Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/A6B1710ECD6111ED9BB1B571C4F9AE02.roa
File: A6B1710ECD6111ED9BB1B571C4F9AE02.roa (raw, json)
Hash identifier: j6nH+y5MOs5wxPGY3ODiynKnpK9jeH9kgoFkNEePiQQ=
Subject key identifier: 6A:2A:B8:CC:02:A0:CC:9F:E7:F2:8F:26:BA:54:3B:9B:0B:7C:A1:A7
Certificate issuer: /CN=A9155A58/serialNumber=A7FFEA18E09A39A0AA6F375A0A83B5708EC22D8A
Certificate serial: 0732
Authority key identifier: A7:FF:EA:18:E0:9A:39:A0:AA:6F:37:5A:0A:83:B5:70:8E:C2:2D:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p__qGOCaOaCqbzdaCoO1cI7CLYo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/A6B1710ECD6111ED9BB1B571C4F9AE02.roa
Signing time: Tue 28 Mar 2023 12:11:21 +0000
ROA not before: Tue 28 Mar 2023 12:11:21 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 10143
IP address blocks: 220.233.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1842 (0x732)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155A58/serialNumber=A7FFEA18E09A39A0AA6F375A0A83B5708EC22D8A
Validity
Not Before: Mar 28 12:11:21 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=6422d969-23be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cf:62:8a:c2:5d:f4:ec:ce:b1:cd:76:19:97:
5a:b2:11:2d:0f:6e:31:1e:21:8a:77:f5:43:83:8a:
42:e4:40:3d:7e:42:4d:d7:87:75:66:d6:9a:e1:b2:
9a:a9:49:a8:05:8b:98:61:0d:d2:05:32:db:54:a4:
fe:1e:61:df:62:67:f5:e1:d5:8b:ba:08:b9:20:14:
34:9e:1a:c6:38:3f:ee:fa:61:92:10:d8:8d:2b:a6:
f4:f0:2f:0a:6c:9c:42:b3:6c:f9:54:41:26:57:94:
04:51:65:c6:1c:6f:d9:b0:b5:06:85:5f:06:ce:7a:
52:ff:35:8e:d5:2e:dd:90:d7:00:5d:67:c6:b7:a9:
61:fe:8a:15:97:8b:14:44:4b:30:1c:d1:d7:05:4c:
df:e6:57:92:ef:88:c9:9e:2a:f2:71:43:8f:94:28:
ec:cb:f1:8f:35:56:23:de:ae:25:a4:b4:49:55:1f:
4e:80:7f:35:81:73:4d:54:6e:48:7c:46:4b:6e:78:
dd:93:50:e9:ee:dd:e9:53:3e:e0:4c:e7:e5:ac:6e:
e7:e7:3b:df:63:f2:59:2e:21:fa:da:fe:0f:1f:3f:
d8:a3:60:70:e8:5c:94:58:dd:54:89:50:41:12:66:
12:41:f0:09:68:66:f5:1b:3f:e5:bd:56:93:88:f2:
1e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:2A:B8:CC:02:A0:CC:9F:E7:F2:8F:26:BA:54:3B:9B:0B:7C:A1:A7
X509v3 Authority Key Identifier:
keyid:A7:FF:EA:18:E0:9A:39:A0:AA:6F:37:5A:0A:83:B5:70:8E:C2:2D:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/p__qGOCaOaCqbzdaCoO1cI7CLYo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p__qGOCaOaCqbzdaCoO1cI7CLYo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/A6B1710ECD6111ED9BB1B571C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
