Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915ED63/CD85ACF656D611E9A91BFC27C4F9AE02/719D9F40B18A11EC892E2662C4F9AE02.roa
File: 719D9F40B18A11EC892E2662C4F9AE02.roa (raw, json)
Hash identifier: vUzExkIlLgRzh9t2E6K4NMhU7TB7lXRlrYx/Eo61mpU=
Subject key identifier: 4B:7E:BD:BB:A8:B2:C4:18:FB:7F:C5:0E:DB:C0:FA:53:AE:FA:2D:6C
Certificate issuer: /CN=A915ED63/serialNumber=CFD083901B13A2AB76B44EB41F3C73152855D726
Certificate serial: 0C90
Authority key identifier: CF:D0:83:90:1B:13:A2:AB:76:B4:4E:B4:1F:3C:73:15:28:55:D7:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z9CDkBsToqt2tE60HzxzFShV1yY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915ED63/CD85ACF656D611E9A91BFC27C4F9AE02/719D9F40B18A11EC892E2662C4F9AE02.roa
Signing time: Fri 01 Apr 2022 19:05:50 +0000
ROA not before: Fri 01 Apr 2022 19:05:50 +0000
ROA not after: Mon 01 Aug 2022 00:00:00 +0000
asID: 138570
IP address blocks: 103.133.88.0/24 maxlen: 24
103.133.89.0/24 maxlen: 24
103.133.90.0/24 maxlen: 24
103.133.91.0/24 maxlen: 24
2404:49c0::/32 maxlen: 32
2404:49c0:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3216 (0xc90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915ED63/serialNumber=CFD083901B13A2AB76B44EB41F3C73152855D726
Validity
Not Before: Apr 1 19:05:50 2022 GMT
Not After : Aug 1 00:00:00 2022 GMT
Subject: CN=62474d0e-a79c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1d:ca:34:f8:c0:e9:00:a3:8e:05:50:36:6b:
0f:ba:83:5e:68:b7:ef:47:c2:c5:27:cd:d4:33:9e:
21:1a:76:e2:0a:c1:74:8d:ee:c0:07:db:8a:9c:08:
10:41:ba:eb:ab:b1:7b:6b:0d:d5:18:ed:df:32:e8:
03:18:d7:80:0c:1f:55:9c:b1:58:22:fe:e8:24:39:
8b:65:2d:14:01:a2:c0:4e:f5:c8:0d:95:75:6f:b6:
82:aa:a1:a2:2d:e8:34:9c:0b:c2:0f:98:87:9f:ca:
ba:7d:ff:f1:fd:25:66:84:89:8c:e7:8f:f6:fe:53:
97:a3:23:91:6a:8b:fd:a9:60:9e:cf:e4:fd:e6:dc:
31:12:ad:76:66:ee:b6:0f:23:ac:3a:f9:1d:56:74:
e6:62:6f:57:42:5b:20:f0:12:3c:d5:58:e3:a1:ca:
95:f8:ec:8e:2b:71:5d:37:8f:20:0d:f6:15:66:75:
19:3b:f1:51:18:76:02:9c:f7:36:5c:1b:16:ba:eb:
6f:f8:1f:82:df:1f:13:b9:61:69:3c:d1:af:94:67:
5b:b3:b5:f8:c5:34:04:59:4a:3d:b5:c2:2c:c0:69:
60:ed:46:4e:e3:80:dd:42:22:b3:38:8c:b7:09:1d:
49:da:61:06:98:7d:54:02:4c:05:85:3c:16:bb:fb:
1a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7E:BD:BB:A8:B2:C4:18:FB:7F:C5:0E:DB:C0:FA:53:AE:FA:2D:6C
X509v3 Authority Key Identifier:
keyid:CF:D0:83:90:1B:13:A2:AB:76:B4:4E:B4:1F:3C:73:15:28:55:D7:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915ED63/CD85ACF656D611E9A91BFC27C4F9AE02/z9CDkBsToqt2tE60HzxzFShV1yY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z9CDkBsToqt2tE60HzxzFShV1yY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915ED63/CD85ACF656D611E9A91BFC27C4F9AE02/719D9F40B18A11EC892E2662C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.88.0/22
