Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155A78/531EA1301D8411E289BB24DA08B02CD2/3A86FF323BB911EEAB2AE50FC4F9AE02.roa
File: 3A86FF323BB911EEAB2AE50FC4F9AE02.roa (raw, json)
Hash identifier: eoTMCJg82khC1In60GQ8ePZD7RmU6swJLccPSS6O9QA=
Subject key identifier: 83:CB:DE:C5:35:97:14:57:27:DD:E4:60:17:24:7D:73:5F:94:B7:E9
Certificate issuer: /CN=A9155A78/serialNumber=20F036CD57187CA29A6FAA9A6A228E20960FDE4F
Certificate serial: 3347
Authority key identifier: 20:F0:36:CD:57:18:7C:A2:9A:6F:AA:9A:6A:22:8E:20:96:0F:DE:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPA2zVcYfKKab6qaaiKOIJYP3k8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155A78/531EA1301D8411E289BB24DA08B02CD2/3A86FF323BB911EEAB2AE50FC4F9AE02.roa
Signing time: Tue 15 Aug 2023 22:15:23 +0000
ROA not before: Tue 15 Aug 2023 22:15:23 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 18206
IP address blocks: 124.197.224.0/19 maxlen: 24
202.162.0.0/19 maxlen: 24
202.165.0.0/19 maxlen: 24
203.153.80.0/20 maxlen: 24
2404:b8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13127 (0x3347)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155A78/serialNumber=20F036CD57187CA29A6FAA9A6A228E20960FDE4F
Validity
Not Before: Aug 15 22:15:23 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64dbf8fb-5218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7d:1b:9a:be:b1:a0:2f:c2:0b:87:77:97:db:
da:7e:1e:e2:13:eb:c7:58:0b:e6:dc:a6:49:c7:64:
bf:91:fe:f6:ec:3b:d9:d6:56:25:0f:ad:b8:b2:17:
8f:28:ef:9b:31:ac:75:7a:ae:2f:d3:0e:9e:ec:bd:
80:4c:f7:3c:4c:ab:72:5b:7f:59:92:73:df:9c:87:
6f:a4:e6:43:90:e8:71:cc:25:80:69:bf:c6:5d:69:
ed:8f:46:bb:92:dd:27:cc:64:8c:0f:38:7f:f4:c4:
3f:2a:2c:e6:b9:d6:7a:ba:58:57:e2:44:78:9a:91:
e4:20:ed:73:be:19:20:d3:bb:4e:9b:2d:bb:65:2b:
3b:3f:51:9a:0b:66:91:94:6e:aa:3e:85:d3:e0:b5:
dd:aa:74:55:28:d9:6d:64:71:98:dd:00:68:47:6d:
4a:40:5c:4f:01:1a:c3:aa:ac:ed:79:86:1f:f8:57:
13:bb:a5:b5:44:3e:21:01:35:99:9e:40:78:9f:52:
64:c0:3c:ac:20:e5:37:e9:13:74:7e:26:e9:00:05:
cb:56:b9:68:7e:6f:26:ad:8f:bd:7c:13:96:11:e8:
d1:65:90:fa:7d:5b:18:cb:3c:99:3e:e4:83:58:38:
a8:30:81:6c:0d:a7:d0:ff:cc:e8:5a:ce:ef:89:c4:
25:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:CB:DE:C5:35:97:14:57:27:DD:E4:60:17:24:7D:73:5F:94:B7:E9
X509v3 Authority Key Identifier:
keyid:20:F0:36:CD:57:18:7C:A2:9A:6F:AA:9A:6A:22:8E:20:96:0F:DE:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155A78/531EA1301D8411E289BB24DA08B02CD2/IPA2zVcYfKKab6qaaiKOIJYP3k8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPA2zVcYfKKab6qaaiKOIJYP3k8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155A78/531EA1301D8411E289BB24DA08B02CD2/3A86FF323BB911EEAB2AE50FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
