Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A129B/38C35252343E11E680B1E72CC4F9AE02/8867F3CA7C5111EB9CF05385C4F9AE02.roa
File: 8867F3CA7C5111EB9CF05385C4F9AE02.roa (raw, json)
Hash identifier: 0HZ48hZj7afanOEzF5b7+lYFFPzm7UVzp44+GsnRpgI=
Subject key identifier: A5:73:83:C2:C3:F8:97:57:DE:19:3A:7E:CD:9C:2A:24:3C:32:5C:27
Certificate issuer: /CN=A91A129B/serialNumber=BC7A905EA763CE702FC26DC0FC2FB82542BC1300
Certificate serial: 1A20
Authority key identifier: BC:7A:90:5E:A7:63:CE:70:2F:C2:6D:C0:FC:2F:B8:25:42:BC:13:00
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vHqQXqdjznAvwm3A_C-4JUK8EwA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A129B/38C35252343E11E680B1E72CC4F9AE02/8867F3CA7C5111EB9CF05385C4F9AE02.roa
Signing time: Tue 25 May 2021 04:42:19 +0000
ROA not before: Tue 25 May 2021 04:42:19 +0000
ROA not after: Sat 30 Jul 2022 00:00:00 +0000
asID: 8075
IP address blocks: 128.94.0.0/16 maxlen: 16
135.149.0.0/16 maxlen: 16
138.239.0.0/16 maxlen: 16
143.64.0.0/16 maxlen: 16
147.145.0.0/16 maxlen: 16
148.7.0.0/16 maxlen: 16
155.62.0.0/16 maxlen: 16
158.158.0.0/16 maxlen: 16
167.105.0.0/16 maxlen: 16
167.220.240.0/22 maxlen: 24
169.138.0.0/16 maxlen: 16
170.165.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6688 (0x1a20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A129B/serialNumber=BC7A905EA763CE702FC26DC0FC2FB82542BC1300
Validity
Not Before: May 25 04:42:19 2021 GMT
Not After : Jul 30 00:00:00 2022 GMT
Subject: CN=60ac802b-e87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8d:47:e1:a1:57:29:76:2a:7b:1c:49:00:a6:
6f:60:68:20:1c:b9:46:8d:50:40:00:28:90:5d:e8:
11:68:f1:24:47:dd:da:cc:bd:ed:3b:e2:b6:f1:d4:
ee:72:23:e3:d4:15:2b:24:c0:a5:2b:e3:c7:2a:a4:
fc:c4:47:d9:5f:a9:86:52:e7:66:bd:de:95:8b:ac:
49:e9:db:36:69:4b:db:71:06:b6:63:a7:4e:f8:0a:
ae:fa:42:39:15:58:cb:c0:88:10:8c:b5:e9:92:08:
2d:ea:b9:7d:3d:e8:bd:68:f4:d7:ae:25:e4:70:5d:
aa:25:2e:cf:63:a3:ed:41:0f:a5:54:45:70:dc:81:
aa:dc:17:aa:22:e6:97:34:94:98:5c:1a:50:1d:1c:
b2:b4:4c:fa:39:bb:10:12:0d:69:dc:c3:05:b0:87:
ca:e0:77:a5:65:49:45:be:cf:5a:38:17:f6:0f:34:
99:5d:b0:4b:f7:53:c3:be:7f:64:d1:aa:55:06:a2:
54:ea:6f:30:99:0e:04:96:ea:2d:0e:20:f0:a7:3e:
c1:3b:08:cf:c4:35:dd:7a:53:08:86:3b:30:fc:d8:
2c:5e:26:c5:74:f1:f4:ef:4a:cc:f4:24:04:02:e2:
da:10:d4:b4:68:58:bf:6b:da:4b:f7:09:e5:16:de:
9b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:73:83:C2:C3:F8:97:57:DE:19:3A:7E:CD:9C:2A:24:3C:32:5C:27
X509v3 Authority Key Identifier:
keyid:BC:7A:90:5E:A7:63:CE:70:2F:C2:6D:C0:FC:2F:B8:25:42:BC:13:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A129B/38C35252343E11E680B1E72CC4F9AE02/vHqQXqdjznAvwm3A_C-4JUK8EwA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vHqQXqdjznAvwm3A_C-4JUK8EwA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A129B/38C35252343E11E680B1E72CC4F9AE02/8867F3CA7C5111EB9CF05385C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
