Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91373C9/805D7954589211EA97EC7487C4F9AE02/FC064316CCE011EAB5A36B54C4F9AE02.roa
File: FC064316CCE011EAB5A36B54C4F9AE02.roa (raw, json)
Hash identifier: TI87gs9ksiQZp6kAb/I7XimNN0t7UNi76t8WlFWNKKE=
Subject key identifier: 81:A7:89:3B:92:B3:87:DB:B9:01:DB:F2:67:91:C1:CF:4C:52:F7:76
Certificate issuer: /CN=A91373C9/serialNumber=B89AECF709EB4E536A4DDE7A0AF215FF49A9EFDC
Certificate serial: 05E9
Authority key identifier: B8:9A:EC:F7:09:EB:4E:53:6A:4D:DE:7A:0A:F2:15:FF:49:A9:EF:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uJrs9wnrTlNqTd56CvIV_0mp79w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91373C9/805D7954589211EA97EC7487C4F9AE02/FC064316CCE011EAB5A36B54C4F9AE02.roa
Signing time: Fri 15 Oct 2021 10:07:22 +0000
ROA not before: Fri 15 Oct 2021 10:07:22 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 55765
IP address blocks: 14.1.16.0/23 maxlen: 23
14.1.18.0/23 maxlen: 23
103.210.76.0/23 maxlen: 23
103.210.78.0/23 maxlen: 23
203.170.88.0/24 maxlen: 24
203.170.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1513 (0x5e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91373C9/serialNumber=B89AECF709EB4E536A4DDE7A0AF215FF49A9EFDC
Validity
Not Before: Oct 15 10:07:22 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=616952d9-698f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:25:28:95:4f:d1:6f:e0:95:84:01:bf:bc:f3:
44:eb:6e:e8:02:11:1b:7e:ed:d8:66:7e:c8:5c:3d:
4e:d2:f4:9a:9c:ae:c9:aa:f1:e4:a1:bc:6f:bb:4b:
bb:3c:61:1a:34:fd:af:e9:6a:e1:b7:87:23:db:09:
67:d3:05:51:b9:f7:fc:f5:38:7c:aa:7d:fe:b5:6e:
e6:c3:3c:bd:a6:7d:e3:84:70:c0:02:a6:cf:ee:50:
46:9b:7e:46:bc:97:a9:4f:74:d8:13:bd:4c:63:26:
b4:0a:c3:51:39:82:a0:76:e1:a1:06:70:a3:8a:17:
80:82:56:15:43:2a:04:ae:6a:88:b3:8c:36:e0:1d:
38:e8:02:e0:f6:1a:da:44:5f:d7:18:a2:64:10:85:
13:f6:4a:59:fe:92:46:e6:bf:d3:7e:59:c4:78:2c:
23:e5:98:b5:65:22:64:86:74:83:60:4f:98:2e:11:
c7:42:88:8c:7c:18:14:6e:d6:63:1b:00:52:48:dd:
72:e8:24:c8:5b:b7:29:f9:45:8a:a9:d6:b0:9c:2e:
29:eb:19:fc:d2:19:90:90:27:36:02:5a:77:a2:3b:
d1:5c:78:4d:22:b7:20:49:c2:a8:91:67:43:33:64:
1b:6d:61:ea:cb:6a:b1:1d:95:12:e1:b3:13:60:39:
5e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A7:89:3B:92:B3:87:DB:B9:01:DB:F2:67:91:C1:CF:4C:52:F7:76
X509v3 Authority Key Identifier:
keyid:B8:9A:EC:F7:09:EB:4E:53:6A:4D:DE:7A:0A:F2:15:FF:49:A9:EF:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91373C9/805D7954589211EA97EC7487C4F9AE02/uJrs9wnrTlNqTd56CvIV_0mp79w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uJrs9wnrTlNqTd56CvIV_0mp79w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91373C9/805D7954589211EA97EC7487C4F9AE02/FC064316CCE011EAB5A36B54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.16.0/22