220.233.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c7:20:2c:1e:d9:0e:33:93:a3:8c:b1:ff:e3:34:3e:02:81:fd:
0a:d6:a5:32:15:4d:17:03:ac:69:29:95:cc:73:a0:e4:2b:f7:
ab:e1:4c:ec:19:2c:4b:7b:fb:03:9d:78:c3:c0:b3:21:f5:f4:
8c:24:72:7b:61:ef:39:54:0d:a6:fa:a1:7a:9c:e0:67:2e:88:
44:cb:f6:79:16:57:5a:00:5c:2f:b2:a9:95:dd:e6:61:d8:a0:
f7:e6:85:22:e1:40:13:88:a5:22:ac:dc:b8:c1:7e:9e:b9:ff:
93:1d:0e:d0:89:d4:d3:72:04:69:7c:77:c6:86:b1:04:c8:ba:
a3:91:c3:02:a8:a5:ec:c5:fb:d4:48:ee:0d:28:3f:e2:ae:ec:
14:0a:11:0c:fa:70:41:48:f1:1a:0c:62:37:45:11:3c:b8:8f:
79:ad:d3:af:b1:7e:d1:dc:2f:09:76:d0:ff:01:84:39:c6:51:
98:9f:9c:2d:0f:81:56:70:bb:0c:68:d5:01:85:97:0b:f8:33:
25:77:c5:6c:25:41:d3:a1:fa:89:f9:67:d1:ed:6d:3a:c6:07:
67:b9:a6:a9:82:1b:0e:aa:79:f3:69:61:2f:ce:56:c0:52:36:
64:43:f7:81:31:d0:43:3c:c1:89:d2:b7:4d:19:79:d1:1c:f8:
13:08:8e:69
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICBzIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTVBNTgxMTAvBgNVBAUTKEE3RkZFQTE4RTA5QTM5QTBBQTZGMzc1QTBBODNCNTcw
OEVDMjJEOEEwHhcNMjMwMzI4MTIxMTIxWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDIyZDk2OS0yM2JlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy89iisJd9OzOsc12GZdashEtD24xHiGKd/VDg4pC5EA9fkJN14d1Ztaa4bKa
qUmoBYuYYQ3SBTLbVKT+HmHfYmf14dWLugi5IBQ0nhrGOD/u+mGSENiNK6b08C8K
bJxCs2z5VEEmV5QEUWXGHG/ZsLUGhV8GznpS/zWO1S7dkNcAXWfGt6lh/ooVl4sU
REswHNHXBUzf5leS74jJnirycUOPlCjsy/GPNVYj3q4lpLRJVR9OgH81gXNNVG5I
fEZLbnjdk1Dp7t3pUz7gTOflrG7n5zvfY/JZLiH62v4PHz/Yo2Bw6FyUWN1UiVBB
EmYSQfAJaGb1Gz/lvVaTiPIeYQIDAQABo4IClDCCApAwHQYDVR0OBBYEFGoquMwC
oMyf5/KPJrpUO5sLfKGnMB8GA1UdIwQYMBaAFKf/6hjgmjmgqm83WgqDtXCOwi2K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NUE1OC82M0ZFMzNFQUJC
MkQxMUVBODJGODQ2NjlDNEY5QUUwMi9wX19xR09DYU9hQ3FiemRhQ29PMWNJN0NM
WW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BfX3FHT0NhT2FDcWJ6ZGFDb08xY0k3Q0xZby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTVBNTgvNjNGRTMzRUFCQjJEMTFFQTgyRjg0NjY5QzRGOUFFMDIvQTZCMTcxMEVD
RDYxMTFFRDlCQjFCNTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwDc6TANBgkqhkiG9w0BAQsFAAOCAQEAxyAsHtkOM5OjjLH/
4zQ+AoH9CtalMhVNFwOsaSmVzHOg5Cv3q+FM7BksS3v7A514w8CzIfX0jCRye2Hv
OVQNpvqhepzgZy6IRMv2eRZXWgBcL7Kpld3mYdig9+aFIuFAE4ilIqzcuMF+nrn/
kx0O0InU03IEaXx3xoaxBMi6o5HDAqil7MX71EjuDSg/4q7sFAoRDPpwQUjxGgxi
N0URPLiPea3Tr7F+0dwvCXbQ/wGEOcZRmJ+cLQ+BVnC7DGjVAYWXC/gzJXfFbCVB
06H6ifln0e1tOsYHZ7mmqYIbDqp582lhL85WwFI2ZEP3gTHQQzzBidK3TRl50Rz4
EwiOaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org