Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3BB1/EA1B22E01D9611E29806C57F08B02CD2/0B3FC58CB0DA11E5A8C8BF13C4F9AE02.roa
File: 0B3FC58CB0DA11E5A8C8BF13C4F9AE02.roa (raw, json)
Hash identifier: IB+Pst0/hjjnT/aD3F4nsmgPYgJjXgVIAOW0RdKrpkY=
Subject key identifier: CF:B5:7B:73:E0:48:51:94:AF:54:6E:8E:74:44:25:A9:C2:E0:76:24
Certificate issuer: /CN=A91A3BB1/serialNumber=E83A59B881CE1E5735D1ADDCD8BAE05E53B853D0
Certificate serial: 3474
Authority key identifier: E8:3A:59:B8:81:CE:1E:57:35:D1:AD:DC:D8:BA:E0:5E:53:B8:53:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6DpZuIHOHlc10a3c2LrgXlO4U9A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A3BB1/EA1B22E01D9611E29806C57F08B02CD2/0B3FC58CB0DA11E5A8C8BF13C4F9AE02.roa
Signing time: Fri 20 Dec 2024 15:20:50 +0000
ROA not before: Fri 20 Dec 2024 15:20:50 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 38830
IP address blocks: 103.10.8.0/24 maxlen: 24
203.12.235.0/24 maxlen: 24
2001:df0:218::/48 maxlen: 48
2001:df7:e800::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13428 (0x3474)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A3BB1
Validity
Not Before: Dec 20 15:20:50 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67658b52-9d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a5:7b:cc:b5:72:17:93:f6:32:7a:fe:f1:9f:
d8:0f:53:30:4b:c6:75:42:fc:1b:f1:a3:19:aa:de:
11:d0:0b:10:71:aa:fa:94:79:a7:a8:ca:54:e5:43:
17:d8:37:bd:17:a3:8a:27:ed:10:ee:c4:cc:92:87:
ca:c1:85:32:88:19:cd:00:b7:46:c4:f2:cc:c7:ec:
71:ae:83:57:31:48:87:98:2a:c3:60:b3:ee:06:41:
88:d2:ed:02:a0:34:a2:89:c2:f8:1c:e2:16:88:31:
c0:98:e6:f5:4e:6e:3f:3e:ca:30:18:1d:35:9d:7e:
e7:ad:25:e1:38:21:9e:2f:83:d0:3a:80:eb:7b:1d:
3d:9b:95:67:ca:bc:bb:de:94:81:56:94:59:85:69:
52:0e:ea:4b:59:85:4f:7c:15:26:08:98:27:c8:ac:
76:1d:0b:cb:0d:16:ab:82:89:6c:62:36:6c:75:22:
a7:f9:b5:d6:7a:f4:a2:e7:e7:2d:8a:d3:99:76:d4:
e5:4e:74:6a:b8:71:67:a7:37:78:62:58:77:20:1d:
34:0f:4c:d9:96:5f:03:f1:38:22:90:a4:45:eb:c8:
a7:2d:84:2c:15:e6:de:5a:ad:50:7d:45:e4:af:f3:
35:48:83:c6:00:38:a2:6a:1f:d3:30:a6:73:64:04:
a2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B5:7B:73:E0:48:51:94:AF:54:6E:8E:74:44:25:A9:C2:E0:76:24
X509v3 Authority Key Identifier:
keyid:E8:3A:59:B8:81:CE:1E:57:35:D1:AD:DC:D8:BA:E0:5E:53:B8:53:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A3BB1/EA1B22E01D9611E29806C57F08B02CD2/6DpZuIHOHlc10a3c2LrgXlO4U9A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6DpZuIHOHlc10a3c2LrgXlO4U9A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3BB1/EA1B22E01D9611E29806C57F08B02CD2/0B3FC58CB0DA11E5A8C8BF13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.10.8.0/24
