Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912B256/2AC7B03018A511EB8D422172C4F9AE02/E8C6B7361FF111EBA7130B29C4F9AE02.roa
File: E8C6B7361FF111EBA7130B29C4F9AE02.roa (raw, json)
Hash identifier: wpTtr81NMoHPGQIrJkLMEjjcHuD1J6YaU01C8P88+w8=
Subject key identifier: 4B:DF:C2:7D:F1:AA:ED:2C:6E:01:49:7C:1B:7D:B4:98:3A:DE:8B:2B
Certificate issuer: /CN=A912B256/serialNumber=AD3AE6302486E26D7385DC154573A0E76B9D7292
Certificate serial: 058D
Authority key identifier: AD:3A:E6:30:24:86:E2:6D:73:85:DC:15:45:73:A0:E7:6B:9D:72:92
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rTrmMCSG4m1zhdwVRXOg52udcpI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912B256/2AC7B03018A511EB8D422172C4F9AE02/E8C6B7361FF111EBA7130B29C4F9AE02.roa
Signing time: Thu 13 Oct 2022 00:29:49 +0000
ROA not before: Thu 13 Oct 2022 00:29:49 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 9792
IP address blocks: 192.65.182.0/24 maxlen: 24
192.160.169.0/24 maxlen: 24
192.160.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1421 (0x58d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912B256/serialNumber=AD3AE6302486E26D7385DC154573A0E76B9D7292
Validity
Not Before: Oct 13 00:29:49 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63475bfd-24f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:38:f2:c0:11:7a:cc:c4:62:f7:99:06:60:9f:
5d:05:5a:d9:5a:7b:4a:88:85:c6:6d:0d:d3:a5:58:
49:45:85:7f:89:ce:19:09:ac:27:c3:c4:df:8a:4a:
ee:39:cd:db:0d:71:cf:3e:c8:96:c8:55:16:d3:5f:
35:6c:1d:2e:81:c7:a9:df:b4:ee:27:29:7b:71:89:
1c:28:aa:8c:a0:6c:be:46:ec:ad:9f:5e:44:61:3e:
76:06:af:29:a8:ec:68:d1:27:c4:9d:f9:45:5f:71:
f2:54:5a:89:fe:ca:e8:13:ff:6d:c6:41:2d:d9:08:
70:2b:b6:75:66:a7:64:28:9e:fc:99:a2:03:f0:f8:
f7:62:42:f8:73:7c:4a:4d:4b:a9:c7:7a:3f:b8:20:
71:d2:7f:68:59:eb:9a:7e:e2:e1:c0:6e:0c:10:aa:
e5:8d:d1:8a:84:77:08:4b:39:c3:51:94:5f:fc:aa:
6a:35:e2:7b:66:86:75:d9:77:78:c9:a3:1f:e9:69:
dc:22:5c:ff:86:2c:f1:56:37:3d:b1:34:dd:36:d1:
20:98:3e:3c:37:43:d7:9b:18:e3:68:b9:17:83:ec:
bd:aa:90:75:30:8a:6d:54:14:82:76:75:1a:f8:18:
87:ee:6c:dd:5e:a2:7a:0b:be:d0:a3:cc:5a:1a:ee:
77:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DF:C2:7D:F1:AA:ED:2C:6E:01:49:7C:1B:7D:B4:98:3A:DE:8B:2B
X509v3 Authority Key Identifier:
keyid:AD:3A:E6:30:24:86:E2:6D:73:85:DC:15:45:73:A0:E7:6B:9D:72:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912B256/2AC7B03018A511EB8D422172C4F9AE02/rTrmMCSG4m1zhdwVRXOg52udcpI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rTrmMCSG4m1zhdwVRXOg52udcpI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B256/2AC7B03018A511EB8D422172C4F9AE02/E8C6B7361FF111EBA7130B29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.65.182.0/24
