Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918A132/1F4AC61EE72511EEA830D62AC4F9AE02/29779172DD2311EF87F5EC47C4F9AE02.roa
File: 29779172DD2311EF87F5EC47C4F9AE02.roa (raw, json)
Hash identifier: N0q+ZJOEcziJF4fAUxz3kOldFXpv4SfEft+wL2hbxEI=
Subject key identifier: CD:86:8B:2F:5E:F9:45:AA:46:1B:B2:F1:6D:2C:2F:01:EB:11:B5:F6
Certificate issuer: /CN=A918A132/serialNumber=016569C3CF8E700932F14E482C56AA66BBAF2B61
Certificate serial: A6
Authority key identifier: 01:65:69:C3:CF:8E:70:09:32:F1:4E:48:2C:56:AA:66:BB:AF:2B:61
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AWVpw8-OcAky8U5ILFaqZruvK2E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918A132/1F4AC61EE72511EEA830D62AC4F9AE02/29779172DD2311EF87F5EC47C4F9AE02.roa
Signing time: Tue 28 Jan 2025 02:54:16 +0000
ROA not before: Tue 28 Jan 2025 02:54:16 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 140057
IP address blocks: 103.163.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166 (0xa6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918A132/serialNumber=016569C3CF8E700932F14E482C56AA66BBAF2B61
Validity
Not Before: Jan 28 02:54:16 2025 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=679846d8-be37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:65:ea:4a:7e:ba:76:ac:21:3c:90:58:f8:b1:
8e:e1:b9:24:9c:9e:bb:38:4e:aa:06:9f:5e:6c:2c:
85:c1:d6:13:77:77:a2:d1:ff:a3:b2:f7:41:b5:18:
8e:64:5a:91:41:33:f4:31:69:e0:9e:df:7b:12:10:
8c:a0:35:55:9a:ff:63:1c:c8:14:ea:c9:38:e6:e2:
a7:5e:54:a9:76:a1:f7:c9:43:63:fa:fe:51:ac:b5:
18:ca:a2:1d:e0:f6:68:d2:e2:17:db:ed:75:22:b9:
92:24:71:75:f4:a7:dc:5c:66:23:9a:61:75:eb:47:
46:23:42:13:09:3e:04:e8:55:7f:57:bd:69:bb:6d:
d2:90:6f:2e:8f:e2:2b:b4:41:bb:23:e9:5b:ee:e2:
ae:29:71:4f:b8:da:96:25:9c:a5:8c:15:81:67:15:
f2:64:0b:72:fa:2d:05:e0:f9:18:c2:2a:c2:ce:73:
9f:b6:be:25:86:f6:cf:23:a1:14:7c:85:42:d7:d3:
63:af:ef:98:16:55:84:9d:d2:c6:fc:66:d6:00:2f:
0d:47:10:57:cb:d1:80:6d:dd:76:db:96:ac:d5:32:
39:66:4d:83:73:09:c2:3f:09:b9:78:10:f6:4c:e6:
cd:92:41:0c:4c:3a:36:ed:cf:13:0e:02:79:6f:80:
4a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:86:8B:2F:5E:F9:45:AA:46:1B:B2:F1:6D:2C:2F:01:EB:11:B5:F6
X509v3 Authority Key Identifier:
keyid:01:65:69:C3:CF:8E:70:09:32:F1:4E:48:2C:56:AA:66:BB:AF:2B:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918A132/1F4AC61EE72511EEA830D62AC4F9AE02/AWVpw8-OcAky8U5ILFaqZruvK2E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AWVpw8-OcAky8U5ILFaqZruvK2E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A132/1F4AC61EE72511EEA830D62AC4F9AE02/29779172DD2311EF87F5EC47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.163.133.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:d4:c4:6d:62:0f:d7:56:fb:95:df:e7:24:b1:3d:57:7e:6f:
