Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911662A/B0937498002511ECBBDA2D12C4F9AE02/D36BFDC0254C11EEB7E08415C4F9AE02.roa
File: D36BFDC0254C11EEB7E08415C4F9AE02.roa (raw, json)
Hash identifier: +DipD4nSuVgnRlwZBpLMN11Mipc2UmHEwK7X0/SK4EY=
Subject key identifier: FF:B5:3A:C6:FF:31:56:37:CB:09:57:E9:CB:51:8A:23:AF:1D:5C:39
Certificate issuer: /CN=A911662A/serialNumber=D3E475DE9BA7B7372BD1936A906E86697C7EA33B
Certificate serial: 0411
Authority key identifier: D3:E4:75:DE:9B:A7:B7:37:2B:D1:93:6A:90:6E:86:69:7C:7E:A3:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0-R13puntzcr0ZNqkG6GaXx-ozs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911662A/B0937498002511ECBBDA2D12C4F9AE02/D36BFDC0254C11EEB7E08415C4F9AE02.roa
Signing time: Thu 31 Aug 2023 01:13:11 +0000
ROA not before: Thu 31 Aug 2023 01:13:11 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 976
IP address blocks: 103.118.40.0/24 maxlen: 24
103.118.41.0/24 maxlen: 24
103.118.42.0/24 maxlen: 24
103.118.43.0/24 maxlen: 24
2403:27c0:1000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1041 (0x411)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911662A/serialNumber=D3E475DE9BA7B7372BD1936A906E86697C7EA33B
Validity
Not Before: Aug 31 01:13:11 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64efe926-33e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:62:46:04:18:fe:48:56:76:5b:7d:13:90:a9:
cd:81:76:8d:38:41:c6:56:b8:e0:92:f3:98:eb:45:
78:74:40:45:ac:76:19:41:94:4c:32:18:00:2d:9c:
4f:85:20:5a:e3:b2:a7:d5:89:66:74:7b:9d:e7:42:
f8:10:9a:8b:dc:80:88:b0:58:a0:85:27:e2:6c:22:
31:b3:95:be:a1:b7:6d:cd:3f:76:8f:e9:99:bb:e4:
e7:d3:2c:0a:41:ca:9b:3d:c5:aa:cf:98:f2:84:12:
72:1a:1c:e9:94:28:ec:67:dd:20:a8:59:47:09:76:
28:fc:0d:34:bc:3b:51:8e:38:b8:fc:f0:53:61:c6:
9c:aa:ca:58:72:78:8c:82:0a:d3:93:2b:9b:19:da:
7e:74:5b:19:bd:a9:34:de:eb:be:48:3a:ed:e6:09:
6b:ea:86:2d:80:96:a5:af:51:31:66:20:b2:c5:25:
d9:0b:c4:1f:05:56:18:65:97:e1:80:4a:0c:b8:bd:
d6:25:ea:f5:61:28:f9:48:72:85:33:cc:b9:af:a8:
99:3a:bb:70:01:d0:ad:1b:71:02:15:b0:08:79:49:
35:12:67:2e:55:91:53:17:2b:af:0e:c6:50:3f:d7:
29:88:36:d9:8e:45:fb:8c:27:08:5f:95:e9:3b:bf:
bc:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:B5:3A:C6:FF:31:56:37:CB:09:57:E9:CB:51:8A:23:AF:1D:5C:39
X509v3 Authority Key Identifier:
keyid:D3:E4:75:DE:9B:A7:B7:37:2B:D1:93:6A:90:6E:86:69:7C:7E:A3:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911662A/B0937498002511ECBBDA2D12C4F9AE02/0-R13puntzcr0ZNqkG6GaXx-ozs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0-R13puntzcr0ZNqkG6GaXx-ozs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911662A/B0937498002511ECBBDA2D12C4F9AE02/D36BFDC0254C11EEB7E08415C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.118.40.0/22
