Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4B8A5A5A816711EF975C6F85C4F9AE02.roa
File: 4B8A5A5A816711EF975C6F85C4F9AE02.roa (raw, json)
Hash identifier: r2SSuhdZxTINfLvBdtXqurSZS09+waJKZ5Ji8bKSBac=
Subject key identifier: BA:6B:8A:11:4F:15:99:33:52:6F:76:FA:F6:47:72:E1:3E:4A:F0:5E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9AA1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4B8A5A5A816711EF975C6F85C4F9AE02.roa
Signing time: Thu 03 Oct 2024 09:14:09 +0000
ROA not before: Thu 03 Oct 2024 09:14:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 153211
IP address blocks: 103.100.20.0/22 maxlen: 24
2001:df4:4240::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39585 (0x9aa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 3 09:14:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66fe6060-b547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bb:37:fb:79:96:64:d0:4a:aa:cc:c6:30:72:
26:7b:3a:12:73:69:69:a0:83:66:42:59:95:a0:ef:
0f:16:ac:dc:b8:59:4c:67:52:66:93:47:ac:ad:4d:
80:82:88:78:4e:ee:32:c1:8c:98:dd:d2:1b:90:26:
8b:59:61:75:fa:a5:56:01:8a:72:61:db:9a:f6:9d:
ec:e3:94:59:93:26:6f:9f:dc:f1:9f:3b:ec:cb:55:
13:ba:36:10:89:a4:3b:52:dd:1f:c5:cd:1e:99:70:
9a:d9:30:e8:85:47:20:cb:18:d5:a1:2e:1e:26:04:
9b:c6:8e:7f:91:03:e1:bf:cc:31:1f:ee:9d:9c:92:
a5:4c:57:c9:bc:cb:0f:46:11:9b:68:07:83:7b:e3:
74:b6:11:91:16:94:4b:d4:23:93:cc:00:49:7f:ce:
8c:13:0f:cd:2e:e6:8e:67:1a:85:44:13:a4:ea:1e:
5b:f1:4d:7b:5e:ac:37:c9:e2:84:5c:e4:88:99:e1:
e5:e5:96:c1:9f:89:b6:5f:47:07:b7:cf:1d:f4:bd:
9b:7b:51:c9:fa:8f:66:4d:e4:dd:e4:e1:0f:f8:a8:
8b:38:93:3d:26:e1:51:2f:f9:ff:33:11:3f:84:df:
78:07:34:76:5b:ea:ab:a5:95:f0:4f:19:ac:69:34:
ae:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6B:8A:11:4F:15:99:33:52:6F:76:FA:F6:47:72:E1:3E:4A:F0:5E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4B8A5A5A816711EF975C6F85C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.100.20.0/22
IPv6:
2001:df4:4240::/48
Signature Algorithm: sha256WithRSAEncryption
20:72:e6:88:94:7f:4a:32:a5:e4:a3:30:2e:59:6d:e8:cf:53:
8d:8b:c1:f2:44:3f:85:f8:c1:0a:51:fd:f9:16:00:8c:82:f0:
d1:a8:63:92:a5:8c:3b:3c:f0:aa:1b:a0:82:65:46:f5:7c:fb:
f1:a8:2d:e6:9e:99:83:ba:43:15:17:34:bd:b5:a4:00:0e:37:
17:8b:d7:84:fe:92:73:c4:e7:ca:11:fc:34:32:7d:32:6e:39:
4f:d4:63:65:e7:59:99:aa:97:5b:4c:dd:0d:19:df:b0:8e:ca:
15:42:b7:d6:86:46:a1:14:05:b1:f3:2b:27:86:b4:5e:3f:41:
96:ce:a2:c6:62:8a:3f:81:41:30:ff:7c:0f:4d:65:64:71:79:
28:51:ac:db:7d:16:91:f4:40:b2:49:f2:d9:5f:b6:30:8e:6a:
96:4c:80:0f:f5:06:95:af:8c:36:30:aa:c7:6c:d9:f4:c3:2c:
9f:25:90:20:ad:44:bf:04:83:30:5f:67:b8:09:f9:ee:6d:24:
bd:ec:93:79:f6:fd:1d:20:9e:a5:a7:27:bf:e6:65:06:b7:d9:
0e:8e:58:91:a6:4e:8a:ac:cf:0a:62:40:95:38:19:12:fb:8d:
3c:2b:90:38:5f:47:37:cd:c4:c0:ed:d6:34:33:14:09:ae:2c:
61:d2:71:ec
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIDAJqhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTAwMzA5MTQwOFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZmZTYwNjAtYjU0NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKm7N/t5lmTQSqrMxjByJns6EnNpaaCDZkJZlaDvDxas3LhZTGdSZpNHrK1N
gIKIeE7uMsGMmN3SG5Ami1lhdfqlVgGKcmHbmvad7OOUWZMmb5/c8Z877MtVE7o2
EImkO1LdH8XNHplwmtkw6IVHIMsY1aEuHiYEm8aOf5ED4b/MMR/unZySpUxXybzL
D0YRm2gHg3vjdLYRkRaUS9Qjk8wASX/OjBMPzS7mjmcahUQTpOoeW/FNe16sN8ni
hFzkiJnh5eWWwZ+Jtl9HB7fPHfS9m3tRyfqPZk3k3eThD/ioiziTPSbhUS/5/zMR
P4TfeAc0dlvqq6WV8E8ZrGk0rtUCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBS6a4oR
TxWZM1Jvdvr2R3LhPkrwXjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzRCOEE1QTVB
ODE2NzExRUY5NzVDNkY4NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBwEHAQH/
BCEwHzAMBAIAATAGAwQCZ2QUMA8EAgACMAkDBwAgAQ30QkAwDQYJKoZIhvcNAQEL
BQADggEBACBy5oiUf0oypeSjMC5ZbejPU42LwfJEP4X4wQpR/fkWAIyC8NGoY5Kl
jDs88KoboIJlRvV8+/GoLeaemYO6QxUXNL21pAAONxeL14T+knPE58oR/DQyfTJu
OU/UY2XnWZmql1tM3Q0Z37COyhVCt9aGRqEUBbHzKyeGtF4/QZbOosZiij+BQTD/
fA9NZWRxeShRrNt9FpH0QLJJ8tlftjCOapZMgA/1BpWvjDYwqsds2fTDLJ8lkCCt
RL8EgzBfZ7gJ+e5tJL3sk3n2/R0gnqWnJ7/mZQa32Q6OWJGmToqszwpiQJU4GRL7
jTwrkDhfRzfNxMDt1jQzFAmuLGHScew=
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:44:16 2025 by rpki-client