Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/4D169ADAA58111EF9B0F614CC4F9AE02.roa
File: 4D169ADAA58111EF9B0F614CC4F9AE02.roa (raw, json)
Hash identifier: KELUar0kmMSE0Hr3nONl2wkCpsYs8JqRG5YfE2TgXTM=
Subject key identifier: D0:82:B2:D5:EB:A5:F9:A2:46:EB:DF:C4:22:F4:91:8A:89:0E:A2:35
Certificate issuer: /CN=A91EB2B8/serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F
Certificate serial: 024F
Authority key identifier: A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/4D169ADAA58111EF9B0F614CC4F9AE02.roa
Signing time: Fri 31 Jan 2025 00:09:24 +0000
ROA not before: Fri 31 Jan 2025 00:09:24 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 13335
IP address blocks: 103.138.247.0/24 maxlen: 24
123.108.74.0/24 maxlen: 24
123.108.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 591 (0x24f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EB2B8
Validity
Not Before: Jan 31 00:09:24 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=679c14b3-cf09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:36:9e:40:26:c5:c6:3d:c0:23:d7:6d:83:56:
ff:a2:0d:7b:1e:0c:b5:2a:ba:4e:cd:32:82:cb:37:
5b:0a:34:7d:c1:fb:6a:f0:d9:98:dd:93:43:dc:0b:
51:3d:fa:66:fc:f8:db:33:dc:8d:5c:d3:b5:37:32:
e7:02:3f:37:fe:71:a8:ea:86:06:dc:94:99:6b:cf:
f1:32:fc:d5:99:8a:d2:5f:8f:35:87:26:14:31:d3:
18:9a:8a:eb:df:be:a5:21:0d:e9:5f:7c:f6:98:a1:
dd:7a:00:e9:ad:41:1f:d6:ca:a3:ed:7d:19:e2:2d:
f2:d4:87:90:72:a4:23:a9:77:6b:d7:0d:42:b2:7c:
0d:0c:8d:24:d7:ee:5f:11:d5:e9:9a:c6:ec:fe:a5:
b3:47:c3:d7:c0:37:0d:1d:1b:3d:c3:6f:5d:87:13:
41:71:63:2f:7d:eb:1d:9d:1c:30:d2:af:69:d2:e0:
d4:a6:3e:ef:56:f0:32:60:c2:a1:72:5f:8f:cb:09:
63:ad:cc:20:2e:52:d9:47:25:f4:0b:d4:27:66:73:
c4:46:37:fe:49:55:18:c7:f2:13:b9:1a:e4:28:cc:
22:ff:1f:f8:39:da:f6:a5:2a:1e:dd:7b:ad:f3:a7:
e6:49:d9:94:76:ac:68:b6:da:79:44:5b:5c:70:e7:
61:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:82:B2:D5:EB:A5:F9:A2:46:EB:DF:C4:22:F4:91:8A:89:0E:A2:35
X509v3 Authority Key Identifier:
keyid:A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/4D169ADAA58111EF9B0F614CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.247.0/24
123.108.74.0/23
Signature Algorithm: sha256WithRSAEncryption
86:56:34:00:4c:46:9e:85:70:b2:41:bd:fb:52:7e:70:ee:6f:
5b:f3:36:cd:49:91:8b:a0:e0:f7:82:e1:84:17:f9:56:8e:db:
45:ab:b1:90:7c:ee:e2:42:22:71:d5:38:05:b0:b3:14:e5:34:
cd:05:fe:b5:c1:31:d8:0a:1f:13:cd:6a:18:bf:aa:fd:07:29:
fa:94:2c:60:4b:47:36:bd:1f:3e:d6:f1:22:f8:f5:07:b4:07:
12:66:43:91:b7:d9:b8:e9:4c:31:f9:0b:74:ef:78:49:a0:7e:
f3:a7:56:4e:75:54:b4:f8:b9:7c:9a:a2:f3:95:b7:ff:38:0d:
2f:7c:7d:de:af:47:b2:02:61:91:0c:11:05:79:66:f6:13:ec:
aa:1c:e7:3a:75:8d:1c:dc:03:45:49:67:ae:69:0b:71:83:18:
0e:b0:25:2f:42:fd:b7:19:7a:e2:14:28:41:5a:55:27:d0:58:
19:f9:43:5e:ff:fe:46:c3:f4:3b:43:37:57:c4:a2:f2:9d:7d:
cd:a5:59:8c:22:f0:5f:fe:a4:6a:2b:13:d7:eb:bb:86:9b:57:
c8:99:ff:77:eb:07:9a:7f:b0:47:54:27:82:e2:c1:5e:c7:7d:
33:9a:fd:bb:82:3c:f6:66:bb:b0:58:50:7a:c3:36:58:35:4f:
34:39:e0:e4
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAk8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUIyQjgxMTAvBgNVBAUTKEE2OTcwMEU3OEQwQzgxMkFEMkUyQzExNEM4MkM2NTVB
MEFDRDQ0N0YwHhcNMjUwMTMxMDAwOTI0WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljMTRiMy1jZjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtzaeQCbFxj3AI9dtg1b/og17Hgy1KrpOzTKCyzdbCjR9wftq8NmY3ZND3AtR
Pfpm/PjbM9yNXNO1NzLnAj83/nGo6oYG3JSZa8/xMvzVmYrSX481hyYUMdMYmorr
376lIQ3pX3z2mKHdegDprUEf1sqj7X0Z4i3y1IeQcqQjqXdr1w1CsnwNDI0k1+5f
EdXpmsbs/qWzR8PXwDcNHRs9w29dhxNBcWMvfesdnRww0q9p0uDUpj7vVvAyYMKh
cl+PywljrcwgLlLZRyX0C9QnZnPERjf+SVUYx/ITuRrkKMwi/x/4Odr2pSoe3Xut
86fmSdmUdqxottp5RFtccOdhZQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNCCstXr
pfmiRuvfxCL0kYqJDqI1MB8GA1UdIwQYMBaAFKaXAOeNDIEq0uLBFMgsZVoKzUR/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjJCOC8zRjQ0Q0JBRTJG
NEQxMUVEOEY1QTZBNjRDNEY5QUUwMi9wcGNBNTQwTWdTclM0c0VVeUN4bFdnck5S
SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BwY0E1NDBNZ1NyUzRzRVV5Q3hsV2dyTlJIOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUIyQjgvM0Y0NENCQUUyRjREMTFFRDhGNUE2QTY0QzRGOUFFMDIvNEQxNjlBREFB
NTgxMTFFRjlCMEY2MTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnivcDBAF7bEowDQYJKoZIhvcNAQELBQADggEBAIZWNABM
Rp6FcLJBvftSfnDub1vzNs1JkYug4PeC4YQX+VaO20WrsZB87uJCInHVOAWwsxTl
NM0F/rXBMdgKHxPNahi/qv0HKfqULGBLRza9Hz7W8SL49Qe0BxJmQ5G32bjpTDH5
C3TveEmgfvOnVk51VLT4uXyaovOVt/84DS98fd6vR7ICYZEMEQV5ZvYT7Koc5zp1
jRzcA0VJZ65pC3GDGA6wJS9C/bcZeuIUKEFaVSfQWBn5Q17//kbD9DtDN1fEovKd
fc2lWYwi8F/+pGorE9fru4abV8iZ/3frB5p/sEdUJ4LiwV7HfTOa/buCPPZmu7BY
UHrDNlg1TzQ54OQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:58:46 2025 by rpki-client