Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D931/FB5A5084085811EB93B7A66BC4F9AE02/F575D65A085A11EBA6864D71C4F9AE02.roa
File: F575D65A085A11EBA6864D71C4F9AE02.roa (raw, json)
Hash identifier: MoYCzKz4ghJi1D1zSWKy/H/ig794mxo8w546loZw0HA=
Subject key identifier: AC:35:86:E6:04:14:93:38:FB:0B:22:B0:E1:AD:C8:26:E1:79:18:DD
Certificate issuer: /CN=A918D931/serialNumber=68DA4E85A7984B3FD10AEF34C7D1D00F1B464531
Certificate serial: 0724
Authority key identifier: 68:DA:4E:85:A7:98:4B:3F:D1:0A:EF:34:C7:D1:D0:0F:1B:46:45:31
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aNpOhaeYSz_RCu80x9HQDxtGRTE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D931/FB5A5084085811EB93B7A66BC4F9AE02/F575D65A085A11EBA6864D71C4F9AE02.roa
Signing time: Wed 02 Oct 2024 22:00:49 +0000
ROA not before: Wed 02 Oct 2024 22:00:49 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 55720
IP address blocks: 103.75.188.0/24 maxlen: 24
103.75.189.0/24 maxlen: 24
103.75.190.0/24 maxlen: 24
103.75.191.0/24 maxlen: 24
202.59.9.0/24 maxlen: 24
202.59.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1828 (0x724)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D931
Validity
Not Before: Oct 2 22:00:49 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=66fdc291-7c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2b:56:6d:41:4a:5d:92:91:e9:bd:b3:91:38:
e8:6e:ac:1d:8d:48:e1:05:80:a7:8d:49:62:e1:0c:
87:ce:a3:cd:a2:dc:bb:84:f8:63:92:96:d2:fc:db:
6f:45:b3:de:7e:d5:bd:8b:bc:76:30:69:6d:38:a1:
ed:a8:89:66:7f:a4:7a:4a:3e:8a:66:78:f3:35:a4:
fc:02:82:ed:98:e3:37:2a:ff:48:2e:0a:4b:27:11:
52:1b:69:b1:df:e9:16:31:f6:71:5f:16:f6:f6:be:
d0:e5:1c:ee:3b:12:4a:ff:b1:c0:1a:db:68:15:c8:
0b:35:3c:22:54:64:f2:9b:62:d2:04:30:bb:81:3a:
82:56:e8:a1:d5:dc:2b:55:21:e7:ec:59:26:ad:8a:
82:a6:cd:43:20:69:db:ad:1b:3d:b1:f1:d7:0b:22:
d4:db:ac:d3:b0:b6:68:dc:75:1f:94:f0:8d:44:84:
6c:71:44:2f:71:75:89:c5:bb:b6:21:dd:fd:49:fc:
f6:47:70:f2:1b:9f:1a:2d:4e:4e:c7:a8:65:fe:c7:
c1:a9:c6:0c:74:f4:96:64:0f:78:2c:f6:79:33:12:
76:3c:b1:01:48:bd:ef:15:f4:44:f8:58:75:1a:c6:
84:62:35:ba:28:34:c4:a6:a4:ba:66:92:2b:89:f7:
3d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:35:86:E6:04:14:93:38:FB:0B:22:B0:E1:AD:C8:26:E1:79:18:DD
X509v3 Authority Key Identifier:
keyid:68:DA:4E:85:A7:98:4B:3F:D1:0A:EF:34:C7:D1:D0:0F:1B:46:45:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D931/FB5A5084085811EB93B7A66BC4F9AE02/aNpOhaeYSz_RCu80x9HQDxtGRTE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aNpOhaeYSz_RCu80x9HQDxtGRTE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D931/FB5A5084085811EB93B7A66BC4F9AE02/F575D65A085A11EBA6864D71C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.75.188.0/22
