Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9160904/347274EC6F4911E8BEB6AE65C4F9AE02/2A791E74B3EE11E9A813740DC4F9AE02.roa
File: 2A791E74B3EE11E9A813740DC4F9AE02.roa (raw, json)
Hash identifier: EIlS5nR0OcY5aQ2B66BLqSu20A/mtzxnDuhEN6C/+HA=
Subject key identifier: 59:A3:49:58:42:D7:B5:53:D2:FB:5C:33:FC:6E:98:DA:7C:01:00:5D
Certificate issuer: /CN=A9160904/serialNumber=521C5AFB60153CED342CD3C2674D315E4245022A
Certificate serial: 107F
Authority key identifier: 52:1C:5A:FB:60:15:3C:ED:34:2C:D3:C2:67:4D:31:5E:42:45:02:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Uhxa-2AVPO00LNPCZ00xXkJFAio.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9160904/347274EC6F4911E8BEB6AE65C4F9AE02/2A791E74B3EE11E9A813740DC4F9AE02.roa
Signing time: Mon 31 Jan 2022 06:26:39 +0000
ROA not before: Mon 31 Jan 2022 06:26:39 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 38895
IP address blocks: 43.250.192.0/24 maxlen: 24
43.250.193.0/24 maxlen: 24
122.248.192.0/18 maxlen: 24
175.41.128.0/18 maxlen: 24
2400:6500::/32 maxlen: 32
2400:6500:ff00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4223 (0x107f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9160904/serialNumber=521C5AFB60153CED342CD3C2674D315E4245022A
Validity
Not Before: Jan 31 06:26:39 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=61f7811f-eff7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:55:66:ef:de:d4:88:9b:9c:fe:e4:b2:4b:d6:
36:8f:9c:7d:b5:f9:f9:1a:ca:4f:99:55:07:76:9d:
25:81:48:93:e6:01:b9:c8:7f:a3:b9:64:9f:d2:00:
81:7a:ed:ac:ca:7f:ab:c2:69:cf:51:3d:a5:d9:d7:
57:5b:15:d9:7a:6f:57:1a:0a:a0:5a:ca:cb:e4:4c:
64:49:94:a8:83:4b:53:df:8e:48:4b:28:ed:c8:50:
ab:fd:b2:e4:3d:a1:f6:18:2a:35:42:f6:fe:75:24:
ad:1b:07:0b:5c:21:96:58:63:27:18:79:fb:33:2e:
56:61:69:b2:b8:80:a8:08:5f:d5:b5:34:d6:29:9c:
ed:15:23:20:57:75:48:1f:b2:82:8c:54:e5:cd:cd:
85:86:b8:f3:b2:4f:16:9f:d3:4f:4d:9c:ad:8d:cc:
d2:01:bf:43:bf:36:b4:f7:ce:3e:c6:4e:a9:87:06:
1b:27:83:b6:ef:d1:fd:e9:a2:6e:7d:6e:ff:73:36:
f4:48:68:87:79:4c:15:61:0b:83:39:b6:59:71:27:
be:93:b7:b6:71:58:b3:8a:55:0f:a5:28:d0:ab:18:
d1:dc:60:18:08:ac:3e:6b:67:8a:dc:b0:d0:cb:9e:
66:15:9c:21:2d:52:17:b1:11:26:52:f6:8e:89:79:
de:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:A3:49:58:42:D7:B5:53:D2:FB:5C:33:FC:6E:98:DA:7C:01:00:5D
X509v3 Authority Key Identifier:
keyid:52:1C:5A:FB:60:15:3C:ED:34:2C:D3:C2:67:4D:31:5E:42:45:02:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9160904/347274EC6F4911E8BEB6AE65C4F9AE02/Uhxa-2AVPO00LNPCZ00xXkJFAio.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Uhxa-2AVPO00LNPCZ00xXkJFAio.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9160904/347274EC6F4911E8BEB6AE65C4F9AE02/2A791E74B3EE11E9A813740DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.192.0/23
