Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/DCA05C0E419A11EAA5E2BA6EC4F9AE02.roa
File: DCA05C0E419A11EAA5E2BA6EC4F9AE02.roa (raw, json)
Hash identifier: PF9MEJvH0IR25ZTC0vJ/AU9NL74Mubr8N6aNLLIh+tY=
Subject key identifier: 7F:9C:50:81:D6:06:64:DB:1E:76:74:9B:AD:02:76:65:84:B8:C9:56
Certificate issuer: /CN=A918FC40/serialNumber=1601D8650DD556B2AFB083B233FF65AE3DAD1571
Certificate serial: 0AC9
Authority key identifier: 16:01:D8:65:0D:D5:56:B2:AF:B0:83:B2:33:FF:65:AE:3D:AD:15:71
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/DCA05C0E419A11EAA5E2BA6EC4F9AE02.roa
Signing time: Mon 02 Dec 2024 19:38:01 +0000
ROA not before: Mon 02 Dec 2024 19:38:01 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 17408
IP address blocks: 103.23.72.0/24 maxlen: 24
103.23.73.0/24 maxlen: 24
103.23.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2761 (0xac9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC40/serialNumber=1601D8650DD556B2AFB083B233FF65AE3DAD1571
Validity
Not Before: Dec 2 19:38:01 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=674e0c99-9638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f0:a5:9e:3a:5c:19:59:c6:c9:5f:98:12:55:
94:c9:32:90:a8:31:01:5e:8e:2c:0e:6b:b5:a3:97:
70:eb:e2:96:b4:f1:b0:be:75:ca:3c:69:5f:1b:38:
b6:d2:56:68:eb:e2:e0:35:d7:3a:16:e6:d1:05:96:
75:db:8a:51:27:80:6e:2c:2b:fb:bf:13:0e:c5:ab:
88:dc:7f:c5:e4:60:13:b7:a1:69:d5:fe:af:10:01:
ff:c8:53:2d:88:a8:0a:62:32:14:d1:f6:35:b1:7d:
a9:5f:7c:6b:e1:2d:0d:ae:7b:3e:5a:17:b7:48:7e:
0c:04:40:d7:ce:d9:b1:b5:f8:1a:c5:5a:23:41:fd:
99:01:90:9e:67:64:e5:62:ac:8b:d0:81:3a:c9:1f:
05:0e:48:77:7a:11:47:1c:fb:49:ab:47:c3:c1:a2:
aa:b3:d7:c0:f4:16:5e:f9:0d:28:f8:e3:07:e6:0b:
50:90:77:ee:e7:ef:77:23:6d:ab:9b:a6:2f:2b:5d:
6d:14:e9:02:39:50:de:10:0f:ae:26:4d:8a:2e:9b:
e7:ce:1c:7b:8d:b4:05:da:f6:c8:a7:0b:f5:d3:bd:
bf:63:16:3f:7d:11:da:da:69:db:c3:c2:fa:cf:c0:
dc:bc:0c:71:89:af:b4:aa:f3:02:2b:c7:56:0e:72:
99:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:9C:50:81:D6:06:64:DB:1E:76:74:9B:AD:02:76:65:84:B8:C9:56
X509v3 Authority Key Identifier:
keyid:16:01:D8:65:0D:D5:56:B2:AF:B0:83:B2:33:FF:65:AE:3D:AD:15:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/DCA05C0E419A11EAA5E2BA6EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.72.0-103.23.74.255
Signature Algorithm: sha256WithRSAEncryption
45:e6:dd:56:5c:e8:fa:34:69:3f:97:d0:f0:15:52:8a:54:86:
