Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/3619AA0AF14F11EB81CD331CC4F9AE02.roa
File: 3619AA0AF14F11EB81CD331CC4F9AE02.roa (raw, json)
Hash identifier: +pBMbKnNj2DrKGLdEGlmXhA2ahRM7RxSXnuaRRptoJE=
Subject key identifier: 50:D1:29:EA:1F:27:0C:A7:59:36:54:34:45:33:02:9A:6E:03:BC:E3
Certificate issuer: /CN=A9111590/serialNumber=50229DE035B72572F4E0027472EB6826FDFE94AE
Certificate serial: 0352
Authority key identifier: 50:22:9D:E0:35:B7:25:72:F4:E0:02:74:72:EB:68:26:FD:FE:94:AE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UCKd4DW3JXL04AJ0cutoJv3-lK4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/3619AA0AF14F11EB81CD331CC4F9AE02.roa
Signing time: Wed 02 Mar 2022 13:50:58 +0000
ROA not before: Wed 02 Mar 2022 13:50:58 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 8100
IP address blocks: 27.0.234.0/24 maxlen: 24
27.0.235.0/24 maxlen: 24
103.214.71.0/24 maxlen: 24
103.230.140.0/24 maxlen: 24
144.48.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 850 (0x352)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9111590/serialNumber=50229DE035B72572F4E0027472EB6826FDFE94AE
Validity
Not Before: Mar 2 13:50:58 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=621f7642-1848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:78:63:a1:7e:2b:8d:8d:96:7b:62:57:b7:1e:
93:84:9b:0a:c4:71:1e:63:0c:a2:3e:d6:9e:ef:cb:
fa:7a:b0:27:8b:1a:25:c4:c3:28:1c:ba:c8:9b:2a:
05:cd:7b:89:d0:7b:39:0a:f4:73:a8:30:09:d1:66:
91:bb:74:a6:79:6c:9e:bf:94:9c:68:12:b5:c6:16:
47:c8:3b:25:70:dd:b9:69:54:b6:ae:fb:bf:3e:02:
92:28:0b:c5:83:2f:cc:a7:dd:e9:84:63:f9:ab:5e:
b9:d1:98:69:a5:61:52:b7:78:49:5a:28:44:c8:1a:
f4:d6:56:96:c4:96:19:ed:86:31:46:b6:f7:00:9a:
52:92:60:ac:5e:3b:5b:67:39:ce:fa:90:8d:b9:26:
ba:58:6d:76:bd:ea:41:87:9c:db:df:7b:b9:c6:1f:
cc:06:db:82:4f:0c:b4:74:b1:93:6e:69:86:91:f2:
46:90:5e:71:f1:98:d9:6c:39:3a:2a:0a:7d:c0:d4:
d8:c7:6c:70:73:89:69:db:04:0d:02:b9:bc:09:bf:
ec:ab:71:a8:fd:20:e7:93:23:f3:7a:d1:15:27:db:
62:1d:54:ea:4c:ba:42:97:3c:34:20:f2:d2:c6:ec:
23:8c:e8:a2:c1:ff:cc:87:15:06:fe:39:42:e3:b3:
5c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D1:29:EA:1F:27:0C:A7:59:36:54:34:45:33:02:9A:6E:03:BC:E3
X509v3 Authority Key Identifier:
keyid:50:22:9D:E0:35:B7:25:72:F4:E0:02:74:72:EB:68:26:FD:FE:94:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/UCKd4DW3JXL04AJ0cutoJv3-lK4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UCKd4DW3JXL04AJ0cutoJv3-lK4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/3619AA0AF14F11EB81CD331CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.234.0/23
103.214.71.0/24
