Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/AB2FDD4CA56911EA8F159D7BC4F9AE02.roa
File: AB2FDD4CA56911EA8F159D7BC4F9AE02.roa (raw, json)
Hash identifier: 5W1NfRExr5L2qQL5H136NrVKGoHwAdTpjf3o+jUw4fM=
Subject key identifier: 4E:D1:40:EE:BF:DC:51:4E:88:8A:FD:B1:A1:66:37:A7:30:C0:63:BA
Certificate issuer: /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Certificate serial: 0EBB
Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/AB2FDD4CA56911EA8F159D7BC4F9AE02.roa
Signing time: Tue 14 Jan 2025 18:16:23 +0000
ROA not before: Tue 14 Jan 2025 18:16:23 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 27822
IP address blocks: 210.57.82.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3771 (0xebb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFFA0
Validity
Not Before: Jan 14 18:16:23 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6786a9f6-42a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:76:32:16:bd:8e:46:86:c7:d9:31:e3:d1:8e:
99:79:20:55:a4:77:d7:41:ba:93:03:a8:65:05:1d:
08:45:eb:85:39:33:08:63:b1:d5:cd:ea:5a:9c:5e:
8b:00:47:54:d5:12:52:b2:2b:c7:dd:d0:03:a7:30:
90:e9:00:f9:4c:8a:ba:0f:bf:4c:7e:49:e4:8b:94:
87:e3:b6:75:2f:5a:0f:91:f6:b9:be:8f:32:1e:bc:
e3:40:30:dd:e4:85:81:ce:99:a7:34:1a:d1:26:a8:
bb:50:18:b5:be:fa:15:56:fc:4e:23:11:c4:c2:27:
da:8f:a7:49:83:7e:98:95:b7:e4:36:9c:54:99:84:
3e:81:0f:ff:5c:d7:bb:9e:f4:23:39:83:2f:96:20:
9b:4b:7e:c3:3a:5b:5e:6b:d1:6f:c4:0c:fe:6a:ba:
67:64:36:e6:18:00:24:58:35:79:a6:e6:42:8c:83:
57:3e:0e:60:34:52:c4:8b:36:fa:07:e2:70:76:18:
3e:ef:3a:c6:ff:80:a3:56:fd:d5:3a:f9:8f:bf:2a:
18:fc:97:69:36:77:1a:2e:95:95:c7:70:26:c0:71:
2e:a5:fd:69:70:ec:11:8a:e3:39:f6:6e:8d:aa:b6:
39:03:e1:fc:18:8d:03:9a:2f:16:93:86:6d:b3:b4:
88:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D1:40:EE:BF:DC:51:4E:88:8A:FD:B1:A1:66:37:A7:30:C0:63:BA
X509v3 Authority Key Identifier:
keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/AB2FDD4CA56911EA8F159D7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.57.82.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:af:12:e1:40:c0:83:e6:c6:4c:52:22:d8:7c:66:8c:bd:f0:
45:9c:f7:0b:35:13:d9:29:32:86:ee:81:7d:0e:28:b0:bc:e9:
2e:99:25:9c:4a:ff:92:cd:79:a1:cf:ce:fa:3c:9e:2f:03:3b:
e1:e1:bb:13:54:8a:73:16:1b:52:bf:e0:69:13:28:6c:b4:2a:
13:de:92:a4:e6:28:76:63:4c:d6:14:ac:c0:61:2c:81:eb:d5:
be:7a:f6:5b:80:09:0e:d9:22:d6:5f:31:f5:2b:5f:ae:03:18:
d0:b5:11:ea:b4:7f:8b:d9:fd:49:9c:2c:c2:b8:61:b4:65:86:
a3:df:92:e4:18:08:a8:4e:83:48:fb:f0:42:ce:2a:9b:2b:8e:
cc:a2:be:4e:9d:46:ce:fe:02:40:ff:a3:4d:3f:83:71:88:a3:
36:c0:b7:43:ea:35:d5:c7:5b:1d:36:b5:04:64:74:e4:7e:fe:
9e:32:5a:45:2e:73:6a:01:00:b2:7f:01:d2:5d:12:f4:de:15:
99:12:92:95:19:13:c2:04:85:27:d1:fd:9c:22:9c:b0:23:e7:
dd:47:1a:bd:17:04:8e:d2:17:fc:7b:86:ab:61:72:13:42:40:
ee:b0:82:99:f5:69:35:61:c7:e1:5d:3f:cd:66:ea:f5:46:28:
25:e9:40:f4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDrswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB
RDNBRUZFQzgwHhcNMjUwMTE0MTgxNjIzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2YTlmNi00MmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAynYyFr2ORobH2THj0Y6ZeSBVpHfXQbqTA6hlBR0IReuFOTMIY7HVzepanF6L
AEdU1RJSsivH3dADpzCQ6QD5TIq6D79Mfknki5SH47Z1L1oPkfa5vo8yHrzjQDDd
5IWBzpmnNBrRJqi7UBi1vvoVVvxOIxHEwifaj6dJg36YlbfkNpxUmYQ+gQ//XNe7
nvQjOYMvliCbS37DOltea9FvxAz+arpnZDbmGAAkWDV5puZCjINXPg5gNFLEizb6
B+Jwdhg+7zrG/4CjVv3VOvmPvyoY/JdpNncaLpWVx3AmwHEupf1pcOwRiuM59m6N
qrY5A+H8GI0Dmi8Wk4Zts7SIFQIDAQABo4IClTCCApEwHQYDVR0OBBYEFE7RQO6/
3FFOiIr9saFmN6cwwGO6MB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4
Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvQUIyRkRENENB
NTY5MTFFQThGMTU5RDdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADSOVIwDQYJKoZIhvcNAQELBQADggEBAD6vEuFAwIPmxkxS
Ith8Zoy98EWc9ws1E9kpMobugX0OKLC86S6ZJZxK/5LNeaHPzvo8ni8DO+HhuxNU
inMWG1K/4GkTKGy0KhPekqTmKHZjTNYUrMBhLIHr1b569luACQ7ZItZfMfUrX64D
GNC1Eeq0f4vZ/UmcLMK4YbRlhqPfkuQYCKhOg0j78ELOKpsrjsyivk6dRs7+AkD/
o00/g3GIozbAt0PqNdXHWx02tQRkdOR+/p4yWkUuc2oBALJ/AdJdEvTeFZkSkpUZ
E8IEhSfR/ZwinLAj591HGr0XBI7SF/x7hqthchNCQO6wgpn1aTVhx+FdP81m6vVG
KCXpQPQ=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:16:45 2025 by rpki-client