IPv6:
2404:49c0::/32
Signature Algorithm: sha256WithRSAEncryption
5e:ce:27:89:5f:20:70:5d:71:01:6e:4a:a6:4c:ca:83:16:44:
b9:a3:e2:6d:df:90:06:38:c2:a2:15:af:0e:bb:0f:e1:11:db:
e8:c5:0f:2c:a7:04:74:3a:55:9a:21:c7:6e:e0:0c:f0:81:94:
32:54:23:48:20:95:72:a2:eb:42:a0:9d:8d:f8:be:c6:02:2e:
be:27:5a:65:d2:e5:fe:67:ab:88:8c:92:e4:ba:36:02:1d:82:
d5:4f:c7:72:21:c7:4a:0e:59:ad:9c:79:dd:87:70:17:ae:ea:
6b:db:a6:6d:ba:ca:41:cb:9f:7d:ad:df:6b:ae:87:6f:50:77:
4d:ed:9b:87:f4:db:a1:26:66:51:3b:66:a7:60:c1:76:f1:ef:
d0:12:44:8a:c5:41:82:f2:a2:8a:6c:ec:07:87:64:0f:62:84:
50:4f:3a:65:eb:a7:fe:9d:58:cb:bd:eb:5c:0c:83:4f:16:9c:
ea:fc:20:2d:91:55:be:54:af:8c:c7:68:46:6d:59:e8:71:6e:
16:49:62:a2:38:ca:86:1f:08:5c:b8:c1:36:87:33:14:ac:2c:
5f:a3:3a:45:46:00:dd:c7:c5:76:10:be:fc:31:24:b1:77:8f:
39:59:21:33:78:21:96:6c:b5:2b:c0:1f:19:3a:e3:66:a5:f1:
f2:aa:fe:00
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDJAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVENjMxMTAvBgNVBAUTKENGRDA4MzkwMUIxM0EyQUI3NkI0NEVCNDFGM0M3MzE1
Mjg1NUQ3MjYwHhcNMjIwNDAxMTkwNTUwWhcNMjIwODAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjQ3NGQwZS1hNzljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvB3KNPjA6QCjjgVQNmsPuoNeaLfvR8LFJ83UM54hGnbiCsF0je7AB9uKnAgQ
Qbrrq7F7aw3VGO3fMugDGNeADB9VnLFYIv7oJDmLZS0UAaLATvXIDZV1b7aCqqGi
Leg0nAvCD5iHn8q6ff/x/SVmhImM54/2/lOXoyORaov9qWCez+T95twxEq12Zu62
DyOsOvkdVnTmYm9XQlsg8BI81VjjocqV+OyOK3FdN48gDfYVZnUZO/FRGHYCnPc2
XBsWuutv+B+C3x8TuWFpPNGvlGdbs7X4xTQEWUo9tcIswGlg7UZO44DdQiKzOIy3
CR1J2mEGmH1UAkwFhTwWu/satQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEt+vbuo
ssQY+3/FDtvA+lOu+i1sMB8GA1UdIwQYMBaAFM/Qg5AbE6KrdrROtB88cxUoVdcm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUQ2My9DRDg1QUNGNjU2
RDYxMUU5QTkxQkZDMjdDNEY5QUUwMi96OUNEa0JzVG9xdDJ0RTYwSHp4ekZTaFYx
eVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3o5Q0RrQnNUb3F0MnRFNjBIenh6RlNoVjF5WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUVENjMvQ0Q4NUFDRjY1NkQ2MTFFOUE5MUJGQzI3QzRGOUFFMDIvNzE5RDlGNDBC
MThBMTFFQzg5MkUyNjYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnhVgwDQQCAAIwBwMFACQEScAwDQYJKoZIhvcNAQELBQAD
ggEBAF7OJ4lfIHBdcQFuSqZMyoMWRLmj4m3fkAY4wqIVrw67D+ER2+jFDyynBHQ6
VZohx27gDPCBlDJUI0gglXKi60KgnY34vsYCLr4nWmXS5f5nq4iMkuS6NgIdgtVP
x3Ihx0oOWa2ced2HcBeu6mvbpm26ykHLn32t32uuh29Qd03tm4f026EmZlE7Zqdg
wXbx79ASRIrFQYLyoops7AeHZA9ihFBPOmXrp/6dWMu961wMg08WnOr8IC2RVb5U
r4zHaEZtWehxbhZJYqI4yoYfCFy4wTaHMxSsLF+jOkVGAN3HxXYQvvwxJLF3jzlZ
ITN4IZZstSvAHxk642al8fKq/gA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org