103.210.76.0/22
203.170.88.0/23
Signature Algorithm: sha256WithRSAEncryption
16:62:20:33:a8:e5:0a:9b:ea:bd:c6:af:f3:40:b2:64:0e:57:
2e:bc:fd:51:54:23:14:b6:0e:ef:30:98:1a:cf:d4:97:06:a9:
ba:44:b9:5c:e5:10:21:8e:fa:a4:fa:c8:6f:d1:aa:22:e5:98:
cf:08:eb:66:9a:cf:69:1c:d1:4b:37:d0:79:28:78:7c:7f:c0:
af:93:9a:f5:e1:62:6c:7b:20:ff:54:f4:e9:0e:e8:0d:31:56:
89:9e:fe:58:61:d9:d7:aa:84:7a:e4:0e:13:71:88:1d:34:91:
be:72:c3:d4:c6:df:95:47:32:d1:c8:87:3e:3b:0c:5a:9c:13:
62:5e:5f:f2:28:62:ef:f9:8c:58:b4:4b:cc:da:ff:6b:fa:e3:
61:3a:42:43:72:e0:c4:dc:9b:b2:c6:c5:03:e5:ff:d3:24:aa:
4f:69:b6:af:a0:14:93:b9:10:f3:17:31:5d:93:cc:b9:ea:40:
e2:b1:c1:4f:92:f6:82:76:5a:76:69:7f:2a:65:ea:29:96:2e:
a5:34:59:50:1e:b3:05:41:f6:cd:68:7d:63:98:90:00:80:30:
a0:cc:89:a0:c9:e6:0d:4d:5e:8e:64:62:a1:b1:f4:32:19:cf:
2e:e4:7c:a2:78:d9:24:3e:ce:f1:bc:fc:c2:80:32:fd:3c:76:
97:fb:42:24
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBekwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzczQzkxMTAvBgNVBAUTKEI4OUFFQ0Y3MDlFQjRFNTM2QTREREU3QTBBRjIxNUZG
NDlBOUVGREMwHhcNMjExMDE1MTAwNzIyWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTY5NTJkOS02OThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApiUolU/Rb+CVhAG/vPNE627oAhEbfu3YZn7IXD1O0vSanK7JqvHkobxvu0u7
PGEaNP2v6Wrht4cj2wln0wVRuff89Th8qn3+tW7mwzy9pn3jhHDAAqbP7lBGm35G
vJepT3TYE71MYya0CsNROYKgduGhBnCjiheAglYVQyoErmqIs4w24B046ALg9hra
RF/XGKJkEIUT9kpZ/pJG5r/TflnEeCwj5Zi1ZSJkhnSDYE+YLhHHQoiMfBgUbtZj
GwBSSN1y6CTIW7cp+UWKqdawnC4p6xn80hmQkCc2Alp3ojvRXHhNIrcgScKokWdD
M2QbbWHqy2qxHZUS4bMTYDleiQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFIGniTuS
s4fbuQHb8meRwc9MUvd2MB8GA1UdIwQYMBaAFLia7PcJ605Tak3eegryFf9Jqe/c
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNzNDOS84MDVENzk1NDU4
OTIxMUVBOTdFQzc0ODdDNEY5QUUwMi91SnJzOXduclRsTnFUZDU2Q3ZJVl8wbXA3
OXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VKcnM5d25yVGxOcVRkNTZDdklWXzBtcDc5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzczQzkvODA1RDc5NTQ1ODkyMTFFQTk3RUM3NDg3QzRGOUFFMDIvRkMwNjQzMTZD
Q0UwMTFFQUI1QTM2QjU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAIOARADBAJn0kwDBAHLqlgwDQYJKoZIhvcNAQELBQADggEB
ABZiIDOo5Qqb6r3Gr/NAsmQOVy68/VFUIxS2Du8wmBrP1JcGqbpEuVzlECGO+qT6
yG/RqiLlmM8I62aaz2kc0Us30HkoeHx/wK+TmvXhYmx7IP9U9OkO6A0xVome/lhh
2deqhHrkDhNxiB00kb5yw9TG35VHMtHIhz47DFqcE2JeX/IoYu/5jFi0S8za/2v6
42E6QkNy4MTcm7LGxQPl/9Mkqk9ptq+gFJO5EPMXMV2TzLnqQOKxwU+S9oJ2WnZp
fypl6imWLqU0WVAeswVB9s1ofWOYkACAMKDMiaDJ5g1NXo5kYqGx9DIZzy7kfKJ4
2SQ+zvG8/MKAMv08dpf7QiQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org