d1:e5:33:88:c7:93:ad:0f:1a:c8:5f:26:96:7a:e5:06:07:24:
02:b3:e6:f3:f9:97:0f:63:8c:ca:10:6b:17:f4:82:d8:5f:0d:
b6:d9:15:b4:a3:e3:46:56:f1:55:66:52:30:12:cd:f2:a1:9e:
a3:8f:bc:9c:00:b6:16:e0:ff:80:69:56:5b:7e:b4:f0:2f:a2:
a7:43:40:b8:cf:7f:10:c6:3d:1a:37:c8:07:05:43:48:a0:21:
2b:0e:b5:83:a8:3e:59:03:65:77:77:0e:b9:16:0b:5d:e1:78:
6a:b5:b1:15:ad:d5:45:01:39:16:62:71:74:e0:33:7f:fa:5b:
c4:2d:1b:9c:b9:a2:0f:52:47:da:e9:fa:e1:af:ed:97:bb:da:
93:58:03:8e:d4:ab:dc:f3:72:e5:ee:ca:85:15:12:db:ef:e4:
cc:e1:3f:39:40:94:39:a9:be:2f:5d:62:56:a7:51:34:a1:8b:
eb:c3:1b:01:b1:90:41:28:4d:f2:0d:c6:89:37:6f:69:35:fc:
c6:23:91:19:36:8c:c2:cc:56:db:b7:96:1d:16:f5:2d:d3:8b:
dc:d8:6f:d8:88:f1:8c:5d:fe:b5:6f:67:9e:53:d6:58:79:4c:
50:40:b5:7a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICCskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNDAxMTAvBgNVBAUTKDE2MDFEODY1MERENTU2QjJBRkIwODNCMjMzRkY2NUFF
M0RBRDE1NzEwHhcNMjQxMjAyMTkzODAxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlMGM5OS05NjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmfClnjpcGVnGyV+YElWUyTKQqDEBXo4sDmu1o5dw6+KWtPGwvnXKPGlfGzi2
0lZo6+LgNdc6FubRBZZ124pRJ4BuLCv7vxMOxauI3H/F5GATt6Fp1f6vEAH/yFMt
iKgKYjIU0fY1sX2pX3xr4S0Nrns+Whe3SH4MBEDXztmxtfgaxVojQf2ZAZCeZ2Tl
YqyL0IE6yR8FDkh3ehFHHPtJq0fDwaKqs9fA9BZe+Q0o+OMH5gtQkHfu5+93I22r
m6YvK11tFOkCOVDeEA+uJk2KLpvnzhx7jbQF2vbIpwv1072/YxY/fRHa2mnbw8L6
z8DcvAxxia+0qvMCK8dWDnKZ1wIDAQABo4ICnTCCApkwHQYDVR0OBBYEFH+cUIHW
BmTbHnZ0m60CdmWEuMlWMB8GA1UdIwQYMBaAFBYB2GUN1Vayr7CDsjP/Za49rRVx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM0MC82MTdGMzUzNjQw
RTExMUVBQkM2MkRCMjZDNEY5QUUwMi9GZ0hZWlEzVlZyS3ZzSU95TV85bHJqMnRG
WEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZnSFlaUTNWVnJLdnNJT3lNXzlscmoydEZYRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNDAvNjE3RjM1MzY0MEUxMTFFQUJDNjJEQjI2QzRGOUFFMDIvRENBMDVDMEU0
MTlBMTFFQUE1RTJCQTZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEA2cXSAMEAGcXSjANBgkqhkiG9w0BAQsFAAOCAQEARebd
Vlzo+jRpP5fQ8BVSilSG0eUziMeTrQ8ayF8mlnrlBgckArPm8/mXD2OMyhBrF/SC
2F8NttkVtKPjRlbxVWZSMBLN8qGeo4+8nAC2FuD/gGlWW3608C+ip0NAuM9/EMY9
GjfIBwVDSKAhKw61g6g+WQNld3cOuRYLXeF4arWxFa3VRQE5FmJxdOAzf/pbxC0b
nLmiD1JH2un64a/tl7vak1gDjtSr3PNy5e7KhRUS2+/kzOE/OUCUOam+L11iVqdR
NKGL68MbAbGQQShN8g3GiTdvaTX8xiORGTaMwsxW27eWHRb1LdOL3Nhv2IjxjF3+
tW9nnlPWWHlMUEC1eg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:51:54 2025 by rpki-client