Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9184AB8/3B0A9C64D1B011EF8C20DD32C4F9AE02/0B26C14AD26811EF95A1A65FC4F9AE02.roa
File: 0B26C14AD26811EF95A1A65FC4F9AE02.roa (raw, json)
Hash identifier: mzhwSXkIHnHCYgyoyHvgE2YnfLZ33DeT+xQlrCYhgdw=
Subject key identifier: EE:01:D2:A8:F8:A6:20:0F:00:54:A2:BE:CE:4D:7B:AB:DF:B8:23:75
Certificate issuer: /CN=A9184AB8/serialNumber=3188F9B9F5E90AFB0DB0DE6565F02C90BEEA48D0
Certificate serial: 08
Authority key identifier: 31:88:F9:B9:F5:E9:0A:FB:0D:B0:DE:65:65:F0:2C:90:BE:EA:48:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MYj5ufXpCvsNsN5lZfAskL7qSNA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9184AB8/3B0A9C64D1B011EF8C20DD32C4F9AE02/0B26C14AD26811EF95A1A65FC4F9AE02.roa
Signing time: Tue 14 Jan 2025 12:02:10 +0000
ROA not before: Tue 14 Jan 2025 12:02:10 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 136988
IP address blocks: 103.101.128.0/22 maxlen: 22
173.234.104.0/21 maxlen: 21
173.234.106.0/23 maxlen: 23
2401:d040::/36 maxlen: 36
2401:d040:1000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9184AB8/serialNumber=3188F9B9F5E90AFB0DB0DE6565F02C90BEEA48D0
Validity
Not Before: Jan 14 12:02:10 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67865241-b103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:62:ec:c8:e3:c6:06:ce:cf:61:cf:23:6a:80:
9b:f5:bc:32:ce:e2:42:b6:7b:5a:f5:40:39:0c:7f:
66:4b:2d:2b:7a:8f:0a:75:3f:34:e2:e9:fd:7b:83:
35:1d:86:72:ae:7c:31:03:68:43:c9:96:6b:76:21:
33:63:d2:b2:b0:db:c3:72:e1:72:e3:1e:a9:ec:6f:
93:33:20:2a:0b:4c:e2:df:f7:8a:d4:8b:3c:73:f5:
53:1c:f3:67:4b:e7:53:87:45:3d:5e:e1:19:1b:0b:
99:18:2b:f9:d1:3b:63:ad:05:2d:16:78:34:66:f1:
7c:84:e6:6e:9e:4b:02:fb:41:98:b4:14:a7:e1:5f:
2a:bb:65:f4:28:bd:15:2e:f2:bd:9b:d0:fb:b1:e7:
12:1f:6f:75:99:16:f6:f0:dd:21:c7:bd:1f:3a:0c:
aa:6b:5e:d2:ca:a7:45:8f:94:6d:0e:15:8c:39:06:
ad:57:30:42:6d:fe:99:b3:a0:5e:a3:d6:43:da:5a:
d4:a4:a0:ef:4c:68:6c:21:b5:7e:e6:11:6f:a4:43:
92:2c:cb:eb:a6:46:ca:71:b4:d8:fa:24:9f:20:7e:
94:96:bc:54:68:72:f1:82:e7:41:af:54:99:6c:66:
95:25:6b:38:6f:36:7f:25:c8:d2:48:18:b9:c0:2f:
63:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:01:D2:A8:F8:A6:20:0F:00:54:A2:BE:CE:4D:7B:AB:DF:B8:23:75
X509v3 Authority Key Identifier:
keyid:31:88:F9:B9:F5:E9:0A:FB:0D:B0:DE:65:65:F0:2C:90:BE:EA:48:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9184AB8/3B0A9C64D1B011EF8C20DD32C4F9AE02/MYj5ufXpCvsNsN5lZfAskL7qSNA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MYj5ufXpCvsNsN5lZfAskL7qSNA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9184AB8/3B0A9C64D1B011EF8C20DD32C4F9AE02/0B26C14AD26811EF95A1A65FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.128.0/22