122.248.192.0/18
175.41.128.0/18
IPv6:
2400:6500::/32
Signature Algorithm: sha256WithRSAEncryption
48:9b:12:01:0f:fd:77:1b:ad:23:59:99:43:43:4e:52:08:78:
f3:c1:8d:78:41:00:77:b7:94:64:20:af:23:80:7a:76:70:d0:
af:23:bf:55:c9:55:77:e7:16:c4:eb:6d:8c:aa:19:fd:9e:93:
27:4e:37:a1:89:1b:ef:5a:32:68:e1:85:39:e6:93:d0:70:c9:
bb:9d:b7:f1:c3:c1:43:90:55:e0:f6:10:9a:f2:6d:99:3e:eb:
52:39:37:82:cd:8c:1d:a6:d2:e4:93:8c:b4:bf:b4:a4:44:5a:
9c:d3:f7:92:d0:1d:54:37:bb:9c:97:06:e0:ac:fa:d2:cc:93:
e4:43:29:d2:38:97:af:b5:f8:4a:d7:74:39:5e:a8:6a:14:24:
c8:b8:ea:5c:ae:9d:d7:98:e7:62:49:1e:c0:62:ad:eb:4f:0b:
fb:48:4e:5d:b3:54:66:1f:f2:4f:47:82:f6:00:8f:eb:f9:15:
e4:6e:06:22:dd:0b:c1:8c:24:de:66:3c:22:de:95:f8:52:b9:
96:5f:7c:be:c0:d5:9b:b9:a2:58:d5:b5:a6:9e:61:30:31:17:
88:34:f2:34:b8:b7:c5:88:ba:94:3e:ea:fb:f6:99:aa:cf:20:
35:3f:91:5d:af:04:12:9f:c9:2e:fc:4e:66:47:cd:93:93:8f:
9d:86:75:7f
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICEH8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjA5MDQxMTAvBgNVBAUTKDUyMUM1QUZCNjAxNTNDRUQzNDJDRDNDMjY3NEQzMTVF
NDI0NTAyMkEwHhcNMjIwMTMxMDYyNjM5WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWY3ODExZi1lZmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnlVm797UiJuc/uSyS9Y2j5x9tfn5GspPmVUHdp0lgUiT5gG5yH+juWSf0gCB
eu2syn+rwmnPUT2l2ddXWxXZem9XGgqgWsrL5ExkSZSog0tT345ISyjtyFCr/bLk
PaH2GCo1Qvb+dSStGwcLXCGWWGMnGHn7My5WYWmyuICoCF/VtTTWKZztFSMgV3VI
H7KCjFTlzc2Fhrjzsk8Wn9NPTZytjczSAb9Dvza0984+xk6phwYbJ4O279H96aJu
fW7/czb0SGiHeUwVYQuDObZZcSe+k7e2cVizilUPpSjQqxjR3GAYCKw+a2eK3LDQ
y55mFZwhLVIXsREmUvaOiXneQQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFFmjSVhC
17VT0vtcM/xumNp8AQBdMB8GA1UdIwQYMBaAFFIcWvtgFTztNCzTwmdNMV5CRQIq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDkwNC8zNDcyNzRFQzZG
NDkxMUU4QkVCNkFFNjVDNEY5QUUwMi9VaHhhLTJBVlBPMDBMTlBDWjAweFhrSkZB
aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VoeGEtMkFWUE8wMExOUENaMDB4WGtKRkFpby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjA5MDQvMzQ3Mjc0RUM2RjQ5MTFFOEJFQjZBRTY1QzRGOUFFMDIvMkE3OTFFNzRC
M0VFMTFFOUE4MTM3NDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAEr+sADBAZ6+MADBAavKYAwDQQCAAIwBwMFACQAZQAwDQYJ
KoZIhvcNAQELBQADggEBAEibEgEP/XcbrSNZmUNDTlIIePPBjXhBAHe3lGQgryOA
enZw0K8jv1XJVXfnFsTrbYyqGf2ekydON6GJG+9aMmjhhTnmk9Bwybudt/HDwUOQ
VeD2EJrybZk+61I5N4LNjB2m0uSTjLS/tKREWpzT95LQHVQ3u5yXBuCs+tLMk+RD
KdI4l6+1+ErXdDleqGoUJMi46lyundeY52JJHsBiretPC/tITl2zVGYf8k9HgvYA
j+v5FeRuBiLdC8GMJN5mPCLelfhSuZZffL7A1Zu5oljVtaaeYTAxF4g08jS4t8WI
upQ+6vv2marPIDU/kV2vBBKfyS78TmZHzZOTj52GdX8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org