwwCJT9VGF0V43IwsTaWkYO+fF1P+WQ3JjjGbiMMX+zm3Skn5HIfo1w
P4mDQsNMhzCG5GnlEdLyZJTh4e8fuReGc6SnLEu10zKlwyT3daTV2t1FiwpEYD7l
YcqtBHQDVBZ4WfB06E8GSZFEC9gxz9Tm3+7zN1rKgUVAinPjZZEXEo9U9NmKOjRG
iFUDZLSNR40JhkWZ/jxU9sMQtiuhREWLbrDWeSoHERy3QfVHFbyK/elTH5PxXzgm
6Bp8lS+ci52afv2DgRrlKO45Q5pH71pXKqrX8JxIVMxN9ATg7llxeNoVdjtjFSI3
a/CAS3/UYdgEVddB1AxqjNkVlQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFImxbqS2
aFBAPoAqleRvV8t/PVrGMB8GA1UdIwQYMBaAFBsXrD3JbKI0UlAj79NifpLNiEdI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REJGMi9FMzQ0NTAxNkMy
RjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29qUlNVQ1B2MDJKLWtzMklS
MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d4ZXNQY2xzb2pSU1VDUHYwMkota3MySVIwZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RCRjIvRTM0NDUwMTZDMkY4MTFFNjk5N0FFQjZCQzRGOUFFMDIvQzJFRUNCQTBF
ODVDMTFFQkEyMTcxQTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUbgDBALKkMQwDQYJKoZIhvcNAQELBQADggEBAJNVMz7E
3T2yOo/Ts+c16opDe51DLKouSOoNCmI6SKKpYYISNmgESi0KJmyEEzg5IyNCCXrA
4S1U8gANqdVurbGkBA7UyWQiLwblwPfxZA4nc7G5j6CRnK8hsCeqBXi4qawFjNhm
2C2aCmpizzRCFtEUa++8v8RKGmrGVdVjPQnTlSfyusbcSsZS+DKCaNy2CBS7Aeij
cmpoMHdMH15o1Jz1WumOEIlcr7wDiPhUlDvFf1XigS1xgAh78RcJFb85d47B+F+u
fis20w5pb2M8Z+7UIIcODj67kgt+lLVMlAIdWd4vA6pboMjW6BwPgkNtl2Yu1kil
vaVCo1VyeDmU5kg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:04:35 2025 by rpki-client