Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91421E5/00BFA512AC9A11EA923F8549C4F9AE02/2FCD4EB2AC9B11EAA9C5E04AC4F9AE02.roa
File: 2FCD4EB2AC9B11EAA9C5E04AC4F9AE02.roa (raw, json)
Hash identifier: foyN56nhOtRGWvnRpmK/hOe2HwhpxWl1c4FdAgndkhI=
Subject key identifier: BD:4C:3E:D7:50:47:C8:F7:AF:6B:DC:F3:3F:11:B0:65:A7:37:23:39
Certificate issuer: /CN=A91421E5/serialNumber=9334C63A5B41E1A567228338F542227B7DA968E2
Certificate serial: 0735
Authority key identifier: 93:34:C6:3A:5B:41:E1:A5:67:22:83:38:F5:42:22:7B:7D:A9:68:E2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzTGOltB4aVnIoM49UIie32paOI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91421E5/00BFA512AC9A11EA923F8549C4F9AE02/2FCD4EB2AC9B11EAA9C5E04AC4F9AE02.roa
Signing time: Mon 30 Jan 2023 23:08:58 +0000
ROA not before: Mon 30 Jan 2023 23:08:58 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 137261
IP address blocks: 103.106.84.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1845 (0x735)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91421E5/serialNumber=9334C63A5B41E1A567228338F542227B7DA968E2
Validity
Not Before: Jan 30 23:08:58 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63d84e0a-ce65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:13:97:8d:2d:0b:a2:fa:b4:c4:83:98:f8:dd:
8b:d7:7e:25:63:d0:ff:8e:53:e4:d4:04:4b:9d:a8:
72:9d:71:af:9d:f8:a5:26:04:54:6f:ed:f4:ca:c9:
8e:3f:50:29:41:70:a7:ee:e9:1f:6a:09:a4:0f:a2:
e5:cd:f0:75:4b:79:2a:68:68:96:22:b6:38:06:a4:
1e:d7:fe:6d:24:b3:54:42:10:81:72:6e:71:74:01:
cf:0a:6d:6b:6a:93:04:fe:d1:ec:31:f1:ff:27:e5:
73:2a:72:4c:d1:e2:95:e0:f1:31:31:35:16:c3:87:
6b:a0:c5:b1:61:58:67:a1:94:2f:90:1b:10:62:3c:
07:8d:38:02:d8:89:c9:f8:4b:94:a6:ee:d7:95:f2:
f7:a9:ba:ca:3c:a0:d1:0f:c2:6c:dd:22:ed:e6:fb:
6d:75:3e:6b:fc:9a:df:12:03:2a:98:87:93:0a:b2:
47:a7:de:98:ce:b7:9c:76:a5:f5:84:6a:79:cc:8a:
eb:83:13:a9:73:49:96:8b:07:58:bc:24:65:cc:b1:
14:39:40:13:4c:88:2f:d2:3c:e5:56:51:a9:af:56:
cf:61:4a:da:b8:e7:ab:a8:39:df:01:27:bf:ec:0e:
9f:e6:c0:5c:07:2c:ae:28:44:bd:eb:33:ff:93:c0:
0e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:4C:3E:D7:50:47:C8:F7:AF:6B:DC:F3:3F:11:B0:65:A7:37:23:39
X509v3 Authority Key Identifier:
keyid:93:34:C6:3A:5B:41:E1:A5:67:22:83:38:F5:42:22:7B:7D:A9:68:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91421E5/00BFA512AC9A11EA923F8549C4F9AE02/kzTGOltB4aVnIoM49UIie32paOI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzTGOltB4aVnIoM49UIie32paOI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91421E5/00BFA512AC9A11EA923F8549C4F9AE02/2FCD4EB2AC9B11EAA9C5E04AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.84.0/24