128.94.0.0/16
135.149.0.0/16
138.239.0.0/16
143.64.0.0/16
147.145.0.0/16
148.7.0.0/16
155.62.0.0/16
158.158.0.0/16
167.105.0.0/16
167.220.240.0/22
169.138.0.0/16
170.165.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:9e:ab:26:ee:11:88:0f:43:77:31:26:d2:15:be:29:ec:b2:
e5:82:29:d3:a8:1b:b6:88:91:e8:b4:86:4e:71:65:6d:bf:d6:
3d:71:f4:48:dd:07:bb:3c:ca:8a:2a:a5:d5:35:79:35:f9:fa:
be:b2:ce:2f:45:57:d6:f9:f0:8b:0e:42:57:6a:2d:f2:0f:0c:
6c:11:83:c9:f7:b2:27:2f:8e:de:93:9d:af:92:ee:33:a7:91:
b7:91:f7:56:a6:d6:bc:5e:6a:a9:fb:31:ff:01:fa:6d:1a:7c:
48:07:a1:50:49:1a:f7:af:8b:5d:1c:92:82:46:35:66:2a:ef:
cd:3a:e4:1f:2b:53:fd:cc:b9:a6:1a:5c:ea:68:d8:65:f6:c0:
19:5c:a7:eb:d0:50:7a:d3:ed:16:2e:a6:c5:49:22:a9:d7:ca:
8d:b8:64:86:0b:d8:37:a0:98:f3:86:bc:fa:37:29:5f:c7:3d:
63:50:a0:92:4a:64:59:6c:74:90:55:7e:e2:f2:a6:c2:ce:aa:
91:a3:3b:17:27:d0:f7:f6:d2:fd:0d:80:03:61:63:d4:33:92:
4e:08:42:b3:6a:10:77:a9:c1:a3:51:ad:b9:2d:cb:4c:49:5f:
1a:4d:54:8a:de:5c:ff:04:e1:9c:c0:d5:56:9f:57:82:e5:71:
45:18:d9:16
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgICGiAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTEyOUIxMTAvBgNVBAUTKEJDN0E5MDVFQTc2M0NFNzAyRkMyNkRDMEZDMkZCODI1
NDJCQzEzMDAwHhcNMjEwNTI1MDQ0MjE5WhcNMjIwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGFjODAyYi1lODdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx41H4aFXKXYqexxJAKZvYGggHLlGjVBAACiQXegRaPEkR93azL3tO+K28dTu
ciPj1BUrJMClK+PHKqT8xEfZX6mGUudmvd6Vi6xJ6ds2aUvbcQa2Y6dO+Aqu+kI5
FVjLwIgQjLXpkggt6rl9Pei9aPTXriXkcF2qJS7PY6PtQQ+lVEVw3IGq3BeqIuaX
NJSYXBpQHRyytEz6ObsQEg1p3MMFsIfK4HelZUlFvs9aOBf2DzSZXbBL91PDvn9k
0apVBqJU6m8wmQ4EluotDiDwpz7BOwjPxDXdelMIhjsw/NgsXibFdPH070rM9CQE
AuLaENS0aFi/a9pL9wnlFt6bYQIDAQABo4ICzDCCAsgwHQYDVR0OBBYEFKVzg8LD
+JdX3hk6fs2cKiQ8MlwnMB8GA1UdIwQYMBaAFLx6kF6nY85wL8JtwPwvuCVCvBMA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMTI5Qi8zOEMzNTI1MjM0
M0UxMUU2ODBCMUU3MkNDNEY5QUUwMi92SHFRWHFkanpuQXZ3bTNBX0MtNEpVSzhF
d0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3ZIcVFYcWRqem5BdndtM0FfQy00SlVLOEV3QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTEyOUIvMzhDMzUyNTIzNDNFMTFFNjgwQjFFNzJDQzRGOUFFMDIvODg2N0YzQ0E3
QzUxMTFFQjlDRjA1Mzg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVgYIKwYBBQUHAQcBAf8E
RzBFMEMEAgABMD0DAwCAXgMDAIeVAwMAiu8DAwCPQAMDAJORAwMAlAcDAwCbPgMD
AJ6eAwMAp2kDBAKn3PADAwCpigMDAKqlMA0GCSqGSIb3DQEBCwUAA4IBAQAonqsm
7hGID0N3MSbSFb4p7LLlginTqBu2iJHotIZOcWVtv9Y9cfRI3Qe7PMqKKqXVNXk1
+fq+ss4vRVfW+fCLDkJXai3yDwxsEYPJ97InL47ek52vku4zp5G3kfdWpta8Xmqp
+zH/AfptGnxIB6FQSRr3r4tdHJKCRjVmKu/NOuQfK1P9zLmmGlzqaNhl9sAZXKfr
0FB60+0WLqbFSSKp18qNuGSGC9g3oJjzhrz6Nylfxz1jUKCSSmRZbHSQVX7i8qbC
zqqRozsXJ9D39tL9DYADYWPUM5JOCEKzahB3qcGjUa25LctMSV8aTVSK3lz/BOGc
wNVWn1eC5XFFGNkW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:59 2023 by rpki-client on console-ams.rpki-client.org