Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BB30/9B5F6EAC04FE11EA8D18C11EC4F9AE02/C7A2B02C050411EA822DB73AC4F9AE02.roa
File: C7A2B02C050411EA822DB73AC4F9AE02.roa (raw, json)
Hash identifier: k8xbt8+IId79XMN+nOzEjclZxdXJoJdE5tHRiA+rYxc=
Subject key identifier: D7:76:2C:65:C1:95:3D:DE:B6:ED:CC:75:8B:1B:95:4A:EC:93:C3:00
Certificate issuer: /CN=A914BB30/serialNumber=A11F8EFAED09613510823F7394DBF4A1BAA69726
Certificate serial: 0AFB
Authority key identifier: A1:1F:8E:FA:ED:09:61:35:10:82:3F:73:94:DB:F4:A1:BA:A6:97:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oR-O-u0JYTUQgj9zlNv0obqmlyY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BB30/9B5F6EAC04FE11EA8D18C11EC4F9AE02/C7A2B02C050411EA822DB73AC4F9AE02.roa
Signing time: Wed 30 Aug 2023 19:26:59 +0000
ROA not before: Wed 30 Aug 2023 19:26:59 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 135495
IP address blocks: 202.50.111.0/24 maxlen: 24
2001:df5:fb00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2811 (0xafb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BB30/serialNumber=A11F8EFAED09613510823F7394DBF4A1BAA69726
Validity
Not Before: Aug 30 19:26:59 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=64ef9803-c551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a8:fc:05:f8:ba:a8:04:93:c8:c4:61:7a:06:
5f:d9:62:6f:4c:ff:06:af:df:ea:8a:cd:a1:5f:c1:
0b:44:b6:70:f8:86:95:95:7c:0f:08:ea:f3:e1:35:
ad:4a:e5:89:3d:01:2f:59:6c:88:4e:4a:e4:8f:e3:
33:75:0f:b4:c9:be:e9:96:a7:9a:45:96:52:c7:14:
de:a7:7f:da:83:5a:45:0f:31:b5:79:7a:92:15:39:
15:36:00:50:a1:b9:71:06:4f:c4:31:8f:63:9a:73:
80:81:ac:90:80:49:84:45:1b:83:4f:50:22:95:ce:
43:d7:4d:15:79:70:15:a2:fc:be:c5:7f:2c:be:d7:
6d:99:5d:09:46:63:d8:b2:cb:3a:65:29:59:49:ee:
d4:5c:2a:1e:08:fb:ba:25:96:cf:21:4c:dc:54:c6:
95:4b:16:2f:38:df:5e:5f:39:4f:8f:3e:47:c0:15:
8a:d0:ae:dc:05:df:86:de:f4:78:cb:1a:8d:f0:84:
0e:a3:65:33:f0:a0:07:56:3b:04:c9:d7:16:31:81:
8b:30:5e:d3:4e:9a:11:cd:1d:9e:fe:85:03:48:0c:
c5:11:83:e7:ff:5c:35:9a:d7:67:a4:9a:a6:1b:ab:
0b:63:de:87:31:37:aa:ef:bb:01:0b:e3:ca:ec:f6:
3b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:76:2C:65:C1:95:3D:DE:B6:ED:CC:75:8B:1B:95:4A:EC:93:C3:00
X509v3 Authority Key Identifier:
keyid:A1:1F:8E:FA:ED:09:61:35:10:82:3F:73:94:DB:F4:A1:BA:A6:97:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BB30/9B5F6EAC04FE11EA8D18C11EC4F9AE02/oR-O-u0JYTUQgj9zlNv0obqmlyY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oR-O-u0JYTUQgj9zlNv0obqmlyY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BB30/9B5F6EAC04FE11EA8D18C11EC4F9AE02/C7A2B02C050411EA822DB73AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.50.111.0/24
