Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/819F16D65E3B11EDA2FF2538C4F9AE02.roa
File: 819F16D65E3B11EDA2FF2538C4F9AE02.roa (raw, json)
Hash identifier: DcR+Ackl527OpwbfjJS927rCFW67j6TMu9h6aQAox1Q=
Subject key identifier: BA:B5:7B:4A:84:81:B5:A7:CA:D4:AD:2C:C3:4B:90:E9:92:36:00:19
Certificate issuer: /CN=A9155A58/serialNumber=A7FFEA18E09A39A0AA6F375A0A83B5708EC22D8A
Certificate serial: 06D6
Authority key identifier: A7:FF:EA:18:E0:9A:39:A0:AA:6F:37:5A:0A:83:B5:70:8E:C2:2D:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p__qGOCaOaCqbzdaCoO1cI7CLYo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/819F16D65E3B11EDA2FF2538C4F9AE02.roa
Signing time: Mon 07 Nov 2022 01:28:39 +0000
ROA not before: Mon 07 Nov 2022 01:28:39 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 38195
IP address blocks: 103.237.16.0/22 maxlen: 22
163.53.144.0/22 maxlen: 24
220.233.4.0/22 maxlen: 22
220.233.8.0/22 maxlen: 22
220.233.36.0/22 maxlen: 22
220.233.44.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1750 (0x6d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155A58/serialNumber=A7FFEA18E09A39A0AA6F375A0A83B5708EC22D8A
Validity
Not Before: Nov 7 01:28:39 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=63685f47-c4eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:86:d7:ab:6b:13:9d:13:f7:97:22:99:31:0c:
4e:99:55:39:0c:d8:47:49:2f:33:8a:a6:36:e5:a7:
4a:da:65:77:f2:90:ce:1b:0b:14:98:1c:11:a5:b8:
86:59:83:5c:95:ef:3f:7e:2b:7d:09:65:42:db:df:
2e:7d:ac:1f:95:38:3d:57:22:2b:61:56:2a:e8:f9:
05:66:83:54:1d:c2:3e:72:09:3e:99:ee:18:bc:45:
e9:65:01:04:66:86:04:13:90:a1:bd:b2:de:24:50:
d3:6e:5c:a0:b2:8f:55:12:44:ca:88:d7:97:8c:9d:
2d:6a:e3:c4:1b:f3:3f:26:bd:54:27:c6:ea:e6:94:
85:98:c9:6d:b0:77:c2:3a:ee:46:6f:00:62:18:cb:
b6:d5:38:61:0d:e0:66:f0:71:ed:54:39:e3:bc:75:
1d:54:33:dd:be:27:a5:87:13:25:09:d1:fb:13:df:
9b:fd:55:44:9e:05:1b:05:18:4f:af:9c:4c:54:88:
ca:eb:ce:53:01:53:07:12:d0:d9:bc:2c:25:56:d3:
0c:81:cb:48:88:08:de:da:a7:24:67:a2:1d:f0:cd:
76:e7:59:5a:d3:01:9f:8c:e5:62:f5:db:61:78:96:
31:c4:9a:b3:5e:1e:63:92:fc:93:58:76:0f:7a:77:
df:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B5:7B:4A:84:81:B5:A7:CA:D4:AD:2C:C3:4B:90:E9:92:36:00:19
X509v3 Authority Key Identifier:
keyid:A7:FF:EA:18:E0:9A:39:A0:AA:6F:37:5A:0A:83:B5:70:8E:C2:2D:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/p__qGOCaOaCqbzdaCoO1cI7CLYo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p__qGOCaOaCqbzdaCoO1cI7CLYo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/819F16D65E3B11EDA2FF2538C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.237.16.0/22
163.53.144.0/22
220.233.4.0-220.233.11.255
