Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155CA4/7B2578D8C1A111EA94735C31C4F9AE02/FD0FD2AA80F111EDAA11297CC4F9AE02.roa
File: FD0FD2AA80F111EDAA11297CC4F9AE02.roa (raw, json)
Hash identifier: jEyNL5qwbY0FInMcgiM31M9jJ6882lx61neYqWr9Ejk=
Subject key identifier: BC:D3:C0:F2:F6:88:12:DD:36:79:5E:C0:8A:45:51:10:96:EF:C0:0D
Certificate issuer: /CN=A9155CA4/serialNumber=E0F2EA6343AF44D99EA44296B3910FDA83652973
Certificate serial: 072C
Authority key identifier: E0:F2:EA:63:43:AF:44:D9:9E:A4:42:96:B3:91:0F:DA:83:65:29:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4PLqY0OvRNmepEKWs5EP2oNlKXM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155CA4/7B2578D8C1A111EA94735C31C4F9AE02/FD0FD2AA80F111EDAA11297CC4F9AE02.roa
Signing time: Wed 02 Aug 2023 21:39:18 +0000
ROA not before: Wed 02 Aug 2023 21:39:18 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 2519
IP address blocks: 43.225.88.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1836 (0x72c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155CA4/serialNumber=E0F2EA6343AF44D99EA44296B3910FDA83652973
Validity
Not Before: Aug 2 21:39:18 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64cacd06-e976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d2:84:7b:1b:33:39:b7:14:4d:aa:74:95:43:
e4:ad:25:64:67:90:6b:2a:cb:a7:c1:d1:88:45:42:
44:a9:70:48:8e:19:ba:6e:23:99:92:ef:4b:dd:7a:
c2:21:69:23:95:e5:ae:ef:0f:58:58:7a:af:14:2d:
c4:9a:c2:22:e9:4b:61:64:86:6a:89:c4:77:41:0d:
20:48:3e:98:bf:aa:8e:53:d8:9d:30:04:55:9d:46:
85:89:da:77:6e:d0:b4:e9:0d:b7:8b:53:7a:c4:b6:
1a:16:02:98:6f:9a:bb:7e:2a:26:a7:a2:26:4c:64:
69:20:95:ce:ca:6c:2c:34:44:e2:a9:06:1c:2e:03:
39:34:3b:fb:b7:53:70:4e:e8:ac:e0:f8:19:06:d5:
78:86:9b:f7:aa:3e:af:10:24:d9:59:4e:89:74:77:
c0:55:90:72:49:19:db:1f:58:e1:ed:d9:a9:33:e7:
94:04:35:f0:d1:27:92:a8:de:a3:ac:c2:60:97:9a:
5a:59:38:d3:0c:4b:f5:0e:fb:df:0d:e7:f1:4b:28:
d8:cc:b9:df:d7:dd:97:64:9c:da:99:13:4b:61:fc:
7c:4d:53:c2:bd:66:16:c7:bc:3a:c6:f5:64:b2:b0:
91:69:b8:4b:6e:bb:ce:3b:1a:7f:c4:23:ca:77:da:
2f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D3:C0:F2:F6:88:12:DD:36:79:5E:C0:8A:45:51:10:96:EF:C0:0D
X509v3 Authority Key Identifier:
keyid:E0:F2:EA:63:43:AF:44:D9:9E:A4:42:96:B3:91:0F:DA:83:65:29:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155CA4/7B2578D8C1A111EA94735C31C4F9AE02/4PLqY0OvRNmepEKWs5EP2oNlKXM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4PLqY0OvRNmepEKWs5EP2oNlKXM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155CA4/7B2578D8C1A111EA94735C31C4F9AE02/FD0FD2AA80F111EDAA11297CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.88.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:e4:8d:4c:ab:9d:be:55:b5:c5:e7:29:c9:78:de:84:4b:c0:
ee:f9:c4:be:d9:c1:ad:05:42:6f:21:80:67:f6:a9:37:1e:8e:
0e:86:c0:9e:6e:90:4c:df:b4:49:c4:07:3f:bf:c2:ff:6d:51:
64:d1:b2:1b:e0:b4:3c:55:b1:89:5c:ac:22:73:41:de:be:36:
82:01:11:d4:0c:c7:a8:a9:5d:96:53:9e:1d:90:6d:b5:fa:17:
7b:24:88:db:ed:5b:5b:87:2c:f0:d6:45:77:ff:ba:46:1d:a8:
be:56:ba:50:9b:c2:63:8c:72:1b:a8:d0:63:36:40:b2:64:fa:
2c:7d:9a:af:d5:15:37:a3:65:c9:0f:6a:77:ea:c6:65:51:ba:
10:b6:e5:02:02:16:07:97:d5:1c:47:d2:90:da:b1:7d:41:f5:
ad:f7:a9:a3:10:55:4f:dc:d0:f3:78:19:fe:5d:a9:57:a4:cc:
00:58:ba:e3:80:c3:bd:b8:0d:85:19:01:e0:d3:70:9e:ff:c2:
03:02:d9:1e:1c:ab:19:21:71:58:16:58:88:2e:9e:84:92:5d:
a1:fe:13:9d:f9:11:76:4c:aa:e2:ea:7a:80:8a:d7:bf:38:bc:
09:2a:9d:17:0d:81:2a:1b:2f:2e:1e:9f:da:ef:7b:39:6a:1a:
4b:ee:01:49
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBywwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTVDQTQxMTAvBgNVBAUTKEUwRjJFQTYzNDNBRjQ0RDk5RUE0NDI5NkIzOTEwRkRB
ODM2NTI5NzMwHhcNMjMwODAyMjEzOTE4WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNhY2QwNi1lOTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApdKEexszObcUTap0lUPkrSVkZ5BrKsunwdGIRUJEqXBIjhm6biOZku9L3XrC
IWkjleWu7w9YWHqvFC3EmsIi6UthZIZqicR3QQ0gSD6Yv6qOU9idMARVnUaFidp3
btC06Q23i1N6xLYaFgKYb5q7fiomp6ImTGRpIJXOymwsNETiqQYcLgM5NDv7t1Nw
Tuis4PgZBtV4hpv3qj6vECTZWU6JdHfAVZBySRnbH1jh7dmpM+eUBDXw0SeSqN6j
rMJgl5paWTjTDEv1DvvfDefxSyjYzLnf192XZJzamRNLYfx8TVPCvWYWx7w6xvVk
srCRabhLbrvOOxp/xCPKd9ovwQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLzTwPL2
iBLdNnlewIpFURCW78ANMB8GA1UdIwQYMBaAFODy6mNDr0TZnqRClrORD9qDZSlz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NUNBNC83QjI1NzhEOEMx
QTExMUVBOTQ3MzVDMzFDNEY5QUUwMi80UExxWTBPdlJObWVwRUtXczVFUDJvTmxL
WE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRQTHFZME92Uk5tZXBFS1dzNUVQMm9ObEtYTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTVDQTQvN0IyNTc4RDhDMUExMTFFQTk0NzM1QzMxQzRGOUFFMDIvRkQwRkQyQUE4
MEYxMTFFREFBMTEyOTdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr4VgwDQYJKoZIhvcNAQELBQADggEBAK7kjUyrnb5VtcXn
Kcl43oRLwO75xL7Zwa0FQm8hgGf2qTcejg6GwJ5ukEzftEnEBz+/wv9tUWTRshvg
tDxVsYlcrCJzQd6+NoIBEdQMx6ipXZZTnh2QbbX6F3skiNvtW1uHLPDWRXf/ukYd
qL5WulCbwmOMchuo0GM2QLJk+ix9mq/VFTejZckPanfqxmVRuhC25QICFgeX1RxH
0pDasX1B9a33qaMQVU/c0PN4Gf5dqVekzABYuuOAw724DYUZAeDTcJ7/wgMC2R4c
qxkhcVgWWIgunoSSXaH+E535EXZMquLqeoCK1784vAkqnRcNgSobLy4en9rvezlq
GkvuAUk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org