124.197.224.0/19
202.162.0.0/19
202.165.0.0/19
203.153.80.0/20
IPv6:
2404:b8::/32
Signature Algorithm: sha256WithRSAEncryption
59:a0:4c:d5:1c:94:f4:08:75:5b:73:c2:80:4f:57:85:2c:7c:
41:75:af:b9:79:a1:64:85:30:34:71:0c:8a:c7:01:7d:47:27:
4d:2b:3d:fc:a9:de:af:68:36:3e:3c:44:16:5c:a9:2e:c7:dc:
8f:32:9f:5c:92:41:88:c4:d4:60:8c:19:88:ac:22:21:f2:33:
9a:36:07:1e:ca:c6:97:4a:36:50:0d:63:ba:35:16:c6:31:65:
97:16:a0:9a:5e:8f:81:79:c2:7c:41:e7:2a:41:63:c6:fa:c6:
af:b3:3b:97:31:84:2a:54:bd:77:75:e8:69:a6:b8:04:d8:e8:
48:ca:55:03:1e:f7:ef:19:e4:92:ac:a2:06:c2:8b:26:b7:b3:
32:45:7d:3d:89:b8:80:9b:9b:ab:86:69:9d:c5:4f:1e:2d:1b:
e1:e3:6f:93:16:68:ea:8d:bb:be:9a:82:7b:57:dd:3e:73:21:
31:1a:6d:80:98:77:76:d5:7c:30:a5:2f:1c:6d:bb:8a:ea:d3:
e6:23:0d:9a:9c:75:99:26:54:48:26:9c:bf:cd:1a:2a:a2:aa:
62:25:61:65:72:0d:76:d4:3d:db:34:a2:48:a3:5c:4d:e9:9e:
5e:69:82:fc:4a:27:92:e8:26:02:39:d7:df:98:b7:ac:46:96:
b1:1e:62:d5
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICM0cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTVBNzgxMTAvBgNVBAUTKDIwRjAzNkNENTcxODdDQTI5QTZGQUE5QTZBMjI4RTIw
OTYwRkRFNEYwHhcNMjMwODE1MjIxNTIzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRiZjhmYi01MjE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsn0bmr6xoC/CC4d3l9vafh7iE+vHWAvm3KZJx2S/kf727DvZ1lYlD624sheP
KO+bMax1eq4v0w6e7L2ATPc8TKtyW39ZknPfnIdvpOZDkOhxzCWAab/GXWntj0a7
kt0nzGSMDzh/9MQ/KizmudZ6ulhX4kR4mpHkIO1zvhkg07tOmy27ZSs7P1GaC2aR
lG6qPoXT4LXdqnRVKNltZHGY3QBoR21KQFxPARrDqqzteYYf+FcTu6W1RD4hATWZ
nkB4n1JkwDysIOU36RN0fibpAAXLVrlofm8mrY+9fBOWEejRZZD6fVsYyzyZPuSD
WDioMIFsDafQ/8zoWs7vicQldwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFIPL3sU1
lxRXJ93kYBckfXNflLfpMB8GA1UdIwQYMBaAFCDwNs1XGHyimm+qmmoijiCWD95P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NUE3OC81MzFFQTEzMDFE
ODQxMUUyODlCQjI0REEwOEIwMkNEMi9JUEEyelZjWWZLS2FiNnFhYWlLT0lKWVAz
azguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lQQTJ6VmNZZktLYWI2cWFhaUtPSUpZUDNrOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTVBNzgvNTMxRUExMzAxRDg0MTFFMjg5QkIyNERBMDhCMDJDRDIvM0E4NkZGMzIz
QkI5MTFFRUFCMkFFNTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAV8xeADBAXKogADBAXKpQADBATLmVAwDQQCAAIwBwMFACQE
ALgwDQYJKoZIhvcNAQELBQADggEBAFmgTNUclPQIdVtzwoBPV4UsfEF1r7l5oWSF
MDRxDIrHAX1HJ00rPfyp3q9oNj48RBZcqS7H3I8yn1ySQYjE1GCMGYisIiHyM5o2
Bx7KxpdKNlANY7o1FsYxZZcWoJpej4F5wnxB5ypBY8b6xq+zO5cxhCpUvXd16Gmm
uATY6EjKVQMe9+8Z5JKsogbCiya3szJFfT2JuICbm6uGaZ3FTx4tG+Hjb5MWaOqN
u76agntX3T5zITEabYCYd3bVfDClLxxtu4rq0+YjDZqcdZkmVEgmnL/NGiqiqmIl
YWVyDXbUPds0okijXE3pnl5pgvxKJ5LoJgI519+Yt6xGlrEeYtU=
-----END CERTIFICATE-----
Generated at Wed Aug 16 15:02:08 2023 by rpki-client on console-ams.rpki-client.org