Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A82D/ADF665C0127811EA9B8ED034C4F9AE02/403FDDD0DF3511ED8FBA823DC4F9AE02.roa
File: 403FDDD0DF3511ED8FBA823DC4F9AE02.roa (raw, json)
Hash identifier: e9pVaCNIwHUsPPLgT+JyEcgnBXOBG7Wu2I8ZCbapkoM=
Subject key identifier: 1F:0E:FE:1C:E8:06:44:78:DD:89:0A:05:27:99:53:8F:21:15:23:97
Certificate issuer: /CN=A917A82D/serialNumber=EAAEC609B9DC235C46B9C5F1BCA3CDBEC7FFEE28
Certificate serial: 0BFA
Authority key identifier: EA:AE:C6:09:B9:DC:23:5C:46:B9:C5:F1:BC:A3:CD:BE:C7:FF:EE:28
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6q7GCbncI1xGucXxvKPNvsf_7ig.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A82D/ADF665C0127811EA9B8ED034C4F9AE02/403FDDD0DF3511ED8FBA823DC4F9AE02.roa
Signing time: Thu 30 Jan 2025 19:07:51 +0000
ROA not before: Thu 30 Jan 2025 19:07:51 +0000
ROA not after: Mon 02 Jun 2025 00:00:00 +0000
asID: 139872
IP address blocks: 103.145.208.0/23 maxlen: 23
103.145.208.0/24 maxlen: 24
103.145.209.0/24 maxlen: 24
2001:df2:2780::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3066 (0xbfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A82D/serialNumber=EAAEC609B9DC235C46B9C5F1BCA3CDBEC7FFEE28
Validity
Not Before: Jan 30 19:07:51 2025 GMT
Not After : Jun 2 00:00:00 2025 GMT
Subject: CN=679bce06-a319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0f:6c:1a:4d:60:6a:3b:3a:7d:0c:15:22:50:
da:c0:2d:37:e2:09:3a:a1:a9:46:a2:bb:df:0d:f9:
11:65:f3:c4:50:32:fb:02:26:4f:c7:67:20:d2:d0:
fb:28:ed:d2:bd:dd:c9:af:cc:42:e5:f1:8d:ed:e4:
51:f2:49:93:53:83:bf:ca:da:55:50:50:85:0c:1b:
11:00:df:5a:65:63:56:b0:eb:a4:d0:be:38:7b:a1:
a1:c8:75:e3:02:c8:8e:b8:8c:ef:f5:e9:e5:89:9d:
4b:32:60:7a:83:69:1b:dc:7e:e7:03:c7:96:c1:c1:
03:ab:67:bd:fe:87:bc:7c:3f:cf:04:5f:76:b3:0c:
b8:c9:0c:c2:f4:8b:b7:fe:09:8c:63:28:cf:71:60:
71:0d:25:b4:37:fd:2e:b7:5c:8a:fb:ca:5c:68:3a:
28:82:06:72:d6:db:24:7d:d6:6d:da:ad:ed:ab:04:
be:35:a7:32:9f:5d:07:e4:f9:d0:f6:d9:e7:77:4d:
40:3a:c6:f9:42:3c:c5:41:f0:f2:e4:83:6c:3e:fb:
6f:cc:9d:ba:de:05:fa:13:79:72:25:fb:61:5a:3c:
47:ef:f8:aa:0d:eb:8a:94:43:5b:81:41:71:79:e8:
d0:89:79:31:98:40:6f:68:b0:c8:c6:d0:70:aa:49:
98:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:0E:FE:1C:E8:06:44:78:DD:89:0A:05:27:99:53:8F:21:15:23:97
X509v3 Authority Key Identifier:
keyid:EA:AE:C6:09:B9:DC:23:5C:46:B9:C5:F1:BC:A3:CD:BE:C7:FF:EE:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A82D/ADF665C0127811EA9B8ED034C4F9AE02/6q7GCbncI1xGucXxvKPNvsf_7ig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6q7GCbncI1xGucXxvKPNvsf_7ig.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A82D/ADF665C0127811EA9B8ED034C4F9AE02/403FDDD0DF3511ED8FBA823DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.145.208.0/23
