Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEB51/37A534B8EA8311EE91801A76C4F9AE02/748B00F4EA8A11EE9295672AC4F9AE02.roa
File: 748B00F4EA8A11EE9295672AC4F9AE02.roa (raw, json)
Hash identifier: ygDdUhDKlEYCgdYnkaYBpEgiP+SGTZxYs8Pi7efBQ5Q=
Subject key identifier: 2A:DD:8C:2D:6C:8A:C3:C4:4F:A0:CF:83:42:31:60:BC:28:B7:9B:53
Certificate issuer: /CN=A91EEB51/serialNumber=562FB302A876783A084158038BD49EF7051A603C
Certificate serial: 37
Authority key identifier: 56:2F:B3:02:A8:76:78:3A:08:41:58:03:8B:D4:9E:F7:05:1A:60:3C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vi-zAqh2eDoIQVgDi9Se9wUaYDw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EEB51/37A534B8EA8311EE91801A76C4F9AE02/748B00F4EA8A11EE9295672AC4F9AE02.roa
Signing time: Thu 27 Jun 2024 07:31:13 +0000
ROA not before: Thu 27 Jun 2024 07:31:12 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 137050
IP address blocks: 103.100.204.0/22 maxlen: 22
103.100.204.0/24 maxlen: 24
103.100.205.0/24 maxlen: 24
103.100.206.0/24 maxlen: 24
103.100.207.0/24 maxlen: 24
2001:df2:8100::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55 (0x37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EEB51/serialNumber=562FB302A876783A084158038BD49EF7051A603C
Validity
Not Before: Jun 27 07:31:12 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=667d1540-5854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:42:2a:ce:4b:31:2a:d6:fa:be:86:d2:b7:4f:
32:49:c1:75:07:74:c3:24:36:e7:f5:af:71:80:5e:
29:1d:98:19:e3:51:b5:1f:f6:db:5b:7b:06:73:cc:
82:b9:5b:65:27:05:f6:33:af:2a:f9:7f:0a:af:05:
13:3f:13:73:e1:e9:da:e5:72:8f:eb:03:89:a7:72:
79:3b:e1:f9:14:ac:0b:a6:22:5d:67:fc:fe:21:45:
80:50:f3:cc:60:26:b9:b5:75:df:91:50:44:ad:2f:
36:d1:4e:5b:e4:82:64:6d:18:04:1f:6d:7f:7f:a0:
fc:d8:3d:33:a3:39:f2:e7:01:24:70:6a:47:01:44:
14:12:77:8b:b8:bc:89:54:7d:62:4c:7d:1f:8a:86:
9a:8d:0f:67:37:04:e1:c6:09:19:d5:9f:95:d9:e7:
9b:96:c5:62:f7:d6:82:a8:03:f1:c0:b5:40:3d:f0:
58:2b:0c:a8:89:47:46:72:81:43:1b:80:34:7b:0c:
b9:d9:8b:bc:44:d2:93:d2:1a:13:59:f8:7b:2c:0a:
ea:9c:4a:21:df:4a:3e:8c:49:71:07:ef:01:49:bb:
51:1b:9c:0a:43:ac:26:6b:98:33:0b:5b:eb:1e:88:
8b:4d:5f:8f:05:58:a1:49:db:c4:3f:03:07:e9:63:
90:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:DD:8C:2D:6C:8A:C3:C4:4F:A0:CF:83:42:31:60:BC:28:B7:9B:53
X509v3 Authority Key Identifier:
keyid:56:2F:B3:02:A8:76:78:3A:08:41:58:03:8B:D4:9E:F7:05:1A:60:3C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EEB51/37A534B8EA8311EE91801A76C4F9AE02/Vi-zAqh2eDoIQVgDi9Se9wUaYDw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vi-zAqh2eDoIQVgDi9Se9wUaYDw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEB51/37A534B8EA8311EE91801A76C4F9AE02/748B00F4EA8A11EE9295672AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.100.204.0/22
