Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147DD1/0ADE96D8D06311EA897C0513C4F9AE02/D550BAF88FD411ED8AB0B97AC4F9AE02.roa
File: D550BAF88FD411ED8AB0B97AC4F9AE02.roa (raw, json)
Hash identifier: y5tfn4zgtt3/aewSykX+zBDcJtoGjCsyc86gURclTm4=
Subject key identifier: 51:DD:D0:EA:22:C8:71:91:7E:D0:7A:15:28:08:C5:7E:B2:D7:3E:0B
Certificate issuer: /CN=A9147DD1/serialNumber=FE2AF30D7AE2BDC160E61B77F0B6522E9B268CB9
Certificate serial: 06BC
Authority key identifier: FE:2A:F3:0D:7A:E2:BD:C1:60:E6:1B:77:F0:B6:52:2E:9B:26:8C:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_irzDXrivcFg5ht38LZSLpsmjLk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9147DD1/0ADE96D8D06311EA897C0513C4F9AE02/D550BAF88FD411ED8AB0B97AC4F9AE02.roa
Signing time: Thu 04 May 2023 23:40:15 +0000
ROA not before: Thu 04 May 2023 23:40:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45158
IP address blocks: 120.29.240.0/21 maxlen: 21
120.29.240.0/24 maxlen: 24
120.29.241.0/24 maxlen: 24
120.29.242.0/24 maxlen: 24
120.29.243.0/24 maxlen: 24
120.29.244.0/24 maxlen: 24
120.29.245.0/24 maxlen: 24
120.29.246.0/24 maxlen: 24
120.29.247.0/24 maxlen: 24
2407:1e00::/32 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1724 (0x6bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9147DD1/serialNumber=FE2AF30D7AE2BDC160E61B77F0B6522E9B268CB9
Validity
Not Before: May 4 23:40:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6454425f-10a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0c:19:29:18:ee:8b:e1:5c:73:2d:7b:2e:d9:
98:48:84:e0:a0:c4:a4:53:c5:11:26:bd:f5:fe:ea:
0d:c5:61:70:61:2c:11:7e:db:1c:aa:05:6f:19:18:
7e:d7:3f:8b:cd:52:99:f2:a2:76:d1:8c:6c:57:b5:
67:0e:fb:9c:d2:7c:a0:30:e3:96:53:bf:d3:2d:43:
30:a9:12:c9:05:1a:eb:3d:fc:99:c7:ce:8f:d6:cf:
ea:88:bd:33:77:c6:dc:32:b7:11:17:2b:da:ce:10:
b5:a4:cf:3e:04:3a:11:ed:02:db:8b:fa:93:7b:5d:
41:00:06:c5:c2:05:86:d8:c4:f6:2a:c2:34:51:0b:
b6:f4:1d:b4:1c:e4:f1:69:5b:9b:90:37:e6:9e:09:
fa:89:83:26:0d:4e:c4:1c:4d:ed:31:99:9b:ce:a1:
d7:36:31:8d:e7:25:30:59:30:5e:bc:47:ae:bf:a7:
91:84:51:f4:e0:87:24:20:93:03:c2:4f:90:8c:ad:
84:9a:ec:90:b5:6f:28:22:04:a8:fa:e5:b7:8b:46:
72:94:b4:d8:71:7c:4f:e7:d5:4e:fa:9d:1c:49:62:
de:11:de:a2:7b:d3:80:1f:65:9e:9e:d6:69:4d:f3:
c5:db:5a:66:fe:63:8a:52:3d:b7:e6:1e:6e:2b:a2:
0d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:DD:D0:EA:22:C8:71:91:7E:D0:7A:15:28:08:C5:7E:B2:D7:3E:0B
X509v3 Authority Key Identifier:
keyid:FE:2A:F3:0D:7A:E2:BD:C1:60:E6:1B:77:F0:B6:52:2E:9B:26:8C:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9147DD1/0ADE96D8D06311EA897C0513C4F9AE02/_irzDXrivcFg5ht38LZSLpsmjLk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_irzDXrivcFg5ht38LZSLpsmjLk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147DD1/0ADE96D8D06311EA897C0513C4F9AE02/D550BAF88FD411ED8AB0B97AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
