Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/4AF79C947A7011EB940A5E42C4F9AE02.roa
File: 4AF79C947A7011EB940A5E42C4F9AE02.roa (raw, json)
Hash identifier: NDifrjQadadLrTCkYqlz+p+zJwZmwG9uGyrGP0HPxuw=
Subject key identifier: E8:60:9D:CD:F3:C6:6D:7F:0A:4B:4E:18:18:AA:9E:2C:31:7C:1A:F0
Certificate issuer: /CN=A9111590/serialNumber=50229DE035B72572F4E0027472EB6826FDFE94AE
Certificate serial: 0529
Authority key identifier: 50:22:9D:E0:35:B7:25:72:F4:E0:02:74:72:EB:68:26:FD:FE:94:AE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UCKd4DW3JXL04AJ0cutoJv3-lK4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/4AF79C947A7011EB940A5E42C4F9AE02.roa
Signing time: Sat 12 Nov 2022 14:50:37 +0000
ROA not before: Sat 12 Nov 2022 14:50:37 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 138995
IP address blocks: 27.0.235.0/24 maxlen: 24
103.68.111.0/24 maxlen: 24
103.208.87.0/24 maxlen: 24
103.214.70.0/24 maxlen: 24
144.48.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1321 (0x529)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9111590/serialNumber=50229DE035B72572F4E0027472EB6826FDFE94AE
Validity
Not Before: Nov 12 14:50:37 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=636fb2bc-0dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:dc:ad:ee:9b:93:c3:fe:6f:04:18:12:9f:e5:
77:82:32:31:10:82:09:97:dd:6b:90:a3:9f:e8:54:
ee:e2:59:ed:4c:9b:0c:10:f4:a4:11:bd:51:dc:8e:
f6:6f:cf:c7:fb:e9:58:2e:ee:49:b5:a7:20:ed:79:
79:f3:f8:2b:68:01:e8:0b:66:63:fc:5e:86:e6:8e:
0f:f1:fc:b7:01:ac:2c:e9:ff:a1:94:22:55:0f:d2:
56:c1:33:7a:6e:05:f8:38:93:3e:85:66:b1:95:80:
4f:a3:07:76:12:c8:82:5f:f5:94:6c:cf:db:b8:7c:
54:6f:d3:9b:93:b7:2f:c7:80:5a:ae:a9:00:b0:9f:
d0:f5:43:f6:93:d4:7c:48:1e:d3:b2:c3:53:a4:b4:
1e:97:4b:3a:1e:69:4c:dc:2e:5e:31:a2:25:d3:33:
aa:50:84:43:4d:cb:d7:a0:44:44:48:96:c8:4e:a8:
21:5c:89:55:75:15:4d:fc:51:f3:fd:ae:c0:c9:dc:
3e:ac:f7:aa:9c:25:16:49:ca:81:8c:2d:4a:e3:13:
17:c3:16:89:a4:f5:60:73:c4:76:64:b8:d8:e0:a9:
96:a7:6b:a3:01:bb:7e:4f:59:3b:c7:18:0c:a7:0a:
65:d4:7d:c1:f6:fa:98:bb:9a:ce:32:91:73:53:20:
c8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:60:9D:CD:F3:C6:6D:7F:0A:4B:4E:18:18:AA:9E:2C:31:7C:1A:F0
X509v3 Authority Key Identifier:
keyid:50:22:9D:E0:35:B7:25:72:F4:E0:02:74:72:EB:68:26:FD:FE:94:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/UCKd4DW3JXL04AJ0cutoJv3-lK4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UCKd4DW3JXL04AJ0cutoJv3-lK4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/4AF79C947A7011EB940A5E42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.235.0/24
103.68.111.0/24
103.208.87.0/24
