Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147DD1/0ADE96D8D06311EA897C0513C4F9AE02/2D6EE94CC09D11EC81156D28C4F9AE02.roa
File: 2D6EE94CC09D11EC81156D28C4F9AE02.roa (raw, json)
Hash identifier: ZZ5HADXG+Iinjag580yfxxTFUeYg2Cf7nrVUKkyLyx4=
Subject key identifier: 51:C2:3D:61:62:21:C5:D9:0B:3C:88:8C:46:15:DC:76:89:2C:A5:8F
Certificate issuer: /CN=A9147DD1/serialNumber=FE2AF30D7AE2BDC160E61B77F0B6522E9B268CB9
Certificate serial: 0518
Authority key identifier: FE:2A:F3:0D:7A:E2:BD:C1:60:E6:1B:77:F0:B6:52:2E:9B:26:8C:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_irzDXrivcFg5ht38LZSLpsmjLk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9147DD1/0ADE96D8D06311EA897C0513C4F9AE02/2D6EE94CC09D11EC81156D28C4F9AE02.roa
Signing time: Tue 03 May 2022 11:29:17 +0000
ROA not before: Tue 03 May 2022 11:29:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45158
IP address blocks: 120.29.240.0/21 maxlen: 21
120.29.240.0/24 maxlen: 24
120.29.241.0/24 maxlen: 24
120.29.242.0/24 maxlen: 24
120.29.243.0/24 maxlen: 24
120.29.244.0/24 maxlen: 24
120.29.245.0/24 maxlen: 24
120.29.246.0/24 maxlen: 24
120.29.247.0/24 maxlen: 24
2407:1e00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1304 (0x518)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9147DD1/serialNumber=FE2AF30D7AE2BDC160E61B77F0B6522E9B268CB9
Validity
Not Before: May 3 11:29:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6271120d-1523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:93:a1:bc:40:51:51:ab:a1:b7:37:20:1c:f2:
b5:ae:56:d3:5b:32:f0:4f:8d:a9:3b:a8:8d:97:05:
26:a7:7a:ba:87:a7:01:c3:22:d2:a6:99:67:f6:c8:
b2:e1:f0:a3:72:c9:01:40:c6:11:a9:05:7a:b3:7f:
2e:5d:4a:30:96:bf:f7:94:4b:3b:fb:57:26:ec:c9:
dc:f5:27:a5:e7:6d:84:f7:11:47:84:8a:bf:bb:de:
a3:5c:e1:79:c8:ee:03:aa:ea:d3:f9:ef:ac:0f:fa:
d8:99:86:24:28:57:50:b2:c8:87:93:29:ce:c9:a9:
2e:47:21:6a:4e:74:fe:ff:6e:3e:9c:90:45:29:6e:
94:20:9f:99:23:83:a2:76:3b:55:6d:b9:14:99:6c:
88:d8:8b:11:65:a1:f4:55:b5:7f:c1:06:82:65:e2:
b2:29:71:c1:25:94:7c:71:45:e6:57:cc:37:79:ec:
9a:7b:a4:22:b1:6d:80:15:35:2f:04:10:f6:45:5b:
75:f3:7f:52:2d:33:0d:25:27:89:1c:10:0c:09:d5:
74:3e:b7:a1:e7:82:88:9e:55:14:6a:48:3e:e2:0b:
f4:50:dc:21:c7:f4:ee:f7:fb:77:e0:ee:06:a0:a4:
cd:a1:6f:16:cc:5e:ef:dc:22:27:4e:2e:b4:d3:2c:
fc:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C2:3D:61:62:21:C5:D9:0B:3C:88:8C:46:15:DC:76:89:2C:A5:8F
X509v3 Authority Key Identifier:
keyid:FE:2A:F3:0D:7A:E2:BD:C1:60:E6:1B:77:F0:B6:52:2E:9B:26:8C:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9147DD1/0ADE96D8D06311EA897C0513C4F9AE02/_irzDXrivcFg5ht38LZSLpsmjLk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_irzDXrivcFg5ht38LZSLpsmjLk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147DD1/0ADE96D8D06311EA897C0513C4F9AE02/2D6EE94CC09D11EC81156D28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