120.29.240.0/21
IPv6:
2407:1e00::/32
Signature Algorithm: sha256WithRSAEncryption
73:8b:0b:f9:63:a4:7f:6f:d0:84:48:3e:d6:ae:6d:08:d1:bc:
33:bc:a7:c3:d0:3e:de:81:9f:c7:0e:8e:ea:87:46:96:1f:ca:
91:58:e9:04:b4:40:8d:38:64:da:ad:b6:99:b1:6b:2b:55:ce:
0b:e2:d5:48:05:0a:a6:5f:ed:57:56:81:a1:77:6b:85:53:12:
c7:fa:c1:23:be:19:58:3e:0f:95:c9:ca:e9:e2:63:ce:8c:03:
ea:f6:e5:1e:5a:d7:56:61:87:7c:de:54:e2:be:ec:5f:f2:9f:
94:5c:55:ca:f2:43:c9:12:d9:c7:c8:a3:10:dd:40:f5:0d:81:
4a:c1:29:85:1d:3e:49:39:6d:8c:8e:5d:26:c5:3c:42:69:62:
33:fa:d7:ff:f0:bd:52:95:b9:a4:84:0b:63:a3:61:71:86:6f:
f3:47:1a:a7:67:a0:21:96:fa:69:16:f1:22:54:d5:85:b0:63:
17:d4:9a:ee:06:25:6e:da:52:33:15:a6:08:67:b2:af:fd:1e:
95:49:91:44:d8:00:bd:ac:f7:7a:e7:f1:e8:1c:56:b1:d4:f0:
78:44:1e:d6:d8:ef:c0:99:6d:52:65:87:0e:bc:20:fe:ac:30:
e4:66:62:86:65:f6:11:6d:ce:ae:d2:0c:93:e3:f2:00:27:09:
8d:c6:c9:82
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBrwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDdERDExMTAvBgNVBAUTKEZFMkFGMzBEN0FFMkJEQzE2MEU2MUI3N0YwQjY1MjJF
OUIyNjhDQjkwHhcNMjMwNTA0MjM0MDE1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDU0NDI1Zi0xMGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwAwZKRjui+Fccy17LtmYSITgoMSkU8URJr31/uoNxWFwYSwRftscqgVvGRh+
1z+LzVKZ8qJ20YxsV7VnDvuc0nygMOOWU7/TLUMwqRLJBRrrPfyZx86P1s/qiL0z
d8bcMrcRFyvazhC1pM8+BDoR7QLbi/qTe11BAAbFwgWG2MT2KsI0UQu29B20HOTx
aVubkDfmngn6iYMmDU7EHE3tMZmbzqHXNjGN5yUwWTBevEeuv6eRhFH04IckIJMD
wk+QjK2EmuyQtW8oIgSo+uW3i0ZylLTYcXxP59VO+p0cSWLeEd6ie9OAH2WentZp
TfPF21pm/mOKUj235h5uK6INKwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFHd0Ooi
yHGRftB6FSgIxX6y1z4LMB8GA1UdIwQYMBaAFP4q8w164r3BYOYbd/C2Ui6bJoy5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0REMS8wQURFOTZEOEQw
NjMxMUVBODk3QzA1MTNDNEY5QUUwMi9faXJ6RFhyaXZjRmc1aHQzOExaU0xwc21q
TGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19pcnpEWHJpdmNGZzVodDM4TFpTTHBzbWpMay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDdERDEvMEFERTk2RDhEMDYzMTFFQTg5N0MwNTEzQzRGOUFFMDIvRDU1MEJBRjg4
RkQ0MTFFRDhBQjBCOTdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAN4HfAwDQQCAAIwBwMFACQHHgAwDQYJKoZIhvcNAQELBQAD
ggEBAHOLC/ljpH9v0IRIPtaubQjRvDO8p8PQPt6Bn8cOjuqHRpYfypFY6QS0QI04
ZNqttpmxaytVzgvi1UgFCqZf7VdWgaF3a4VTEsf6wSO+GVg+D5XJyuniY86MA+r2
5R5a11Zhh3zeVOK+7F/yn5RcVcryQ8kS2cfIoxDdQPUNgUrBKYUdPkk5bYyOXSbF
PEJpYjP61//wvVKVuaSEC2OjYXGGb/NHGqdnoCGW+mkW8SJU1YWwYxfUmu4GJW7a
UjMVpghnsq/9HpVJkUTYAL2s93rn8egcVrHU8HhEHtbY78CZbVJlhw68IP6sMORm
YoZl9hFtzq7SDJPj8gAnCY3GyYI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org