Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C20AB/6BE550B0B09311EA8AF3175EC4F9AE02/2979BC38B09411EAA964465EC4F9AE02.roa
File: 2979BC38B09411EAA964465EC4F9AE02.roa (raw, json)
Hash identifier: NUYwvd8XbnzOJ3mNMJWywPbsBYEeOEcLsau7uMQ+orY=
Subject key identifier: 4C:17:04:D5:4C:7C:BC:44:B5:48:5A:09:8D:3E:4D:45:1A:EF:96:92
Certificate issuer: /CN=A91C20AB/serialNumber=1B566DEF5F78E319BFC0D1400DE755E264A82BBC
Certificate serial: 088D
Authority key identifier: 1B:56:6D:EF:5F:78:E3:19:BF:C0:D1:40:0D:E7:55:E2:64:A8:2B:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G1Zt71944xm_wNFADedV4mSoK7w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C20AB/6BE550B0B09311EA8AF3175EC4F9AE02/2979BC38B09411EAA964465EC4F9AE02.roa
Signing time: Tue 10 Dec 2024 20:49:16 +0000
ROA not before: Tue 10 Dec 2024 20:49:16 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 138035
IP address blocks: 103.120.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2189 (0x88d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C20AB
Validity
Not Before: Dec 10 20:49:16 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6758a94b-2c21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e5:00:13:0d:ab:93:0d:c4:9e:96:74:d3:3b:
e4:e3:11:b9:11:c9:98:be:4b:2d:56:3e:1b:35:a1:
62:7d:38:84:fa:15:7f:6a:1b:09:18:53:c8:6f:30:
fc:67:f6:7c:01:95:0f:21:cf:aa:66:40:7f:7e:63:
4c:00:d4:2a:da:e5:a4:c7:6c:a4:51:4c:e6:d2:ec:
b3:c3:15:1f:12:44:3b:ca:d7:16:0d:1f:e4:c7:c1:
55:8b:bd:54:48:5a:96:77:78:3e:bd:56:9d:f6:c0:
3d:d4:f5:80:5a:9c:a9:c7:e9:c0:74:00:1f:19:7d:
80:2d:f0:f2:af:52:35:2e:0f:2d:24:03:59:da:c6:
e0:59:2c:0d:e3:5e:b3:cf:ff:1f:88:cd:20:ff:51:
4f:35:ae:7b:b7:d6:25:d6:9b:ff:c7:66:81:00:25:
df:ce:a9:1d:53:28:cf:b2:28:f5:66:ba:48:b8:42:
78:22:0f:14:db:18:e4:d7:83:af:0a:01:cc:6b:f5:
fa:fc:b4:e7:a8:b6:5d:f0:f2:b6:c1:9d:ff:32:8f:
0c:43:5d:57:8b:82:11:5d:4a:9f:77:52:7d:6f:1d:
34:0e:a7:3e:71:cc:4d:41:f1:44:7f:42:a2:1c:40:
d3:ba:78:bf:2c:44:e5:65:98:50:74:f4:ae:fc:0b:
8d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:17:04:D5:4C:7C:BC:44:B5:48:5A:09:8D:3E:4D:45:1A:EF:96:92
X509v3 Authority Key Identifier:
keyid:1B:56:6D:EF:5F:78:E3:19:BF:C0:D1:40:0D:E7:55:E2:64:A8:2B:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C20AB/6BE550B0B09311EA8AF3175EC4F9AE02/G1Zt71944xm_wNFADedV4mSoK7w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G1Zt71944xm_wNFADedV4mSoK7w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C20AB/6BE550B0B09311EA8AF3175EC4F9AE02/2979BC38B09411EAA964465EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.41.0/24