220.233.36.0/22
220.233.44.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:7f:75:e7:1d:2c:01:25:92:fd:97:bb:d6:16:9e:91:07:a0:
12:fd:de:1c:ac:b1:d4:8f:f0:b5:7d:32:58:36:14:1c:2e:2c:
0c:37:3a:d4:ab:0e:6c:90:62:f5:b5:d9:df:65:bc:6e:76:84:
5d:a6:38:bc:2b:45:ca:bb:3f:cd:3c:25:ef:09:82:22:ac:aa:
3a:a8:d6:77:dc:9f:c1:1e:de:80:fe:e4:73:6a:2d:12:98:55:
87:a6:ba:18:5f:46:c7:47:07:51:49:02:97:d8:f3:56:37:7d:
a7:af:f7:ba:63:be:fb:38:46:a0:90:f7:38:b5:22:a6:3c:d4:
dc:de:13:0f:98:87:ac:ec:64:6c:34:c9:b6:d5:6c:4e:24:53:
42:2c:c1:43:7a:32:32:e4:80:ec:f9:66:95:46:48:e9:18:ce:
a0:9e:69:34:89:d9:89:aa:62:6c:8a:68:a3:2f:e8:74:52:bc:
ed:77:3d:0c:f7:c8:87:b7:ea:a1:0c:0b:a5:11:0a:42:b8:0f:
2a:72:e1:65:c3:a2:49:bb:f3:ef:3b:d1:6e:cc:a3:36:6b:49:
40:30:e5:d1:63:96:72:99:1b:71:9e:5c:ae:e2:f3:da:3b:f0:
f4:62:bb:41:09:0c:8e:09:da:a3:fe:b1:6f:5d:43:13:3b:66:
4d:4a:f4:38
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICBtYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTVBNTgxMTAvBgNVBAUTKEE3RkZFQTE4RTA5QTM5QTBBQTZGMzc1QTBBODNCNTcw
OEVDMjJEOEEwHhcNMjIxMTA3MDEyODM5WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzY4NWY0Ny1jNGViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsIbXq2sTnRP3lyKZMQxOmVU5DNhHSS8ziqY25adK2mV38pDOGwsUmBwRpbiG
WYNcle8/fit9CWVC298ufawflTg9VyIrYVYq6PkFZoNUHcI+cgk+me4YvEXpZQEE
ZoYEE5ChvbLeJFDTblygso9VEkTKiNeXjJ0tauPEG/M/Jr1UJ8bq5pSFmMltsHfC
Ou5GbwBiGMu21ThhDeBm8HHtVDnjvHUdVDPdvielhxMlCdH7E9+b/VVEngUbBRhP
r5xMVIjK685TAVMHEtDZvCwlVtMMgctIiAje2qckZ6Id8M1251la0wGfjOVi9dth
eJYxxJqzXh5jkvyTWHYPenffAQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFLq1e0qE
gbWnytStLMNLkOmSNgAZMB8GA1UdIwQYMBaAFKf/6hjgmjmgqm83WgqDtXCOwi2K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NUE1OC82M0ZFMzNFQUJC
MkQxMUVBODJGODQ2NjlDNEY5QUUwMi9wX19xR09DYU9hQ3FiemRhQ29PMWNJN0NM
WW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BfX3FHT0NhT2FDcWJ6ZGFDb08xY0k3Q0xZby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTVBNTgvNjNGRTMzRUFCQjJEMTFFQTgyRjg0NjY5QzRGOUFFMDIvODE5RjE2RDY1
RTNCMTFFREEyRkYyNTM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBAJn7RADBAKjNZAwDAMEAtzpBAMEAtzpCAMEAtzpJAMEAtzp
LDANBgkqhkiG9w0BAQsFAAOCAQEAXn915x0sASWS/Ze71haekQegEv3eHKyx1I/w
tX0yWDYUHC4sDDc61KsObJBi9bXZ32W8bnaEXaY4vCtFyrs/zTwl7wmCIqyqOqjW
d9yfwR7egP7kc2otEphVh6a6GF9Gx0cHUUkCl9jzVjd9p6/3umO++zhGoJD3OLUi
pjzU3N4TD5iHrOxkbDTJttVsTiRTQizBQ3oyMuSA7PlmlUZI6RjOoJ5pNInZiapi
bIpooy/odFK87Xc9DPfIh7fqoQwLpREKQrgPKnLhZcOiSbvz7zvRbsyjNmtJQDDl
0WOWcpkbcZ5cruLz2jvw9GK7QQkMjgnao/6xb11DEztmTUr0OA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:42 2023 by rpki-client on console-fra.rpki-client.org