Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CED9/0C253A4A22E611EA950A1886C4F9AE02/AA7E4904B65C11EDA8F75721C4F9AE02.roa
File: AA7E4904B65C11EDA8F75721C4F9AE02.roa (raw, json)
Hash identifier: FAhwi2lEeQHBoplZuHLEWqO0EoT5RpDKQFI6YaOgrNI=
Subject key identifier: E5:42:68:A7:F2:95:A7:07:EE:4F:50:F5:FA:88:2D:B6:95:69:49:49
Certificate issuer: /CN=A911CED9/serialNumber=6B87C694F7A1DDC43767F589EB277AE74FED3B7B
Certificate serial: 0A17
Authority key identifier: 6B:87:C6:94:F7:A1:DD:C4:37:67:F5:89:EB:27:7A:E7:4F:ED:3B:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a4fGlPeh3cQ3Z_WJ6yd650_tO3s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CED9/0C253A4A22E611EA950A1886C4F9AE02/AA7E4904B65C11EDA8F75721C4F9AE02.roa
Signing time: Mon 27 Feb 2023 05:07:44 +0000
ROA not before: Mon 27 Feb 2023 05:07:44 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 14618
IP address blocks: 45.112.120.0/22 maxlen: 22
45.112.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2583 (0xa17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CED9/serialNumber=6B87C694F7A1DDC43767F589EB277AE74FED3B7B
Validity
Not Before: Feb 27 05:07:44 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63fc3a9f-5696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:07:cf:43:2c:3f:ae:a0:31:0d:15:7a:e6:32:
25:ec:9c:5c:63:c4:94:e9:08:ed:c2:b0:7b:4f:ae:
b8:ae:07:f3:4d:c9:be:f2:fa:4b:f5:39:0d:92:5a:
c8:2d:2d:59:d1:c4:27:60:61:f8:55:60:45:3b:cb:
7e:f8:12:24:fd:24:02:d6:0d:50:30:66:e2:ff:3f:
f4:8f:c9:ea:da:9f:7b:95:d2:d9:b2:6e:97:f4:78:
fd:e9:27:44:67:16:1c:88:6b:0b:73:2c:17:e1:b8:
36:37:a9:0f:da:41:f6:c1:2e:0c:5f:12:be:92:1d:
67:be:c4:e4:28:a6:cd:b6:44:cf:12:e7:b2:ab:f7:
5b:83:7a:dd:71:7b:a1:0d:19:e8:f7:1b:2b:d4:07:
11:83:cd:39:5b:f3:c5:70:c4:84:dd:48:c9:55:bf:
cc:e6:f0:0c:43:d3:77:ba:3e:c2:54:60:7c:da:5f:
21:35:d2:cc:ba:53:90:e9:16:2d:06:da:4f:72:37:
b3:35:a0:86:5f:4a:7a:a9:88:fb:8d:63:08:b1:f3:
50:94:fe:88:bc:ab:ac:78:b1:8b:92:2a:33:3a:ad:
fc:53:00:8e:cf:e8:14:f4:b5:ae:5b:20:43:5b:68:
34:a6:86:4f:62:15:62:34:15:ba:49:99:63:89:c2:
03:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:42:68:A7:F2:95:A7:07:EE:4F:50:F5:FA:88:2D:B6:95:69:49:49
X509v3 Authority Key Identifier:
keyid:6B:87:C6:94:F7:A1:DD:C4:37:67:F5:89:EB:27:7A:E7:4F:ED:3B:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CED9/0C253A4A22E611EA950A1886C4F9AE02/a4fGlPeh3cQ3Z_WJ6yd650_tO3s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a4fGlPeh3cQ3Z_WJ6yd650_tO3s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CED9/0C253A4A22E611EA950A1886C4F9AE02/AA7E4904B65C11EDA8F75721C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.120.0/22