120.29.240.0/21
IPv6:
2407:1e00::/32
Signature Algorithm: sha256WithRSAEncryption
77:49:3c:bf:b1:77:7c:06:4c:4f:a2:f4:cb:06:80:e7:48:65:
f8:7c:c2:0e:6b:4c:da:0b:71:41:d5:bf:a1:93:a0:27:42:53:
ff:51:97:48:2b:bd:95:03:70:d6:2e:42:7b:34:b0:1d:a1:85:
d7:76:3c:54:29:57:48:a7:3f:a4:93:0f:80:25:b0:74:ca:0b:
93:85:78:34:e3:d5:4a:64:f4:34:b8:69:37:d6:1c:b9:6a:bc:
07:9f:2d:0d:5d:a6:c4:8a:61:ae:4a:24:6d:3e:6b:65:1b:c4:
e9:f3:a7:e0:60:9e:ec:aa:13:cf:38:2a:d8:1f:d2:fc:85:53:
fa:2f:a7:12:e5:91:82:89:37:0f:65:af:83:86:5b:d5:5d:d5:
1b:02:63:41:60:18:70:55:6c:29:2c:e4:51:22:26:83:29:a1:
81:07:8c:28:a7:b5:06:84:a6:10:6b:bf:2d:75:b9:e7:2e:05:
3b:40:7f:7d:f1:00:b4:6a:5b:7a:c6:ff:53:ee:0f:75:31:2b:
d2:03:77:43:1b:01:34:7f:79:1d:b3:b5:de:b4:86:5a:3f:f0:
e7:af:b0:45:50:03:d1:22:fb:6e:df:63:68:76:7b:63:8b:3a:
42:0c:43:a6:78:ec:0a:69:90:70:4e:6d:43:c3:9c:de:bf:b8:
d7:15:c7:72
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBRgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDdERDExMTAvBgNVBAUTKEZFMkFGMzBEN0FFMkJEQzE2MEU2MUI3N0YwQjY1MjJF
OUIyNjhDQjkwHhcNMjIwNTAzMTEyOTE3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjcxMTIwZC0xNTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwpOhvEBRUauhtzcgHPK1rlbTWzLwT42pO6iNlwUmp3q6h6cBwyLSppln9siy
4fCjcskBQMYRqQV6s38uXUowlr/3lEs7+1cm7Mnc9Sel522E9xFHhIq/u96jXOF5
yO4DqurT+e+sD/rYmYYkKFdQssiHkynOyakuRyFqTnT+/24+nJBFKW6UIJ+ZI4Oi
djtVbbkUmWyI2IsRZaH0VbV/wQaCZeKyKXHBJZR8cUXmV8w3eeyae6QisW2AFTUv
BBD2RVt1839SLTMNJSeJHBAMCdV0Preh54KInlUUakg+4gv0UNwhx/Tu9/t34O4G
oKTNoW8WzF7v3CInTi600yz8zQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFHCPWFi
IcXZCzyIjEYV3HaJLKWPMB8GA1UdIwQYMBaAFP4q8w164r3BYOYbd/C2Ui6bJoy5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0REMS8wQURFOTZEOEQw
NjMxMUVBODk3QzA1MTNDNEY5QUUwMi9faXJ6RFhyaXZjRmc1aHQzOExaU0xwc21q
TGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19pcnpEWHJpdmNGZzVodDM4TFpTTHBzbWpMay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDdERDEvMEFERTk2RDhEMDYzMTFFQTg5N0MwNTEzQzRGOUFFMDIvMkQ2RUU5NEND
MDlEMTFFQzgxMTU2RDI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAN4HfAwDQQCAAIwBwMFACQHHgAwDQYJKoZIhvcNAQELBQAD
ggEBAHdJPL+xd3wGTE+i9MsGgOdIZfh8wg5rTNoLcUHVv6GToCdCU/9Rl0grvZUD
cNYuQns0sB2hhdd2PFQpV0inP6STD4AlsHTKC5OFeDTj1Upk9DS4aTfWHLlqvAef
LQ1dpsSKYa5KJG0+a2UbxOnzp+BgnuyqE884Ktgf0vyFU/ovpxLlkYKJNw9lr4OG
W9Vd1RsCY0FgGHBVbCks5FEiJoMpoYEHjCintQaEphBrvy11uecuBTtAf33xALRq
W3rG/1PuD3UxK9IDd0MbATR/eR2ztd60hlo/8OevsEVQA9Ei+27fY2h2e2OLOkIM
Q6Z47AppkHBObUPDnN6/uNcVx3I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org