Signature Algorithm: sha256WithRSAEncryption
f0:91:2f:40:d4:5c:94:c2:02:b7:29:24:4b:b8:73:05:fb:83:
8c:72:0b:b7:ce:e1:39:07:e2:d6:80:d9:30:e8:a3:f9:ba:b6:
eb:ff:38:70:f3:c8:2f:ee:f4:ff:ce:8e:c1:6c:50:ca:3f:ea:
3f:cb:d0:02:7e:9d:b3:23:48:5c:86:56:bd:d5:41:f9:0a:d1:
c1:3e:2a:cc:35:59:5f:7c:ef:62:e9:57:2f:e9:3b:96:24:bb:
8b:38:41:ab:5b:6e:d3:3e:07:ce:d6:7f:c3:60:dc:9b:c8:5f:
fc:aa:5c:4a:31:ec:94:68:a3:51:39:4b:17:12:de:88:1b:39:
46:ae:33:5f:82:fb:b3:c6:08:04:e7:16:f8:57:67:96:cc:b4:
f0:09:25:8c:5d:05:ce:6c:e5:9d:2a:1e:9f:a0:63:3a:e0:3f:
fa:c0:cc:0a:ee:d8:a6:ed:ff:a1:02:0b:b7:c0:85:b1:4a:25:
f8:0d:8f:43:67:d3:34:b5:ea:48:ae:98:6c:67:5f:a4:aa:20:
ed:c5:ce:55:f4:16:42:51:a1:67:10:8d:ff:9d:8a:fd:f3:50:
ba:9b:22:a0:85:08:b1:d8:9c:0b:34:f1:0b:d8:b4:8f:bc:88:
14:9e:4b:f3:3e:f9:7c:a4:02:91:7b:83:20:72:c8:f5:5e:67:
99:4c:45:e1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBzUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDIxRTUxMTAvBgNVBAUTKDkzMzRDNjNBNUI0MUUxQTU2NzIyODMzOEY1NDIyMjdC
N0RBOTY4RTIwHhcNMjMwMTMwMjMwODU4WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q4NGUwYS1jZTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzROXjS0Lovq0xIOY+N2L134lY9D/jlPk1ARLnahynXGvnfilJgRUb+30ysmO
P1ApQXCn7ukfagmkD6LlzfB1S3kqaGiWIrY4BqQe1/5tJLNUQhCBcm5xdAHPCm1r
apME/tHsMfH/J+VzKnJM0eKV4PExMTUWw4droMWxYVhnoZQvkBsQYjwHjTgC2InJ
+EuUpu7XlfL3qbrKPKDRD8Js3SLt5vttdT5r/JrfEgMqmIeTCrJHp96YzrecdqX1
hGp5zIrrgxOpc0mWiwdYvCRlzLEUOUATTIgv0jzlVlGpr1bPYUrauOerqDnfASe/
7A6f5sBcByyuKES96zP/k8AOFQIDAQABo4IClTCCApEwHQYDVR0OBBYEFL1MPtdQ
R8j3r2vc8z8RsGWnNyM5MB8GA1UdIwQYMBaAFJM0xjpbQeGlZyKDOPVCInt9qWji
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjFFNS8wMEJGQTUxMkFD
OUExMUVBOTIzRjg1NDlDNEY5QUUwMi9relRHT2x0QjRhVm5Jb000OVVJaWUzMnBh
T0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2t6VEdPbHRCNGFWbklvTTQ5VUlpZTMycGFPSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDIxRTUvMDBCRkE1MTJBQzlBMTFFQTkyM0Y4NTQ5QzRGOUFFMDIvMkZDRDRFQjJB
QzlCMTFFQUE5QzVFMDRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnalQwDQYJKoZIhvcNAQELBQADggEBAPCRL0DUXJTCArcp
JEu4cwX7g4xyC7fO4TkH4taA2TDoo/m6tuv/OHDzyC/u9P/OjsFsUMo/6j/L0AJ+
nbMjSFyGVr3VQfkK0cE+Ksw1WV9872LpVy/pO5Yku4s4QatbbtM+B87Wf8Ng3JvI
X/yqXEox7JRoo1E5SxcS3ogbOUauM1+C+7PGCATnFvhXZ5bMtPAJJYxdBc5s5Z0q
Hp+gYzrgP/rAzAru2Kbt/6ECC7fAhbFKJfgNj0Nn0zS16kiumGxnX6SqIO3FzlX0
FkJRoWcQjf+div3zULqbIqCFCLHYnAs08QvYtI+8iBSeS/M++XykApF7gyByyPVe
Z5lMReE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org