Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9129DAC/8C5C009EB44C11E998120237C4F9AE02/63491314524711EBB3C18048C4F9AE02.roa
File: 63491314524711EBB3C18048C4F9AE02.roa (raw, json)
Hash identifier: T9VaoWfAkbO/wjYJmrJYdfJVpVSgHLtk0/mlTOEUEGI=
Subject key identifier: C7:1B:D2:DC:60:E0:13:23:23:0E:8D:3B:A6:1F:6A:D9:79:D5:15:10
Certificate issuer: /CN=A9129DAC/serialNumber=85D72470A8613D213505A1DF50FD09CEDD4CB694
Certificate serial: 07FB
Authority key identifier: 85:D7:24:70:A8:61:3D:21:35:05:A1:DF:50:FD:09:CE:DD:4C:B6:94
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hdckcKhhPSE1BaHfUP0Jzt1MtpQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9129DAC/8C5C009EB44C11E998120237C4F9AE02/63491314524711EBB3C18048C4F9AE02.roa
Signing time: Fri 14 May 2021 07:24:13 +0000
ROA not before: Fri 14 May 2021 07:24:13 +0000
ROA not after: Sat 30 Jul 2022 00:00:00 +0000
asID: 23860
IP address blocks: 45.249.68.0/22 maxlen: 24
103.217.228.0/22 maxlen: 24
2400:3ac0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2043 (0x7fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9129DAC/serialNumber=85D72470A8613D213505A1DF50FD09CEDD4CB694
Validity
Not Before: May 14 07:24:13 2021 GMT
Not After : Jul 30 00:00:00 2022 GMT
Subject: CN=609e259c-4773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:26:c6:10:7d:fb:b5:d1:d1:90:e9:03:a3:d0:
90:4d:05:5c:a2:7e:4f:d2:d9:97:98:84:ca:3c:77:
d4:f2:94:68:3b:0b:0f:1b:94:49:60:95:fc:9f:a9:
e8:5a:32:7f:d0:c4:17:66:7d:8c:d0:6e:46:7f:06:
b4:dc:58:5d:f8:9f:9d:76:63:d4:03:c3:69:2e:6a:
60:04:66:dd:fd:e1:32:53:98:fd:39:06:c7:d8:df:
de:87:79:46:3b:f3:ff:a6:6c:65:fc:04:c4:f8:26:
0b:31:29:0a:d1:0d:e3:d6:15:15:8d:d9:e6:23:91:
69:aa:51:d1:b6:16:aa:6b:67:53:61:c1:b3:94:59:
bb:18:fa:02:83:62:40:e5:53:19:ca:31:4e:d0:4b:
f3:79:cf:96:c4:2a:e8:94:13:0d:7f:4a:92:56:0f:
55:eb:ad:e2:1c:bd:20:b2:8f:59:5e:e3:2c:b9:b2:
ce:65:a0:2d:b9:25:32:7b:29:a0:51:c8:4c:62:41:
27:90:dd:0c:94:28:42:44:3f:49:f1:ef:41:1b:8a:
bd:df:63:c7:ee:cd:03:84:1e:ed:26:dc:1b:5d:f6:
2a:4c:b3:11:3c:49:8a:86:7f:8b:8a:e5:5e:18:54:
22:9f:20:36:f3:37:bd:48:e0:9a:e9:f9:f1:63:27:
98:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:1B:D2:DC:60:E0:13:23:23:0E:8D:3B:A6:1F:6A:D9:79:D5:15:10
X509v3 Authority Key Identifier:
keyid:85:D7:24:70:A8:61:3D:21:35:05:A1:DF:50:FD:09:CE:DD:4C:B6:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9129DAC/8C5C009EB44C11E998120237C4F9AE02/hdckcKhhPSE1BaHfUP0Jzt1MtpQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hdckcKhhPSE1BaHfUP0Jzt1MtpQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129DAC/8C5C009EB44C11E998120237C4F9AE02/63491314524711EBB3C18048C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.249.68.0/22
