Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/A94C046C6BAD11EDAD6BE535C4F9AE02.roa
File: A94C046C6BAD11EDAD6BE535C4F9AE02.roa (raw, json)
Hash identifier: VKIWjTSmFp0TxmGoEo9Z7fqduB3BCxp3eweOepqIRWI=
Subject key identifier: 3C:E2:69:DF:AB:7D:39:B8:7D:36:52:84:BA:20:4A:BF:9C:8E:07:66
Certificate issuer: /CN=A9155A58/serialNumber=A7FFEA18E09A39A0AA6F375A0A83B5708EC22D8A
Certificate serial: 06E2
Authority key identifier: A7:FF:EA:18:E0:9A:39:A0:AA:6F:37:5A:0A:83:B5:70:8E:C2:2D:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p__qGOCaOaCqbzdaCoO1cI7CLYo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/A94C046C6BAD11EDAD6BE535C4F9AE02.roa
Signing time: Thu 24 Nov 2022 04:08:33 +0000
ROA not before: Thu 24 Nov 2022 04:08:33 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 38195
IP address blocks: 103.237.16.0/22 maxlen: 22
163.53.144.0/22 maxlen: 24
220.233.4.0/22 maxlen: 24
220.233.8.0/22 maxlen: 24
220.233.36.0/22 maxlen: 24
220.233.44.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1762 (0x6e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155A58/serialNumber=A7FFEA18E09A39A0AA6F375A0A83B5708EC22D8A
Validity
Not Before: Nov 24 04:08:33 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=637eee41-8acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:72:16:e8:5f:13:8e:fb:20:ed:c0:ee:8b:47:
80:d0:6b:3b:19:3b:bd:8f:3c:62:e0:81:bd:f4:59:
2f:e9:bb:9f:a6:67:ba:b1:7b:6f:99:5a:14:fe:c6:
d8:05:8c:c4:39:76:12:7d:87:39:2a:4b:25:4d:49:
d6:09:4c:63:4b:6a:06:ab:1e:06:e6:a7:18:3d:32:
c4:c4:cf:01:36:be:da:4f:ed:60:8e:4d:dc:4a:92:
08:2b:88:2e:f0:89:57:60:d5:48:f5:d2:7b:6d:24:
53:78:57:24:75:b0:28:08:7c:ca:4e:75:e8:9e:51:
f1:b4:b4:ea:0e:d5:da:a9:5f:44:d0:e6:58:66:0f:
4e:2d:64:bb:6b:e2:c1:6e:17:cb:f1:4c:80:90:29:
81:b4:7e:c4:ed:ac:a0:b5:fa:29:5e:32:be:ce:0a:
29:14:9e:96:03:32:5c:78:a6:92:70:ca:ce:0c:a2:
16:2a:5f:59:0b:fd:0c:5f:85:f6:7b:ec:b4:12:e5:
ad:da:f2:af:e2:d1:eb:f8:b5:e2:c2:35:d2:03:20:
9b:0d:9d:db:9b:7a:fe:71:39:6a:61:a7:ad:ac:ce:
b4:cc:27:89:ac:b4:f2:21:8b:af:8c:dd:20:4b:84:
88:85:76:36:58:2b:b6:34:7c:f5:fd:0a:3d:ee:fd:
ac:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E2:69:DF:AB:7D:39:B8:7D:36:52:84:BA:20:4A:BF:9C:8E:07:66
X509v3 Authority Key Identifier:
keyid:A7:FF:EA:18:E0:9A:39:A0:AA:6F:37:5A:0A:83:B5:70:8E:C2:2D:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/p__qGOCaOaCqbzdaCoO1cI7CLYo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p__qGOCaOaCqbzdaCoO1cI7CLYo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/A94C046C6BAD11EDAD6BE535C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.237.16.0/22
