Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/75E131E8BB3C11EAB197491AC4F9AE02.roa
File: 75E131E8BB3C11EAB197491AC4F9AE02.roa (raw, json)
Hash identifier: tL34RUDL4k6bIwYN7k1pVQqbeNfQFJZ+9226n6m7Bdo=
Subject key identifier: 8E:ED:E3:F3:A3:68:10:DC:6C:EA:43:5A:1C:D3:89:21:89:43:D2:36
Certificate issuer: /CN=A9155A58/serialNumber=A7FFEA18E09A39A0AA6F375A0A83B5708EC22D8A
Certificate serial: 023B
Authority key identifier: A7:FF:EA:18:E0:9A:39:A0:AA:6F:37:5A:0A:83:B5:70:8E:C2:2D:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p__qGOCaOaCqbzdaCoO1cI7CLYo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/75E131E8BB3C11EAB197491AC4F9AE02.roa
Signing time: Fri 05 Mar 2021 10:56:41 +0000
ROA not before: Fri 05 Mar 2021 10:56:41 +0000
ROA not after: Sun 01 May 2022 00:00:00 +0000
asID: 10143
IP address blocks: 58.96.0.0/17 maxlen: 24
103.237.16.0/22 maxlen: 24
115.70.0.0/16 maxlen: 24
163.53.144.0/22 maxlen: 24
220.233.0.0/16 maxlen: 24
2406:3400::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 571 (0x23b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155A58/serialNumber=A7FFEA18E09A39A0AA6F375A0A83B5708EC22D8A
Validity
Not Before: Mar 5 10:56:41 2021 GMT
Not After : May 1 00:00:00 2022 GMT
Subject: CN=60420e68-49db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9b:a7:ae:20:6c:68:28:7d:01:10:40:da:90:
56:1c:6e:6f:e6:1b:3e:59:99:26:36:bd:a5:49:aa:
38:31:c0:7f:cb:d4:dc:2c:d6:ba:1f:b1:e3:ab:b2:
25:02:89:57:41:a4:03:7b:b0:7d:f6:94:da:93:26:
29:a0:88:ca:00:9f:62:ae:bc:9a:51:34:5b:a0:9f:
e1:2e:a7:eb:a3:3c:7d:db:15:cc:d4:8c:f7:4c:b9:
44:4a:8f:c2:fa:50:13:4d:6f:ca:ee:17:b7:91:97:
af:4d:5c:fa:00:32:5c:99:4d:08:4a:dd:7c:7c:fb:
a2:92:55:0a:90:04:1c:3b:69:c0:f5:9f:9d:e3:ce:
1c:44:84:7e:53:73:bc:6f:bc:ff:4d:ab:38:45:e3:
3e:8a:9e:05:f0:5e:d9:47:d5:53:18:43:90:5a:7a:
4d:b8:d6:1b:ad:e4:b5:a5:2f:57:dd:a9:65:67:fb:
74:56:bf:f6:f2:7c:b4:89:90:ce:d6:74:6b:e9:0b:
32:41:f8:40:b2:7d:48:ae:a3:07:51:0d:df:94:7d:
e0:9f:75:f7:dc:46:d8:72:93:59:d2:fa:bb:94:a8:
98:78:6f:72:7c:a2:cd:b8:f1:70:81:25:b5:1f:fa:
72:3b:97:43:1f:d1:80:16:29:7e:94:d9:4a:7f:17:
a8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:ED:E3:F3:A3:68:10:DC:6C:EA:43:5A:1C:D3:89:21:89:43:D2:36
X509v3 Authority Key Identifier:
keyid:A7:FF:EA:18:E0:9A:39:A0:AA:6F:37:5A:0A:83:B5:70:8E:C2:2D:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/p__qGOCaOaCqbzdaCoO1cI7CLYo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p__qGOCaOaCqbzdaCoO1cI7CLYo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/75E131E8BB3C11EAB197491AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.96.0.0/17
103.237.16.0/22
