Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915ED63/CD85ACF656D611E9A91BFC27C4F9AE02/AAA18A1C5B8811EB90D1DC74C4F9AE02.roa
File: AAA18A1C5B8811EB90D1DC74C4F9AE02.roa (raw, json)
Hash identifier: ncJx4pO0BKs9/Fn6rmDrEGOzDtkQmuP+OAX6yjOJZu4=
Subject key identifier: 4B:CB:EE:FC:8C:DA:66:2E:D4:C8:42:4B:94:F8:1E:41:78:97:C7:D3
Certificate issuer: /CN=A915ED63/serialNumber=CFD083901B13A2AB76B44EB41F3C73152855D726
Certificate serial: 095E
Authority key identifier: CF:D0:83:90:1B:13:A2:AB:76:B4:4E:B4:1F:3C:73:15:28:55:D7:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z9CDkBsToqt2tE60HzxzFShV1yY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915ED63/CD85ACF656D611E9A91BFC27C4F9AE02/AAA18A1C5B8811EB90D1DC74C4F9AE02.roa
Signing time: Thu 25 Feb 2021 06:44:47 +0000
ROA not before: Thu 25 Feb 2021 06:44:47 +0000
ROA not after: Sun 01 May 2022 00:00:00 +0000
asID: 138570
IP address blocks: 103.133.88.0/24 maxlen: 24
103.133.89.0/24 maxlen: 24
103.133.90.0/24 maxlen: 24
103.133.91.0/24 maxlen: 24
2404:49c0::/32 maxlen: 32
2404:49c0:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2398 (0x95e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915ED63/serialNumber=CFD083901B13A2AB76B44EB41F3C73152855D726
Validity
Not Before: Feb 25 06:44:47 2021 GMT
Not After : May 1 00:00:00 2022 GMT
Subject: CN=6037475f-8053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cd:55:a6:69:d4:69:5b:0f:50:81:15:22:dc:
b0:4c:95:31:79:5d:11:95:ff:70:bb:df:22:0c:3e:
53:05:a7:62:00:ac:72:39:9a:21:48:d4:9e:d2:f3:
bf:98:74:3b:b1:a8:85:e8:ce:75:32:a6:b1:82:14:
32:3a:56:88:b3:88:a4:c4:07:85:09:c1:57:46:a8:
f6:6a:d7:35:22:1b:42:d4:d8:33:34:54:df:1c:78:
27:f4:9c:d7:c5:f3:2f:b0:e3:fd:7f:1a:af:56:33:
66:bc:8f:00:19:4d:4c:f9:7e:5d:b4:68:08:f2:8b:
86:e3:86:dd:fa:45:81:9e:b9:25:32:2c:19:a1:aa:
30:fd:4a:bf:eb:b9:3a:e2:45:6f:f1:a8:84:82:d1:
88:9c:1c:94:da:ff:9a:b8:e5:1f:77:28:66:a9:81:
55:f1:a8:d1:00:ef:19:56:fa:a2:47:f7:c9:09:7c:
73:6a:bc:49:0c:c3:80:af:83:3c:df:3d:c0:d9:9a:
f1:8b:a4:c5:1f:97:a7:40:92:a3:ef:dc:7d:26:68:
2d:52:3b:52:1d:16:80:62:a4:c0:13:d9:fd:2c:06:
c2:50:09:5b:be:2c:13:03:85:f7:ef:28:2e:07:63:
ef:5b:5b:37:a5:3c:12:73:ca:2a:ae:ef:d6:bf:64:
1f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CB:EE:FC:8C:DA:66:2E:D4:C8:42:4B:94:F8:1E:41:78:97:C7:D3
X509v3 Authority Key Identifier:
keyid:CF:D0:83:90:1B:13:A2:AB:76:B4:4E:B4:1F:3C:73:15:28:55:D7:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915ED63/CD85ACF656D611E9A91BFC27C4F9AE02/z9CDkBsToqt2tE60HzxzFShV1yY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z9CDkBsToqt2tE60HzxzFShV1yY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915ED63/CD85ACF656D611E9A91BFC27C4F9AE02/AAA18A1C5B8811EB90D1DC74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.88.0/22