203.12.235.0/24
IPv6:
2001:df0:218::/48
2001:df7:e800::/48
Signature Algorithm: sha256WithRSAEncryption
c1:d0:ed:c2:07:b7:12:84:1d:f8:4a:67:8b:f0:b6:69:ad:f3:
b7:7a:ab:58:ed:94:3a:f7:a5:03:7c:02:a9:80:02:e5:67:28:
78:ac:2b:13:7b:c3:db:9e:0e:c3:93:b8:cd:fb:b4:f0:f3:be:
65:7b:9a:c5:d9:6f:1b:3c:16:4c:f1:57:d8:f1:4a:9d:a6:c9:
17:84:43:22:4b:d4:0e:3d:03:ac:86:91:64:b9:a7:97:38:0a:
32:b6:1c:d4:43:f6:01:4f:81:ec:01:26:67:eb:c2:d8:3e:71:
2c:ea:a2:a3:70:c6:b4:39:14:31:24:2e:52:c8:b6:02:f1:1d:
c9:57:b9:09:9c:04:47:a2:36:17:93:e9:71:0e:a9:8a:ea:0e:
d6:4d:4a:bf:12:ca:64:66:5c:05:ac:fd:b3:f1:19:43:83:f1:
73:aa:06:f8:50:a8:6b:89:bd:41:98:ed:06:ba:16:5f:81:e0:
99:34:0a:22:91:eb:ad:f4:e7:c7:e8:ac:05:2f:cc:95:5e:af:
80:ff:b1:d0:02:75:51:a7:bf:6c:dc:52:e2:6a:34:ec:77:81:
5b:63:be:a0:9c:15:f5:0b:88:a6:a6:60:ca:47:05:29:65:a9:
4e:40:7e:8f:5f:5e:11:0c:90:c0:e4:39:b8:6a:45:71:ac:67:
54:3d:16:55
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICNHQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTNCQjExMTAvBgNVBAUTKEU4M0E1OUI4ODFDRTFFNTczNUQxQUREQ0Q4QkFFMDVF
NTNCODUzRDAwHhcNMjQxMjIwMTUyMDUwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY1OGI1Mi05ZDJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4aV7zLVyF5P2Mnr+8Z/YD1MwS8Z1Qvwb8aMZqt4R0AsQcar6lHmnqMpU5UMX
2De9F6OKJ+0Q7sTMkofKwYUyiBnNALdGxPLMx+xxroNXMUiHmCrDYLPuBkGI0u0C
oDSiicL4HOIWiDHAmOb1Tm4/PsowGB01nX7nrSXhOCGeL4PQOoDrex09m5Vnyry7
3pSBVpRZhWlSDupLWYVPfBUmCJgnyKx2HQvLDRargolsYjZsdSKn+bXWevSi5+ct
itOZdtTlTnRquHFnpzd4Ylh3IB00D0zZll8D8TgikKRF68inLYQsFebeWq1QfUXk
r/M1SIPGADiiah/TMKZzZASifwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFM+1e3Pg
SFGUr1RujnREJanC4HYkMB8GA1UdIwQYMBaAFOg6WbiBzh5XNdGt3Ni64F5TuFPQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBM0JCMS9FQTFCMjJFMDFE
OTYxMUUyOTgwNkM1N0YwOEIwMkNEMi82RHBadUlIT0hsYzEwYTNjMkxyZ1hsTzRV
OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZEcFp1SUhPSGxjMTBhM2MyTHJnWGxPNFU5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTNCQjEvRUExQjIyRTAxRDk2MTFFMjk4MDZDNTdGMDhCMDJDRDIvMEIzRkM1OENC
MERBMTFFNUE4QzhCRjEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMBIEAgABMAwDBABnCggDBADLDOswGAQCAAIwEgMHACABDfACGAMHACABDffo
ADANBgkqhkiG9w0BAQsFAAOCAQEAwdDtwge3EoQd+Epni/C2aa3zt3qrWO2UOvel
A3wCqYAC5WcoeKwrE3vD254Ow5O4zfu08PO+ZXuaxdlvGzwWTPFX2PFKnabJF4RD
IkvUDj0DrIaRZLmnlzgKMrYc1EP2AU+B7AEmZ+vC2D5xLOqio3DGtDkUMSQuUsi2
AvEdyVe5CZwER6I2F5PpcQ6piuoO1k1KvxLKZGZcBaz9s/EZQ4Pxc6oG+FCoa4m9
QZjtBroWX4HgmTQKIpHrrfTnx+isBS/MlV6vgP+x0AJ1Uae/bNxS4mo07HeBW2O+
oJwV9QuIpqZgykcFKWWpTkB+j19eEQyQwOQ5uGpFcaxnVD0WVQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:04:14 2025 by rpki-client