Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/25BD473A22A411ECB4BC5F30C4F9AE02.roa
File: 25BD473A22A411ECB4BC5F30C4F9AE02.roa (raw, json)
Hash identifier: 5V6wH6N9mdCEah9BxO/P2kZl9jZptYGY12u1C+0uZ60=
Subject key identifier: 73:F5:13:39:22:EE:D1:D1:8B:C8:4D:E6:7A:CF:03:CE:27:52:CE:44
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8A26
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/25BD473A22A411ECB4BC5F30C4F9AE02.roa
Signing time: Thu 30 May 2024 16:01:48 +0000
ROA not before: Thu 30 May 2024 16:01:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135229
IP address blocks: 103.61.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35366 (0x8a26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 30 16:01:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a2ec-d8ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d4:9e:fd:e4:19:9c:78:e4:97:36:ca:97:ce:
9e:b7:a0:6c:31:a1:4b:57:ae:87:05:f2:2e:4e:1a:
83:93:c7:18:3e:04:8c:2d:95:40:8b:8a:22:01:7e:
13:b2:46:2a:e5:6c:14:e1:29:d2:67:19:7f:a0:b6:
b3:de:84:3f:af:ac:d7:26:5b:ca:99:e9:25:3a:24:
96:13:24:e4:fb:e7:ab:4c:91:1c:33:f7:d4:e5:59:
e6:94:11:ae:72:06:7a:a4:fe:ac:d1:09:78:c9:d3:
21:b0:54:f9:5e:99:f4:9d:aa:36:25:76:ea:0b:09:
64:2f:63:dc:4b:13:c4:b3:c0:77:fb:3c:49:5d:19:
56:7b:68:7a:d9:de:21:9b:98:29:99:38:17:31:04:
ab:b5:ce:b2:b8:48:7a:99:6c:ca:11:fc:86:a8:fc:
89:7f:d0:44:ad:eb:b0:b7:7f:5f:31:2e:fb:9e:f9:
69:a2:a2:02:f3:ab:1d:05:25:d0:2e:79:77:97:78:
7f:14:83:5d:c0:89:b7:2c:9d:05:60:9a:9a:0a:51:
23:ba:4e:d4:38:d0:b2:8d:51:c8:a4:6c:7b:a2:7c:
28:60:1a:40:d1:dd:e1:03:ae:55:1a:e0:2b:4d:5c:
f1:8a:61:00:81:fe:01:28:00:62:89:00:d3:b5:c4:
f1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F5:13:39:22:EE:D1:D1:8B:C8:4D:E6:7A:CF:03:CE:27:52:CE:44
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/25BD473A22A411ECB4BC5F30C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.61.109.0/24
Signature Algorithm: sha256WithRSAEncryption
13:19:22:54:27:cd:4a:1f:6f:bf:18:8a:54:54:6e:09:1d:41:
24:07:4e:94:f2:1f:7e:ba:50:bc:90:71:fd:3c:55:df:e1:a7:
4c:11:86:53:95:c2:28:47:5e:95:7a:c4:f9:89:60:6e:76:c5:
3c:ed:f7:0f:d7:0e:ad:a2:9e:e5:28:a3:2d:15:f6:6a:16:7b:
5b:eb:ce:c6:31:2f:e3:68:9a:57:2f:46:0d:d0:b8:d9:2f:50:
de:27:cc:f6:57:c6:60:fd:71:68:1c:88:9e:27:6a:d9:b9:b9:
55:b6:03:9b:8f:47:77:84:a9:4a:88:37:96:62:43:16:d6:af:
e1:b1:02:c2:a7:6c:68:a2:f3:5a:15:c2:91:bf:f3:dc:47:3a:
aa:6e:4f:ca:e3:e8:fa:46:c3:3a:9d:2a:83:93:fe:b1:b1:b6:
77:5b:42:6d:47:95:0b:4a:ef:8a:04:54:35:df:54:be:84:b1:
3f:37:73:9d:82:31:bc:ee:43:57:3a:20:a1:7d:a7:b1:e9:d1:
07:88:61:c9:cc:e0:f5:2d:81:ea:a4:c3:e1:7a:3a:61:80:17:
b7:07:eb:b7:0e:c1:05:8c:ea:5a:49:dc:a7:76:d9:20:90:69:
3d:7d:44:a3:99:cc:26:dd:21:2c:53:85:0a:d5:fb:e7:65:6e:
b2:1a:2c:6d
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAIomMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDE0OFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEyZWMtZDhlZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbUnv3kGZx45Jc2ypfOnregbDGhS1euhwXyLk4ag5PHGD4EjC2VQIuKIgF+
E7JGKuVsFOEp0mcZf6C2s96EP6+s1yZbypnpJToklhMk5Pvnq0yRHDP31OVZ5pQR
rnIGeqT+rNEJeMnTIbBU+V6Z9J2qNiV26gsJZC9j3EsTxLPAd/s8SV0ZVntoetne
IZuYKZk4FzEEq7XOsrhIeplsyhH8hqj8iX/QRK3rsLd/XzEu+575aaKiAvOrHQUl
0C55d5d4fxSDXcCJtyydBWCamgpRI7pO1DjQso1RyKRse6J8KGAaQNHd4QOuVRrg
K01c8YphAIH+ASgAYokA07XE8Z0CAwEAAaOCApUwggKRMB0GA1UdDgQWBBRz9RM5
Iu7R0YvITeZ6zwPOJ1LORDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzI1QkQ0NzNB
MjJBNDExRUNCNEJDNUYzMEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQAZz1tMA0GCSqGSIb3DQEBCwUAA4IBAQATGSJUJ81KH2+/
GIpUVG4JHUEkB06U8h9+ulC8kHH9PFXf4adMEYZTlcIoR16VesT5iWBudsU87fcP
1w6top7lKKMtFfZqFntb687GMS/jaJpXL0YN0LjZL1DeJ8z2V8Zg/XFoHIieJ2rZ
ublVtgObj0d3hKlKiDeWYkMW1q/hsQLCp2xoovNaFcKRv/PcRzqqbk/K4+j6RsM6
nSqDk/6xsbZ3W0JtR5ULSu+KBFQ131S+hLE/N3OdgjG87kNXOiChfaex6dEHiGHJ
zOD1LYHqpMPhejphgBe3B+u3DsEFjOpaSdyndtkgkGk9fUSjmcwm3SEsU4UK1fvn
ZW6yGixt
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:35:26 2025 by rpki-client