Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136382e302f32322d3234203d3e203337393930.roa
File: 3230332e342e3136382e302f32322d3234203d3e203337393930.roa (raw, json)
Hash identifier: PdfAb0GNYO/xosrK8XDyKYZ6TBY7F6FphmfvPyB9ZGg=
Subject key identifier: FD:81:2A:89:83:E4:66:B8:F4:64:A9:35:36:70:50:B4:B0:FC:A1:2F
Certificate issuer: /CN=A911AC370000/serialNumber=B18F989967D30F2509E3D29707C5F85B5F6BDB6F
Certificate serial: 1457404F8B8791A3B93B2AC9A445C359D8DEA142
Authority key identifier: B1:8F:98:99:67:D3:0F:25:09:E3:D2:97:07:C5:F8:5B:5F:6B:DB:6F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sY-YmWfTDyUJ49KXB8X4W19r228.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136382e302f32322d3234203d3e203337393930.roa
Signing time: Sun 03 Dec 2023 04:12:04 +0000
ROA not before: Sun 03 Dec 2023 04:07:04 +0000
ROA not after: Sun 01 Dec 2024 04:12:04 +0000
asID: 37990
IP address blocks: 203.4.168.0/22 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:57:40:4f:8b:87:91:a3:b9:3b:2a:c9:a4:45:c3:59:d8:de:a1:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AC370000/serialNumber=B18F989967D30F2509E3D29707C5F85B5F6BDB6F
Validity
Not Before: Dec 3 04:07:04 2023 GMT
Not After : Dec 1 04:12:04 2024 GMT
Subject: CN=FD812A8983E466B8F464A935367050B4B0FCA12F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5a:d4:ce:63:1b:f4:13:8c:0d:24:2e:24:cc:
bf:00:04:7d:6c:78:45:b8:3e:16:f4:96:9b:34:53:
b3:13:9a:36:81:33:40:b3:58:bc:2f:12:76:f6:a2:
13:7a:19:f6:34:63:bf:3b:33:cc:1f:52:54:59:4c:
51:b2:bb:59:40:0f:85:c4:73:74:6a:a3:fb:47:b5:
76:45:7e:07:b7:fc:ee:76:ff:69:1b:b8:44:7f:fd:
0d:38:3a:6d:b6:11:0b:6f:f8:2d:86:93:74:b9:58:
bc:ea:1d:0d:3d:d9:2d:01:c4:eb:2c:a4:49:15:2b:
05:98:28:eb:c9:a0:0f:fd:19:a2:81:7a:8d:56:b4:
44:b3:a6:5d:50:90:e0:5d:27:59:a3:9d:8d:e8:06:
06:47:c2:f0:01:b1:c3:1a:23:92:4a:65:33:df:3e:
b1:be:f4:a6:50:d3:45:e3:c9:9f:7c:ee:ee:8b:54:
ce:7e:55:e9:15:57:38:23:f2:71:b4:35:d8:18:fb:
c1:61:a0:08:b5:74:55:12:b9:cd:0a:9a:48:1f:ea:
b0:75:d6:86:de:31:f9:6c:c1:98:b8:0d:8d:a4:bb:
00:29:81:5d:83:d6:2c:4e:52:a9:b8:8c:8a:65:f7:
a4:97:7d:f0:99:82:d7:9a:d3:95:4e:72:f2:da:78:
52:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:81:2A:89:83:E4:66:B8:F4:64:A9:35:36:70:50:B4:B0:FC:A1:2F
X509v3 Authority Key Identifier:
keyid:B1:8F:98:99:67:D3:0F:25:09:E3:D2:97:07:C5:F8:5B:5F:6B:DB:6F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91905300000/3/B18F989967D30F2509E3D29707C5F85B5F6BDB6F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sY-YmWfTDyUJ49KXB8X4W19r228.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136382e302f32322d3234203d3e203337393930.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.4.168.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:35:45:bc:7b:b1:19:1a:02:09:cb:6d:45:73:2a:91:2a:fd:
30:8a:70:36:3a:ed:8b:f0:e0:75:4a:00:ef:38:a7:41:f4:fc:
6d:eb:1d:a5:cd:b1:9b:73:d0:bd:8e:55:77:e2:cd:7e:6e:7b:
22:3d:71:53:16:54:62:72:3d:cc:66:91:c9:b8:28:8c:a5:13:
bb:f9:33:ad:58:0e:a0:c2:be:8d:5d:9e:7e:ba:7c:c4:ec:bb:
b6:b3:cb:bd:9c:02:6f:41:34:46:2f:fa:e2:ae:1d:46:39:79:
3b:47:fc:6a:82:42:ff:bf:2f:f0:59:ba:b4:01:d6:7f:99:b0:
90:b5:c7:89:c5:4e:d3:7a:49:95:2e:8b:57:78:78:62:3e:90:
e4:f0:d5:28:6b:67:05:0c:fa:90:14:1e:4a:bf:41:cd:1d:85:
2b:7a:22:16:83:dc:d2:05:d1:95:a9:b3:31:01:9e:0f:7d:6d:
2f:7e:0a:22:56:50:a4:0a:5d:1a:86:93:d1:9d:1d:a7:77:50:
c3:3a:0f:dc:41:56:e3:90:83:e5:4f:29:b0:16:69:0a:ac:cc:
dd:79:f0:94:b8:ed:2f:db:0f:d6:97:bd:f8:7a:ae:09:77:07:
f7:cd:69:0c:ee:7b:63:f1:c4:9e:ea:a4:44:88:ed:af:36:30:
77:a2:cc:ea
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUFFdAT4uHkaO5OyrJpEXDWdjeoUIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMUFDMzcwMDAwMTEwLwYDVQQFEyhCMThGOTg5OTY3
RDMwRjI1MDlFM0QyOTcwN0M1Rjg1QjVGNkJEQjZGMB4XDTIzMTIwMzA0MDcwNFoX
DTI0MTIwMTA0MTIwNFowMzExMC8GA1UEAxMoRkQ4MTJBODk4M0U0NjZCOEY0NjRB
OTM1MzY3MDUwQjRCMEZDQTEyRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNa1M5jG/QTjA0kLiTMvwAEfWx4Rbg+FvSWmzRTsxOaNoEzQLNYvC8Sdvai
E3oZ9jRjvzszzB9SVFlMUbK7WUAPhcRzdGqj+0e1dkV+B7f87nb/aRu4RH/9DTg6
bbYRC2/4LYaTdLlYvOodDT3ZLQHE6yykSRUrBZgo68mgD/0ZooF6jVa0RLOmXVCQ
4F0nWaOdjegGBkfC8AGxwxojkkplM98+sb70plDTRePJn3zu7otUzn5V6RVXOCPy
cbQ12Bj7wWGgCLV0VRK5zQqaSB/qsHXWht4x+WzBmLgNjaS7ACmBXYPWLE5SqbiM
imX3pJd98JmC15rTlU5y8tp4UvkCAwEAAaOCAg8wggILMB0GA1UdDgQWBBT9gSqJ
g+RmuPRkqTU2cFC0sPyhLzAfBgNVHSMEGDAWgBSxj5iZZ9MPJQnj0pcHxfhbX2vb
bzAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MDUzMDAwMDAvMy9CMThGOTg5
OTY3RDMwRjI1MDlFM0QyOTcwN0M1Rjg1QjVGNkJEQjZGLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9zWS1ZbVdmVER5
VUo0OUtYQjhYNFcxOXIyMjguY2VyMIGJBggrBgEFBQcBCwR9MHsweQYIKwYBBQUH
MAuGbXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxOTA1
MzAwMDAwLzMvMzIzMDMzMmUzNDJlMzEzNjM4MmUzMDJmMzIzMjJkMzIzNDIwM2Qz
ZTIwMzMzNzM5MzkzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAssEqDANBgkqhkiG9w0BAQsFAAOCAQEA
vzVFvHuxGRoCCcttRXMqkSr9MIpwNjrti/DgdUoA7zinQfT8besdpc2xm3PQvY5V
d+LNfm57Ij1xUxZUYnI9zGaRybgojKUTu/kzrVgOoMK+jV2efrp8xOy7trPLvZwC
b0E0Ri/64q4dRjl5O0f8aoJC/78v8Fm6tAHWf5mwkLXHicVO03pJlS6LV3h4Yj6Q
5PDVKGtnBQz6kBQeSr9BzR2FK3oiFoPc0gXRlamzMQGeD31tL34KIlZQpApdGoaT
0Z0dp3dQwzoP3EFW45CD5U8psBZpCqzM3XnwlLjtL9sP1pe9+HquCXcH981pDO57
Y/HEnuqkRIjtrzYwd6LM6g==
-----END CERTIFICATE-----
Generated at Wed May 15 15:01:22 2024 by rpki-client on console-ams.rpki-client.org