IPv6:
2404:49c0::/32
Signature Algorithm: sha256WithRSAEncryption
64:92:59:e8:08:97:a0:49:c4:fb:e1:d8:61:5b:ed:9f:f9:f8:
a2:7c:37:62:bb:86:1c:60:07:c1:34:8b:8b:d1:d8:db:7c:21:
58:72:ff:2c:fa:f6:ba:c6:8d:81:09:c8:d0:53:79:41:ec:d8:
e2:cf:78:ef:db:45:80:2c:d4:97:b9:dd:b3:77:c1:4b:0e:f3:
0e:54:3e:e7:66:70:0f:71:f0:30:65:bd:7e:5a:0c:27:62:3a:
19:55:74:f4:f0:b3:e4:61:4d:b0:11:d9:54:0c:68:6a:99:e2:
c1:92:6e:73:58:85:d6:24:67:9b:3a:2c:52:39:5d:ef:43:8b:
52:a0:56:25:cf:b9:f3:2e:11:96:73:b8:48:7b:bb:12:dd:f5:
5c:34:ce:11:48:68:a7:37:60:0c:9b:85:10:b6:84:5a:a2:fd:
f9:ca:7d:91:b7:08:5c:2b:1b:fa:bb:6c:a0:07:68:4d:10:76:
8f:0d:28:82:92:64:ed:41:66:19:df:7e:d9:fd:e3:5a:97:18:
94:4d:3e:82:db:0e:c3:45:da:be:96:51:71:ec:9a:8f:03:b1:
82:e0:18:13:f5:09:12:50:59:e4:64:ee:24:48:49:58:c6:f6:
f8:dc:05:bf:38:e7:c6:34:de:bd:b9:0b:4f:da:d6:d6:f4:59:
3c:bd:af:78
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCV4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVENjMxMTAvBgNVBAUTKENGRDA4MzkwMUIxM0EyQUI3NkI0NEVCNDFGM0M3MzE1
Mjg1NUQ3MjYwHhcNMjEwMjI1MDY0NDQ3WhcNMjIwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MDM3NDc1Zi04MDUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAws1VpmnUaVsPUIEVItywTJUxeV0Rlf9wu98iDD5TBadiAKxyOZohSNSe0vO/
mHQ7saiF6M51MqaxghQyOlaIs4ikxAeFCcFXRqj2atc1IhtC1NgzNFTfHHgn9JzX
xfMvsOP9fxqvVjNmvI8AGU1M+X5dtGgI8ouG44bd+kWBnrklMiwZoaow/Uq/67k6
4kVv8aiEgtGInByU2v+auOUfdyhmqYFV8ajRAO8ZVvqiR/fJCXxzarxJDMOAr4M8
3z3A2Zrxi6TFH5enQJKj79x9JmgtUjtSHRaAYqTAE9n9LAbCUAlbviwTA4X37ygu
B2PvW1s3pTwSc8oqru/Wv2QfZwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEvL7vyM
2mYu1MhCS5T4HkF4l8fTMB8GA1UdIwQYMBaAFM/Qg5AbE6KrdrROtB88cxUoVdcm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUQ2My9DRDg1QUNGNjU2
RDYxMUU5QTkxQkZDMjdDNEY5QUUwMi96OUNEa0JzVG9xdDJ0RTYwSHp4ekZTaFYx
eVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3o5Q0RrQnNUb3F0MnRFNjBIenh6RlNoVjF5WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUVENjMvQ0Q4NUFDRjY1NkQ2MTFFOUE5MUJGQzI3QzRGOUFFMDIvQUFBMThBMUM1
Qjg4MTFFQjkwRDFEQzc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnhVgwDQQCAAIwBwMFACQEScAwDQYJKoZIhvcNAQELBQAD
ggEBAGSSWegIl6BJxPvh2GFb7Z/5+KJ8N2K7hhxgB8E0i4vR2Nt8IVhy/yz69rrG
jYEJyNBTeUHs2OLPeO/bRYAs1Je53bN3wUsO8w5UPudmcA9x8DBlvX5aDCdiOhlV
dPTws+RhTbAR2VQMaGqZ4sGSbnNYhdYkZ5s6LFI5Xe9Di1KgViXPufMuEZZzuEh7
uxLd9Vw0zhFIaKc3YAybhRC2hFqi/fnKfZG3CFwrG/q7bKAHaE0Qdo8NKIKSZO1B
Zhnfftn941qXGJRNPoLbDsNF2r6WUXHsmo8DsYLgGBP1CRJQWeRk7iRISVjG9vjc
Bb8458Y03r25C0/a1tb0WTy9r3g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:44 2023 by rpki-client on console-fra.rpki-client.org