IPv6:
2001:df5:fb00::/48
Signature Algorithm: sha256WithRSAEncryption
05:a2:64:b7:79:ab:f9:6c:cb:ff:73:4b:d9:eb:64:bf:7f:4c:
70:95:62:08:e9:e5:e7:ab:d7:85:a3:6e:33:40:73:c0:7e:1c:
ff:3b:5f:92:5a:83:47:53:7d:1f:c0:32:34:c1:06:b1:7c:41:
15:a5:48:22:41:03:0e:8c:7e:87:45:52:a9:84:7f:4d:95:cf:
fa:72:09:66:f1:e6:d3:c4:4d:70:da:1a:86:b4:70:86:30:fe:
22:8e:88:f6:01:b9:e9:99:0d:6c:49:a5:20:f6:93:08:9a:f6:
69:2e:27:b2:94:1e:79:33:91:36:19:fb:e9:75:92:84:49:bc:
a9:4a:d6:6e:76:67:8c:05:84:ab:1c:84:3b:3f:d0:2c:99:ca:
54:68:52:53:44:8f:a1:a9:47:c9:85:de:db:76:33:ab:82:78:
62:a3:f7:5f:7e:ee:ff:ed:07:20:2e:37:8d:9e:79:d0:ea:d7:
05:18:75:f2:f7:07:16:60:cc:3a:d7:d8:3e:81:c7:e5:8b:3c:
e0:2f:ff:0e:3e:be:6e:4b:51:cb:3a:0b:4b:9f:de:7b:44:20:
d0:2b:2b:51:f0:7e:19:e3:c2:74:1a:92:55:55:38:92:4a:1f:
7d:9a:bf:24:f4:19:87:2b:74:7e:3e:33:16:1e:2e:1a:3f:3c:
13:11:bf:40
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICCvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJCMzAxMTAvBgNVBAUTKEExMUY4RUZBRUQwOTYxMzUxMDgyM0Y3Mzk0REJGNEEx
QkFBNjk3MjYwHhcNMjMwODMwMTkyNjU5WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVmOTgwMy1jNTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0qj8Bfi6qASTyMRhegZf2WJvTP8Gr9/qis2hX8ELRLZw+IaVlXwPCOrz4TWt
SuWJPQEvWWyITkrkj+MzdQ+0yb7plqeaRZZSxxTep3/ag1pFDzG1eXqSFTkVNgBQ
oblxBk/EMY9jmnOAgayQgEmERRuDT1Ailc5D100VeXAVovy+xX8svtdtmV0JRmPY
sss6ZSlZSe7UXCoeCPu6JZbPIUzcVMaVSxYvON9eXzlPjz5HwBWK0K7cBd+G3vR4
yxqN8IQOo2Uz8KAHVjsEydcWMYGLMF7TTpoRzR2e/oUDSAzFEYPn/1w1mtdnpJqm
G6sLY96HMTeq77sBC+PK7PY7cwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNd2LGXB
lT3etu3MdYsblUrsk8MAMB8GA1UdIwQYMBaAFKEfjvrtCWE1EII/c5Tb9KG6ppcm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkIzMC85QjVGNkVBQzA0
RkUxMUVBOEQxOEMxMUVDNEY5QUUwMi9vUi1PLXUwSllUVVFnajl6bE52MG9icW1s
eVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29SLU8tdTBKWVRVUWdqOXpsTnYwb2JxbWx5WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJCMzAvOUI1RjZFQUMwNEZFMTFFQThEMThDMTFFQzRGOUFFMDIvQzdBMkIwMkMw
NTA0MTFFQTgyMkRCNzNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBADKMm8wDwQCAAIwCQMHACABDfX7ADANBgkqhkiG9w0BAQsF
AAOCAQEABaJkt3mr+WzL/3NL2etkv39McJViCOnl56vXhaNuM0BzwH4c/ztfklqD
R1N9H8AyNMEGsXxBFaVIIkEDDox+h0VSqYR/TZXP+nIJZvHm08RNcNoahrRwhjD+
Io6I9gG56ZkNbEmlIPaTCJr2aS4nspQeeTORNhn76XWShEm8qUrWbnZnjAWEqxyE
Oz/QLJnKVGhSU0SPoalHyYXe23Yzq4J4YqP3X37u/+0HIC43jZ550OrXBRh18vcH
FmDMOtfYPoHH5Ys84C//Dj6+bktRyzoLS5/ee0Qg0CsrUfB+GePCdBqSVVU4kkof
fZq/JPQZhyt0fj4zFh4uGj88ExG/QA==
-----END CERTIFICATE-----
Generated at Wed Sep 13 14:52:24 2023 by rpki-client on console-fra.rpki-client.org