Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B2CD/DE972FEE846511EEBDCC2D65C4F9AE02/203223B6E05211EFBD383A20C4F9AE02.roa
File: 203223B6E05211EFBD383A20C4F9AE02.roa (raw, json)
Hash identifier: OVKX/TnIpKVOd/dfnRWc8TTi5f2m9P3Tai1nWdwr0iM=
Subject key identifier: E6:67:DE:00:55:E6:F8:ED:B9:01:AA:64:42:33:F1:01:88:D4:6D:C4
Certificate issuer: /CN=A916B2CD/serialNumber=AC332130B1C09FD4AB237495A4EA9634B74C12BA
Certificate serial: 0112
Authority key identifier: AC:33:21:30:B1:C0:9F:D4:AB:23:74:95:A4:EA:96:34:B7:4C:12:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rDMhMLHAn9SrI3SVpOqWNLdMEro.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B2CD/DE972FEE846511EEBDCC2D65C4F9AE02/203223B6E05211EFBD383A20C4F9AE02.roa
Signing time: Thu 27 Feb 2025 06:29:32 +0000
ROA not before: Thu 27 Feb 2025 06:29:32 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 4820
IP address blocks: 203.3.176.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 274 (0x112)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B2CD, serialNumber=AC332130B1C09FD4AB237495A4EA9634B74C12BA
Validity
Not Before: Feb 27 06:29:32 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67c0064b-aeb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0d:a9:22:90:05:f8:bd:e9:a9:56:4c:97:3f:
85:df:3f:63:1f:e2:d9:50:f5:c0:0c:f8:14:71:ab:
54:9b:e1:cd:81:28:79:42:ed:16:3d:da:a0:f8:80:
13:bb:11:46:86:d1:2c:3d:97:0f:d4:09:00:6a:8a:
6f:32:10:07:b8:ac:2c:c8:69:a5:eb:0e:e2:d3:4a:
4a:f5:9c:4c:33:c7:63:86:fd:79:0d:ca:f8:6a:9c:
8a:d3:98:a9:af:f0:a3:5a:5e:dc:2d:f1:26:aa:32:
0b:8e:40:ad:7c:ad:18:65:ac:d5:7f:32:2c:5c:2c:
cf:2b:ef:78:22:c7:0a:83:8b:00:e5:3e:a2:d5:34:
2a:bc:73:95:c3:1b:48:62:d0:33:7e:e9:4f:31:71:
e5:ca:e7:ed:14:8b:15:99:db:88:a7:89:1b:9d:bf:
17:df:8f:c1:b1:9e:32:3a:e0:8b:fc:72:2c:4f:74:
71:8f:c7:2f:b5:f1:03:07:9a:cd:20:37:5e:fc:51:
11:59:af:79:b6:2d:16:c0:d7:9a:28:11:1f:8e:47:
bd:f3:ba:6f:ac:82:6c:b5:bc:a2:13:d5:ba:5b:4d:
8b:34:6f:55:7d:16:64:3d:51:b2:f4:d9:0c:95:ba:
22:2a:c0:b6:b1:c4:79:a8:91:27:cb:3b:a1:7e:be:
71:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:67:DE:00:55:E6:F8:ED:B9:01:AA:64:42:33:F1:01:88:D4:6D:C4
X509v3 Authority Key Identifier:
keyid:AC:33:21:30:B1:C0:9F:D4:AB:23:74:95:A4:EA:96:34:B7:4C:12:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B2CD/DE972FEE846511EEBDCC2D65C4F9AE02/rDMhMLHAn9SrI3SVpOqWNLdMEro.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rDMhMLHAn9SrI3SVpOqWNLdMEro.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B2CD/DE972FEE846511EEBDCC2D65C4F9AE02/203223B6E05211EFBD383A20C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.3.176.0/24
