Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CED9/0C253A4A22E611EA950A1886C4F9AE02/A93D0CECB65C11EDA8F75721C4F9AE02.roa
File: A93D0CECB65C11EDA8F75721C4F9AE02.roa (raw, json)
Hash identifier: u1N6rD7oIZUrIW/3UvtAFLtzFZOEZw+jswf+inhR2Bs=
Subject key identifier: BD:B0:89:6F:6C:5F:5D:AC:4C:B7:61:33:A4:82:F9:1B:65:FF:20:3A
Certificate issuer: /CN=A911CED9/serialNumber=6B87C694F7A1DDC43767F589EB277AE74FED3B7B
Certificate serial: 0A16
Authority key identifier: 6B:87:C6:94:F7:A1:DD:C4:37:67:F5:89:EB:27:7A:E7:4F:ED:3B:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a4fGlPeh3cQ3Z_WJ6yd650_tO3s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CED9/0C253A4A22E611EA950A1886C4F9AE02/A93D0CECB65C11EDA8F75721C4F9AE02.roa
Signing time: Mon 27 Feb 2023 05:07:41 +0000
ROA not before: Mon 27 Feb 2023 05:07:41 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 31898
IP address blocks: 103.70.20.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2582 (0xa16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CED9/serialNumber=6B87C694F7A1DDC43767F589EB277AE74FED3B7B
Validity
Not Before: Feb 27 05:07:41 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63fc3a9d-8fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:bc:03:95:46:17:62:65:9f:16:6a:83:f5:91:
a0:ae:76:a4:c8:2d:c7:c4:40:eb:2e:f2:7a:18:a6:
1b:38:f7:63:c4:d0:da:2f:f0:e4:46:e2:70:c8:08:
c6:0f:d6:73:1e:ce:70:e8:21:19:1e:94:04:c0:cc:
38:fa:1f:4b:90:d5:3c:a6:b6:27:ed:36:33:bf:48:
44:bd:77:07:ea:b2:ed:33:7b:34:59:2d:87:f9:88:
d0:2f:c5:ac:16:8a:54:6e:24:ee:cd:85:df:85:69:
3b:a8:06:b7:0c:80:cf:13:3b:c5:d3:19:17:cc:a3:
b1:d0:6b:f8:30:f1:7a:54:09:17:45:f0:9d:1b:ec:
c8:63:9e:db:17:34:9d:d2:af:c7:15:ae:af:cd:1f:
cb:e5:59:21:e8:7e:af:77:9d:3f:9c:9f:b7:7d:ea:
e9:13:b2:a7:d0:16:6d:28:5b:ee:70:ef:60:24:85:
ad:eb:7e:bf:40:af:7b:18:3e:63:b4:55:75:c9:6c:
1a:ff:c4:f5:05:ba:0d:d8:3f:c2:c4:2e:ee:25:7e:
6f:6e:4d:88:e2:36:72:e3:5c:ae:f9:fc:1b:5b:07:
c7:f4:51:15:aa:a2:b4:86:40:af:a9:91:2c:cc:41:
66:65:83:c1:97:18:a1:f9:d5:cc:47:68:a7:81:24:
6c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:B0:89:6F:6C:5F:5D:AC:4C:B7:61:33:A4:82:F9:1B:65:FF:20:3A
X509v3 Authority Key Identifier:
keyid:6B:87:C6:94:F7:A1:DD:C4:37:67:F5:89:EB:27:7A:E7:4F:ED:3B:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CED9/0C253A4A22E611EA950A1886C4F9AE02/a4fGlPeh3cQ3Z_WJ6yd650_tO3s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a4fGlPeh3cQ3Z_WJ6yd650_tO3s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CED9/0C253A4A22E611EA950A1886C4F9AE02/A93D0CECB65C11EDA8F75721C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.70.20.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:55:ba:28:bc:f7:dc:10:89:a0:fd:d1:c2:b9:bb:6a:b2:83:
56:3a:1e:92:6f:bb:9a:e5:2f:97:d3:6d:a7:c6:d4:97:17:ae:
3b:3b:a1:29:fa:fd:e5:de:1b:84:d5:d3:c5:9f:8a:18:3b:63:
22:07:f3:c5:e3:89:d4:c8:69:2f:33:e8:ec:fd:2f:b2:06:91:
73:0a:0c:d3:ca:62:da:3b:b4:9a:5f:8d:2b:39:d3:7f:38:6b:
f9:ac:21:27:a8:3e:cc:af:dc:59:69:44:69:64:54:fd:00:4c:
f3:63:c4:fd:6e:87:8d:1e:d5:7c:e0:07:7d:4a:86:76:82:f7:
7e:99:c3:77:83:ea:da:e6:56:17:df:65:61:3e:31:62:c1:c6:
d8:2a:05:dc:a5:78:0e:e7:07:4a:8e:62:ab:00:25:02:7d:38:
bf:0e:c9:74:93:43:83:99:25:8b:ea:da:47:70:50:02:8a:1f:
27:a3:82:b3:b7:f3:15:18:00:d8:42:28:e2:4d:c7:5c:80:cf:
41:99:df:4b:f5:bf:05:23:49:72:22:2d:3e:30:6f:91:32:ea:
c5:1f:50:11:7c:85:f2:cb:3d:fa:3f:86:ff:94:be:54:b3:41:
66:6b:21:61:e6:41:94:c2:fc:68:33:79:25:08:56:fb:6b:cb:
72:ab:d6:d6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICChYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNFRDkxMTAvBgNVBAUTKDZCODdDNjk0RjdBMUREQzQzNzY3RjU4OUVCMjc3QUU3
NEZFRDNCN0IwHhcNMjMwMjI3MDUwNzQxWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ZjM2E5ZC04ZmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA37wDlUYXYmWfFmqD9ZGgrnakyC3HxEDrLvJ6GKYbOPdjxNDaL/DkRuJwyAjG
D9ZzHs5w6CEZHpQEwMw4+h9LkNU8prYn7TYzv0hEvXcH6rLtM3s0WS2H+YjQL8Ws
FopUbiTuzYXfhWk7qAa3DIDPEzvF0xkXzKOx0Gv4MPF6VAkXRfCdG+zIY57bFzSd
0q/HFa6vzR/L5Vkh6H6vd50/nJ+3ferpE7Kn0BZtKFvucO9gJIWt636/QK97GD5j
tFV1yWwa/8T1BboN2D/CxC7uJX5vbk2I4jZy41yu+fwbWwfH9FEVqqK0hkCvqZEs
zEFmZYPBlxih+dXMR2ingSRsNwIDAQABo4IClTCCApEwHQYDVR0OBBYEFL2wiW9s
X12sTLdhM6SC+Rtl/yA6MB8GA1UdIwQYMBaAFGuHxpT3od3EN2f1iesneudP7Tt7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0VEOS8wQzI1M0E0QTIy
RTYxMUVBOTUwQTE4ODZDNEY5QUUwMi9hNGZHbFBlaDNjUTNaX1dKNnlkNjUwX3RP
M3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2E0ZkdsUGVoM2NRM1pfV0o2eWQ2NTBfdE8zcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNFRDkvMEMyNTNBNEEyMkU2MTFFQTk1MEExODg2QzRGOUFFMDIvQTkzRDBDRUNC
NjVDMTFFREE4Rjc1NzIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnRhQwDQYJKoZIhvcNAQELBQADggEBABtVuii899wQiaD9
0cK5u2qyg1Y6HpJvu5rlL5fTbafG1JcXrjs7oSn6/eXeG4TV08Wfihg7YyIH88Xj
idTIaS8z6Oz9L7IGkXMKDNPKYto7tJpfjSs50384a/msISeoPsyv3FlpRGlkVP0A
TPNjxP1uh40e1XzgB31KhnaC936Zw3eD6trmVhffZWE+MWLBxtgqBdyleA7nB0qO
YqsAJQJ9OL8OyXSTQ4OZJYvq2kdwUAKKHyejgrO38xUYANhCKOJNx1yAz0GZ30v1
vwUjSXIiLT4wb5Ey6sUfUBF8hfLLPfo/hv+UvlSzQWZrIWHmQZTC/GgzeSUIVvtr
y3Kr1tY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org