Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/02FC48727D7311EF83236D32C4F9AE02.roa
File: 02FC48727D7311EF83236D32C4F9AE02.roa (raw, json)
Hash identifier: PBIVyDMZM9aszgJVWpNZhmII+72ZlfbJfRH99aetBG8=
Subject key identifier: C1:3B:77:CB:07:7C:B7:97:4A:00:D5:CF:42:45:F6:7A:FD:04:B1:FD
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9A67
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/02FC48727D7311EF83236D32C4F9AE02.roa
Signing time: Sat 28 Sep 2024 08:24:00 +0000
ROA not before: Sat 28 Sep 2024 08:24:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 103.253.32.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39527 (0x9a67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Sep 28 08:24:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66f7bd1f-f28d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e8:d5:81:aa:81:73:e4:ba:60:5b:d8:3a:e6:
38:ee:ca:10:87:5e:bc:89:e8:15:76:2f:da:a0:45:
83:ac:45:15:11:de:2a:9b:8d:16:29:6d:0d:20:e3:
2b:d7:0c:49:50:22:d5:ab:04:af:19:02:bc:92:84:
3d:e0:eb:bd:d5:91:45:54:cf:fa:3a:03:1c:2b:37:
49:58:fd:12:43:a1:03:9c:89:74:ce:af:da:36:65:
a3:18:d6:0b:bf:d4:d2:5d:8b:be:86:11:01:3f:b2:
41:05:51:e6:82:a8:dc:f3:58:96:1c:f2:52:37:78:
55:93:5c:09:8e:af:d1:a5:ba:98:a0:2e:da:fa:a1:
74:e9:ee:0f:a8:5b:a6:cf:7c:1e:58:3a:a8:0b:66:
ad:ef:8b:b3:2a:3f:7f:9e:e7:68:15:87:e6:38:20:
39:77:c6:76:bd:25:df:84:87:b6:23:a0:d4:2d:4c:
96:f9:b8:ff:0b:98:07:73:9c:9f:55:b9:43:b8:58:
ae:86:38:eb:e3:02:e0:49:b6:f4:8a:97:d0:38:be:
6d:63:77:54:c8:69:0a:92:cd:55:f3:3e:15:10:52:
01:05:77:8c:bb:ae:c5:32:3d:69:c9:d7:40:97:71:
ba:50:19:89:55:54:bf:44:a2:93:34:74:ca:2a:e5:
63:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:3B:77:CB:07:7C:B7:97:4A:00:D5:CF:42:45:F6:7A:FD:04:B1:FD
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/02FC48727D7311EF83236D32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.253.32.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:3a:a3:14:ac:bf:75:80:ba:8d:00:39:d1:1a:a6:0e:7e:87:
28:17:9c:91:d5:82:e8:03:2b:ef:6f:b3:e5:e6:bf:93:bc:31:
a5:36:28:6b:83:a5:02:4e:d5:0f:5a:ec:78:a4:2a:6f:da:2d:
55:7f:74:6e:0c:d2:d7:74:ba:e2:c5:69:64:1d:e9:11:ba:f8:
59:81:ec:60:34:8f:95:f8:54:c7:c1:d6:a1:4e:78:4f:08:d1:
5f:48:87:27:75:f9:9a:b7:cf:2c:d9:bc:a2:14:4a:16:aa:ca:
c9:d7:ab:50:90:ea:ec:68:d4:32:8f:18:a8:1c:4b:84:0a:79:
b2:cb:4b:19:b4:34:3f:35:bc:c9:c5:46:68:a0:64:5c:b7:2f:
c6:28:94:d0:bb:50:4a:5f:69:05:26:19:c2:cb:aa:1f:c6:d7:
72:f0:22:2e:7b:31:88:26:37:ca:43:ca:d3:4f:5c:f5:8b:c2:
87:61:af:ea:4d:b5:85:5c:a4:6d:45:cd:d1:84:3f:1b:69:0b:
e4:58:07:56:65:17:9d:1f:0e:0e:70:af:e6:6a:9f:92:39:fd:
fe:15:32:cf:8a:52:da:ce:b1:9a:22:41:f6:19:21:c4:5f:40:
4e:32:b6:e1:6d:5b:8f:2b:aa:bb:0f:6c:93:80:10:b1:37:ee:
c2:69:94:ed
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAJpnMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDkyODA4MjQwMFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZmN2JkMWYtZjI4ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOro1YGqgXPkumBb2DrmOO7KEIdevInoFXYv2qBFg6xFFRHeKpuNFiltDSDj
K9cMSVAi1asErxkCvJKEPeDrvdWRRVTP+joDHCs3SVj9EkOhA5yJdM6v2jZloxjW
C7/U0l2LvoYRAT+yQQVR5oKo3PNYlhzyUjd4VZNcCY6v0aW6mKAu2vqhdOnuD6hb
ps98Hlg6qAtmre+Lsyo/f57naBWH5jggOXfGdr0l34SHtiOg1C1Mlvm4/wuYB3Oc
n1W5Q7hYroY46+MC4Em29IqX0Di+bWN3VMhpCpLNVfM+FRBSAQV3jLuuxTI9acnX
QJdxulAZiVVUv0SikzR0yirlY0ECAwEAAaOCApUwggKRMB0GA1UdDgQWBBTBO3fL
B3y3l0oA1c9CRfZ6/QSx/TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzAyRkM0ODcy
N0Q3MzExRUY4MzIzNkQzMkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQCZ/0gMA0GCSqGSIb3DQEBCwUAA4IBAQCLOqMUrL91gLqN
ADnRGqYOfocoF5yR1YLoAyvvb7Pl5r+TvDGlNihrg6UCTtUPWux4pCpv2i1Vf3Ru
DNLXdLrixWlkHekRuvhZgexgNI+V+FTHwdahTnhPCNFfSIcndfmat88s2byiFEoW
qsrJ16tQkOrsaNQyjxioHEuECnmyy0sZtDQ/NbzJxUZooGRcty/GKJTQu1BKX2kF
JhnCy6ofxtdy8CIuezGIJjfKQ8rTT1z1i8KHYa/qTbWFXKRtRc3RhD8baQvkWAdW
ZRedHw4OcK/map+SOf3+FTLPilLazrGaIkH2GSHEX0BOMrbhbVuPK6q7D2yTgBCx
N+7CaZTt
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:01:07 2025 by rpki-client