103.214.70.0/24
144.48.83.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:02:0a:61:2c:40:89:e8:b4:3d:ac:12:b7:b6:1c:3f:cb:04:
78:d4:4d:d8:e3:2c:51:d3:17:5b:2c:9e:a0:38:c0:b4:a9:29:
78:7e:ec:6e:1c:fe:07:af:bc:43:7a:b7:c8:e3:50:7d:86:6e:
16:e7:2e:1e:40:57:89:64:b3:b9:4b:6a:9f:4e:51:18:c6:89:
bf:05:48:27:2c:d5:c4:cc:7b:27:17:f0:f5:af:bf:71:b2:f2:
38:30:f7:e3:74:ef:6b:53:f0:c7:83:c3:55:54:d5:45:6d:8a:
de:e6:7a:27:7f:9c:4c:f3:9c:78:7a:19:47:99:1c:81:3b:fe:
d8:3a:19:74:d1:55:78:85:5f:ae:64:ca:2b:33:3f:96:3a:d8:
e1:5e:07:d4:ef:1c:5d:ce:17:2c:35:37:ea:c5:4a:36:a7:86:
eb:b5:c9:30:e3:93:71:07:94:4f:82:1c:d1:dc:3f:cc:16:c7:
54:af:4a:ae:75:2f:bc:4b:36:18:3d:3c:73:48:2f:07:3a:9e:
9b:43:af:32:7f:eb:51:a3:6b:d5:bf:c3:38:42:15:f5:25:ae:
e3:88:bf:18:15:ed:75:fd:33:d1:72:7f:2d:d5:3f:50:71:78:
03:f0:15:51:3a:7f:18:b0:68:33:df:e7:36:67:cf:2f:58:5f:
87:50:85:fe
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBSkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTE1OTAxMTAvBgNVBAUTKDUwMjI5REUwMzVCNzI1NzJGNEUwMDI3NDcyRUI2ODI2
RkRGRTk0QUUwHhcNMjIxMTEyMTQ1MDM3WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MzZmYjJiYy0wZGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuNyt7puTw/5vBBgSn+V3gjIxEIIJl91rkKOf6FTu4lntTJsMEPSkEb1R3I72
b8/H++lYLu5Jtacg7Xl58/graAHoC2Zj/F6G5o4P8fy3Aaws6f+hlCJVD9JWwTN6
bgX4OJM+hWaxlYBPowd2EsiCX/WUbM/buHxUb9Obk7cvx4BarqkAsJ/Q9UP2k9R8
SB7TssNTpLQel0s6HmlM3C5eMaIl0zOqUIRDTcvXoERESJbITqghXIlVdRVN/FHz
/a7Aydw+rPeqnCUWScqBjC1K4xMXwxaJpPVgc8R2ZLjY4KmWp2ujAbt+T1k7xxgM
pwpl1H3B9vqYu5rOMpFzUyDIQwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFOhgnc3z
xm1/CktOGBiqniwxfBrwMB8GA1UdIwQYMBaAFFAineA1tyVy9OACdHLraCb9/pSu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTU5MC8wMjVDRDI2MjdB
NkUxMUVCODFBRjJFM0ZDNEY5QUUwMi9VQ0tkNERXM0pYTDA0QUowY3V0b0p2My1s
SzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VDS2Q0RFczSlhMMDRBSjBjdXRvSnYzLWxLNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTE1OTAvMDI1Q0QyNjI3QTZFMTFFQjgxQUYyRTNGQzRGOUFFMDIvNEFGNzlDOTQ3
QTcwMTFFQjk0MEE1RTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAAbAOsDBABnRG8DBABn0FcDBABn1kYDBACQMFMwDQYJKoZI
hvcNAQELBQADggEBAKsCCmEsQInotD2sEre2HD/LBHjUTdjjLFHTF1ssnqA4wLSp
KXh+7G4c/gevvEN6t8jjUH2GbhbnLh5AV4lks7lLap9OURjGib8FSCcs1cTMeycX
8PWvv3Gy8jgw9+N072tT8MeDw1VU1UVtit7meid/nEzznHh6GUeZHIE7/tg6GXTR
VXiFX65kyiszP5Y62OFeB9TvHF3OFyw1N+rFSjanhuu1yTDjk3EHlE+CHNHcP8wW
x1SvSq51L7xLNhg9PHNILwc6nptDrzJ/61Gja9W/wzhCFfUlruOIvxgV7XX9M9Fy
fy3VP1BxeAPwFVE6fxiwaDPf5zZnzy9YX4dQhf4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:54 2024 by rpki-client on console-fra.rpki-client.org