Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9113BCE/0D45B38C5C2611E9AB0A9B64C4F9AE02/45E67628627311EA9AD8CF4CC4F9AE02.roa
File: 45E67628627311EA9AD8CF4CC4F9AE02.roa (raw, json)
Hash identifier: lFWvlpi+jvhLMDXdTf/dmsXEZceKVdaQ9sjxHbJOxY8=
Subject key identifier: A6:12:F9:DC:57:93:AE:1A:F5:FE:E9:47:C5:22:6F:87:8B:33:D3:5D
Certificate issuer: /CN=A9113BCE/serialNumber=5821FCD41460E1CA94A0213E2C2A3855FFC022F6
Certificate serial: 0DA0
Authority key identifier: 58:21:FC:D4:14:60:E1:CA:94:A0:21:3E:2C:2A:38:55:FF:C0:22:F6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WCH81BRg4cqUoCE-LCo4Vf_AIvY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9113BCE/0D45B38C5C2611E9AB0A9B64C4F9AE02/45E67628627311EA9AD8CF4CC4F9AE02.roa
Signing time: Mon 12 Sep 2022 06:57:03 +0000
ROA not before: Mon 12 Sep 2022 06:57:03 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 63916
IP address blocks: 103.68.223.0/24 maxlen: 24
103.71.254.0/24 maxlen: 24
103.72.4.0/23 maxlen: 23
103.72.4.0/24 maxlen: 24
103.72.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3488 (0xda0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9113BCE/serialNumber=5821FCD41460E1CA94A0213E2C2A3855FFC022F6
Validity
Not Before: Sep 12 06:57:03 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=631ed83e-3ad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ac:f6:1d:d1:bc:9d:80:6c:8d:ce:d2:2d:ac:
62:2c:28:76:55:bf:4a:ec:4b:c9:36:1f:d8:75:9a:
1f:7f:bd:e7:7f:37:0d:5e:4f:c7:98:35:5e:87:68:
c7:e0:2c:da:30:b5:ab:26:a8:03:40:85:b1:21:1f:
d8:86:6f:11:f0:9a:0e:3b:e3:30:6f:c3:5b:e4:58:
80:17:99:e6:99:13:6b:f3:0e:28:0b:f8:59:ad:47:
1b:c7:9b:b7:73:c2:79:15:e2:0a:cf:ab:74:d1:03:
46:73:f9:8a:e0:16:a4:58:cd:b8:79:a7:9c:ca:45:
b5:a7:21:c8:24:52:c3:72:4d:9a:7a:0d:4b:dd:79:
46:38:01:e7:b8:2d:92:b2:6d:d7:5e:3b:cf:1a:07:
d7:c1:99:8e:33:1f:a8:b3:f0:74:98:32:2f:7f:de:
72:20:22:28:7c:23:1d:a5:4c:6c:bf:5c:0d:4f:dc:
9e:62:c3:13:f5:11:e5:b8:93:0a:4b:24:e7:1b:ef:
3d:43:ed:3c:cf:d7:ff:12:fd:b8:95:22:b3:79:cb:
da:59:fc:37:6e:f8:37:71:1e:0c:bd:67:0b:85:eb:
13:10:e9:f5:0a:14:7e:a8:47:e9:34:41:dd:75:74:
87:b9:42:59:13:83:04:2e:a0:5d:2b:09:fd:08:8d:
fc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:12:F9:DC:57:93:AE:1A:F5:FE:E9:47:C5:22:6F:87:8B:33:D3:5D
X509v3 Authority Key Identifier:
keyid:58:21:FC:D4:14:60:E1:CA:94:A0:21:3E:2C:2A:38:55:FF:C0:22:F6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9113BCE/0D45B38C5C2611E9AB0A9B64C4F9AE02/WCH81BRg4cqUoCE-LCo4Vf_AIvY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WCH81BRg4cqUoCE-LCo4Vf_AIvY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9113BCE/0D45B38C5C2611E9AB0A9B64C4F9AE02/45E67628627311EA9AD8CF4CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.68.223.0/24
