Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911662A/B0937498002511ECBBDA2D12C4F9AE02/BAE0FFB01EFA11EEB72FB14EC4F9AE02.roa
File: BAE0FFB01EFA11EEB72FB14EC4F9AE02.roa (raw, json)
Hash identifier: 9A+oEc5Ffp5ZkkIzxUcbpbRyBuSVem18oBCZu97Mxjg=
Subject key identifier: 62:6C:13:BD:C3:8C:1D:AB:42:EC:59:7F:6C:48:3A:8A:93:F3:AB:13
Certificate issuer: /CN=A911662A/serialNumber=D3E475DE9BA7B7372BD1936A906E86697C7EA33B
Certificate serial: 03E8
Authority key identifier: D3:E4:75:DE:9B:A7:B7:37:2B:D1:93:6A:90:6E:86:69:7C:7E:A3:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0-R13puntzcr0ZNqkG6GaXx-ozs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911662A/B0937498002511ECBBDA2D12C4F9AE02/BAE0FFB01EFA11EEB72FB14EC4F9AE02.roa
Signing time: Mon 10 Jul 2023 08:21:12 +0000
ROA not before: Mon 10 Jul 2023 08:21:12 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 7586
IP address blocks: 103.118.40.0/24 maxlen: 24
103.118.41.0/24 maxlen: 24
103.118.42.0/24 maxlen: 24
2403:27c0:1000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1000 (0x3e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911662A/serialNumber=D3E475DE9BA7B7372BD1936A906E86697C7EA33B
Validity
Not Before: Jul 10 08:21:12 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=64abbf78-a3de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cc:20:35:98:d3:0c:a3:fb:c6:ad:e8:9d:43:
27:12:ff:b1:0a:81:2f:cd:ba:d9:7b:21:ae:bc:e9:
7e:7e:99:9c:0e:1f:b1:58:c8:d9:c2:51:6d:e1:1c:
cf:93:68:cf:da:0c:d9:c1:c2:27:aa:28:a0:af:07:
dc:8c:3e:18:09:6e:c0:2f:f8:b6:4d:a5:b5:55:72:
44:ed:e7:83:88:e2:f0:38:33:41:b3:65:50:ed:e9:
ce:2c:e4:04:f6:e3:2e:5d:59:8e:1f:e4:66:73:e8:
a3:31:19:70:62:25:0a:1f:88:46:45:dd:e4:36:f3:
18:a6:b5:d8:a7:50:08:01:7e:8e:80:c5:fd:4a:e8:
fe:e6:dc:f2:b5:65:a0:69:ba:20:a6:e3:60:33:a6:
35:41:74:ea:c6:38:f3:b5:39:e0:79:a2:f3:95:6e:
a9:e7:a9:da:ac:d5:66:29:2f:79:cf:92:4b:fa:1f:
45:c4:4f:61:09:0f:2b:a0:8c:05:cb:06:91:83:bf:
cf:cf:6d:78:3f:81:5a:16:90:ec:d3:89:77:c4:c7:
4d:28:db:0a:c0:77:2e:a8:1f:34:2e:81:e9:ed:91:
e7:3c:ea:47:7b:80:9e:3d:79:1e:bd:c4:23:d0:6a:
a6:d9:51:09:02:a1:b6:0f:be:de:15:62:21:bf:c1:
91:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6C:13:BD:C3:8C:1D:AB:42:EC:59:7F:6C:48:3A:8A:93:F3:AB:13
X509v3 Authority Key Identifier:
keyid:D3:E4:75:DE:9B:A7:B7:37:2B:D1:93:6A:90:6E:86:69:7C:7E:A3:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911662A/B0937498002511ECBBDA2D12C4F9AE02/0-R13puntzcr0ZNqkG6GaXx-ozs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0-R13puntzcr0ZNqkG6GaXx-ozs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911662A/B0937498002511ECBBDA2D12C4F9AE02/BAE0FFB01EFA11EEB72FB14EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.118.40.0-103.118.42.255
