Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117257/94F497EE1E8211EE90B6263BC4F9AE02/B38B0F188C8511EF8E80211BC4F9AE02.roa
File: B38B0F188C8511EF8E80211BC4F9AE02.roa (raw, json)
Hash identifier: 5wdkJjdzzaM2cVsGLdexbRtg8wwRHZ/N7F32QFY3ya8=
Subject key identifier: 1B:6C:F2:30:9D:3B:11:D0:3C:49:3A:B8:82:50:94:41:D2:8D:B1:D2
Certificate issuer: /CN=A9117257/serialNumber=E9B600C9E6DD8CEEC972195D6349C89838F745BE
Certificate serial: 0134
Authority key identifier: E9:B6:00:C9:E6:DD:8C:EE:C9:72:19:5D:63:49:C8:98:38:F7:45:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6bYAyebdjO7JchldY0nImDj3Rb4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117257/94F497EE1E8211EE90B6263BC4F9AE02/B38B0F188C8511EF8E80211BC4F9AE02.roa
Signing time: Wed 08 Jan 2025 11:45:27 +0000
ROA not before: Wed 08 Jan 2025 11:45:27 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 152918
IP address blocks: 103.122.244.0/24 maxlen: 24
103.122.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 308 (0x134)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117257
Validity
Not Before: Jan 8 11:45:27 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=677e6557-98fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:cb:58:61:e0:63:e6:bf:6e:74:d0:7c:c8:69:
4d:6c:5f:2f:a7:21:f4:f8:6f:9f:67:f6:39:5c:31:
6a:d5:0c:aa:6e:f5:8b:52:00:ba:51:73:e1:ee:0a:
bf:37:bd:f0:94:56:6c:6f:07:3d:b1:63:45:bb:21:
69:c8:ac:74:7b:81:b5:f7:b0:e0:03:a5:2a:96:01:
bb:cf:e4:98:72:e4:ed:17:b3:ab:45:c5:01:df:48:
a7:e6:2a:dd:a3:5c:a7:1d:32:dc:1e:78:7e:12:29:
a5:9f:ec:bf:70:3e:89:1f:ae:ed:12:b1:66:df:9d:
e7:c3:d6:30:d2:13:42:13:0e:74:9a:24:aa:e0:40:
5e:e6:85:e0:e1:af:d8:4e:7a:89:f2:b7:39:06:c7:
13:ab:4a:eb:f5:b6:6b:ae:ca:f4:15:0c:56:c3:5c:
bd:aa:96:eb:69:5c:40:b8:bb:44:51:00:fc:3e:96:
9e:67:e2:5c:52:b0:45:33:80:8a:b6:89:db:05:98:
ba:dc:64:c9:62:38:62:00:4e:95:6a:94:90:c3:bd:
ac:19:f0:49:a7:58:bd:fc:f6:0a:37:32:4b:66:f7:
47:de:fa:77:7e:53:9b:07:02:3c:63:35:16:db:de:
2b:79:a0:90:cd:37:ef:90:8c:b0:a7:a1:87:13:eb:
07:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:6C:F2:30:9D:3B:11:D0:3C:49:3A:B8:82:50:94:41:D2:8D:B1:D2
X509v3 Authority Key Identifier:
keyid:E9:B6:00:C9:E6:DD:8C:EE:C9:72:19:5D:63:49:C8:98:38:F7:45:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117257/94F497EE1E8211EE90B6263BC4F9AE02/6bYAyebdjO7JchldY0nImDj3Rb4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6bYAyebdjO7JchldY0nImDj3Rb4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117257/94F497EE1E8211EE90B6263BC4F9AE02/B38B0F188C8511EF8E80211BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.244.0/24