103.71.254.0/24
103.72.4.0/23
Signature Algorithm: sha256WithRSAEncryption
09:3d:de:74:c4:14:62:73:da:fd:d0:af:6e:db:32:e0:82:f3:
91:76:fb:1c:45:af:b3:de:8d:11:63:c1:d8:b2:56:2f:1c:de:
5c:2d:7d:88:f2:f2:bb:c9:1b:12:ef:b0:af:d4:30:fc:26:89:
ae:8d:3d:94:87:d6:6a:07:a0:0d:04:fc:91:99:06:60:af:48:
50:48:52:20:0e:bf:fc:a8:1b:22:77:bf:75:87:d3:8b:dc:c9:
16:66:41:8f:49:4f:72:a5:06:f6:b9:c0:0b:52:64:74:37:ce:
c2:7b:e4:7e:b6:bf:7b:7e:1f:87:92:b4:d5:23:55:14:15:19:
0a:b6:cb:7f:4d:37:7a:28:ba:00:40:27:5f:d2:02:f3:eb:f1:
79:b1:0d:52:6b:55:3f:8f:af:9b:0b:cc:75:d8:01:2d:18:48:
44:c0:27:00:46:a6:c3:5d:24:6b:aa:c4:b8:3c:e3:1a:ee:5e:
ed:26:99:e8:99:5c:08:eb:59:29:22:a0:68:08:1d:b5:d4:3a:
3f:5d:ea:63:29:44:a9:ca:9d:24:df:85:1e:92:38:5b:63:fc:
3d:75:a6:9d:c3:a5:e5:e9:ac:c9:2e:46:29:ef:bf:a3:b8:6e:
6a:e1:5b:88:77:05:fa:0f:00:79:92:4a:70:4b:a1:1b:22:40:
7a:93:a9:b4
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICDaAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTNCQ0UxMTAvBgNVBAUTKDU4MjFGQ0Q0MTQ2MEUxQ0E5NEEwMjEzRTJDMkEzODU1
RkZDMDIyRjYwHhcNMjIwOTEyMDY1NzAzWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzFlZDgzZS0zYWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvaz2HdG8nYBsjc7SLaxiLCh2Vb9K7EvJNh/YdZoff73nfzcNXk/HmDVeh2jH
4CzaMLWrJqgDQIWxIR/Yhm8R8JoOO+Mwb8Nb5FiAF5nmmRNr8w4oC/hZrUcbx5u3
c8J5FeIKz6t00QNGc/mK4BakWM24eaecykW1pyHIJFLDck2aeg1L3XlGOAHnuC2S
sm3XXjvPGgfXwZmOMx+os/B0mDIvf95yICIofCMdpUxsv1wNT9yeYsMT9RHluJMK
SyTnG+89Q+08z9f/Ev24lSKzecvaWfw3bvg3cR4MvWcLhesTEOn1ChR+qEfpNEHd
dXSHuUJZE4MELqBdKwn9CI38dQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKYS+dxX
k64a9f7pR8Uib4eLM9NdMB8GA1UdIwQYMBaAFFgh/NQUYOHKlKAhPiwqOFX/wCL2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExM0JDRS8wRDQ1QjM4QzVD
MjYxMUU5QUIwQTlCNjRDNEY5QUUwMi9XQ0g4MUJSZzRjcVVvQ0UtTENvNFZmX0FJ
dlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dDSDgxQlJnNGNxVW9DRS1MQ280VmZfQUl2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTNCQ0UvMEQ0NUIzOEM1QzI2MTFFOUFCMEE5QjY0QzRGOUFFMDIvNDVFNjc2Mjg2
MjczMTFFQTlBRDhDRjRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnRN8DBABnR/4DBAFnSAQwDQYJKoZIhvcNAQELBQADggEB
AAk93nTEFGJz2v3Qr27bMuCC85F2+xxFr7PejRFjwdiyVi8c3lwtfYjy8rvJGxLv
sK/UMPwmia6NPZSH1moHoA0E/JGZBmCvSFBIUiAOv/yoGyJ3v3WH04vcyRZmQY9J
T3KlBva5wAtSZHQ3zsJ75H62v3t+H4eStNUjVRQVGQq2y39NN3oougBAJ1/SAvPr
8XmxDVJrVT+Pr5sLzHXYAS0YSETAJwBGpsNdJGuqxLg84xruXu0mmeiZXAjrWSki
oGgIHbXUOj9d6mMpRKnKnSTfhR6SOFtj/D11pp3DpeXprMkuRinvv6O4bmrhW4h3
BfoPAHmSSnBLoRsiQHqTqbQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-ams.rpki-client.org