Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8F3D/EF3F6292E64911E68C7C1D66C4F9AE02/7824A456799811EBA00B593BC4F9AE02.roa
File: 7824A456799811EBA00B593BC4F9AE02.roa (raw, json)
Hash identifier: Ve6ef/M5+jC79z91vJiZ1ACRGcZg2zqQNuzVmA068I0=
Subject key identifier: 0B:C7:1B:DC:73:78:E7:33:D1:A8:94:68:AC:61:01:A4:C4:68:F7:B3
Certificate issuer: /CN=A91C8F3D/serialNumber=AF266E248D90EBDBB1668FCEEA9BA0B03990644F
Certificate serial: 1954
Authority key identifier: AF:26:6E:24:8D:90:EB:DB:B1:66:8F:CE:EA:9B:A0:B0:39:90:64:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ryZuJI2Q69uxZo_O6pugsDmQZE8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C8F3D/EF3F6292E64911E68C7C1D66C4F9AE02/7824A456799811EBA00B593BC4F9AE02.roa
Signing time: Mon 30 May 2022 05:14:37 +0000
ROA not before: Mon 30 May 2022 05:14:36 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 135327
IP address blocks: 103.214.76.0/22 maxlen: 22
103.214.76.0/24 maxlen: 24
103.214.77.0/24 maxlen: 24
103.214.78.0/24 maxlen: 24
103.214.79.0/24 maxlen: 24
2404:c080::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6484 (0x1954)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C8F3D/serialNumber=AF266E248D90EBDBB1668FCEEA9BA0B03990644F
Validity
Not Before: May 30 05:14:36 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=629452bc-e0d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:12:6c:58:6f:5f:33:00:14:2f:14:ee:ac:c8:
81:a0:7f:5a:0c:7e:13:66:08:ae:b9:90:19:e8:3f:
fe:8b:12:d0:50:a2:26:34:69:bd:c1:65:ab:91:1f:
7a:b7:75:fd:97:c3:6c:7a:18:c0:4f:17:ca:2e:cd:
a2:ce:cc:95:c3:36:29:bd:be:45:02:af:76:b1:12:
57:86:4f:2b:89:bc:c2:e2:1b:a7:ad:fb:63:51:63:
89:37:bb:4b:dc:36:ef:10:86:80:56:af:5f:36:42:
f6:a6:8f:a6:4c:41:c6:c3:0e:c7:a0:6e:0e:61:01:
15:e8:21:79:98:0b:aa:c6:e9:ab:19:3a:2e:e5:12:
ec:9d:94:c9:87:09:e8:42:27:2c:5b:0c:e2:38:5e:
56:9a:f3:82:a9:6c:32:39:ef:60:d9:be:52:57:44:
73:ff:cb:74:4f:53:a0:35:b3:56:16:ae:f9:05:4e:
c2:14:4c:42:24:8a:30:15:99:d7:7e:87:1b:bd:1d:
6f:87:c6:e6:8f:1a:0e:d9:76:0a:5e:87:87:80:bf:
65:8d:b0:65:c7:87:b3:40:e7:ae:9d:b3:0c:65:a5:
0d:ae:a4:59:fb:58:aa:51:02:ae:cd:47:5d:06:fa:
a8:7f:29:f4:61:f3:69:7b:a1:63:e3:16:d8:d4:f0:
e1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:C7:1B:DC:73:78:E7:33:D1:A8:94:68:AC:61:01:A4:C4:68:F7:B3
X509v3 Authority Key Identifier:
keyid:AF:26:6E:24:8D:90:EB:DB:B1:66:8F:CE:EA:9B:A0:B0:39:90:64:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C8F3D/EF3F6292E64911E68C7C1D66C4F9AE02/ryZuJI2Q69uxZo_O6pugsDmQZE8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ryZuJI2Q69uxZo_O6pugsDmQZE8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8F3D/EF3F6292E64911E68C7C1D66C4F9AE02/7824A456799811EBA00B593BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.214.76.0/22
