Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A57AA/C1835D5CF14811EDB731960DC4F9AE02/DFC9BF30F14E11ED992E1316C4F9AE02.roa
File: DFC9BF30F14E11ED992E1316C4F9AE02.roa (raw, json)
Hash identifier: OU5KcZHZ3xkQgEaHszLfMVM61GV8iQUJWprw5u91teE=
Subject key identifier: E2:B2:A4:E8:24:8A:80:03:CE:1D:AB:3C:35:C1:D2:C6:0A:76:37:5B
Certificate issuer: /CN=A91A57AA/serialNumber=19043CD089C9794FA78F45A54EAB5F2B6E918EEE
Certificate serial: B5
Authority key identifier: 19:04:3C:D0:89:C9:79:4F:A7:8F:45:A5:4E:AB:5F:2B:6E:91:8E:EE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GQQ80InJeU-nj0WlTqtfK26Rju4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A57AA/C1835D5CF14811EDB731960DC4F9AE02/DFC9BF30F14E11ED992E1316C4F9AE02.roa
Signing time: Thu 25 Apr 2024 06:39:35 +0000
ROA not before: Thu 25 Apr 2024 06:39:35 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138493
IP address blocks: 103.69.58.0/23 maxlen: 24
2001:df2:5440::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 181 (0xb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A57AA/serialNumber=19043CD089C9794FA78F45A54EAB5F2B6E918EEE
Validity
Not Before: Apr 25 06:39:35 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6629faa7-3cf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:72:42:ab:9c:31:cc:53:97:58:27:f0:1b:90:
c9:0c:63:b6:ce:08:78:99:71:b0:c4:30:d4:68:ab:
dc:5b:93:79:22:0e:9d:26:00:9c:0b:5c:a2:b0:fc:
5c:ee:26:f8:2e:bf:05:82:93:b7:1b:0b:25:a8:e6:
e2:28:48:b2:9b:ed:2e:51:a9:20:c5:64:6f:75:6a:
64:98:f7:9e:a6:69:00:fa:94:48:c0:86:f5:fb:2a:
03:25:a1:54:22:ad:bb:7d:2d:92:b8:f8:43:bc:a4:
2e:19:28:6b:21:be:f3:95:49:07:01:81:aa:62:8e:
cb:c6:e3:f6:8f:4b:9c:e7:81:9c:60:1d:71:e6:2f:
43:63:9d:18:5a:d0:83:83:d3:2d:8e:cb:ed:66:30:
30:76:35:09:f5:32:78:98:4d:02:d6:0f:2c:a3:ca:
6d:dd:01:f6:dd:df:be:8e:1c:86:c4:09:5d:e4:8a:
74:4c:fb:59:ab:9e:5a:65:27:75:8a:27:4e:aa:cc:
64:52:0d:c1:72:3f:a5:e4:1f:1c:45:39:bb:03:15:
cf:7c:86:42:a8:49:6e:c9:05:f5:ae:fb:ef:39:09:
b7:f4:62:bf:c1:03:34:d3:40:e9:19:d6:3c:bc:1a:
ac:7f:d8:88:32:ae:c8:a6:02:95:f6:aa:a8:72:fc:
22:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B2:A4:E8:24:8A:80:03:CE:1D:AB:3C:35:C1:D2:C6:0A:76:37:5B
X509v3 Authority Key Identifier:
keyid:19:04:3C:D0:89:C9:79:4F:A7:8F:45:A5:4E:AB:5F:2B:6E:91:8E:EE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A57AA/C1835D5CF14811EDB731960DC4F9AE02/GQQ80InJeU-nj0WlTqtfK26Rju4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GQQ80InJeU-nj0WlTqtfK26Rju4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A57AA/C1835D5CF14811EDB731960DC4F9AE02/DFC9BF30F14E11ED992E1316C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.69.58.0/23