103.122.247.0/24
Signature Algorithm: sha256WithRSAEncryption
86:22:87:61:d0:00:b5:b8:bd:41:c9:fd:2a:7c:2e:2c:31:88:
cc:9c:64:3a:41:40:cf:c2:aa:9f:d2:1b:6c:55:59:46:69:1b:
f7:77:f2:21:ec:9c:88:3d:5b:4e:7f:f0:a5:82:f0:f1:66:69:
5f:6a:46:92:27:99:92:51:0a:40:81:d9:ab:f5:a2:07:1d:39:
12:73:bc:32:db:1d:df:f1:7e:17:0f:43:e5:34:66:79:c9:bd:
8a:00:79:a9:6a:4c:bc:6f:c8:65:57:16:c4:c3:d2:09:5e:ba:
50:ad:5c:73:a2:1d:bf:21:b8:ef:bc:49:e7:1c:ed:45:e9:0c:
81:ea:49:e8:24:a3:73:dd:41:4c:b4:ce:87:8a:c9:6b:0a:9c:
e5:bd:0c:c8:92:b5:de:91:18:27:50:3c:6e:e8:03:77:69:4a:
f3:f0:3c:7d:35:c8:bc:3a:d4:a7:43:47:0a:e0:16:b1:86:06:
7f:b1:a1:e5:43:75:a4:a5:0a:d1:31:d3:60:9e:1d:41:a1:55:
a2:a0:3c:ba:4e:de:04:ac:19:1e:50:7a:4b:69:a9:13:de:5a:
80:c2:49:15:36:16:d0:d1:c9:f7:1a:20:ba:51:c6:4c:c9:6c:
fe:a4:83:0c:13:77:0b:00:49:a0:79:90:f2:63:26:ff:92:c4:
e6:08:f9:ef
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICATQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTcyNTcxMTAvBgNVBAUTKEU5QjYwMEM5RTZERDhDRUVDOTcyMTk1RDYzNDlDODk4
MzhGNzQ1QkUwHhcNMjUwMTA4MTE0NTI3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdlNjU1Ny05OGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3ctYYeBj5r9udNB8yGlNbF8vpyH0+G+fZ/Y5XDFq1QyqbvWLUgC6UXPh7gq/
N73wlFZsbwc9sWNFuyFpyKx0e4G197DgA6UqlgG7z+SYcuTtF7OrRcUB30in5ird
o1ynHTLcHnh+Eimln+y/cD6JH67tErFm353nw9Yw0hNCEw50miSq4EBe5oXg4a/Y
TnqJ8rc5BscTq0rr9bZrrsr0FQxWw1y9qpbraVxAuLtEUQD8PpaeZ+JcUrBFM4CK
tonbBZi63GTJYjhiAE6VapSQw72sGfBJp1i9/PYKNzJLZvdH3vp3flObBwI8YzUW
294reaCQzTfvkIywp6GHE+sHCwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBts8jCd
OxHQPEk6uIJQlEHSjbHSMB8GA1UdIwQYMBaAFOm2AMnm3YzuyXIZXWNJyJg490W+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzI1Ny85NEY0OTdFRTFF
ODIxMUVFOTBCNjI2M0JDNEY5QUUwMi82YllBeWViZGpPN0pjaGxkWTBuSW1EajNS
YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZiWUF5ZWJkak83SmNobGRZMG5JbURqM1JiNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTcyNTcvOTRGNDk3RUUxRTgyMTFFRTkwQjYyNjNCQzRGOUFFMDIvQjM4QjBGMTg4
Qzg1MTFFRjhFODAyMTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnevQDBABnevcwDQYJKoZIhvcNAQELBQADggEBAIYih2HQ
ALW4vUHJ/Sp8LiwxiMycZDpBQM/Cqp/SG2xVWUZpG/d38iHsnIg9W05/8KWC8PFm
aV9qRpInmZJRCkCB2av1ogcdORJzvDLbHd/xfhcPQ+U0ZnnJvYoAealqTLxvyGVX
FsTD0gleulCtXHOiHb8huO+8Secc7UXpDIHqSegko3PdQUy0zoeKyWsKnOW9DMiS
td6RGCdQPG7oA3dpSvPwPH01yLw61KdDRwrgFrGGBn+xoeVDdaSlCtEx02CeHUGh
VaKgPLpO3gSsGR5QektpqRPeWoDCSRU2FtDRyfcaILpRxkzJbP6kgwwTdwsASaB5
kPJjJv+SxOYI+e8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:18:31 2025 by rpki-client