115.70.0.0/16
163.53.144.0/22
220.233.0.0/16
IPv6:
2406:3400::/32
Signature Algorithm: sha256WithRSAEncryption
2e:6c:64:66:04:2a:42:a2:7e:38:58:92:eb:f0:43:37:f7:1a:
7c:d3:65:60:ef:81:72:6b:29:88:55:24:b4:fa:e0:0f:1e:6a:
8e:47:c0:ee:08:0b:6b:da:8b:0f:c2:22:75:15:85:53:9a:4b:
31:4e:ac:af:82:ba:e5:12:00:ea:f7:dc:b5:98:68:50:4f:f1:
9f:59:38:a8:d6:58:37:58:a3:1d:5d:49:93:3c:2c:80:d9:cd:
01:73:28:87:8a:b1:f9:6f:08:bc:fe:3b:c4:ae:34:7e:6c:60:
a9:1d:7b:41:e0:4d:7d:6e:b0:e1:ed:90:b1:0b:58:1e:16:6e:
97:30:be:41:4b:37:8b:f1:64:35:1b:5e:f6:7d:b4:b7:f7:33:
b5:7e:4e:6d:d2:e3:46:79:a8:d3:d3:4e:e1:9b:a8:e1:60:48:
77:85:83:76:41:3d:b2:32:4c:b8:80:d1:be:bf:ee:8c:f8:57:
cf:80:ea:61:cd:ba:8f:d4:32:15:a5:b2:98:5b:fb:87:08:48:
10:a4:14:5e:5f:28:71:8d:8d:59:41:32:e6:fb:be:6b:d9:84:
72:fb:1f:05:85:a6:64:bd:54:b4:7e:f5:9d:b0:1c:27:4b:6a:
38:8c:b3:38:39:9d:48:dd:1c:b1:df:98:d3:e4:84:55:5c:64:
9d:ef:f5:1f
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICAjswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTVBNTgxMTAvBgNVBAUTKEE3RkZFQTE4RTA5QTM5QTBBQTZGMzc1QTBBODNCNTcw
OEVDMjJEOEEwHhcNMjEwMzA1MTA1NjQxWhcNMjIwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MDQyMGU2OC00OWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzZunriBsaCh9ARBA2pBWHG5v5hs+WZkmNr2lSao4McB/y9TcLNa6H7Hjq7Il
AolXQaQDe7B99pTakyYpoIjKAJ9irryaUTRboJ/hLqfrozx92xXM1Iz3TLlESo/C
+lATTW/K7he3kZevTVz6ADJcmU0ISt18fPuiklUKkAQcO2nA9Z+d484cRIR+U3O8
b7z/Tas4ReM+ip4F8F7ZR9VTGEOQWnpNuNYbreS1pS9X3allZ/t0Vr/28ny0iZDO
1nRr6QsyQfhAsn1IrqMHUQ3flH3gn3X33EbYcpNZ0vq7lKiYeG9yfKLNuPFwgSW1
H/pyO5dDH9GAFil+lNlKfxeoowIDAQABo4ICujCCArYwHQYDVR0OBBYEFI7t4/Oj
aBDcbOpDWhzTiSGJQ9I2MB8GA1UdIwQYMBaAFKf/6hjgmjmgqm83WgqDtXCOwi2K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NUE1OC82M0ZFMzNFQUJC
MkQxMUVBODJGODQ2NjlDNEY5QUUwMi9wX19xR09DYU9hQ3FiemRhQ29PMWNJN0NM
WW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BfX3FHT0NhT2FDcWJ6ZGFDb08xY0k3Q0xZby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTVBNTgvNjNGRTMzRUFCQjJEMTFFQTgyRjg0NjY5QzRGOUFFMDIvNzVFMTMxRThC
QjNDMTFFQUIxOTc0OTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E
NTAzMCIEAgABMBwDBAc6YAADBAJn7RADAwBzRgMEAqM1kAMDANzpMA0EAgACMAcD
BQAkBjQAMA0GCSqGSIb3DQEBCwUAA4IBAQAubGRmBCpCon44WJLr8EM39xp802Vg
74FyaymIVSS0+uAPHmqOR8DuCAtr2osPwiJ1FYVTmksxTqyvgrrlEgDq99y1mGhQ
T/GfWTio1lg3WKMdXUmTPCyA2c0BcyiHirH5bwi8/jvErjR+bGCpHXtB4E19brDh
7ZCxC1geFm6XML5BSzeL8WQ1G172fbS39zO1fk5t0uNGeajT007hm6jhYEh3hYN2
QT2yMky4gNG+v+6M+FfPgOphzbqP1DIVpbKYW/uHCEgQpBReXyhxjY1ZQTLm+75r
2YRy+x8FhaZkvVS0fvWdsBwnS2o4jLM4OZ1I3Ryx35jT5IRVXGSd7/Uf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org