IPv6:
2001:df2:2780::/48
Signature Algorithm: sha256WithRSAEncryption
40:08:39:50:1c:67:e1:95:f5:39:f8:45:d2:19:78:98:cb:6d:
8b:a9:3c:40:d6:9d:ed:c7:ca:c5:c6:b0:6b:3f:9b:97:cf:b8:
e4:51:b9:06:1f:ff:0e:98:b5:da:a2:1a:6c:b7:17:42:7a:ba:
0d:cf:92:e7:7a:cb:6a:d8:e5:6f:8c:e6:e6:46:cc:2c:5f:1a:
68:af:89:b0:bd:df:1f:02:9e:1a:f2:f9:6c:ff:2f:33:e9:06:
6e:88:40:d6:5e:63:01:a8:e4:37:b0:b1:d7:4d:dd:d5:2b:ca:
23:e8:16:03:d0:c8:28:54:93:9b:0e:81:86:e4:c2:ca:9a:44:
90:cb:f0:7c:f5:ce:ca:bd:c4:82:8f:73:cc:1c:02:14:0d:df:
bd:2f:9e:47:02:2e:ec:49:71:9b:87:9b:95:08:f7:3a:b6:e4:
cb:15:5e:5c:77:ca:71:63:98:e8:d6:4d:a8:f3:cc:99:5f:22:
29:f6:43:ee:77:65:63:f9:d5:6c:d0:8e:02:60:5a:17:26:d1:
65:0b:2d:4b:b5:6a:13:09:0a:27:6c:2b:ad:ad:ee:c4:4e:64:
fa:e8:a0:cd:ef:4b:5b:57:a9:9a:a4:af:79:8a:9a:c3:43:e7:
6c:9f:be:91:9e:31:20:dc:03:44:e1:83:17:b5:ea:c2:63:e7:
40:07:cb:61
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICC/owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4MkQxMTAvBgNVBAUTKEVBQUVDNjA5QjlEQzIzNUM0NkI5QzVGMUJDQTNDREJF
QzdGRkVFMjgwHhcNMjUwMTMwMTkwNzUxWhcNMjUwNjAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzliY2UwNi1hMzE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvA9sGk1gajs6fQwVIlDawC034gk6oalGorvfDfkRZfPEUDL7AiZPx2cg0tD7
KO3Svd3Jr8xC5fGN7eRR8kmTU4O/ytpVUFCFDBsRAN9aZWNWsOuk0L44e6GhyHXj
AsiOuIzv9enliZ1LMmB6g2kb3H7nA8eWwcEDq2e9/oe8fD/PBF92swy4yQzC9Iu3
/gmMYyjPcWBxDSW0N/0ut1yK+8pcaDooggZy1tskfdZt2q3tqwS+Nacyn10H5PnQ
9tnnd01AOsb5QjzFQfDy5INsPvtvzJ263gX6E3lyJfthWjxH7/iqDeuKlENbgUFx
eejQiXkxmEBvaLDIxtBwqkmYOwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFB8O/hzo
BkR43YkKBSeZU48hFSOXMB8GA1UdIwQYMBaAFOquxgm53CNcRrnF8byjzb7H/+4o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTgyRC9BREY2NjVDMDEy
NzgxMUVBOUI4RUQwMzRDNEY5QUUwMi82cTdHQ2JuY0kxeEd1Y1h4dktQTnZzZl83
aWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZxN0dDYm5jSTF4R3VjWHh2S1BOdnNmXzdpZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4MkQvQURGNjY1QzAxMjc4MTFFQTlCOEVEMDM0QzRGOUFFMDIvNDAzRkRERDBE
RjM1MTFFRDhGQkE4MjNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnkdAwDwQCAAIwCQMHACABDfIngDANBgkqhkiG9w0BAQsF
AAOCAQEAQAg5UBxn4ZX1OfhF0hl4mMtti6k8QNad7cfKxcawaz+bl8+45FG5Bh//
Dpi12qIabLcXQnq6Dc+S53rLatjlb4zm5kbMLF8aaK+JsL3fHwKeGvL5bP8vM+kG
bohA1l5jAajkN7Cx103d1SvKI+gWA9DIKFSTmw6BhuTCyppEkMvwfPXOyr3Ego9z
zBwCFA3fvS+eRwIu7Elxm4eblQj3OrbkyxVeXHfKcWOY6NZNqPPMmV8iKfZD7ndl
Y/nVbNCOAmBaFybRZQstS7VqEwkKJ2wrra3uxE5k+uigze9LW1epmqSveYqaw0Pn
bJ++kZ4xINwDROGDF7XqwmPnQAfLYQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:48:37 2025 by rpki-client