103.217.228.0/22
IPv6:
2400:3ac0::/32
Signature Algorithm: sha256WithRSAEncryption
6a:38:9e:2f:2d:19:91:3e:92:37:89:05:fc:81:c0:28:7b:ab:
74:9a:45:f7:b3:5f:fc:38:e1:6e:67:a4:cf:7c:78:72:78:f1:
34:a1:87:57:29:99:08:cc:c0:5a:f1:8b:d8:42:91:fb:0b:09:
fb:fc:ac:00:d0:e6:03:99:00:78:4e:6e:e6:8e:0e:ad:1e:94:
2f:91:bf:ec:22:c6:39:63:a1:1e:61:cd:79:fc:5b:89:d9:76:
2a:95:05:f6:d4:e2:b8:9b:e7:69:cc:bc:df:c4:34:2a:59:f8:
3f:ed:16:70:dc:19:f9:cc:99:16:bf:f8:bf:cc:93:3c:cd:41:
fa:4f:22:80:cf:7f:fc:9d:20:b8:5e:be:81:e2:52:2e:8d:f2:
2f:39:cb:05:6e:76:9e:77:5e:6d:69:a5:e9:49:bf:b0:88:51:
62:b1:18:ed:1a:a5:46:96:fe:0d:10:bc:de:8f:a5:c0:b4:5e:
c2:12:8b:02:e8:6a:61:56:2a:21:51:d4:78:89:69:c5:cf:8e:
9c:0e:17:6d:d2:42:5c:85:4c:35:5e:92:20:41:a9:02:13:69:
ae:fe:8b:ee:7d:ad:90:97:aa:58:c0:88:c6:79:17:8d:fb:eb:
3f:7d:92:06:75:95:9b:3f:cd:a5:88:56:41:2c:e6:42:e2:37:
4c:a8:de:b0
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICB/swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjlEQUMxMTAvBgNVBAUTKDg1RDcyNDcwQTg2MTNEMjEzNTA1QTFERjUwRkQwOUNF
REQ0Q0I2OTQwHhcNMjEwNTE0MDcyNDEzWhcNMjIwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MDllMjU5Yy00NzczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0CbGEH37tdHRkOkDo9CQTQVcon5P0tmXmITKPHfU8pRoOwsPG5RJYJX8n6no
WjJ/0MQXZn2M0G5Gfwa03Fhd+J+ddmPUA8NpLmpgBGbd/eEyU5j9OQbH2N/eh3lG
O/P/pmxl/ATE+CYLMSkK0Q3j1hUVjdnmI5FpqlHRthaqa2dTYcGzlFm7GPoCg2JA
5VMZyjFO0Evzec+WxCrolBMNf0qSVg9V663iHL0gso9ZXuMsubLOZaAtuSUyeymg
UchMYkEnkN0MlChCRD9J8e9BG4q932PH7s0DhB7tJtwbXfYqTLMRPEmKhn+LiuVe
GFQinyA28ze9SOCa6fnxYyeYhQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMcb0txg
4BMjIw6NO6Yfatl51RUQMB8GA1UdIwQYMBaAFIXXJHCoYT0hNQWh31D9Cc7dTLaU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOURBQy84QzVDMDA5RUI0
NEMxMUU5OTgxMjAyMzdDNEY5QUUwMi9oZGNrY0toaFBTRTFCYUhmVVAwSnp0MU10
cFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hkY2tjS2hoUFNFMUJhSGZVUDBKenQxTXRwUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjlEQUMvOEM1QzAwOUVCNDRDMTFFOTk4MTIwMjM3QzRGOUFFMDIvNjM0OTEzMTQ1
MjQ3MTFFQkIzQzE4MDQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIt+UQDBAJn2eQwDQQCAAIwBwMFACQAOsAwDQYJKoZIhvcN
AQELBQADggEBAGo4ni8tGZE+kjeJBfyBwCh7q3SaRfezX/w44W5npM98eHJ48TSh
h1cpmQjMwFrxi9hCkfsLCfv8rADQ5gOZAHhObuaODq0elC+Rv+wixjljoR5hzXn8
W4nZdiqVBfbU4rib52nMvN/ENCpZ+D/tFnDcGfnMmRa/+L/MkzzNQfpPIoDPf/yd
ILhevoHiUi6N8i85ywVudp53Xm1ppelJv7CIUWKxGO0apUaW/g0QvN6PpcC0XsIS
iwLoamFWKiFR1HiJacXPjpwOF23SQlyFTDVekiBBqQITaa7+i+59rZCXqljAiMZ5
F4376z99kgZ1lZs/zaWIVkEs5kLiN0yo3rA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org