Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/D8FD10F2CD2311EDB1EC9D0AC4F9AE02.roa
File: D8FD10F2CD2311EDB1EC9D0AC4F9AE02.roa (raw, json)
Hash identifier: +08BxscFNlIG6f0DaM4GC0FAFcYtec0UndJMZaa9qIM=
Subject key identifier: CD:BE:C6:76:C4:9B:A1:BD:43:45:90:F2:A3:8E:77:3B:01:FC:CE:90
Certificate issuer: /CN=A9155A58/serialNumber=A7FFEA18E09A39A0AA6F375A0A83B5708EC22D8A
Certificate serial: 072C
Authority key identifier: A7:FF:EA:18:E0:9A:39:A0:AA:6F:37:5A:0A:83:B5:70:8E:C2:2D:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p__qGOCaOaCqbzdaCoO1cI7CLYo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/D8FD10F2CD2311EDB1EC9D0AC4F9AE02.roa
Signing time: Tue 28 Mar 2023 04:48:57 +0000
ROA not before: Tue 28 Mar 2023 04:48:57 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 10143
IP address blocks: 58.96.0.0/17 maxlen: 24
115.70.0.0/16 maxlen: 24
220.233.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1836 (0x72c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155A58/serialNumber=A7FFEA18E09A39A0AA6F375A0A83B5708EC22D8A
Validity
Not Before: Mar 28 04:48:57 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=642271b8-9de1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:08:b1:9a:a6:ae:3c:d7:52:2d:ca:56:c8:e6:
d7:bc:f1:2d:9c:3a:49:8e:8e:7f:91:85:3a:5a:e2:
43:ce:72:91:98:05:80:f5:62:61:cb:a4:b2:53:d1:
1c:d5:96:6c:bf:5a:7c:fb:35:a2:3a:bb:34:1b:ad:
ef:d5:98:6c:14:c6:82:5d:c1:d0:9e:18:4b:1a:c8:
44:e7:bb:f3:52:08:20:1e:d5:35:b6:09:ee:a7:49:
9a:fd:21:f7:a3:c5:b4:bf:82:7c:3a:f8:1a:0d:0b:
ed:61:73:4f:64:23:04:c4:ec:c3:2e:5c:4e:92:46:
d9:b2:67:e3:ae:bc:ac:31:06:e4:c0:f2:34:ad:d1:
45:2f:1c:98:55:65:bd:ef:a2:c7:bb:95:76:d6:f6:
cf:16:bf:8f:d8:c3:8d:2d:37:64:9c:0e:f6:7b:0b:
22:e2:13:50:4f:65:cb:cb:be:08:ca:1a:c4:1e:94:
c0:1b:49:cb:a9:05:41:27:22:ea:55:ef:0c:ac:43:
16:a4:06:bf:9d:58:da:fb:75:d2:e3:d9:c4:9b:06:
c1:08:28:68:99:4c:36:28:e7:72:9a:64:79:ed:fe:
46:58:c0:8a:87:e6:06:94:52:dd:0c:bb:14:06:08:
61:73:03:aa:53:e3:4c:d1:67:aa:5b:3c:b9:69:b2:
27:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:BE:C6:76:C4:9B:A1:BD:43:45:90:F2:A3:8E:77:3B:01:FC:CE:90
X509v3 Authority Key Identifier:
keyid:A7:FF:EA:18:E0:9A:39:A0:AA:6F:37:5A:0A:83:B5:70:8E:C2:2D:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/p__qGOCaOaCqbzdaCoO1cI7CLYo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p__qGOCaOaCqbzdaCoO1cI7CLYo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155A58/63FE33EABB2D11EA82F84669C4F9AE02/D8FD10F2CD2311EDB1EC9D0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.96.0.0/17