103.230.140.0/24
144.48.83.0/24
Signature Algorithm: sha256WithRSAEncryption
38:ba:71:8f:55:9e:4e:5d:41:5e:f2:fd:e2:72:b7:4b:3e:91:
2b:23:51:b9:35:68:64:aa:7b:76:49:bb:3c:87:81:ba:31:d6:
06:d5:3a:25:36:c6:56:6d:81:72:b1:e3:31:fe:c3:2d:0b:44:
35:fb:56:09:b6:45:f6:7d:bb:98:b5:67:77:ee:d6:0c:d2:d2:
ee:97:31:7c:84:a0:10:eb:5b:c4:95:f0:12:c7:10:e6:c4:c6:
94:13:60:4e:02:f1:fb:79:40:27:67:60:46:57:92:9e:78:64:
18:51:f4:9e:2c:91:0d:57:a9:19:79:1f:33:fb:03:88:bc:a3:
ad:77:c2:5d:99:0f:12:27:b2:c5:88:40:79:97:e0:e0:37:b5:
05:0c:b7:3c:ee:d3:57:24:d4:9a:14:25:f9:51:c6:c4:4d:c9:
21:fa:50:03:c9:4b:dc:8d:8a:a1:3d:1f:4e:bd:9c:c7:60:db:
3a:3c:70:27:1a:7d:88:01:b5:e6:24:04:00:d7:5b:48:05:2c:
cc:5b:c0:ad:d2:b9:34:b9:d8:34:a4:0b:44:54:dc:e7:6d:be:
a7:59:8d:de:c6:61:7c:85:77:22:1b:a3:61:57:0f:25:53:50:
a4:b9:4e:9b:2e:c2:ab:a5:d2:8b:2b:65:25:69:05:ef:2b:61:
2b:12:a3:a0
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA1IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTE1OTAxMTAvBgNVBAUTKDUwMjI5REUwMzVCNzI1NzJGNEUwMDI3NDcyRUI2ODI2
RkRGRTk0QUUwHhcNMjIwMzAyMTM1MDU4WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjFmNzY0Mi0xODQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0HhjoX4rjY2We2JXtx6ThJsKxHEeYwyiPtae78v6erAnixolxMMoHLrImyoF
zXuJ0Hs5CvRzqDAJ0WaRu3SmeWyev5ScaBK1xhZHyDslcN25aVS2rvu/PgKSKAvF
gy/Mp93phGP5q1650ZhppWFSt3hJWihEyBr01laWxJYZ7YYxRrb3AJpSkmCsXjtb
ZznO+pCNuSa6WG12vepBh5zb33u5xh/MBtuCTwy0dLGTbmmGkfJGkF5x8ZjZbDk6
Kgp9wNTYx2xwc4lp2wQNArm8Cb/sq3Go/SDnkyPzetEVJ9tiHVTqTLpClzw0IPLS
xuwjjOiiwf/MhxUG/jlC47Nc7QIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFFDRKeof
JwynWTZUNEUzAppuA7zjMB8GA1UdIwQYMBaAFFAineA1tyVy9OACdHLraCb9/pSu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTU5MC8wMjVDRDI2MjdB
NkUxMUVCODFBRjJFM0ZDNEY5QUUwMi9VQ0tkNERXM0pYTDA0QUowY3V0b0p2My1s
SzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VDS2Q0RFczSlhMMDRBSjBjdXRvSnYzLWxLNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTE1OTAvMDI1Q0QyNjI3QTZFMTFFQjgxQUYyRTNGQzRGOUFFMDIvMzYxOUFBMEFG
MTRGMTFFQjgxQ0QzMzFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAEbAOoDBABn1kcDBABn5owDBACQMFMwDQYJKoZIhvcNAQEL
BQADggEBADi6cY9Vnk5dQV7y/eJyt0s+kSsjUbk1aGSqe3ZJuzyHgbox1gbVOiU2
xlZtgXKx4zH+wy0LRDX7Vgm2RfZ9u5i1Z3fu1gzS0u6XMXyEoBDrW8SV8BLHEObE
xpQTYE4C8ft5QCdnYEZXkp54ZBhR9J4skQ1XqRl5HzP7A4i8o613wl2ZDxInssWI
QHmX4OA3tQUMtzzu01ck1JoUJflRxsRNySH6UAPJS9yNiqE9H069nMdg2zo8cCca
fYgBteYkBADXW0gFLMxbwK3SuTS52DSkC0RU3OdtvqdZjd7GYXyFdyIbo2FXDyVT
UKS5Tpsuwqul0osrZSVpBe8rYSsSo6A=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:35 2023 by rpki-client on console-fra.rpki-client.org