IPv6:
2403:27c0:1000::/48
Signature Algorithm: sha256WithRSAEncryption
8f:1b:e1:87:07:14:2d:6c:c5:e2:e5:14:a8:e8:62:22:88:70:
e3:e0:f1:c3:55:83:0f:f5:f8:e4:09:90:37:8e:58:28:49:31:
09:c8:75:4d:f2:16:cb:1a:54:20:57:be:2b:44:64:c8:65:57:
74:de:e4:71:ba:1e:8d:1e:9f:f3:2d:b5:5a:98:75:2d:63:13:
13:d4:ec:0a:83:e9:eb:e7:6a:a0:f0:56:37:b9:b5:16:ef:e5:
4a:10:bf:7f:84:7a:46:be:d0:0b:a1:9f:40:e8:ca:4a:a3:89:
ad:db:d5:43:dc:b7:3b:8d:00:2a:d4:c2:16:0f:7d:d7:76:44:
5d:b4:fc:8a:75:5a:c1:68:85:c5:f4:89:67:cc:36:88:fa:09:
74:1d:6a:d8:79:2b:14:43:3e:bb:b0:67:d2:86:f3:1a:69:df:
de:6f:e2:2b:27:0a:dc:c3:95:26:c1:c9:1b:d8:0a:90:0a:12:
89:55:7a:d8:28:a7:50:af:46:39:fc:93:3b:82:87:b2:e2:85:
93:88:04:82:4a:8b:5b:1b:55:0d:d8:5d:73:3e:b3:52:c9:b9:
dc:b6:da:d4:0a:4d:61:f2:b7:42:c6:d2:08:23:f3:e8:a2:30:
ea:70:c5:e5:1a:e4:0b:ab:5e:11:f4:5e:61:3b:67:e9:d3:2f:
51:32:1c:72
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBBEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY2MkExMTAvBgNVBAUTKEQzRTQ3NURFOUJBN0I3MzcyQkQxOTM2QTkwNkU4NjY5
N0M3RUEzM0IwHhcNMjMwODMxMDExMzExWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVmZTkyNi0zM2UzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq2JGBBj+SFZ2W30TkKnNgXaNOEHGVrjgkvOY60V4dEBFrHYZQZRMMhgALZxP
hSBa47Kn1YlmdHud50L4EJqL3ICIsFighSfibCIxs5W+obdtzT92j+mZu+Tn0ywK
QcqbPcWqz5jyhBJyGhzplCjsZ90gqFlHCXYo/A00vDtRjji4/PBTYcacqspYcniM
ggrTkyubGdp+dFsZvak03uu+SDrt5glr6oYtgJalr1ExZiCyxSXZC8QfBVYYZZfh
gEoMuL3WJer1YSj5SHKFM8y5r6iZOrtwAdCtG3ECFbAIeUk1EmcuVZFTFyuvDsZQ
P9cpiDbZjkX7jCcIX5XpO7+83wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFP+1Osb/
MVY3ywlX6ctRiiOvHVw5MB8GA1UdIwQYMBaAFNPkdd6bp7c3K9GTapBuhml8fqM7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjYyQS9CMDkzNzQ5ODAw
MjUxMUVDQkJEQTJEMTJDNEY5QUUwMi8wLVIxM3B1bnR6Y3IwWk5xa0c2R2FYeC1v
enMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzAtUjEzcHVudHpjcjBaTnFrRzZHYVh4LW96cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY2MkEvQjA5Mzc0OTgwMDI1MTFFQ0JCREEyRDEyQzRGOUFFMDIvRDM2QkZEQzAy
NTRDMTFFRUI3RTA4NDE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAJndigwDwQCAAIwCQMHACQDJ8AQADANBgkqhkiG9w0BAQsF
AAOCAQEAjxvhhwcULWzF4uUUqOhiIohw4+Dxw1WDD/X45AmQN45YKEkxCch1TfIW
yxpUIFe+K0RkyGVXdN7kcboejR6f8y21Wph1LWMTE9TsCoPp6+dqoPBWN7m1Fu/l
ShC/f4R6Rr7QC6GfQOjKSqOJrdvVQ9y3O40AKtTCFg9913ZEXbT8inVawWiFxfSJ
Z8w2iPoJdB1q2HkrFEM+u7Bn0obzGmnf3m/iKycK3MOVJsHJG9gKkAoSiVV62Cin
UK9GOfyTO4KHsuKFk4gEgkqLWxtVDdhdcz6zUsm53Lba1ApNYfK3QsbSCCPz6KIw
6nDF5RrkC6teEfReYTtn6dMvUTIccg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org