07:10:73:9e:c6:a6:c6:29:bf:da:ac:7d:7a:93:04:de:f5:d4:
ad:69:db:b5:94:32:7e:4c:9c:ad:d6:a9:af:bb:ef:b7:67:6e:
9a:d1:2a:90:df:bf:5a:07:a4:cb:49:84:6d:e4:0a:15:8f:eb:
6f:5b:65:c4:25:ef:ac:5d:f9:6c:52:84:cc:aa:e2:8a:04:0a:
a4:13:e4:d3:d6:cb:ae:05:9d:25:e0:8b:b1:4a:ab:2a:a1:b3:
a0:c7:b0:aa:39:85:5c:82:9a:ff:87:7b:05:98:57:72:80:01:
23:35:12:ac:5d:63:5c:a4:ac:0a:d2:91:6e:dd:db:cd:92:84:
e0:d0:4c:ce:91:fe:68:e7:63:b6:d8:21:e0:4d:4e:db:1e:ae:
ec:ca:d5:05:9b:a5:a6:3b:f9:3f:65:fd:33:61:7d:be:8b:3d:
43:3c:0a:8a:d5:bb:5e:6f:d2:bd:83:f4:0d:56:cf:db:37:b8:
23:53:94:f7:1a:82:49:eb:30:8e:a5:a5:7f:f5:9b:de:fc:26:
80:fe:c9:a6:1c:c4:cb:9d:c0:62:a3:db:02:f5:23:50:89:38:
e4:f0:e6:9a:e9:ee:c4:3c:40:c9:5b:a5:4e:d3:77:a7:76:1b:
f7:e8:37:3c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEExMzIxMTAvBgNVBAUTKDAxNjU2OUMzQ0Y4RTcwMDkzMkYxNEU0ODJDNTZBQTY2
QkJBRjJCNjEwHhcNMjUwMTI4MDI1NDE2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk4NDZkOC1iZTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4mXqSn66dqwhPJBY+LGO4bkknJ67OE6qBp9ebCyFwdYTd3ei0f+jsvdBtRiO
ZFqRQTP0MWngnt97EhCMoDVVmv9jHMgU6sk45uKnXlSpdqH3yUNj+v5RrLUYyqId
4PZo0uIX2+11IrmSJHF19KfcXGYjmmF160dGI0ITCT4E6FV/V71pu23SkG8uj+Ir
tEG7I+lb7uKuKXFPuNqWJZyljBWBZxXyZAty+i0F4PkYwirCznOftr4lhvbPI6EU
fIVC19Njr++YFlWEndLG/GbWAC8NRxBXy9GAbd1225as1TI5Zk2DcwnCPwm5eBD2
TObNkkEMTDo27c8TDgJ5b4BKaQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM2Giy9e
+UWqRhuy8W0sLwHrEbX2MB8GA1UdIwQYMBaAFAFlacPPjnAJMvFOSCxWqma7ryth
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTEzMi8xRjRBQzYxRUU3
MjUxMUVFQTgzMEQ2MkFDNEY5QUUwMi9BV1ZwdzgtT2NBa3k4VTVJTEZhcVpydXZL
MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FXVnB3OC1PY0FreThVNUlMRmFxWnJ1dksyRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEExMzIvMUY0QUM2MUVFNzI1MTFFRUE4MzBENjJBQzRGOUFFMDIvMjk3NzkxNzJE
RDIzMTFFRjg3RjVFQzQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABno4UwDQYJKoZIhvcNAQELBQADggEBAH3UxG1iD9dW+5Xf
5ySxPVd+bwcQc57GpsYpv9qsfXqTBN711K1p27WUMn5MnK3Wqa+777dnbprRKpDf
v1oHpMtJhG3kChWP629bZcQl76xd+WxShMyq4ooECqQT5NPWy64FnSXgi7FKqyqh
s6DHsKo5hVyCmv+HewWYV3KAASM1EqxdY1ykrArSkW7d282ShODQTM6R/mjnY7bY
IeBNTtseruzK1QWbpaY7+T9l/TNhfb6LPUM8CorVu15v0r2D9A1Wz9s3uCNTlPca
gknrMI6lpX/1m978JoD+yaYcxMudwGKj2wL1I1CJOOTw5prp7sQ8QMlbpU7Td6d2
G/foNzw=
-----END CERTIFICATE-----
Generated at Sun Apr 27 11:12:35 2025 by rpki-client