Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CED9/0C253A4A22E611EA950A1886C4F9AE02/170DD32832BC11EA90A75B69C4F9AE02.roa
File: 170DD32832BC11EA90A75B69C4F9AE02.roa (raw, json)
Hash identifier: hzVyDLiWAvX5eKxMyHav8v1nBFiileijNXI+cStX3do=
Subject key identifier: D2:9E:98:9B:7E:BE:3F:7C:CE:63:7F:C0:64:1F:98:92:CA:EC:57:1C
Certificate issuer: /CN=A911CED9/serialNumber=6B87C694F7A1DDC43767F589EB277AE74FED3B7B
Certificate serial: 0994
Authority key identifier: 6B:87:C6:94:F7:A1:DD:C4:37:67:F5:89:EB:27:7A:E7:4F:ED:3B:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a4fGlPeh3cQ3Z_WJ6yd650_tO3s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CED9/0C253A4A22E611EA950A1886C4F9AE02/170DD32832BC11EA90A75B69C4F9AE02.roa
Signing time: Tue 06 Sep 2022 08:38:41 +0000
ROA not before: Tue 06 Sep 2022 08:38:41 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 16509
IP address blocks: 45.112.120.0/22 maxlen: 22
45.112.120.0/24 maxlen: 24
103.70.20.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2452 (0x994)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CED9/serialNumber=6B87C694F7A1DDC43767F589EB277AE74FED3B7B
Validity
Not Before: Sep 6 08:38:41 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63170710-5732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:11:43:9f:3b:6d:71:54:92:34:a4:1f:4c:06:
34:a5:49:38:9a:2f:aa:be:ae:bb:a9:5c:24:7c:a0:
e8:e3:61:1a:ee:bc:ff:73:c5:4f:52:33:29:8d:8f:
2f:5e:8c:08:2d:f2:dc:22:f5:a7:83:be:18:a5:c0:
9a:62:b5:df:9d:b4:a7:cd:ed:1d:2f:2e:11:e6:f2:
98:0f:85:3e:34:16:f0:e2:59:4a:e0:5a:9e:13:2c:
c1:90:f1:d9:6b:aa:88:be:17:e5:3c:f8:4a:4b:08:
08:7f:a2:ab:1c:7b:73:ff:f3:38:61:df:c9:4e:a3:
a1:8a:83:36:42:33:26:b9:6f:6c:2d:6d:74:be:ef:
ef:d6:7f:9a:60:c0:c5:e8:26:8a:94:0d:e4:ac:3a:
90:4a:e5:5b:25:23:ce:c8:c7:ce:1e:0d:ea:98:57:
12:22:27:8b:54:ab:f7:53:a6:ea:37:5a:11:fe:8e:
51:89:a4:88:6f:d9:65:58:99:a5:dc:44:4c:07:f3:
d0:38:a3:91:26:b3:e2:5e:70:31:df:13:49:71:c1:
80:d1:58:5c:46:47:59:d5:82:7f:5c:5f:e6:47:c9:
91:19:a0:4a:85:eb:e1:eb:e0:98:e9:0e:9b:6d:c3:
da:27:60:76:6f:d0:0a:11:96:3c:60:c1:bf:f4:fc:
0c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:9E:98:9B:7E:BE:3F:7C:CE:63:7F:C0:64:1F:98:92:CA:EC:57:1C
X509v3 Authority Key Identifier:
keyid:6B:87:C6:94:F7:A1:DD:C4:37:67:F5:89:EB:27:7A:E7:4F:ED:3B:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CED9/0C253A4A22E611EA950A1886C4F9AE02/a4fGlPeh3cQ3Z_WJ6yd650_tO3s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a4fGlPeh3cQ3Z_WJ6yd650_tO3s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CED9/0C253A4A22E611EA950A1886C4F9AE02/170DD32832BC11EA90A75B69C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.120.0/22
