Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/583C0F00ABFB11EF94E1FC10C4F9AE02.roa
File: 583C0F00ABFB11EF94E1FC10C4F9AE02.roa (raw, json)
Hash identifier: QP5Cz3lsO438knsbcWs8qytHNV5HCIM6Ko3fU+Di7J0=
Subject key identifier: 9A:91:CE:6E:3B:1B:BD:13:FF:83:88:31:F2:F0:6C:BB:A7:9D:B0:E2
Certificate issuer: /CN=A91EB2B8/serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F
Certificate serial: 021E
Authority key identifier: A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/583C0F00ABFB11EF94E1FC10C4F9AE02.roa
Signing time: Tue 26 Nov 2024 13:35:48 +0000
ROA not before: Tue 26 Nov 2024 13:35:48 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 209242
IP address blocks: 103.138.246.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 542 (0x21e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EB2B8
Validity
Not Before: Nov 26 13:35:48 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6745ceb3-f67c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ba:4a:fd:79:7e:16:cd:3d:ea:cf:3d:ab:45:
8f:bf:4a:5e:51:e2:f8:f0:be:44:5f:a3:0a:2f:1b:
87:2b:b2:2e:af:54:02:fb:12:30:0d:05:ca:28:6e:
45:db:95:22:be:5e:0c:60:1f:eb:96:29:2b:88:67:
44:fc:43:65:fa:c0:b3:45:fa:e9:f6:22:e4:31:b3:
b6:07:94:d9:61:b6:d5:29:78:00:0d:06:c1:e7:c9:
64:1a:03:d6:5c:55:ad:7d:60:99:95:7d:2d:b1:71:
0b:7b:c7:ea:c1:d3:99:f5:d5:dd:ba:53:25:d6:a5:
5a:7a:ab:f3:a6:20:f0:23:26:17:66:80:70:a1:eb:
23:4b:31:5e:c6:cc:3b:84:41:19:8e:27:e1:f4:5f:
05:ac:73:35:eb:60:e8:f8:49:46:47:95:d6:e0:e8:
3c:2f:57:14:bc:45:92:29:5b:c5:44:96:16:b0:0a:
47:af:3b:18:ad:f7:60:78:69:58:23:44:7d:73:7e:
93:74:9e:1a:e3:77:95:b2:e2:0f:32:36:ad:3c:0b:
2e:6b:db:0d:03:75:e9:86:42:b9:89:17:db:05:21:
91:06:78:e6:a3:f5:67:b4:49:15:96:b5:ef:57:83:
7c:bc:3f:14:6a:fa:be:94:33:4f:91:72:fe:ce:02:
05:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:91:CE:6E:3B:1B:BD:13:FF:83:88:31:F2:F0:6C:BB:A7:9D:B0:E2
X509v3 Authority Key Identifier:
keyid:A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/583C0F00ABFB11EF94E1FC10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.246.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:f5:da:5a:09:ab:b9:07:6c:60:92:60:96:b0:6a:f4:76:ab:
86:d0:ba:27:af:49:a4:d3:2d:09:ae:a7:f4:89:9f:ac:9e:22:
d4:29:96:08:20:8f:e8:af:e8:b6:7b:cc:1b:06:f1:c5:a2:e5:
1a:f0:44:b0:77:3d:23:1a:f8:d1:3a:e3:24:e5:a7:df:de:64:
36:29:c9:b1:39:72:a2:b8:98:87:6c:fb:60:10:5f:c8:56:2f:
f5:bc:a8:31:be:55:ce:9b:56:a9:71:23:07:07:48:24:3e:f5:
b1:25:6a:34:2b:fd:64:d5:ed:69:bb:c7:e1:c4:d2:f8:e5:9d:
83:46:a5:d8:1e:2f:35:0d:7a:3e:8c:98:d9:33:ca:61:4a:65:
fb:d5:9d:8b:c0:71:f4:d3:bb:dd:9e:bd:aa:da:09:57:72:07:
18:95:42:88:93:fe:d1:e0:df:dc:2a:09:8f:c8:75:ae:84:91:
51:14:e4:d5:07:b2:86:d9:4e:36:68:8e:89:13:b0:ec:1a:83:
c6:1d:d0:21:8e:4d:cd:c4:46:b2:5c:2f:f0:9f:2b:40:10:59:
5e:85:e5:3f:36:ce:9e:1f:07:fd:63:59:ad:1b:b6:8b:b4:b0:
98:91:ce:96:11:10:a1:1a:45:4e:19:bb:60:a6:77:7a:ce:54:
5e:1e:4f:5d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAh4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUIyQjgxMTAvBgNVBAUTKEE2OTcwMEU3OEQwQzgxMkFEMkUyQzExNEM4MkM2NTVB
MEFDRDQ0N0YwHhcNMjQxMTI2MTMzNTQ4WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ1Y2ViMy1mNjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwbpK/Xl+Fs096s89q0WPv0peUeL48L5EX6MKLxuHK7Iur1QC+xIwDQXKKG5F
25Uivl4MYB/rlikriGdE/ENl+sCzRfrp9iLkMbO2B5TZYbbVKXgADQbB58lkGgPW
XFWtfWCZlX0tsXELe8fqwdOZ9dXdulMl1qVaeqvzpiDwIyYXZoBwoesjSzFexsw7
hEEZjifh9F8FrHM162Do+ElGR5XW4Og8L1cUvEWSKVvFRJYWsApHrzsYrfdgeGlY
I0R9c36TdJ4a43eVsuIPMjatPAsua9sNA3XphkK5iRfbBSGRBnjmo/VntEkVlrXv
V4N8vD8Uavq+lDNPkXL+zgIFzwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJqRzm47
G70T/4OIMfLwbLunnbDiMB8GA1UdIwQYMBaAFKaXAOeNDIEq0uLBFMgsZVoKzUR/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjJCOC8zRjQ0Q0JBRTJG
NEQxMUVEOEY1QTZBNjRDNEY5QUUwMi9wcGNBNTQwTWdTclM0c0VVeUN4bFdnck5S
SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BwY0E1NDBNZ1NyUzRzRVV5Q3hsV2dyTlJIOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUIyQjgvM0Y0NENCQUUyRjREMTFFRDhGNUE2QTY0QzRGOUFFMDIvNTgzQzBGMDBB
QkZCMTFFRjk0RTFGQzEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnivYwDQYJKoZIhvcNAQELBQADggEBABv12loJq7kHbGCS
YJawavR2q4bQuievSaTTLQmup/SJn6yeItQplgggj+iv6LZ7zBsG8cWi5RrwRLB3
PSMa+NE64yTlp9/eZDYpybE5cqK4mIds+2AQX8hWL/W8qDG+Vc6bVqlxIwcHSCQ+
9bElajQr/WTV7Wm7x+HE0vjlnYNGpdgeLzUNej6MmNkzymFKZfvVnYvAcfTTu92e
varaCVdyBxiVQoiT/tHg39wqCY/Ida6EkVEU5NUHsobZTjZojokTsOwag8Yd0CGO
Tc3ERrJcL/CfK0AQWV6F5T82zp4fB/1jWa0btou0sJiRzpYREKEaRU4Zu2Cmd3rO
VF4eT10=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:15:51 2025 by rpki-client