Signature Algorithm: sha256WithRSAEncryption
92:c9:71:d3:97:3f:cf:57:a2:1d:9f:20:9c:be:85:ac:04:b9:
08:7d:7c:e8:bb:26:37:85:46:b4:c9:82:da:55:1b:24:62:1e:
36:69:89:50:22:f1:f7:5a:8d:4f:e8:68:cf:f5:25:51:d0:f5:
ca:1b:a1:06:70:89:b0:3c:48:0c:f6:73:8d:ea:b0:e4:9c:b0:
ee:df:f7:10:9d:1e:b6:eb:cf:3e:03:97:22:9d:a5:a8:3c:4c:
fe:ee:74:7d:4f:41:4d:40:3f:1b:97:61:27:33:2a:c5:11:17:
8b:ce:38:6f:dd:e6:9e:be:21:1e:d4:30:9a:31:68:28:6f:72:
f7:14:60:1e:f2:3f:fa:d0:05:4b:b1:fd:a9:80:66:8f:54:36:
c8:b6:4f:14:86:10:6d:82:04:34:37:fa:b0:39:26:46:f7:34:
be:ba:dd:67:e8:80:dc:7f:67:4e:be:9e:ff:8e:6d:a9:90:c7:
2e:8b:1f:27:e7:a7:bd:b1:71:24:c8:5a:ba:01:a3:4f:9e:88:
ce:d5:88:e1:f5:53:d3:02:cd:80:74:c1:db:aa:02:98:94:a1:
06:4b:22:5f:32:88:49:ae:80:6d:49:ec:ee:78:3c:a6:a1:bc:
88:92:6f:fa:81:92:f7:52:c8:1f:88:13:f9:a4:f5:29:24:ec:
3b:b8:a3:3b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICARIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkIyQ0QxMTAvBgNVBAUTKEFDMzMyMTMwQjFDMDlGRDRBQjIzNzQ5NUE0RUE5NjM0
Qjc0QzEyQkEwHhcNMjUwMjI3MDYyOTMyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MwMDY0Yi1hZWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwg2pIpAF+L3pqVZMlz+F3z9jH+LZUPXADPgUcatUm+HNgSh5Qu0WPdqg+IAT
uxFGhtEsPZcP1AkAaopvMhAHuKwsyGml6w7i00pK9ZxMM8djhv15Dcr4apyK05ip
r/CjWl7cLfEmqjILjkCtfK0YZazVfzIsXCzPK+94IscKg4sA5T6i1TQqvHOVwxtI
YtAzfulPMXHlyuftFIsVmduIp4kbnb8X34/BsZ4yOuCL/HIsT3Rxj8cvtfEDB5rN
IDde/FERWa95ti0WwNeaKBEfjke987pvrIJstbyiE9W6W02LNG9VfRZkPVGy9NkM
lboiKsC2scR5qJEnyzuhfr5xCwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOZn3gBV
5vjtuQGqZEIz8QGI1G3EMB8GA1UdIwQYMBaAFKwzITCxwJ/UqyN0laTqljS3TBK6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjJDRC9ERTk3MkZFRTg0
NjUxMUVFQkRDQzJENjVDNEY5QUUwMi9yRE1oTUxIQW45U3JJM1NWcE9xV05MZE1F
cm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JETWhNTEhBbjlTckkzU1ZwT3FXTkxkTUVyby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkIyQ0QvREU5NzJGRUU4NDY1MTFFRUJEQ0MyRDY1QzRGOUFFMDIvMjAzMjIzQjZF
MDUyMTFFRkJEMzgzQTIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLA7AwDQYJKoZIhvcNAQELBQADggEBAJLJcdOXP89Xoh2f
IJy+hawEuQh9fOi7JjeFRrTJgtpVGyRiHjZpiVAi8fdajU/oaM/1JVHQ9coboQZw
ibA8SAz2c43qsOScsO7f9xCdHrbrzz4DlyKdpag8TP7udH1PQU1APxuXYSczKsUR
F4vOOG/d5p6+IR7UMJoxaChvcvcUYB7yP/rQBUux/amAZo9UNsi2TxSGEG2CBDQ3
+rA5Jkb3NL663WfogNx/Z06+nv+ObamQxy6LHyfnp72xcSTIWroBo0+eiM7ViOH1
U9MCzYB0wduqApiUoQZLIl8yiEmugG1J7O54PKahvIiSb/qBkvdSyB+IE/mk9Skk
7Du4ozs=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:44:37 2025 by rpki-client