IPv6:
2404:c080::/32
Signature Algorithm: sha256WithRSAEncryption
ac:b2:9e:97:f0:c9:c9:a5:fb:5d:52:b7:a4:0d:2e:be:44:08:
72:74:66:89:76:1f:83:c1:9a:55:e6:17:4d:80:0c:a8:c5:8b:
ef:34:ba:6e:de:ef:db:88:29:ce:84:bb:be:d0:21:0c:b7:b7:
39:71:4b:1e:30:96:44:5e:c3:6b:89:68:51:d4:a1:8e:e8:b5:
36:16:96:e0:5e:27:26:32:8d:9d:e9:6a:35:b0:03:c7:da:c0:
22:7b:71:0b:eb:a4:bd:ff:bc:ae:6d:cc:2c:08:57:0b:1a:fe:
55:81:6a:9a:a8:fd:a5:f5:fd:25:05:c5:65:2f:b1:59:35:a4:
0f:30:5e:10:86:64:39:5a:5e:6f:d9:3b:f8:12:2d:7d:77:e4:
96:c2:ad:c9:d3:5b:d2:76:73:7e:4d:5e:47:4d:64:ab:44:8b:
a7:1f:ac:53:ee:5b:fd:50:fa:a1:c8:9a:87:ff:e1:20:10:d2:
0a:9e:4e:bc:d3:10:e9:35:4e:a4:45:8d:12:e5:c5:28:c0:0f:
ff:90:3c:48:e9:94:53:30:f3:ee:a0:82:d8:67:17:18:be:df:
92:a1:e2:54:e3:2f:13:e6:23:e6:03:d1:93:b6:c2:b2:6e:02:
37:1a:67:f6:b6:fc:7b:94:bc:e6:55:2f:df:6e:ad:2b:0f:e4:
3f:40:49:e9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICGVQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzhGM0QxMTAvBgNVBAUTKEFGMjY2RTI0OEQ5MEVCREJCMTY2OEZDRUVBOUJBMEIw
Mzk5MDY0NEYwHhcNMjIwNTMwMDUxNDM2WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk0NTJiYy1lMGQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvhJsWG9fMwAULxTurMiBoH9aDH4TZgiuuZAZ6D/+ixLQUKImNGm9wWWrkR96
t3X9l8NsehjATxfKLs2izsyVwzYpvb5FAq92sRJXhk8ribzC4hunrftjUWOJN7tL
3DbvEIaAVq9fNkL2po+mTEHGww7HoG4OYQEV6CF5mAuqxumrGTou5RLsnZTJhwno
QicsWwziOF5WmvOCqWwyOe9g2b5SV0Rz/8t0T1OgNbNWFq75BU7CFExCJIowFZnX
focbvR1vh8bmjxoO2XYKXoeHgL9ljbBlx4ezQOeunbMMZaUNrqRZ+1iqUQKuzUdd
Bvqofyn0YfNpe6Fj4xbY1PDheQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAvHG9xz
eOcz0aiUaKxhAaTEaPezMB8GA1UdIwQYMBaAFK8mbiSNkOvbsWaPzuqboLA5kGRP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEYzRC9FRjNGNjI5MkU2
NDkxMUU2OEM3QzFENjZDNEY5QUUwMi9yeVp1SkkyUTY5dXhab19PNnB1Z3NEbVFa
RTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3J5WnVKSTJRNjl1eFpvX082cHVnc0RtUVpFOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzhGM0QvRUYzRjYyOTJFNjQ5MTFFNjhDN0MxRDY2QzRGOUFFMDIvNzgyNEE0NTY3
OTk4MTFFQkEwMEI1OTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJn1kwwDQQCAAIwBwMFACQEwIAwDQYJKoZIhvcNAQELBQAD
ggEBAKyynpfwycml+11St6QNLr5ECHJ0Zol2H4PBmlXmF02ADKjFi+80um7e79uI
Kc6Eu77QIQy3tzlxSx4wlkRew2uJaFHUoY7otTYWluBeJyYyjZ3pajWwA8fawCJ7
cQvrpL3/vK5tzCwIVwsa/lWBapqo/aX1/SUFxWUvsVk1pA8wXhCGZDlaXm/ZO/gS
LX135JbCrcnTW9J2c35NXkdNZKtEi6cfrFPuW/1Q+qHImof/4SAQ0gqeTrzTEOk1
TqRFjRLlxSjAD/+QPEjplFMw8+6ggthnFxi+35Kh4lTjLxPmI+YD0ZO2wrJuAjca
Z/a2/HuUvOZVL99urSsP5D9ASek=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:05 2023 by rpki-client on console-ams.rpki-client.org