Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DC9E04DEBD0C11EF8B153C09C4F9AE02.roa
File: DC9E04DEBD0C11EF8B153C09C4F9AE02.roa (raw, json)
Hash identifier: JLADCq9VjnNAJznUuyXZA4+u8IE3DWT67QsMJDCfG58=
Subject key identifier: 63:07:BC:DE:0D:12:8C:EA:36:42:FB:C9:E4:9D:09:F4:60:2D:66:6A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9F82
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DC9E04DEBD0C11EF8B153C09C4F9AE02.roa
Signing time: Wed 18 Dec 2024 06:54:01 +0000
ROA not before: Wed 18 Dec 2024 06:54:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136364
IP address blocks: 103.90.156.0/24 maxlen: 24
103.90.157.0/24 maxlen: 24
103.90.158.0/24 maxlen: 24
103.90.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40834 (0x9f82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Dec 18 06:54:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67627189-6d6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0a:bc:60:92:9f:bf:54:4d:9a:90:23:a5:d2:
52:03:c2:28:b2:ef:0d:d4:a0:47:32:14:bd:f2:3d:
a0:f8:92:df:e9:50:55:3b:b7:20:a2:f1:48:3b:b8:
1d:51:4c:af:14:14:09:5a:ed:f0:d5:b9:b0:55:d8:
42:9f:35:08:ff:29:d7:34:ce:59:b9:a1:2d:b4:08:
e5:ec:97:36:aa:31:e4:df:5b:a2:5e:4f:9c:61:7e:
8c:0f:5f:c1:ff:a0:a1:1b:14:52:94:73:17:40:06:
1b:c7:ea:1a:6c:01:0e:68:88:83:fe:ab:7b:1d:46:
95:a2:99:fb:02:28:80:81:72:24:6e:63:65:d9:2c:
c0:8b:33:f4:b0:51:48:73:5f:cd:cc:5b:4e:64:e7:
dc:7e:2e:3b:2f:0f:2e:24:4d:a0:31:35:56:e4:e9:
a7:f4:92:9f:02:e1:e9:a7:eb:06:68:25:0f:24:2f:
a0:51:c0:75:88:cf:02:eb:eb:9a:6d:2f:95:fd:4a:
e0:94:02:b9:a5:4c:38:3e:75:d6:c3:99:50:88:0d:
05:f5:33:1d:8a:28:5f:9d:c6:75:90:13:b8:36:b7:
a9:15:c6:79:81:a3:ce:ba:19:1d:13:fe:c4:bc:b4:
c0:62:2a:46:ef:29:f8:9f:b6:d9:55:c3:4c:15:b0:
f3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:07:BC:DE:0D:12:8C:EA:36:42:FB:C9:E4:9D:09:F4:60:2D:66:6A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DC9E04DEBD0C11EF8B153C09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.90.156.0/22
Signature Algorithm: sha256WithRSAEncryption
57:b6:26:41:91:30:cb:c1:68:da:ee:ad:39:bf:7d:0a:37:e9:
5e:2b:c1:bf:a9:50:3d:d4:3b:61:47:b4:84:65:02:c6:62:44:
c2:d1:b6:96:cc:95:ca:e7:f4:f9:dd:10:3a:5f:77:3b:1c:78:
28:df:ac:1d:56:1f:ec:b5:53:1e:0b:6f:ea:6f:72:f3:4b:05:
f4:54:98:d0:5e:af:39:1a:70:e9:ad:b9:e0:72:16:48:12:7b:
a4:e8:b8:34:84:08:7f:f1:7f:f2:92:14:ec:9e:9b:74:fd:6f:
fe:5e:e1:f0:c9:f6:59:23:ae:be:d6:7e:e2:d2:dd:59:89:55:
32:72:be:90:22:7f:33:ac:ce:ff:83:99:ad:14:9d:76:7d:31:
37:8e:b9:78:03:9d:96:ac:1d:8f:e3:03:33:dc:2e:13:bf:75:
9d:ec:46:a0:86:08:dc:ea:86:9e:d7:98:a4:29:54:46:d7:07:
d1:fe:0c:dc:94:0f:47:4d:01:2e:bf:8f:a4:42:ad:a2:11:ca:
ab:58:96:93:a1:55:91:ba:42:e8:f8:b6:af:ee:2b:bf:bd:80:
dd:25:d4:6e:75:37:d5:8b:6b:16:e7:64:d6:03:fa:74:a3:b6:
62:34:9d:90:20:08:cc:14:0b:02:a7:39:89:7d:09:a3:2e:98:
85:3a:a1:10
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAJ+CMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIxODA2NTQwMVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc2MjcxODktNmQ2YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIKvGCSn79UTZqQI6XSUgPCKLLvDdSgRzIUvfI9oPiS3+lQVTu3IKLxSDu4
HVFMrxQUCVrt8NW5sFXYQp81CP8p1zTOWbmhLbQI5eyXNqox5N9bol5PnGF+jA9f
wf+goRsUUpRzF0AGG8fqGmwBDmiIg/6rex1GlaKZ+wIogIFyJG5jZdkswIsz9LBR
SHNfzcxbTmTn3H4uOy8PLiRNoDE1VuTpp/SSnwLh6afrBmglDyQvoFHAdYjPAuvr
mm0vlf1K4JQCuaVMOD511sOZUIgNBfUzHYooX53GdZATuDa3qRXGeYGjzroZHRP+
xLy0wGIqRu8p+J+22VXDTBWw88MCAwEAAaOCApUwggKRMB0GA1UdDgQWBBRjB7ze
DRKM6jZC+8nknQn0YC1majAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0RDOUUwNERF
QkQwQzExRUY4QjE1M0MwOUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQCZ1qcMA0GCSqGSIb3DQEBCwUAA4IBAQBXtiZBkTDLwWja
7q05v30KN+leK8G/qVA91DthR7SEZQLGYkTC0baWzJXK5/T53RA6X3c7HHgo36wd
Vh/stVMeC2/qb3LzSwX0VJjQXq85GnDprbngchZIEnuk6Lg0hAh/8X/ykhTsnpt0
/W/+XuHwyfZZI66+1n7i0t1ZiVUycr6QIn8zrM7/g5mtFJ12fTE3jrl4A52WrB2P
4wMz3C4Tv3Wd7Eaghgjc6oae15ikKVRG1wfR/gzclA9HTQEuv4+kQq2iEcqrWJaT
oVWRukLo+Lav7iu/vYDdJdRudTfVi2sW52TWA/p0o7ZiNJ2QIAjMFAsCpzmJfQmj
LpiFOqEQ
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:15:02 2025 by rpki-client