IPv6:
2001:df2:8100::/48
Signature Algorithm: sha256WithRSAEncryption
bc:cf:d9:b7:65:11:cd:92:d5:d0:38:36:d0:7d:8d:88:68:ce:
38:e5:6c:8c:4c:93:1f:e8:16:42:94:a5:2b:36:2e:05:fb:70:
50:f8:3d:d7:d3:91:8e:db:2a:e8:66:95:e6:a6:6f:ca:2f:d2:
a4:3c:89:a2:ee:53:ab:02:d4:e8:a1:88:2f:41:6a:ca:35:a5:
92:13:a5:1c:df:d5:28:0d:b5:8c:33:91:54:33:15:ac:9a:3c:
8f:a5:5f:b0:a6:74:37:e5:a6:5b:6d:60:1e:09:aa:d9:06:1b:
70:1a:5c:02:a7:55:6c:9a:6e:6a:77:db:18:ad:a4:e8:18:86:
21:03:13:ee:1a:fd:83:12:04:08:5d:44:15:94:7b:63:e8:e8:
31:fc:9a:78:c5:fe:5b:d5:2f:ca:4e:aa:88:2f:a1:ed:07:c7:
df:e1:dc:72:f7:0e:3e:42:d3:93:12:80:40:4d:eb:ce:24:81:
5c:70:ce:c2:df:bd:ed:d2:ad:79:55:0f:d8:2d:60:b2:d2:e0:
0c:d5:6b:79:d0:bc:08:1f:9a:63:76:81:63:0a:0d:8e:f2:22:
7e:a4:de:22:4f:96:0f:93:3f:56:94:a7:45:4d:eb:92:55:d4:
89:69:7e:a1:13:ee:dc:34:c3:e0:3b:15:37:85:84:4f:2f:fd:
e0:9f:01:09
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RUI1MTExMC8GA1UEBRMoNTYyRkIzMDJBODc2NzgzQTA4NDE1ODAzOEJENDlFRjcw
NTFBNjAzQzAeFw0yNDA2MjcwNzMxMTJaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2N2QxNTQwLTU4NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEQirOSzEq1vq+htK3TzJJwXUHdMMkNuf1r3GAXikdmBnjUbUf9ttbewZzzIK5
W2UnBfYzryr5fwqvBRM/E3Ph6drlco/rA4mncnk74fkUrAumIl1n/P4hRYBQ88xg
Jrm1dd+RUEStLzbRTlvkgmRtGAQfbX9/oPzYPTOjOfLnASRwakcBRBQSd4u4vIlU
fWJMfR+KhpqND2c3BOHGCRnVn5XZ55uWxWL31oKoA/HAtUA98FgrDKiJR0ZygUMb
gDR7DLnZi7xE0pPSGhNZ+HssCuqcSiHfSj6MSXEH7wFJu1EbnApDrCZrmDMLW+se
iItNX48FWKFJ28Q/AwfpY5CJAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUKt2MLWyK
w8RPoM+DQjFgvCi3m1MwHwYDVR0jBBgwFoAUVi+zAqh2eDoIQVgDi9Se9wUaYDww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVFQjUxLzM3QTUzNEI4RUE4
MzExRUU5MTgwMUE3NkM0RjlBRTAyL1ZpLXpBcWgyZURvSVFWZ0RpOVNlOXdVYVlE
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVmktekFxaDJlRG9JUVZnRGk5U2U5d1VhWUR3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RUI1MS8zN0E1MzRCOEVBODMxMUVFOTE4MDFBNzZDNEY5QUUwMi83NDhCMDBGNEVB
OEExMUVFOTI5NTY3MkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAmdkzDAPBAIAAjAJAwcAIAEN8oEAMA0GCSqGSIb3DQEBCwUA
A4IBAQC8z9m3ZRHNktXQODbQfY2IaM445WyMTJMf6BZClKUrNi4F+3BQ+D3X05GO
2yroZpXmpm/KL9KkPImi7lOrAtTooYgvQWrKNaWSE6Uc39UoDbWMM5FUMxWsmjyP
pV+wpnQ35aZbbWAeCarZBhtwGlwCp1Vsmm5qd9sYraToGIYhAxPuGv2DEgQIXUQV
lHtj6Ogx/Jp4xf5b1S/KTqqIL6HtB8ff4dxy9w4+QtOTEoBATevOJIFccM7C373t
0q15VQ/YLWCy0uAM1Wt50LwIH5pjdoFjCg2O8iJ+pN4iT5YPkz9WlKdFTeuSVdSJ
aX6hE+7cNMPgOxU3hYRPL/3gnwEJ
-----END CERTIFICATE-----
Generated at Sat Apr 26 22:26:10 2025 by rpki-client