115.70.0.0/16
220.233.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:ea:70:9b:ca:80:16:6a:76:bf:d0:25:b4:53:95:18:98:d4:
42:25:8a:32:92:b9:d0:04:6a:ea:7f:cf:29:57:77:65:f5:24:
50:b5:73:a4:a3:f5:97:5b:8d:05:ad:b7:86:11:31:cb:e8:59:
28:7f:6e:43:07:43:02:2f:b1:70:be:dc:14:3a:a6:84:5e:eb:
dc:4e:82:57:15:e2:43:fd:5b:58:fa:72:64:e5:09:51:27:f5:
92:79:7b:1f:40:2a:a6:9a:63:3e:6f:3d:5d:07:2f:04:f4:56:
e1:86:1f:bb:a7:cd:81:46:88:cf:b8:74:3c:de:bc:d2:85:10:
61:19:d2:a6:63:ec:6c:4b:92:19:25:fa:32:48:f2:0a:2f:33:
78:6c:be:0a:6d:26:0a:f8:fd:19:86:0a:49:af:5b:7e:38:f0:
45:e1:5f:d7:7d:e9:f4:b0:4b:41:8a:ee:c0:9d:13:8e:eb:58:
3c:30:bb:fe:6e:c5:51:d8:4d:07:3a:2e:54:ab:da:52:03:65:
f9:de:f2:37:51:20:5f:3b:a3:5c:39:15:c4:4f:c1:6c:34:17:
7c:54:d0:24:00:9c:86:f3:1d:3b:30:ae:b7:42:43:fc:74:b7:
9f:ff:27:37:0d:63:ff:c3:a1:69:ef:2b:4e:68:9e:22:cf:a5:
46:dc:23:09
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgICBywwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTVBNTgxMTAvBgNVBAUTKEE3RkZFQTE4RTA5QTM5QTBBQTZGMzc1QTBBODNCNTcw
OEVDMjJEOEEwHhcNMjMwMzI4MDQ0ODU3WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDIyNzFiOC05ZGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyAixmqauPNdSLcpWyObXvPEtnDpJjo5/kYU6WuJDznKRmAWA9WJhy6SyU9Ec
1ZZsv1p8+zWiOrs0G63v1ZhsFMaCXcHQnhhLGshE57vzUgggHtU1tgnup0ma/SH3
o8W0v4J8OvgaDQvtYXNPZCMExOzDLlxOkkbZsmfjrrysMQbkwPI0rdFFLxyYVWW9
76LHu5V21vbPFr+P2MONLTdknA72ewsi4hNQT2XLy74IyhrEHpTAG0nLqQVBJyLq
Ve8MrEMWpAa/nVja+3XS49nEmwbBCChomUw2KOdymmR57f5GWMCKh+YGlFLdDLsU
BghhcwOqU+NM0WeqWzy5abInnQIDAQABo4ICnzCCApswHQYDVR0OBBYEFM2+xnbE
m6G9Q0WQ8qOOdzsB/M6QMB8GA1UdIwQYMBaAFKf/6hjgmjmgqm83WgqDtXCOwi2K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NUE1OC82M0ZFMzNFQUJC
MkQxMUVBODJGODQ2NjlDNEY5QUUwMi9wX19xR09DYU9hQ3FiemRhQ29PMWNJN0NM
WW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BfX3FHT0NhT2FDcWJ6ZGFDb08xY0k3Q0xZby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTVBNTgvNjNGRTMzRUFCQjJEMTFFQTgyRjg0NjY5QzRGOUFFMDIvRDhGRDEwRjJD
RDIzMTFFREIxRUM5RDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKQYIKwYBBQUHAQcBAf8E
GjAYMBYEAgABMBADBAc6YAADAwBzRgMDANzpMA0GCSqGSIb3DQEBCwUAA4IBAQCI
6nCbyoAWana/0CW0U5UYmNRCJYoykrnQBGrqf88pV3dl9SRQtXOko/WXW40FrbeG
ETHL6Fkof25DB0MCL7FwvtwUOqaEXuvcToJXFeJD/VtY+nJk5QlRJ/WSeXsfQCqm
mmM+bz1dBy8E9Fbhhh+7p82BRojPuHQ83rzShRBhGdKmY+xsS5IZJfoySPIKLzN4
bL4KbSYK+P0ZhgpJr1t+OPBF4V/Xfen0sEtBiu7AnROO61g8MLv+bsVR2E0HOi5U
q9pSA2X53vI3USBfO6NcORXET8FsNBd8VNAkAJyG8x07MK63QkP8dLef/yc3DWP/
w6Fp7ytOaJ4iz6VG3CMJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org