IPv6:
2001:df2:5440::/48
Signature Algorithm: sha256WithRSAEncryption
87:b8:83:2b:1f:f4:84:2b:3d:03:2c:f8:66:e7:78:45:02:42:
11:e1:76:ff:72:f3:33:66:7b:24:cd:d6:83:ce:ed:6b:d7:ac:
3d:9c:ad:10:4f:99:89:fb:27:02:11:0f:f1:59:c5:b3:0f:54:
07:a8:d7:d2:5d:e8:c0:f4:ef:15:a1:d5:41:31:9a:73:16:ea:
19:b9:18:4e:7b:70:7e:be:cc:c9:d3:b0:4f:f9:c7:ac:f5:62:
4b:04:7d:6d:04:8b:0f:88:31:21:65:9b:43:d1:ec:5b:06:f1:
4a:c7:fc:1e:b6:39:82:7f:d5:27:29:59:76:02:6f:58:85:d0:
b5:f5:b9:56:aa:f1:34:ce:93:1f:4f:84:36:ed:1f:2c:28:5d:
4f:8f:fe:f2:71:38:3f:54:bc:d4:5e:85:ad:08:01:e4:be:b7:
78:80:21:13:a7:78:12:5d:18:66:2c:ba:09:48:38:57:c7:5b:
16:2d:b2:24:4d:17:ad:4d:2f:4f:59:ae:d6:3e:de:b4:a7:16:
c4:93:52:ff:16:8f:90:26:3b:65:53:41:86:09:d8:69:eb:eb:
ed:a3:b9:75:ac:09:86:d9:9d:06:22:e9:f2:88:8c:56:22:6a:
44:2b:93:bd:5a:a3:ba:ca:48:ff:af:25:ad:d9:15:cd:74:9c:
76:71:89:b9
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICALUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU3QUExMTAvBgNVBAUTKDE5MDQzQ0QwODlDOTc5NEZBNzhGNDVBNTRFQUI1RjJC
NkU5MThFRUUwHhcNMjQwNDI1MDYzOTM1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI5ZmFhNy0zY2YxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq3JCq5wxzFOXWCfwG5DJDGO2zgh4mXGwxDDUaKvcW5N5Ig6dJgCcC1yisPxc
7ib4Lr8FgpO3GwslqObiKEiym+0uUakgxWRvdWpkmPeepmkA+pRIwIb1+yoDJaFU
Iq27fS2SuPhDvKQuGShrIb7zlUkHAYGqYo7LxuP2j0uc54GcYB1x5i9DY50YWtCD
g9MtjsvtZjAwdjUJ9TJ4mE0C1g8so8pt3QH23d++jhyGxAld5Ip0TPtZq55aZSd1
iidOqsxkUg3Bcj+l5B8cRTm7AxXPfIZCqEluyQX1rvvvOQm39GK/wQM000DpGdY8
vBqsf9iIMq7IpgKV9qqocvwizwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOKypOgk
ioADzh2rPDXB0sYKdjdbMB8GA1UdIwQYMBaAFBkEPNCJyXlPp49FpU6rXytukY7u
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTdBQS9DMTgzNUQ1Q0Yx
NDgxMUVEQjczMTk2MERDNEY5QUUwMi9HUVE4MEluSmVVLW5qMFdsVHF0ZksyNlJq
dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dRUTgwSW5KZVUtbmowV2xUcXRmSzI2Ump1NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU3QUEvQzE4MzVENUNGMTQ4MTFFREI3MzE5NjBEQzRGOUFFMDIvREZDOUJGMzBG
MTRFMTFFRDk5MkUxMzE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnRTowDwQCAAIwCQMHACABDfJUQDANBgkqhkiG9w0BAQsF
AAOCAQEAh7iDKx/0hCs9Ayz4Zud4RQJCEeF2/3LzM2Z7JM3Wg87ta9esPZytEE+Z
ifsnAhEP8VnFsw9UB6jX0l3owPTvFaHVQTGacxbqGbkYTntwfr7MydOwT/nHrPVi
SwR9bQSLD4gxIWWbQ9HsWwbxSsf8HrY5gn/VJylZdgJvWIXQtfW5VqrxNM6TH0+E
Nu0fLChdT4/+8nE4P1S81F6FrQgB5L63eIAhE6d4El0YZiy6CUg4V8dbFi2yJE0X
rU0vT1mu1j7etKcWxJNS/xaPkCY7ZVNBhgnYaevr7aO5dawJhtmdBiLp8oiMViJq
RCuTvVqjuspI/68lrdkVzXScdnGJuQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:16:10 2025 by rpki-client