Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161FE1/99FD8AE019BE11EC88E6281EC4F9AE02/D2EBA03819C011EC8FA4251FC4F9AE02.roa
File: D2EBA03819C011EC8FA4251FC4F9AE02.roa (raw, json)
Hash identifier: JmZkWr7X9tOJFRwn5jptJvSQhnfQIEoDoqU6Y8aybt0=
Subject key identifier: AC:33:33:7E:73:20:8F:8E:C8:A3:3E:6A:40:E8:76:EC:8D:9E:1F:43
Certificate issuer: /CN=A9161FE1/serialNumber=FF391E31AFD3FCE9E86F2E45834C41B0ADDC6FE9
Certificate serial: 030F
Authority key identifier: FF:39:1E:31:AF:D3:FC:E9:E8:6F:2E:45:83:4C:41:B0:AD:DC:6F:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_zkeMa_T_Onoby5Fg0xBsK3cb-k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161FE1/99FD8AE019BE11EC88E6281EC4F9AE02/D2EBA03819C011EC8FA4251FC4F9AE02.roa
Signing time: Tue 15 Nov 2022 03:12:15 +0000
ROA not before: Tue 15 Nov 2022 03:12:15 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 134711
IP address blocks: 103.197.144.0/22 maxlen: 22
220.158.188.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 783 (0x30f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161FE1/serialNumber=FF391E31AFD3FCE9E86F2E45834C41B0ADDC6FE9
Validity
Not Before: Nov 15 03:12:15 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6373038f-5ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b8:18:2a:df:b3:ab:69:3d:e5:83:af:6a:fa:
a9:5e:56:ca:e2:99:c6:dd:8f:2e:d1:f8:91:a3:9f:
78:de:14:b7:92:c2:4c:75:8a:a2:08:4b:c4:53:2f:
74:c5:37:0d:54:54:a7:b7:ab:57:dd:97:8c:36:93:
1c:fe:c0:f8:f3:46:9c:a4:a3:2e:0f:79:ce:ce:5a:
3e:6c:6e:c4:25:83:bc:3e:ce:24:81:15:d1:a0:48:
b4:9c:5f:7f:48:9b:0d:e5:dd:fe:f6:28:f1:59:51:
7e:86:f8:0c:90:f6:0e:eb:0d:72:d5:2c:55:24:fd:
56:d4:f9:ce:06:0e:e4:6f:37:b6:81:62:99:6b:a6:
59:ff:77:5d:04:52:84:dd:a9:2c:c5:18:80:b1:e8:
dc:46:bd:55:e9:35:08:79:fe:ad:01:5d:df:e7:77:
22:55:9e:80:30:bc:c7:1c:71:26:11:8d:17:48:3d:
00:8e:31:65:c5:c4:fb:0a:d6:94:c8:e0:28:b4:02:
dc:e9:e5:d0:26:1c:43:d2:1a:71:51:7a:65:8a:07:
64:47:17:c9:18:ed:9a:de:b1:2c:b4:8a:32:2a:7a:
8b:9e:4d:2b:d3:de:4a:80:73:53:6d:02:3d:cc:77:
7d:7e:fa:6f:e2:b1:f7:92:5e:f0:e2:35:d8:81:d5:
aa:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:33:33:7E:73:20:8F:8E:C8:A3:3E:6A:40:E8:76:EC:8D:9E:1F:43
X509v3 Authority Key Identifier:
keyid:FF:39:1E:31:AF:D3:FC:E9:E8:6F:2E:45:83:4C:41:B0:AD:DC:6F:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161FE1/99FD8AE019BE11EC88E6281EC4F9AE02/_zkeMa_T_Onoby5Fg0xBsK3cb-k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_zkeMa_T_Onoby5Fg0xBsK3cb-k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161FE1/99FD8AE019BE11EC88E6281EC4F9AE02/D2EBA03819C011EC8FA4251FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.197.144.0/22
