Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/20DE0C38D6E111EEB9B20E53C4F9AE02.roa
File: 20DE0C38D6E111EEB9B20E53C4F9AE02.roa (raw, json)
Hash identifier: ZDRe1bg5imCyb9XcgHvy3TXyAoG3Y42zX7boTOvqM9k=
Subject key identifier: 57:43:04:DA:75:5F:F3:76:80:F5:EA:DB:DE:13:8F:D1:2B:95:51:27
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8CB1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/20DE0C38D6E111EEB9B20E53C4F9AE02.roa
Signing time: Thu 30 May 2024 16:12:26 +0000
ROA not before: Thu 30 May 2024 16:12:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 140112
IP address blocks: 103.99.196.0/23 maxlen: 24
103.99.198.0/23 maxlen: 24
103.158.170.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36017 (0x8cb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 30 16:12:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a569-96ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:73:e8:67:99:7f:78:cd:f3:29:7b:02:ec:5f:
d9:e4:53:d7:24:aa:23:e9:05:01:33:51:bc:29:c8:
52:a4:79:7d:8b:01:b7:b4:e4:1c:e1:29:48:a0:88:
e1:1b:41:41:17:c1:25:70:4f:4b:81:30:df:6d:2d:
59:0c:bd:65:52:c6:b1:d9:e6:6d:1d:8f:de:8a:23:
fa:1c:ce:7d:cb:e8:97:99:b9:46:71:b0:42:de:38:
2b:b0:40:ce:cb:54:04:3e:3f:0c:15:40:50:9e:2f:
31:21:ec:a7:0f:08:50:58:6b:73:75:92:38:08:d1:
9e:03:b5:0e:23:87:53:e9:36:be:e8:17:30:50:d9:
e5:cf:fd:dc:a5:11:36:3d:8b:3b:0f:bd:dd:f1:40:
96:f8:90:35:c4:26:eb:13:6f:bf:e7:4f:24:1f:a1:
38:2f:76:6c:40:a1:49:3b:e5:40:37:79:be:bd:de:
07:d4:43:72:7e:9b:c5:6a:17:a7:46:5c:a9:e1:5d:
20:40:4d:8f:c2:93:3f:77:7d:e2:35:89:f0:94:d6:
d2:88:6c:68:e1:a1:7f:46:ff:a3:cc:d3:5d:c9:8d:
6a:5e:3d:26:bc:da:ff:08:f8:bd:db:79:bf:af:5a:
99:ee:a3:52:23:40:d6:91:6a:7e:22:a0:ec:ea:64:
82:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:43:04:DA:75:5F:F3:76:80:F5:EA:DB:DE:13:8F:D1:2B:95:51:27
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/20DE0C38D6E111EEB9B20E53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.196.0/22
103.158.170.0/23
Signature Algorithm: sha256WithRSAEncryption
45:84:cb:8f:98:d4:8d:46:d0:87:a4:ac:15:ee:30:e5:4b:45:
b0:7d:d7:41:c8:e2:33:8e:c4:21:19:8d:7b:b7:5e:65:14:fc:
e2:fd:d3:84:4c:5b:27:da:d1:3b:8b:a1:0b:51:cd:8f:c3:94:
f7:20:1f:59:97:ea:2c:1c:69:52:2d:14:3c:4e:50:9f:90:87:
41:b8:25:ef:b4:e0:4a:14:c3:d0:11:eb:2a:b7:87:8d:6b:56:
e4:98:03:cd:20:06:a4:52:26:6a:e2:46:6d:5e:59:2a:c5:82:
e5:07:61:7e:b3:72:c8:1f:bf:bb:b3:e5:35:a0:59:7a:84:b2:
64:df:36:4e:9f:c6:c5:ca:f7:57:cd:0e:56:60:77:d8:4a:f3:
66:83:0c:89:40:10:d2:11:8e:fd:82:07:60:33:60:00:64:ee:
ce:55:87:17:b9:5d:c6:57:84:4a:44:28:41:51:80:b2:1d:23:
be:cb:0d:15:85:77:b9:5c:52:81:d2:d9:ea:65:b5:bc:6d:5a:
a3:b5:10:28:a6:b1:4e:fd:13:97:98:42:69:2a:64:6a:43:ef:
40:a6:fc:9c:0b:69:af:a0:9c:ec:c9:0a:45:1e:33:27:00:d7:
6e:42:19:f4:be:9e:7b:0c:1e:75:b5:00:ea:5f:ad:05:92:87:
f1:3a:59:c5
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAIyxMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MTIyNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE1NjktOTZhZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZz6GeZf3jN8yl7Auxf2eRT1ySqI+kFATNRvCnIUqR5fYsBt7TkHOEpSKCI
4RtBQRfBJXBPS4Ew320tWQy9ZVLGsdnmbR2P3ooj+hzOfcvol5m5RnGwQt44K7BA
zstUBD4/DBVAUJ4vMSHspw8IUFhrc3WSOAjRngO1DiOHU+k2vugXMFDZ5c/93KUR
Nj2LOw+93fFAlviQNcQm6xNvv+dPJB+hOC92bEChSTvlQDd5vr3eB9RDcn6bxWoX
p0ZcqeFdIEBNj8KTP3d94jWJ8JTW0ohsaOGhf0b/o8zTXcmNal49Jrza/wj4vdt5
v69ame6jUiNA1pFqfiKg7OpkgqECAwEAAaOCApswggKXMB0GA1UdDgQWBBRXQwTa
dV/zdoD16tveE4/RK5VRJzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzIwREUwQzM4
RDZFMTExRUVCOUIyMEU1M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQCZ2PEAwQBZ56qMA0GCSqGSIb3DQEBCwUAA4IBAQBFhMuP
mNSNRtCHpKwV7jDlS0WwfddByOIzjsQhGY17t15lFPzi/dOETFsn2tE7i6ELUc2P
w5T3IB9Zl+osHGlSLRQ8TlCfkIdBuCXvtOBKFMPQEesqt4eNa1bkmAPNIAakUiZq
4kZtXlkqxYLlB2F+s3LIH7+7s+U1oFl6hLJk3zZOn8bFyvdXzQ5WYHfYSvNmgwyJ
QBDSEY79ggdgM2AAZO7OVYcXuV3GV4RKRChBUYCyHSO+yw0VhXe5XFKB0tnqZbW8
bVqjtRAoprFO/ROXmEJpKmRqQ+9ApvycC2mvoJzsyQpFHjMnANduQhn0vp57DB51
tQDqX60FkofxOlnF
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:35:40 2025 by rpki-client