Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/D59CB8F4968511EF93AE8239C4F9AE02.roa
File: D59CB8F4968511EF93AE8239C4F9AE02.roa (raw, json)
Hash identifier: FPiGGcK4pF8UzcHguK5mqg4YmbaTICQWjS75XqzTA24=
Subject key identifier: A7:90:E3:65:15:E9:6C:BB:95:0C:19:C3:5E:C2:CD:87:F2:A4:E8:E7
Certificate issuer: /CN=A91DEBE3/serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD
Certificate serial: 0C58
Authority key identifier: DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/D59CB8F4968511EF93AE8239C4F9AE02.roa
Signing time: Wed 04 Dec 2024 03:21:59 +0000
ROA not before: Wed 04 Dec 2024 03:21:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139053
IP address blocks: 103.214.82.0/24 maxlen: 24
144.48.84.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3160 (0xc58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DEBE3
Validity
Not Before: Dec 4 03:21:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=674fcad7-2e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d2:8e:94:ee:14:e2:de:c5:2a:22:a1:b2:0b:
17:97:31:78:f9:fa:f3:c0:4b:40:a7:a8:99:5c:96:
f1:5b:c1:dc:76:17:c5:4e:0c:1c:b5:30:32:f5:9d:
df:70:9d:ab:8e:c2:4b:8d:07:aa:de:07:11:d1:b9:
81:b3:1c:9b:6c:3f:7c:f9:cf:f8:9c:d1:c7:aa:4d:
44:77:98:44:30:32:ab:09:98:ec:c2:1a:d4:df:d2:
32:1f:fe:20:b0:96:2f:43:0c:bf:63:aa:18:bc:7a:
f3:d1:c0:1b:df:36:4a:90:42:14:91:82:68:c6:36:
d0:0f:dd:d6:24:5d:a2:10:4a:6e:94:e0:07:60:f2:
4b:8d:ad:47:0c:45:ed:07:27:bf:09:54:d8:08:c0:
0c:67:5e:79:f5:49:18:d1:0f:fa:ee:60:f6:7b:e5:
12:28:85:07:39:44:01:25:dd:3a:f1:e1:8d:4e:2f:
ce:2c:f5:4e:ed:6d:82:65:17:54:86:be:77:88:03:
49:38:c1:cb:96:35:9c:30:d4:12:56:53:a4:80:6e:
87:34:71:7f:45:4f:17:da:ad:da:d8:22:58:0b:09:
a0:bc:d5:ff:76:2d:0c:35:39:4f:b9:8b:1f:b2:8a:
73:38:31:c4:ca:44:74:f6:98:62:1b:78:02:9e:99:
6a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:90:E3:65:15:E9:6C:BB:95:0C:19:C3:5E:C2:CD:87:F2:A4:E8:E7
X509v3 Authority Key Identifier:
keyid:DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/D59CB8F4968511EF93AE8239C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.214.82.0/24
144.48.84.0/24
Signature Algorithm: sha256WithRSAEncryption
48:23:2c:9c:13:59:a5:20:0d:e3:2b:95:29:92:6e:69:2f:32:
6d:31:49:38:41:e9:73:c6:9e:72:14:74:2a:a2:11:05:b9:e9:
33:c9:71:db:6c:c2:1c:e4:aa:32:55:86:0b:35:2f:3e:4a:65:
46:6b:65:6c:da:0c:d3:d7:ca:01:6d:ef:b9:9c:6b:8c:2b:e8:
0f:f6:9a:60:40:cc:cc:a2:02:91:c3:1c:4e:29:60:2d:d3:df:
7a:cb:ad:0e:20:fe:13:d1:27:da:c7:30:f3:39:ca:dc:73:fb:
6e:38:03:ad:3b:24:79:2f:a3:83:b0:2e:3f:a6:14:bd:ed:46:
25:e9:6f:18:bc:82:9f:43:30:ea:f2:93:d7:03:ef:6f:68:93:
47:04:67:cf:4a:59:07:76:17:3d:56:0c:e9:52:08:ab:0c:cb:
7c:09:f6:e8:a7:32:92:46:cf:af:51:71:d7:d1:00:69:23:01:
c2:ae:a1:36:69:4e:8a:11:cd:13:f2:80:7f:82:0b:74:b9:ac:
f9:2e:99:56:b7:ac:ef:d6:26:06:e5:08:82:67:1d:76:16:2f:
f7:ec:62:cd:0b:3c:1c:de:9e:59:8a:fc:5f:bf:ce:29:20:e3:
5e:61:cf:72:8e:dc:76:e5:ce:54:48:4e:40:f8:d9:70:b5:1d:
98:4b:cf:5a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDFgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVCRTMxMTAvBgNVBAUTKERFNTA1NDJCRUExMDgyMDFBNzcyQzAwQkM5RjI1MUFE
MTdGQTk2Q0QwHhcNMjQxMjA0MDMyMTU5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRmY2FkNy0yZTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtdKOlO4U4t7FKiKhsgsXlzF4+frzwEtAp6iZXJbxW8HcdhfFTgwctTAy9Z3f
cJ2rjsJLjQeq3gcR0bmBsxybbD98+c/4nNHHqk1Ed5hEMDKrCZjswhrU39IyH/4g
sJYvQwy/Y6oYvHrz0cAb3zZKkEIUkYJoxjbQD93WJF2iEEpulOAHYPJLja1HDEXt
Bye/CVTYCMAMZ1559UkY0Q/67mD2e+USKIUHOUQBJd068eGNTi/OLPVO7W2CZRdU
hr53iANJOMHLljWcMNQSVlOkgG6HNHF/RU8X2q3a2CJYCwmgvNX/di0MNTlPuYsf
sopzODHEykR09phiG3gCnplqqQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKeQ42UV
6Wy7lQwZw17CzYfypOjnMB8GA1UdIwQYMBaAFN5QVCvqEIIBp3LAC8nyUa0X+pbN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUJFMy84MEFFMTBDNjA0
NTAxMUVBQkE4MkM0MTVDNEY5QUUwMi8zbEJVSy1vUWdnR25jc0FMeWZKUnJSZjZs
czAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNsQlVLLW9RZ2dHbmNzQUx5ZkpSclJmNmxzMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVCRTMvODBBRTEwQzYwNDUwMTFFQUJBODJDNDE1QzRGOUFFMDIvRDU5Q0I4RjQ5
Njg1MTFFRjkzQUU4MjM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABn1lIDBACQMFQwDQYJKoZIhvcNAQELBQADggEBAEgjLJwT
WaUgDeMrlSmSbmkvMm0xSThB6XPGnnIUdCqiEQW56TPJcdtswhzkqjJVhgs1Lz5K
ZUZrZWzaDNPXygFt77mca4wr6A/2mmBAzMyiApHDHE4pYC3T33rLrQ4g/hPRJ9rH
MPM5ytxz+244A607JHkvo4OwLj+mFL3tRiXpbxi8gp9DMOryk9cD729ok0cEZ89K
WQd2Fz1WDOlSCKsMy3wJ9uinMpJGz69RcdfRAGkjAcKuoTZpTooRzRPygH+CC3S5
rPkumVa3rO/WJgblCIJnHXYWL/fsYs0LPBzenlmK/F+/zikg415hz3KO3HblzlRI
TkD42XC1HZhLz1o=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:04:40 2025 by rpki-client