220.158.188.0/22
Signature Algorithm: sha256WithRSAEncryption
59:00:6a:b1:16:61:32:61:8d:95:12:c6:e2:d0:1a:fe:f7:18:
79:6d:eb:0b:8b:cd:80:28:a7:b3:ac:5b:03:df:61:b1:62:68:
06:87:a9:2c:ac:e6:6f:09:51:b3:86:06:51:74:01:75:f8:64:
a3:fd:84:08:27:31:81:af:41:32:a6:45:81:a5:0e:e9:15:f3:
29:a4:04:4e:78:5f:0d:7b:0f:75:8a:52:cb:68:e3:e6:01:42:
d5:61:12:bd:de:32:1b:55:4c:d9:30:f3:88:5b:41:b1:a4:a9:
f6:18:7c:11:de:ab:cc:96:84:cc:4c:9e:47:f5:e8:3a:a3:fd:
1a:1c:00:8d:ee:60:9e:55:7b:e5:a8:44:3a:80:fc:bb:c6:19:
f1:54:26:45:72:6f:fa:4b:bc:3b:73:d5:27:59:26:8d:5d:c4:
c5:e2:be:f7:b9:92:10:6d:37:1a:21:78:83:b1:cb:4a:7c:15:
37:66:25:69:7b:a1:7e:16:4d:74:e2:53:ba:39:53:a4:cd:52:
36:72:4a:fa:0b:01:28:d3:5d:86:3e:19:1e:d5:ef:f3:9a:63:
b0:d6:76:50:cb:33:f6:ae:5d:71:e6:61:7e:ba:b2:8c:3a:c2:
d9:9f:98:c0:62:b2:30:71:6c:71:3e:90:39:7b:3a:bc:26:b8:
a2:bd:97:b9
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAw8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjFGRTExMTAvBgNVBAUTKEZGMzkxRTMxQUZEM0ZDRTlFODZGMkU0NTgzNEM0MUIw
QUREQzZGRTkwHhcNMjIxMTE1MDMxMjE1WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzczMDM4Zi01YWU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt7gYKt+zq2k95YOvavqpXlbK4pnG3Y8u0fiRo5943hS3ksJMdYqiCEvEUy90
xTcNVFSnt6tX3ZeMNpMc/sD480acpKMuD3nOzlo+bG7EJYO8Ps4kgRXRoEi0nF9/
SJsN5d3+9ijxWVF+hvgMkPYO6w1y1SxVJP1W1PnOBg7kbze2gWKZa6ZZ/3ddBFKE
3aksxRiAsejcRr1V6TUIef6tAV3f53ciVZ6AMLzHHHEmEY0XSD0AjjFlxcT7CtaU
yOAotALc6eXQJhxD0hpxUXpligdkRxfJGO2a3rEstIoyKnqLnk0r095KgHNTbQI9
zHd9fvpv4rH3kl7w4jXYgdWqVwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKwzM35z
II+OyKM+akDoduyNnh9DMB8GA1UdIwQYMBaAFP85HjGv0/zp6G8uRYNMQbCt3G/p
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUZFMS85OUZEOEFFMDE5
QkUxMUVDODhFNjI4MUVDNEY5QUUwMi9femtlTWFfVF9Pbm9ieTVGZzB4QnNLM2Ni
LWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL196a2VNYV9UX09ub2J5NUZnMHhCc0szY2Itay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjFGRTEvOTlGRDhBRTAxOUJFMTFFQzg4RTYyODFFQzRGOUFFMDIvRDJFQkEwMzgx
OUMwMTFFQzhGQTQyNTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnxZADBALcnrwwDQYJKoZIhvcNAQELBQADggEBAFkAarEW
YTJhjZUSxuLQGv73GHlt6wuLzYAop7OsWwPfYbFiaAaHqSys5m8JUbOGBlF0AXX4
ZKP9hAgnMYGvQTKmRYGlDukV8ymkBE54Xw17D3WKUsto4+YBQtVhEr3eMhtVTNkw
84hbQbGkqfYYfBHeq8yWhMxMnkf16Dqj/RocAI3uYJ5Ve+WoRDqA/LvGGfFUJkVy
b/pLvDtz1SdZJo1dxMXivve5khBtNxoheIOxy0p8FTdmJWl7oX4WTXTiU7o5U6TN
UjZySvoLASjTXYY+GR7V7/OaY7DWdlDLM/auXXHmYX66sow6wtmfmMBisjBxbHE+
kDl7OrwmuKK9l7k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org