Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/37F27A1685A411ECBAE9205EC4F9AE02.roa
File: 37F27A1685A411ECBAE9205EC4F9AE02.roa (raw, json)
Hash identifier: Iu6fv80bgh6S/yoh8Jxf/KmwtrfMvkzoY1a71uc7fBI=
Subject key identifier: 34:7D:85:5A:E7:DF:EE:69:74:4E:69:F1:59:23:B2:DC:8E:70:5C:66
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8B60
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/37F27A1685A411ECBAE9205EC4F9AE02.roa
Signing time: Thu 30 May 2024 16:06:55 +0000
ROA not before: Thu 30 May 2024 16:06:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137088
IP address blocks: 103.106.152.0/24 maxlen: 24
103.106.153.0/24 maxlen: 24
103.106.154.0/24 maxlen: 24
103.196.2.0/23 maxlen: 24
2400:fd20::/32 maxlen: 35
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35680 (0x8b60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 30 16:06:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a41f-8730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:06:6d:ef:93:c4:84:0e:d1:42:96:92:a1:31:
50:3a:41:5f:c3:ad:ab:60:60:06:cc:1c:31:44:e5:
e9:87:ca:1b:af:78:75:5d:93:b9:bf:fb:ab:41:0e:
54:5d:97:30:fc:73:13:35:5f:57:c6:bc:19:59:58:
a1:f1:e1:5f:bf:d3:68:9b:0e:8e:f8:24:ce:22:80:
aa:5d:52:11:03:e2:b2:2f:57:22:d4:33:ef:d7:f1:
f8:5b:2c:cc:a7:34:5e:d1:8e:a4:93:f7:b2:f3:b1:
7c:60:f4:4d:d4:1c:29:ef:0e:e8:be:d9:11:fa:e4:
82:8f:85:2d:f6:4b:02:ee:0f:2a:31:63:f4:8d:4a:
8d:f5:f1:d8:d0:63:69:3c:f0:72:04:29:e0:f2:db:
3a:9f:67:0c:48:1e:93:d8:2a:4a:67:7e:dd:fa:c0:
6b:a4:56:6e:2d:dd:55:53:d4:6b:11:f0:33:41:bb:
e9:38:58:b2:05:17:c7:45:54:bb:c5:4a:24:b2:dd:
ac:fe:f7:ab:d6:c8:ee:a1:8f:c2:2c:d0:d0:fc:92:
60:b4:7a:d5:dc:f4:34:8e:26:32:5d:d3:e5:8c:92:
4d:6b:43:7e:6b:99:1d:52:13:b6:bf:85:59:4e:72:
86:73:28:4c:a3:f2:cb:10:5b:b4:24:82:9f:f1:6a:
68:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7D:85:5A:E7:DF:EE:69:74:4E:69:F1:59:23:B2:DC:8E:70:5C:66
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/37F27A1685A411ECBAE9205EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.152.0-103.106.154.255
103.196.2.0/23
IPv6:
2400:fd20::/32
Signature Algorithm: sha256WithRSAEncryption
4d:30:23:17:cc:ac:90:08:b9:a8:3e:8d:17:5f:a8:97:f6:ad:
10:9e:0b:2f:61:14:e6:5a:52:b6:7e:53:d4:b7:5d:3b:57:53:
2b:bf:a6:8c:ea:59:0f:87:d1:e8:50:d9:32:16:a5:c2:21:9a:
e6:a4:cf:57:6b:a8:8f:24:2c:a8:a1:f4:94:12:ef:95:67:a3:
42:8a:8a:e1:60:b2:08:2d:ef:86:e8:4a:cf:d2:34:55:d4:c0:
85:82:ea:ad:93:68:48:f4:34:00:a7:19:25:79:10:75:c4:6c:
22:53:5f:74:a5:59:cc:4f:d5:b7:11:0a:99:e0:ce:a8:dd:6d:
e9:63:eb:2f:73:b9:59:2b:d7:b2:e0:c3:97:41:c7:f4:0e:a2:
d8:05:24:17:97:c7:99:90:2c:bd:a9:8b:45:44:37:a6:7c:76:
b0:65:64:6e:79:fc:47:63:f4:94:e6:9e:1d:22:53:4b:be:40:
13:70:a8:5b:7c:3d:60:67:00:f7:8c:75:d2:6d:b2:e7:6a:82:
f8:5f:28:63:18:de:3d:72:57:97:75:47:74:58:26:56:7d:7e:
6a:78:a4:4e:c0:6f:b5:7d:c4:36:78:11:3f:b1:a3:09:d3:33:
33:0a:96:de:df:52:42:04:15:0f:ca:fd:20:a1:ed:f1:11:be:
77:d3:e8:41
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAItgMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDY1NVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE0MWYtODczMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQGbe+TxIQO0UKWkqExUDpBX8Otq2BgBswcMUTl6YfKG694dV2Tub/7q0EO
VF2XMPxzEzVfV8a8GVlYofHhX7/TaJsOjvgkziKAql1SEQPisi9XItQz79fx+Fss
zKc0XtGOpJP3svOxfGD0TdQcKe8O6L7ZEfrkgo+FLfZLAu4PKjFj9I1KjfXx2NBj
aTzwcgQp4PLbOp9nDEgek9gqSmd+3frAa6RWbi3dVVPUaxHwM0G76ThYsgUXx0VU
u8VKJLLdrP73q9bI7qGPwizQ0PySYLR61dz0NI4mMl3T5YySTWtDfmuZHVITtr+F
WU5yhnMoTKPyyxBbtCSCn/FqaEcCAwEAAaOCArIwggKuMB0GA1UdDgQWBBQ0fYVa
59/uaXROafFZI7LcjnBcZjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzM3RjI3QTE2
ODVBNDExRUNCQUU5MjA1RUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDwGCCsGAQUFBwEHAQH/
BC0wKzAaBAIAATAUMAwDBANnapgDBABnapoDBAFnxAIwDQQCAAIwBwMFACQA/SAw
DQYJKoZIhvcNAQELBQADggEBAE0wIxfMrJAIuag+jRdfqJf2rRCeCy9hFOZaUrZ+
U9S3XTtXUyu/pozqWQ+H0ehQ2TIWpcIhmuakz1drqI8kLKih9JQS75Vno0KKiuFg
sggt74boSs/SNFXUwIWC6q2TaEj0NACnGSV5EHXEbCJTX3SlWcxP1bcRCpngzqjd
belj6y9zuVkr17Lgw5dBx/QOotgFJBeXx5mQLL2pi0VEN6Z8drBlZG55/Edj9JTm
nh0iU0u+QBNwqFt8PWBnAPeMddJtsudqgvhfKGMY3j1yV5d1R3RYJlZ9fmp4pE7A
b7V9xDZ4ET+xownTMzMKlt7fUkIEFQ/K/SCh7fERvnfT6EE=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:46:47 2025 by rpki-client