Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147DD1/0ADE96D8D06311EA897C0513C4F9AE02/FD22596CD12A11EA856D7949C4F9AE02.roa
File: FD22596CD12A11EA856D7949C4F9AE02.roa (raw, json)
Hash identifier: sfk1K5LOjjcZuZRarZWUizCB0oyyHUvzzDFyiI87Kgk=
Subject key identifier: CD:5F:35:B4:1F:70:E4:CA:87:D2:DC:90:53:8D:1B:38:BB:EC:6C:4B
Certificate issuer: /CN=A9147DD1/serialNumber=FE2AF30D7AE2BDC160E61B77F0B6522E9B268CB9
Certificate serial: 023C
Authority key identifier: FE:2A:F3:0D:7A:E2:BD:C1:60:E6:1B:77:F0:B6:52:2E:9B:26:8C:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_irzDXrivcFg5ht38LZSLpsmjLk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9147DD1/0ADE96D8D06311EA897C0513C4F9AE02/FD22596CD12A11EA856D7949C4F9AE02.roa
Signing time: Tue 04 May 2021 11:26:31 +0000
ROA not before: Tue 04 May 2021 11:26:31 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 45158
IP address blocks: 120.29.240.0/21 maxlen: 24
2407:1e00::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 572 (0x23c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9147DD1/serialNumber=FE2AF30D7AE2BDC160E61B77F0B6522E9B268CB9
Validity
Not Before: May 4 11:26:31 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=60912f67-9300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d7:2c:27:e4:04:4c:b9:16:d8:7a:29:27:52:
d4:d2:34:63:08:e3:e5:46:bd:54:0a:69:84:b0:10:
e8:86:94:a2:69:6c:8e:2e:09:8b:d1:26:b9:60:cb:
e0:0a:af:09:68:25:db:3c:25:bc:f7:b4:69:6f:bf:
f8:ba:ea:6d:05:ff:7b:9f:d5:7c:51:84:67:e4:18:
bc:b2:3c:8b:e1:fb:5b:c9:c9:d8:ee:1d:67:07:8c:
62:4c:e3:99:4a:06:e2:1c:46:fe:fa:0f:df:68:59:
0e:96:4c:52:9e:82:2f:43:a8:66:b7:61:f8:b1:a4:
19:d5:35:ed:30:ff:f0:3b:98:8c:ce:3f:1b:f5:1f:
60:39:59:b4:98:27:8a:47:de:d9:78:ac:ab:a3:be:
e5:8b:0b:83:7d:d9:5d:3e:bd:31:80:89:06:f3:aa:
c5:66:ce:2f:1f:64:1c:02:d9:2f:1a:1a:74:fd:70:
65:b2:a5:bc:23:68:7d:5a:65:9d:76:58:f9:f3:9a:
5a:61:95:62:2b:7f:01:aa:97:b9:ca:5a:9e:25:8a:
7b:c1:87:9b:97:95:ba:59:5c:ea:e3:a1:d9:80:c6:
3c:96:7d:03:71:b3:00:92:70:27:19:db:38:84:82:
45:41:5a:ed:87:32:44:16:65:ac:d6:07:7f:5f:89:
2c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:5F:35:B4:1F:70:E4:CA:87:D2:DC:90:53:8D:1B:38:BB:EC:6C:4B
X509v3 Authority Key Identifier:
keyid:FE:2A:F3:0D:7A:E2:BD:C1:60:E6:1B:77:F0:B6:52:2E:9B:26:8C:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9147DD1/0ADE96D8D06311EA897C0513C4F9AE02/_irzDXrivcFg5ht38LZSLpsmjLk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_irzDXrivcFg5ht38LZSLpsmjLk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147DD1/0ADE96D8D06311EA897C0513C4F9AE02/FD22596CD12A11EA856D7949C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