Signature Algorithm: sha256WithRSAEncryption
08:6e:ec:b9:e3:52:bf:49:25:bd:6a:84:3a:52:15:52:2a:c6:
e9:ba:20:86:37:62:29:e0:f5:23:86:16:0f:95:87:d3:67:7c:
52:7c:81:33:5f:d9:e8:bd:1c:ed:f4:74:41:dc:18:ab:00:fc:
c4:b5:fc:83:b2:70:74:44:ed:60:9d:66:6f:59:f2:0a:6f:65:
0c:31:20:ce:25:65:cc:d9:ba:55:ee:d9:fb:c3:c8:fd:c3:91:
73:c4:02:4d:d8:eb:c9:b9:95:71:f3:8b:b8:80:c5:b8:48:27:
c8:19:93:26:77:8b:6a:30:35:83:74:58:95:4a:7c:f7:54:83:
78:aa:4b:93:6d:36:29:c3:c7:42:34:fc:88:95:b0:f8:49:a7:
fc:17:9d:54:13:58:7a:e0:ea:32:05:d2:f1:0a:6e:34:37:6b:
77:f3:59:54:b8:e4:12:04:be:7e:ea:dc:09:6f:42:84:8d:6d:
a8:33:6b:f5:40:4b:6a:62:87:db:57:a6:b5:7b:ae:20:db:c4:
f0:1c:32:65:7c:39:c1:c2:1c:6a:28:41:46:e1:34:cc:19:f9:
6e:83:6a:95:d5:ff:ce:d4:d4:92:c8:9d:d7:27:e7:27:68:08:
31:a0:aa:d9:96:4f:06:e5:ee:32:03:85:6b:36:86:1f:64:eb:
34:f2:a8:1d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCI0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzIwQUIxMTAvBgNVBAUTKDFCNTY2REVGNUY3OEUzMTlCRkMwRDE0MDBERTc1NUUy
NjRBODJCQkMwHhcNMjQxMjEwMjA0OTE2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4YTk0Yi0yYzIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwOUAEw2rkw3EnpZ00zvk4xG5EcmYvkstVj4bNaFifTiE+hV/ahsJGFPIbzD8
Z/Z8AZUPIc+qZkB/fmNMANQq2uWkx2ykUUzm0uyzwxUfEkQ7ytcWDR/kx8FVi71U
SFqWd3g+vVad9sA91PWAWpypx+nAdAAfGX2ALfDyr1I1Lg8tJANZ2sbgWSwN416z
z/8fiM0g/1FPNa57t9Yl1pv/x2aBACXfzqkdUyjPsij1ZrpIuEJ4Ig8U2xjk14Ov
CgHMa/X6/LTnqLZd8PK2wZ3/Mo8MQ11Xi4IRXUqfd1J9bx00Dqc+ccxNQfFEf0Ki
HEDTuni/LETlZZhQdPSu/AuNEwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEwXBNVM
fLxEtUhaCY0+TUUa75aSMB8GA1UdIwQYMBaAFBtWbe9feOMZv8DRQA3nVeJkqCu8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjBBQi82QkU1NTBCMEIw
OTMxMUVBOEFGMzE3NUVDNEY5QUUwMi9HMVp0NzE5NDR4bV93TkZBRGVkVjRtU29L
N3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0cxWnQ3MTk0NHhtX3dORkFEZWRWNG1Tb0s3dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzIwQUIvNkJFNTUwQjBCMDkzMTFFQThBRjMxNzVFQzRGOUFFMDIvMjk3OUJDMzhC
MDk0MTFFQUE5NjQ0NjVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABneCkwDQYJKoZIhvcNAQELBQADggEBAAhu7LnjUr9JJb1q
hDpSFVIqxum6IIY3Ying9SOGFg+Vh9NnfFJ8gTNf2ei9HO30dEHcGKsA/MS1/IOy
cHRE7WCdZm9Z8gpvZQwxIM4lZczZulXu2fvDyP3DkXPEAk3Y68m5lXHzi7iAxbhI
J8gZkyZ3i2owNYN0WJVKfPdUg3iqS5NtNinDx0I0/IiVsPhJp/wXnVQTWHrg6jIF
0vEKbjQ3a3fzWVS45BIEvn7q3AlvQoSNbagza/VAS2pih9tXprV7riDbxPAcMmV8
OcHCHGooQUbhNMwZ+W6DapXV/87U1JLIndcn5ydoCDGgqtmWTwbl7jIDhWs2hh9k
6zTyqB0=
-----END CERTIFICATE-----
Generated at Fri Apr 11 22:20:00 2025 by rpki-client