103.70.20.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:0d:ce:4d:05:e8:c5:f1:fd:26:bc:b1:3e:ad:f5:a3:66:3a:
63:82:3e:6e:6d:6e:a0:64:77:1c:26:e0:f6:00:c0:5f:d1:4d:
b4:1d:47:4b:d7:f2:19:c1:f7:a9:9e:56:0d:5a:e7:a6:0b:a8:
47:22:16:aa:3c:49:71:63:3c:af:d5:69:c2:2c:b5:9b:ce:13:
29:f2:02:cf:e6:74:63:60:7c:c8:4a:05:86:fd:48:ef:b6:e6:
ce:dc:55:af:6e:38:bc:71:22:76:d8:cc:d1:98:13:06:59:86:
b6:57:ed:c1:27:74:2b:1f:9a:5c:30:a0:7b:2b:6e:f6:cf:b9:
34:49:2f:de:90:0f:49:5d:06:97:74:3d:41:5b:c0:b7:4b:f8:
29:7a:52:fe:a0:61:ef:4b:bd:f4:ba:81:08:ff:a4:b3:ee:9e:
6c:70:0d:ee:1c:6e:87:c1:0e:a1:cc:8e:0f:f8:be:f4:a4:b4:
67:2e:cb:91:a3:a5:15:4f:3a:56:25:99:e1:01:3b:b2:6b:e2:
31:31:b6:85:55:bb:c0:82:66:e9:9f:db:47:f4:5f:78:0a:58:
38:b8:16:5e:cd:f4:c5:71:10:e1:5e:8a:94:da:4a:1f:1b:a0:
d5:25:da:39:d9:85:e3:88:e8:00:f6:ec:76:4b:62:1d:4f:cd:
24:8b:9c:9d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNFRDkxMTAvBgNVBAUTKDZCODdDNjk0RjdBMUREQzQzNzY3RjU4OUVCMjc3QUU3
NEZFRDNCN0IwHhcNMjIwOTA2MDgzODQxWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzE3MDcxMC01NzMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArRFDnzttcVSSNKQfTAY0pUk4mi+qvq67qVwkfKDo42Ea7rz/c8VPUjMpjY8v
XowILfLcIvWng74YpcCaYrXfnbSnze0dLy4R5vKYD4U+NBbw4llK4FqeEyzBkPHZ
a6qIvhflPPhKSwgIf6KrHHtz//M4Yd/JTqOhioM2QjMmuW9sLW10vu/v1n+aYMDF
6CaKlA3krDqQSuVbJSPOyMfOHg3qmFcSIieLVKv3U6bqN1oR/o5RiaSIb9llWJml
3ERMB/PQOKORJrPiXnAx3xNJccGA0VhcRkdZ1YJ/XF/mR8mRGaBKhevh6+CY6Q6b
bcPaJ2B2b9AKEZY8YMG/9PwMHQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNKemJt+
vj98zmN/wGQfmJLK7FccMB8GA1UdIwQYMBaAFGuHxpT3od3EN2f1iesneudP7Tt7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0VEOS8wQzI1M0E0QTIy
RTYxMUVBOTUwQTE4ODZDNEY5QUUwMi9hNGZHbFBlaDNjUTNaX1dKNnlkNjUwX3RP
M3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2E0ZkdsUGVoM2NRM1pfV0o2eWQ2NTBfdE8zcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNFRDkvMEMyNTNBNEEyMkU2MTFFQTk1MEExODg2QzRGOUFFMDIvMTcwREQzMjgz
MkJDMTFFQTkwQTc1QjY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAItcHgDBAJnRhQwDQYJKoZIhvcNAQELBQADggEBAF8Nzk0F
6MXx/Sa8sT6t9aNmOmOCPm5tbqBkdxwm4PYAwF/RTbQdR0vX8hnB96meVg1a56YL
qEciFqo8SXFjPK/VacIstZvOEynyAs/mdGNgfMhKBYb9SO+25s7cVa9uOLxxInbY
zNGYEwZZhrZX7cEndCsfmlwwoHsrbvbPuTRJL96QD0ldBpd0PUFbwLdL+Cl6Uv6g
Ye9LvfS6gQj/pLPunmxwDe4cbofBDqHMjg/4vvSktGcuy5GjpRVPOlYlmeEBO7Jr
4jExtoVVu8CCZumf20f0X3gKWDi4Fl7N9MVxEOFeipTaSh8boNUl2jnZheOI6AD2
7HZLYh1PzSSLnJ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org