163.53.144.0/22
220.233.4.0-220.233.11.255
220.233.36.0/22
220.233.44.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:3c:0a:02:fc:c2:5f:f8:14:51:ba:ce:c7:5b:4e:d9:e0:b9:
e0:24:9b:02:ac:42:cc:fa:5d:39:51:e4:53:d3:a4:07:7e:e7:
05:16:32:b0:25:20:f2:10:6e:7b:77:8c:b4:e0:86:22:34:28:
d2:b4:fe:9a:45:4d:01:5f:f1:4f:89:f2:4a:23:2e:79:be:ea:
6f:ac:ea:56:36:b3:ff:5a:df:11:f9:c7:07:47:f5:3d:4a:d2:
cf:5b:06:3a:eb:f5:4c:af:d0:75:c1:23:6c:72:b2:81:71:c2:
62:23:f7:c4:98:98:61:5e:c1:08:0d:50:87:f9:4f:ba:c2:46:
30:6d:a4:11:97:3e:a2:4e:22:45:1e:ed:35:00:f1:29:12:c1:
d0:2b:99:51:99:08:bc:49:fe:ed:99:99:26:5a:78:43:27:b4:
74:2a:61:6b:ea:70:06:f5:a8:06:a7:22:54:74:71:2d:74:47:
1d:bd:55:c0:ab:e6:8d:73:05:96:dd:ce:7f:be:17:77:22:bd:
3a:29:14:02:f8:f7:29:bc:f8:72:74:ee:65:60:95:80:2d:3d:
e4:32:29:1e:e6:da:3f:fb:d2:e3:19:c6:4e:e0:df:a2:fc:03:
eb:6e:18:61:a7:8c:48:31:22:8e:b5:de:d2:67:7d:16:ab:7e:
77:b9:41:8e
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICBuIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTVBNTgxMTAvBgNVBAUTKEE3RkZFQTE4RTA5QTM5QTBBQTZGMzc1QTBBODNCNTcw
OEVDMjJEOEEwHhcNMjIxMTI0MDQwODMzWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzdlZWU0MS04YWNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo3IW6F8Tjvsg7cDui0eA0Gs7GTu9jzxi4IG99Fkv6bufpme6sXtvmVoU/sbY
BYzEOXYSfYc5KkslTUnWCUxjS2oGqx4G5qcYPTLExM8BNr7aT+1gjk3cSpIIK4gu
8IlXYNVI9dJ7bSRTeFckdbAoCHzKTnXonlHxtLTqDtXaqV9E0OZYZg9OLWS7a+LB
bhfL8UyAkCmBtH7E7aygtfopXjK+zgopFJ6WAzJceKaScMrODKIWKl9ZC/0MX4X2
e+y0EuWt2vKv4tHr+LXiwjXSAyCbDZ3bm3r+cTlqYaetrM60zCeJrLTyIYuvjN0g
S4SIhXY2WCu2NHz1/Qo97v2sjQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFDziad+r
fTm4fTZShLogSr+cjgdmMB8GA1UdIwQYMBaAFKf/6hjgmjmgqm83WgqDtXCOwi2K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NUE1OC82M0ZFMzNFQUJC
MkQxMUVBODJGODQ2NjlDNEY5QUUwMi9wX19xR09DYU9hQ3FiemRhQ29PMWNJN0NM
WW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BfX3FHT0NhT2FDcWJ6ZGFDb08xY0k3Q0xZby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTVBNTgvNjNGRTMzRUFCQjJEMTFFQTgyRjg0NjY5QzRGOUFFMDIvQTk0QzA0NkM2
QkFEMTFFREFENkJFNTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBAJn7RADBAKjNZAwDAMEAtzpBAMEAtzpCAMEAtzpJAMEAtzp
LDANBgkqhkiG9w0BAQsFAAOCAQEADjwKAvzCX/gUUbrOx1tO2eC54CSbAqxCzPpd
OVHkU9OkB37nBRYysCUg8hBue3eMtOCGIjQo0rT+mkVNAV/xT4nySiMueb7qb6zq
Vjaz/1rfEfnHB0f1PUrSz1sGOuv1TK/QdcEjbHKygXHCYiP3xJiYYV7BCA1Qh/lP
usJGMG2kEZc+ok4iRR7tNQDxKRLB0CuZUZkIvEn+7ZmZJlp4Qye0dCpha+pwBvWo
BqciVHRxLXRHHb1VwKvmjXMFlt3Of74XdyK9OikUAvj3Kbz4cnTuZWCVgC095DIp
HubaP/vS4xnGTuDfovwD624YYaeMSDEijrXe0md9Fqt+d7lBjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org