Signature Algorithm: sha256WithRSAEncryption
21:05:f8:6f:25:25:7a:ef:f3:f2:2f:0f:c5:77:ac:a1:33:46:
87:4b:8d:18:c3:84:1b:80:1c:97:6f:ae:ad:6b:0b:3a:04:9f:
6c:d0:d7:0f:97:33:1f:e4:87:83:27:bc:3c:4f:f2:9b:29:17:
9d:1a:87:00:2b:c4:9f:6e:fa:d4:d0:62:8b:72:1a:b3:51:64:
ca:8b:65:56:15:47:1e:33:b8:bb:71:aa:a2:f7:cc:65:72:1d:
ee:a1:b5:cc:44:dc:27:7b:c5:25:95:7d:f0:7c:c4:a8:0e:87:
d1:cc:90:dc:3b:06:06:a4:27:1b:f1:c8:f0:ce:03:c1:07:16:
8f:91:50:3f:5f:ed:f2:cd:dd:e1:3d:e4:58:7a:5a:59:ef:9c:
70:67:bb:90:a9:de:4f:25:72:7a:08:40:04:7a:a8:0c:e8:e7:
e7:e4:7e:c7:1e:16:b1:06:09:46:33:c4:07:c0:96:3c:b1:b6:
4d:b7:67:72:c2:6e:b6:29:76:ad:ed:ef:f7:69:9d:b1:3f:bf:
85:7e:19:b7:d0:de:7c:f8:79:c6:d7:0f:19:d3:ce:e1:3e:22:
fc:e7:e8:a2:59:ab:51:29:be:3b:35:8e:cb:85:8d:f8:7c:6c:
ce:aa:36:2e:19:ed:a8:9b:01:ef:f3:98:9e:44:9c:42:04:19:
ce:f1:52:52
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICChcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNFRDkxMTAvBgNVBAUTKDZCODdDNjk0RjdBMUREQzQzNzY3RjU4OUVCMjc3QUU3
NEZFRDNCN0IwHhcNMjMwMjI3MDUwNzQ0WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ZjM2E5Zi01Njk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsAfPQyw/rqAxDRV65jIl7JxcY8SU6QjtwrB7T664rgfzTcm+8vpL9TkNklrI
LS1Z0cQnYGH4VWBFO8t++BIk/SQC1g1QMGbi/z/0j8nq2p97ldLZsm6X9Hj96SdE
ZxYciGsLcywX4bg2N6kP2kH2wS4MXxK+kh1nvsTkKKbNtkTPEueyq/dbg3rdcXuh
DRno9xsr1AcRg805W/PFcMSE3UjJVb/M5vAMQ9N3uj7CVGB82l8hNdLMulOQ6RYt
BtpPcjezNaCGX0p6qYj7jWMIsfNQlP6IvKuseLGLkiozOq38UwCOz+gU9LWuWyBD
W2g0poZPYhViNBW6SZljicIDEwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOVCaKfy
lacH7k9Q9fqILbaVaUlJMB8GA1UdIwQYMBaAFGuHxpT3od3EN2f1iesneudP7Tt7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0VEOS8wQzI1M0E0QTIy
RTYxMUVBOTUwQTE4ODZDNEY5QUUwMi9hNGZHbFBlaDNjUTNaX1dKNnlkNjUwX3RP
M3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2E0ZkdsUGVoM2NRM1pfV0o2eWQ2NTBfdE8zcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNFRDkvMEMyNTNBNEEyMkU2MTFFQTk1MEExODg2QzRGOUFFMDIvQUE3RTQ5MDRC
NjVDMTFFREE4Rjc1NzIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAItcHgwDQYJKoZIhvcNAQELBQADggEBACEF+G8lJXrv8/Iv
D8V3rKEzRodLjRjDhBuAHJdvrq1rCzoEn2zQ1w+XMx/kh4MnvDxP8pspF50ahwAr
xJ9u+tTQYotyGrNRZMqLZVYVRx4zuLtxqqL3zGVyHe6htcxE3Cd7xSWVffB8xKgO
h9HMkNw7BgakJxvxyPDOA8EHFo+RUD9f7fLN3eE95Fh6WlnvnHBnu5Cp3k8lcnoI
QAR6qAzo5+fkfsceFrEGCUYzxAfAljyxtk23Z3LCbrYpdq3t7/dpnbE/v4V+GbfQ
3nz4ecbXDxnTzuE+Ivzn6KJZq1Epvjs1jsuFjfh8bM6qNi4Z7aibAe/zmJ5EnEIE
Gc7xUlI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org