120.29.240.0/21
IPv6:
2407:1e00::/32
Signature Algorithm: sha256WithRSAEncryption
07:89:20:af:41:0b:5d:2f:c6:0d:ba:c7:ca:34:83:02:5d:2f:
22:d4:48:4a:83:db:ff:f7:31:9a:02:41:0d:17:cc:c1:fa:f9:
13:37:da:ca:77:ab:e9:31:06:3c:73:85:87:c0:fe:d8:c2:9f:
32:1e:03:69:a1:83:98:53:a3:79:94:a5:8e:aa:f9:8b:25:0b:
6e:6c:15:54:e9:fa:9e:5a:0f:82:e2:23:62:32:a2:9c:32:cb:
f9:0b:cd:1b:25:13:af:e6:45:3f:23:e3:29:33:ab:3a:79:ea:
f9:2a:17:d4:05:4a:7b:2c:cc:60:b3:5b:11:c4:dc:3e:6b:4f:
4b:73:90:c2:ff:8e:0c:c7:35:f5:e6:fb:fd:7e:20:44:34:fb:
9e:ec:22:bc:82:e9:83:ca:34:cd:81:00:ab:67:19:2d:3f:c3:
17:7c:a4:3a:2b:bb:4d:bb:eb:90:06:81:34:bf:22:63:40:15:
1b:34:10:6b:be:de:3a:05:bc:0b:57:6b:6e:58:b5:96:16:c9:
8b:de:ee:5f:89:ff:f7:f1:4a:57:41:65:84:2e:3f:35:2d:77:
c6:d7:4b:f4:b6:f8:c0:6f:db:61:56:2a:b4:88:e1:dc:58:71:
15:05:d8:f1:c5:c6:d0:28:0f:78:2c:8d:ef:e2:88:a4:75:d5:
3d:a1:9d:a6
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAjwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDdERDExMTAvBgNVBAUTKEZFMkFGMzBEN0FFMkJEQzE2MEU2MUI3N0YwQjY1MjJF
OUIyNjhDQjkwHhcNMjEwNTA0MTEyNjMxWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MDkxMmY2Ny05MzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsdcsJ+QETLkW2HopJ1LU0jRjCOPlRr1UCmmEsBDohpSiaWyOLgmL0Sa5YMvg
Cq8JaCXbPCW897Rpb7/4uuptBf97n9V8UYRn5Bi8sjyL4ftbycnY7h1nB4xiTOOZ
SgbiHEb++g/faFkOlkxSnoIvQ6hmt2H4saQZ1TXtMP/wO5iMzj8b9R9gOVm0mCeK
R97ZeKyro77liwuDfdldPr0xgIkG86rFZs4vH2QcAtkvGhp0/XBlsqW8I2h9WmWd
dlj585paYZViK38Bqpe5ylqeJYp7wYebl5W6WVzq46HZgMY8ln0DcbMAknAnGds4
hIJFQVrthzJEFmWs1gd/X4ks4QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFM1fNbQf
cOTKh9LckFONGzi77GxLMB8GA1UdIwQYMBaAFP4q8w164r3BYOYbd/C2Ui6bJoy5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0REMS8wQURFOTZEOEQw
NjMxMUVBODk3QzA1MTNDNEY5QUUwMi9faXJ6RFhyaXZjRmc1aHQzOExaU0xwc21q
TGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19pcnpEWHJpdmNGZzVodDM4TFpTTHBzbWpMay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDdERDEvMEFERTk2RDhEMDYzMTFFQTg5N0MwNTEzQzRGOUFFMDIvRkQyMjU5NkNE
MTJBMTFFQTg1NkQ3OTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAN4HfAwDQQCAAIwBwMFACQHHgAwDQYJKoZIhvcNAQELBQAD
ggEBAAeJIK9BC10vxg26x8o0gwJdLyLUSEqD2//3MZoCQQ0XzMH6+RM32sp3q+kx
BjxzhYfA/tjCnzIeA2mhg5hTo3mUpY6q+YslC25sFVTp+p5aD4LiI2Iyopwyy/kL
zRslE6/mRT8j4ykzqzp56vkqF9QFSnsszGCzWxHE3D5rT0tzkML/jgzHNfXm+/1+
IEQ0+57sIryC6YPKNM2BAKtnGS0/wxd8pDoru02765AGgTS/ImNAFRs0EGu+3joF
vAtXa25YtZYWyYve7l+J//fxSldBZYQuPzUtd8bXS/S2+MBv22FWKrSI4dxYcRUF
2PHFxtAoD3gsje/iiKR11T2hnaY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org