192.160.169.0-192.160.170.255
Signature Algorithm: sha256WithRSAEncryption
99:c4:36:0d:2a:97:54:52:ee:e9:f1:bd:a9:72:fe:9e:d7:cd:
ef:9b:4e:27:82:11:e0:2f:32:42:4d:06:41:54:de:ff:f2:6d:
de:ad:cb:09:d1:1e:21:b3:cb:8f:c3:16:94:b6:75:6b:af:99:
9c:6f:78:24:a0:ce:50:91:d8:36:49:3e:5d:86:07:da:f3:9c:
08:3c:d1:29:00:d3:de:91:45:62:27:82:f4:32:29:4d:66:04:
d1:8c:9b:f0:cf:4b:c5:ed:b0:b6:13:3e:f6:40:0f:e1:91:4d:
9e:c1:f9:a1:7c:f4:6e:6f:12:6a:bb:0a:84:e8:b3:fc:ab:a3:
2b:e2:16:8f:8f:26:11:78:8d:4c:52:ab:3b:a8:08:88:dd:1c:
05:0e:28:35:41:92:25:af:0f:71:ac:d0:c0:79:4d:fe:76:4a:
97:1f:39:46:1e:96:58:af:75:e4:2a:fa:a8:01:ee:73:55:42:
4e:98:f9:eb:b1:2f:58:5b:07:c5:46:47:34:f4:ab:93:7e:35:
57:92:39:95:b7:15:1e:63:82:1a:02:9c:d4:d2:af:c4:ce:a2:
6e:d6:34:d9:9f:93:20:cf:e8:d4:9e:69:c5:bd:fa:b0:11:b8:
d3:59:e8:0c:2c:ec:71:05:75:f8:b4:2d:2e:e0:73:0c:f2:25:
68:eb:a6:93
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICBY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkIyNTYxMTAvBgNVBAUTKEFEM0FFNjMwMjQ4NkUyNkQ3Mzg1REMxNTQ1NzNBMEU3
NkI5RDcyOTIwHhcNMjIxMDEzMDAyOTQ5WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ3NWJmZC0yNGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8jjywBF6zMRi95kGYJ9dBVrZWntKiIXGbQ3TpVhJRYV/ic4ZCawnw8Tfikru
Oc3bDXHPPsiWyFUW0181bB0ugcep37TuJyl7cYkcKKqMoGy+Ruytn15EYT52Bq8p
qOxo0SfEnflFX3HyVFqJ/sroE/9txkEt2QhwK7Z1ZqdkKJ78maID8Pj3YkL4c3xK
TUupx3o/uCBx0n9oWeuafuLhwG4MEKrljdGKhHcISznDUZRf/KpqNeJ7ZoZ12Xd4
yaMf6WncIlz/hizxVjc9sTTdNtEgmD48N0PXmxjjaLkXg+y9qpB1MIptVBSCdnUa
+BiH7mzdXqJ6C77Qo8xaGu536wIDAQABo4ICozCCAp8wHQYDVR0OBBYEFEvfwn3x
qu0sbgFJfBt9tJg63osrMB8GA1UdIwQYMBaAFK065jAkhuJtc4XcFUVzoOdrnXKS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQjI1Ni8yQUM3QjAzMDE4
QTUxMUVCOEQ0MjIxNzJDNEY5QUUwMi9yVHJtTUNTRzRtMXpoZHdWUlhPZzUydWRj
cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3JUcm1NQ1NHNG0xemhkd1ZSWE9nNTJ1ZGNwSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkIyNTYvMkFDN0IwMzAxOEE1MTFFQjhENDIyMTcyQzRGOUFFMDIvRThDNkI3MzYx
RkYxMTFFQkE3MTMwQjI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBADAQbYwDAMEAMCgqQMEAMCgqjANBgkqhkiG9w0BAQsFAAOC
AQEAmcQ2DSqXVFLu6fG9qXL+ntfN75tOJ4IR4C8yQk0GQVTe//Jt3q3LCdEeIbPL
j8MWlLZ1a6+ZnG94JKDOUJHYNkk+XYYH2vOcCDzRKQDT3pFFYieC9DIpTWYE0Yyb
8M9Lxe2wthM+9kAP4ZFNnsH5oXz0bm8SarsKhOiz/KujK+IWj48mEXiNTFKrO6gI
iN0cBQ4oNUGSJa8PcazQwHlN/nZKlx85Rh6WWK915Cr6qAHuc1VCTpj567EvWFsH
xUZHNPSrk341V5I5lbcVHmOCGgKc1NKvxM6ibtY02Z+TIM/o1J5pxb36sBG401no
DCzscQV1+LQtLuBzDPIlaOumkw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 13:40:11 2023 by rpki-client on console-ams.rpki-client.org