IPv6:
2403:27c0:1000::/48
Signature Algorithm: sha256WithRSAEncryption
67:53:57:d4:75:43:0f:70:0f:16:18:6f:01:75:8a:45:35:14:
ae:f3:bb:ec:18:74:67:02:6c:c7:8f:b5:f9:c3:0a:4b:0f:4a:
b1:09:73:1e:ed:03:4a:1a:a4:03:2c:85:ea:ae:05:91:c6:6c:
8d:28:1e:c0:98:de:b0:8b:aa:fd:16:bd:55:6f:48:95:af:d8:
94:69:19:bc:89:e1:54:47:a6:66:63:8c:72:b9:2a:95:3d:d4:
7e:15:2c:53:09:e4:04:3d:c9:41:ca:71:05:b8:67:58:a9:7d:
c9:53:7d:59:02:b1:a1:f4:79:75:4e:77:33:44:9c:2a:e5:ee:
90:58:68:28:49:1f:56:fb:0e:e0:f0:d9:76:2b:a8:6b:be:64:
3b:9b:88:1b:f8:6f:99:98:88:14:24:03:ac:1c:4d:81:69:82:
6d:1d:c6:87:07:5c:ba:77:88:fd:9c:72:27:74:bf:63:e7:71:
3e:27:32:21:e0:9d:94:83:33:ff:30:d8:59:d3:e2:4a:3b:46:
61:b1:64:30:23:16:a7:f8:8e:06:29:86:3a:c5:b1:28:20:20:
41:b7:d7:e8:73:5b:d6:07:d3:d0:81:e2:fc:6b:9c:a6:a5:36:
5a:d8:4c:26:e4:f3:51:a3:b9:c1:c6:4a:1d:54:71:5a:fa:df:
20:aa:f4:1f
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICA+gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY2MkExMTAvBgNVBAUTKEQzRTQ3NURFOUJBN0I3MzcyQkQxOTM2QTkwNkU4NjY5
N0M3RUEzM0IwHhcNMjMwNzEwMDgyMTEyWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFiYmY3OC1hM2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvMwgNZjTDKP7xq3onUMnEv+xCoEvzbrZeyGuvOl+fpmcDh+xWMjZwlFt4RzP
k2jP2gzZwcInqiigrwfcjD4YCW7AL/i2TaW1VXJE7eeDiOLwODNBs2VQ7enOLOQE
9uMuXVmOH+Rmc+ijMRlwYiUKH4hGRd3kNvMYprXYp1AIAX6OgMX9Suj+5tzytWWg
abogpuNgM6Y1QXTqxjjztTngeaLzlW6p56narNVmKS95z5JL+h9FxE9hCQ8roIwF
ywaRg7/Pz214P4FaFpDs04l3xMdNKNsKwHcuqB80LoHp7ZHnPOpHe4CePXkevcQj
0Gqm2VEJAqG2D77eFWIhv8GRAQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFGJsE73D
jB2rQuxZf2xIOoqT86sTMB8GA1UdIwQYMBaAFNPkdd6bp7c3K9GTapBuhml8fqM7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjYyQS9CMDkzNzQ5ODAw
MjUxMUVDQkJEQTJEMTJDNEY5QUUwMi8wLVIxM3B1bnR6Y3IwWk5xa0c2R2FYeC1v
enMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzAtUjEzcHVudHpjcjBaTnFrRzZHYVh4LW96cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY2MkEvQjA5Mzc0OTgwMDI1MTFFQ0JCREEyRDEyQzRGOUFFMDIvQkFFMEZGQjAx
RUZBMTFFRUI3MkZCMTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E
KTAnMBQEAgABMA4wDAMEA2d2KAMEAGd2KjAPBAIAAjAJAwcAJAMnwBAAMA0GCSqG
SIb3DQEBCwUAA4IBAQBnU1fUdUMPcA8WGG8BdYpFNRSu87vsGHRnAmzHj7X5wwpL
D0qxCXMe7QNKGqQDLIXqrgWRxmyNKB7AmN6wi6r9Fr1Vb0iVr9iUaRm8ieFUR6Zm
Y4xyuSqVPdR+FSxTCeQEPclBynEFuGdYqX3JU31ZArGh9Hl1TnczRJwq5e6QWGgo
SR9W+w7g8Nl2K6hrvmQ7m4gb+G+ZmIgUJAOsHE2BaYJtHcaHB1y6d4j9nHIndL9j
53E+JzIh4J2UgzP/MNhZ0+JKO0ZhsWQwIxan+I4GKYY6xbEoICBBt9foc1vWB9PQ
geL8a5ympTZa2Ewm5PNRo7nBxkodVHFa+t8gqvQf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org