173.234.104.0/21
IPv6:
2401:d040::/35
Signature Algorithm: sha256WithRSAEncryption
13:d5:3c:20:10:95:5b:50:7a:a4:7d:e5:42:1c:93:a7:3b:af:
e5:6c:41:84:ca:98:12:0f:04:67:d6:27:a9:02:b7:ad:93:05:
e2:e6:3c:d5:f0:1a:5d:35:24:8d:fe:35:e9:ce:8e:4e:ca:20:
1f:72:ae:15:12:8d:42:83:e1:5e:c4:74:1e:5b:f0:fa:7d:2b:
9c:52:7a:4b:54:13:9f:65:cc:8b:e2:d7:8e:f5:c2:b4:c8:7c:
25:fa:91:38:24:d5:8b:99:97:af:ee:d7:08:69:87:ce:77:c7:
0f:5c:d8:fa:75:d0:e3:d7:3b:6f:ed:70:ac:dd:e2:a0:70:e4:
c9:3e:90:bf:2f:12:f5:cc:73:5f:c1:60:a9:27:17:e2:a0:13:
00:6c:b7:e9:f8:ef:e7:32:04:32:b8:85:63:e2:ca:f1:d6:3d:
be:d4:ca:f7:89:54:b3:ac:3c:29:d9:54:91:7f:29:d4:c0:16:
bb:d3:ac:31:a0:81:b2:22:c5:97:09:70:1a:e0:35:18:b5:38:
17:57:1f:3f:5e:af:10:b5:1f:77:58:df:27:79:da:5a:a4:d8:
78:51:cf:f0:8e:d7:d1:7b:69:b0:d2:8e:e3:14:9c:06:8b:dd:
db:75:7a:3a:48:3f:d0:e6:5a:98:c0:48:d0:ff:1e:8c:5c:7c:
b9:42:35:a6
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
NEFCODExMC8GA1UEBRMoMzE4OEY5QjlGNUU5MEFGQjBEQjBERTY1NjVGMDJDOTBC
RUVBNDhEMDAeFw0yNTAxMTQxMjAyMTBaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODY1MjQxLWIxMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYYuzI48YGzs9hzyNqgJv1vDLO4kK2e1r1QDkMf2ZLLSt6jwp1PzTi6f17gzUd
hnKufDEDaEPJlmt2ITNj0rKw28Ny4XLjHqnsb5MzICoLTOLf94rUizxz9VMc82dL
51OHRT1e4RkbC5kYK/nRO2OtBS0WeDRm8XyE5m6eSwL7QZi0FKfhXyq7ZfQovRUu
8r2b0Pux5xIfb3WZFvbw3SHHvR86DKprXtLKp0WPlG0OFYw5Bq1XMEJt/pmzoF6j
1kPaWtSkoO9MaGwhtX7mEW+kQ5Isy+umRspxtNj6JJ8gfpSWvFRocvGC50GvVJls
ZpUlazhvNn8lyNJIGLnAL2PlAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQU7gHSqPim
IA8AVKK+zk17q9+4I3UwHwYDVR0jBBgwFoAUMYj5ufXpCvsNsN5lZfAskL7qSNAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg0QUI4LzNCMEE5QzY0RDFC
MDExRUY4QzIwREQzMkM0RjlBRTAyL01ZajV1ZlhwQ3ZzTnNONWxaZkFza0w3cVNO
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTVlqNXVmWHBDdnNOc041bFpmQXNrTDdxU05BLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NEFCOC8zQjBBOUM2NEQxQjAxMUVGOEMyMEREMzJDNEY5QUUwMi8wQjI2QzE0QUQy
NjgxMUVGOTVBMUE2NUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA1BggrBgEFBQcBBwEB/wQm
MCQwEgQCAAEwDAMEAmdlgAMEA63qaDAOBAIAAjAIAwYFJAHQQAAwDQYJKoZIhvcN
AQELBQADggEBABPVPCAQlVtQeqR95UIck6c7r+VsQYTKmBIPBGfWJ6kCt62TBeLm
PNXwGl01JI3+NenOjk7KIB9yrhUSjUKD4V7EdB5b8Pp9K5xSektUE59lzIvi1471
wrTIfCX6kTgk1YuZl6/u1whph853xw9c2Pp10OPXO2/tcKzd4qBw5Mk+kL8vEvXM
c1/BYKknF+KgEwBst+n47+cyBDK4hWPiyvHWPb7UyveJVLOsPCnZVJF/KdTAFrvT
rDGggbIixZcJcBrgNRi1OBdXHz9erxC1H3dY3yd52lqk2HhRz/CO19F7abDSjuMU
nAaL3dt1ejpIP9DmWpjASND/HoxcfLlCNaY=
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:21:36 2025 by rpki-client