202.59.9.0-202.59.10.255
Signature Algorithm: sha256WithRSAEncryption
7f:e9:fe:7a:78:a7:c7:57:9c:f7:96:3c:b4:a7:5d:6b:1f:46:
33:48:df:55:a0:7e:3b:01:67:16:9e:de:10:e9:d3:62:91:fb:
fe:85:82:5a:5a:73:26:c0:b5:e1:3c:5a:04:9b:96:6d:93:2b:
40:3f:f6:41:23:e8:49:a6:06:5b:ef:1b:d0:d5:96:bd:7d:2f:
f0:fc:4e:21:fb:c5:c5:12:87:77:c0:9c:77:79:50:0a:43:fd:
e2:1e:ea:11:3b:bd:8a:a1:80:40:f5:96:33:65:b4:6f:32:a3:
8d:93:04:0f:86:21:78:e9:20:39:6e:20:c0:a4:2a:ca:b0:42:
68:0e:7d:2a:d6:5b:65:93:40:a6:7f:9d:12:41:7e:49:7c:11:
cf:2e:2c:26:af:ca:ae:b7:02:62:3d:e1:a4:ab:35:63:38:bc:
3f:c4:ff:26:e2:17:b4:2d:3f:e7:b4:92:a5:8a:ba:bb:9d:a5:
8a:9f:e6:2b:f0:ef:5d:b1:ff:34:36:e8:9a:d1:82:10:16:31:
d2:6f:f3:8c:76:09:07:22:9c:07:1a:3c:58:27:d4:6e:78:72:
4b:5b:f7:1e:ff:72:60:9f:f5:ba:0d:12:a3:de:c0:f7:51:88:
b2:ca:6c:52:ea:be:2f:b7:bb:bc:5e:2b:d0:04:87:2d:c8:15:
e7:2b:9d:41
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICByQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQ5MzExMTAvBgNVBAUTKDY4REE0RTg1QTc5ODRCM0ZEMTBBRUYzNEM3RDFEMDBG
MUI0NjQ1MzEwHhcNMjQxMDAyMjIwMDQ5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZkYzI5MS03Yzg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvitWbUFKXZKR6b2zkTjobqwdjUjhBYCnjUli4QyHzqPNoty7hPhjkpbS/Ntv
RbPeftW9i7x2MGltOKHtqIlmf6R6Sj6KZnjzNaT8AoLtmOM3Kv9ILgpLJxFSG2mx
3+kWMfZxXxb29r7Q5RzuOxJK/7HAGttoFcgLNTwiVGTym2LSBDC7gTqCVuih1dwr
VSHn7FkmrYqCps1DIGnbrRs9sfHXCyLU26zTsLZo3HUflPCNRIRscUQvcXWJxbu2
Id39Sfz2R3DyG58aLU5Ox6hl/sfBqcYMdPSWZA94LPZ5MxJ2PLEBSL3vFfRE+Fh1
GsaEYjW6KDTEpqS6ZpIrifc9cwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFKw1huYE
FJM4+wsisOGtyCbheRjdMB8GA1UdIwQYMBaAFGjaToWnmEs/0QrvNMfR0A8bRkUx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDkzMS9GQjVBNTA4NDA4
NTgxMUVCOTNCN0E2NkJDNEY5QUUwMi9hTnBPaGFlWVN6X1JDdTgweDlIUUR4dEdS
VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FOcE9oYWVZU3pfUkN1ODB4OUhRRHh0R1JURS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQ5MzEvRkI1QTUwODQwODU4MTFFQjkzQjdBNjZCQzRGOUFFMDIvRjU3NUQ2NUEw
ODVBMTFFQkE2ODY0RDcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAJnS7wwDAMEAMo7CQMEAMo7CjANBgkqhkiG9w0BAQsFAAOC
AQEAf+n+eninx1ec95Y8tKddax9GM0jfVaB+OwFnFp7eEOnTYpH7/oWCWlpzJsC1
4TxaBJuWbZMrQD/2QSPoSaYGW+8b0NWWvX0v8PxOIfvFxRKHd8Ccd3lQCkP94h7q
ETu9iqGAQPWWM2W0bzKjjZMED4YheOkgOW4gwKQqyrBCaA59KtZbZZNApn+dEkF+
SXwRzy4sJq/KrrcCYj3hpKs1Yzi8P8T/JuIXtC0/57SSpYq6u52lip/mK/DvXbH/
NDbomtGCEBYx0m/zjHYJByKcBxo8WCfUbnhyS1v3Hv9yYJ/1ug0So97A91GIssps
Uuq+L7e7vF4r0ASHLcgV5yudQQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:25:44 2025 by rpki-client