Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9127AEB/B11B3FB876E311E994071E35C4F9AE02/2632CF2EA03011EB9DA2913CC4F9AE02.roa
File: 2632CF2EA03011EB9DA2913CC4F9AE02.roa (raw, json)
Hash identifier: Se1LZY7bf+cRW8saKh91IBNmYVc6BuJ1XIgcHAZRlyM=
Subject key identifier: BC:21:E6:D9:BE:46:73:9D:FB:76:A3:34:E2:7C:AE:F0:90:C8:B9:17
Certificate issuer: /CN=A9127AEB/serialNumber=B4CD3E599F32C544B6102DC2658C781C80C3C33B
Certificate serial: 0E22
Authority key identifier: B4:CD:3E:59:9F:32:C5:44:B6:10:2D:C2:65:8C:78:1C:80:C3:C3:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tM0-WZ8yxUS2EC3CZYx4HIDDwzs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9127AEB/B11B3FB876E311E994071E35C4F9AE02/2632CF2EA03011EB9DA2913CC4F9AE02.roa
Signing time: Thu 30 Nov 2023 18:45:56 +0000
ROA not before: Thu 30 Nov 2023 18:45:56 +0000
ROA not after: Sat 30 Mar 2024 00:00:00 +0000
asID: 133557
IP address blocks: 103.75.148.0/23 maxlen: 23
103.75.148.0/24 maxlen: 24
103.75.149.0/24 maxlen: 24
103.93.122.0/23 maxlen: 23
103.93.122.0/24 maxlen: 24
103.93.123.0/24 maxlen: 24
123.253.120.0/22 maxlen: 22
123.253.120.0/24 maxlen: 24
123.253.121.0/24 maxlen: 24
123.253.122.0/24 maxlen: 24
123.253.123.0/24 maxlen: 24
2407:5280::/32 maxlen: 32
2407:5280::/36 maxlen: 36
2407:5280::/48 maxlen: 48
2407:5280:100::/45 maxlen: 45
2407:5280:100::/48 maxlen: 48
2407:5280:200::/45 maxlen: 45
2407:5280:200::/48 maxlen: 48
2407:5280:201::/48 maxlen: 48
2407:5280:202::/48 maxlen: 48
2407:5280:203::/48 maxlen: 48
2407:5280:204::/48 maxlen: 48
2407:5280:205::/48 maxlen: 48
2407:5280:206::/48 maxlen: 48
2407:5280:207::/48 maxlen: 48
2407:5280:300::/45 maxlen: 45
2407:5280:300::/48 maxlen: 48
2407:5280:301::/48 maxlen: 48
2407:5280:302::/48 maxlen: 48
2407:5280:303::/48 maxlen: 48
2407:5280:304::/48 maxlen: 48
2407:5280:305::/48 maxlen: 48
2407:5280:306::/48 maxlen: 48
2407:5280:307::/48 maxlen: 48
2407:5280:500::/45 maxlen: 45
2407:5280:500::/48 maxlen: 48
2407:5280:501::/48 maxlen: 48
2407:5280:502::/48 maxlen: 48
2407:5280:503::/48 maxlen: 48
2407:5280:504::/48 maxlen: 48
2407:5280:505::/48 maxlen: 48
2407:5280:506::/48 maxlen: 48
2407:5280:507::/48 maxlen: 48
2407:5280:1000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3618 (0xe22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9127AEB/serialNumber=B4CD3E599F32C544B6102DC2658C781C80C3C33B
Validity
Not Before: Nov 30 18:45:56 2023 GMT
Not After : Mar 30 00:00:00 2024 GMT
Subject: CN=6568d863-02ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:68:62:58:73:c9:2f:63:bc:2a:0c:17:5e:14:
35:a3:52:16:c1:ba:5d:cd:6c:fa:41:4a:c8:d1:68:
d2:16:98:90:73:bc:05:57:e8:b8:bf:49:10:5f:66:
20:d4:d8:1d:ae:cb:27:b2:cc:4c:0f:53:b7:74:20:
b9:0d:c9:b5:10:9f:42:4f:0c:79:50:e7:92:c0:24:
5c:87:7c:25:67:e6:ad:97:2c:d4:85:bb:c8:f5:42:
f0:db:99:96:c6:8f:63:e3:f5:ce:fd:02:68:cc:1c:
63:8e:9e:49:68:a9:50:d9:9d:65:d9:72:57:e4:64:
5f:f0:25:cf:8e:d0:2c:35:41:56:d7:74:86:a5:2e:
12:f5:b7:c4:05:3f:24:a5:98:91:18:05:a2:ed:5e:
bc:95:52:49:fa:b0:5e:7b:6e:c9:8a:f1:4c:d1:fc:
4d:35:11:e2:d3:07:75:44:62:3a:92:4b:f2:e3:52:
cc:3b:8d:2f:66:a6:eb:ec:35:d5:06:d3:42:46:bf:
7e:10:10:4d:80:1b:07:53:e3:0d:f0:2b:a6:51:b3:
f9:fc:86:c3:9e:39:25:b6:18:98:0a:4a:03:a5:0c:
ee:3d:59:81:c0:a0:61:18:2a:ea:5b:a9:a8:34:de:
4f:4c:0c:71:e6:63:c6:07:3c:47:86:52:00:ad:1b:
24:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:21:E6:D9:BE:46:73:9D:FB:76:A3:34:E2:7C:AE:F0:90:C8:B9:17
X509v3 Authority Key Identifier:
keyid:B4:CD:3E:59:9F:32:C5:44:B6:10:2D:C2:65:8C:78:1C:80:C3:C3:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9127AEB/B11B3FB876E311E994071E35C4F9AE02/tM0-WZ8yxUS2EC3CZYx4HIDDwzs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tM0-WZ8yxUS2EC3CZYx4HIDDwzs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127AEB/B11B3FB876E311E994071E35C4F9AE02/2632CF2EA03011EB9DA2913CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.75.148.0/23
103.93.122.0/23
123.253.120.0/22
IPv6:
2407:5280::/32
Signature Algorithm: sha256WithRSAEncryption
3a:4c:fe:c1:3e:78:de:08:f2:ad:32:3e:31:33:19:90:a2:d7:
97:7e:7e:eb:6c:16:f6:44:50:e8:7f:b7:a2:5c:60:df:d0:d6:
5c:5e:97:95:9f:ad:36:a3:d9:cd:7f:71:c2:56:be:35:ef:d8:
b6:3d:45:e9:59:4e:69:30:e6:2b:32:9f:10:23:a1:70:a2:3c:
6e:56:8b:80:cb:6a:3c:4f:1f:31:be:cd:b6:ac:99:36:df:86:
91:ae:d9:0e:9b:43:ac:53:81:f5:20:e2:8b:f9:57:52:35:ea:
1a:4e:ab:b4:fa:b3:c7:69:b8:57:6f:38:03:19:f0:f6:f9:b1:
e8:ee:79:57:35:d3:a3:12:69:c6:5b:03:c2:0a:8f:50:64:2d:
95:11:e0:b2:0b:31:3d:ed:9a:ca:fb:94:b4:4d:d3:5e:7c:a2:
44:bd:61:90:17:ad:79:64:20:e5:06:ea:aa:a1:73:6e:74:5a:
41:c3:a4:ff:bb:bc:8f:98:1f:e7:0f:e8:e3:67:52:9c:0a:a9:
9b:bd:aa:66:56:15:6e:50:e5:6f:14:7a:ae:c4:dd:91:97:17:
8d:b8:fd:e8:96:64:d8:bb:6e:de:9b:2c:08:a3:87:9a:5a:39:
d1:7b:14:9f:24:05:41:a0:87:2f:d2:b3:d9:e8:2d:82:df:6c:
e4:34:fc:32
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICDiIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjdBRUIxMTAvBgNVBAUTKEI0Q0QzRTU5OUYzMkM1NDRCNjEwMkRDMjY1OEM3ODFD
ODBDM0MzM0IwHhcNMjMxMTMwMTg0NTU2WhcNMjQwMzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY4ZDg2My0wMmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3mhiWHPJL2O8KgwXXhQ1o1IWwbpdzWz6QUrI0WjSFpiQc7wFV+i4v0kQX2Yg
1NgdrssnssxMD1O3dCC5Dcm1EJ9CTwx5UOeSwCRch3wlZ+atlyzUhbvI9ULw25mW
xo9j4/XO/QJozBxjjp5JaKlQ2Z1l2XJX5GRf8CXPjtAsNUFW13SGpS4S9bfEBT8k
pZiRGAWi7V68lVJJ+rBee27JivFM0fxNNRHi0wd1RGI6kkvy41LMO40vZqbr7DXV
BtNCRr9+EBBNgBsHU+MN8CumUbP5/IbDnjklthiYCkoDpQzuPVmBwKBhGCrqW6mo
NN5PTAxx5mPGBzxHhlIArRskiwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFLwh5tm+
RnOd+3ajNOJ8rvCQyLkXMB8GA1UdIwQYMBaAFLTNPlmfMsVEthAtwmWMeByAw8M7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyN0FFQi9CMTFCM0ZCODc2
RTMxMUU5OTQwNzFFMzVDNEY5QUUwMi90TTAtV1o4eXhVUzJFQzNDWll4NEhJRER3
enMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RNMC1XWjh5eFVTMkVDM0NaWXg0SElERHd6cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjdBRUIvQjExQjNGQjg3NkUzMTFFOTk0MDcxRTM1QzRGOUFFMDIvMjYzMkNGMkVB
MDMwMTFFQjlEQTI5MTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAFnS5QDBAFnXXoDBAJ7/XgwDQQCAAIwBwMFACQHUoAwDQYJ
KoZIhvcNAQELBQADggEBADpM/sE+eN4I8q0yPjEzGZCi15d+futsFvZEUOh/t6Jc
YN/Q1lxel5WfrTaj2c1/ccJWvjXv2LY9RelZTmkw5isynxAjoXCiPG5Wi4DLajxP
HzG+zbasmTbfhpGu2Q6bQ6xTgfUg4ov5V1I16hpOq7T6s8dpuFdvOAMZ8Pb5seju
eVc106MSacZbA8IKj1BkLZUR4LILMT3tmsr7lLRN0158okS9YZAXrXlkIOUG6qqh
c250WkHDpP+7vI+YH+cP6ONnUpwKqZu9qmZWFW5Q5W8Ueq7E3ZGXF424/eiWZNi7
bt6bLAijh5paOdF7FJ8kBUGghy/Ss9noLYLfbOQ0/DI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org