Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91788FA/0435D160034311ED98849640C4F9AE02/12294AACBC2C11EDA3F95F2EC4F9AE02.roa
File: 12294AACBC2C11EDA3F95F2EC4F9AE02.roa (raw, json)
Hash identifier: 1oL15AlPLDRDOI+oco84zo9zRseTtPZmLmVIKvOzlt4=
Subject key identifier: 89:5D:DA:27:E6:B4:55:D2:25:16:DF:B0:D4:E5:94:3D:CD:79:C0:9B
Certificate issuer: /CN=A91788FA/serialNumber=FDDCB69FE9B7433D3A48FBEE72E659480515DD19
Certificate serial: F8
Authority key identifier: FD:DC:B6:9F:E9:B7:43:3D:3A:48:FB:EE:72:E6:59:48:05:15:DD:19
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_dy2n-m3Qz06SPvucuZZSAUV3Rk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91788FA/0435D160034311ED98849640C4F9AE02/12294AACBC2C11EDA3F95F2EC4F9AE02.roa
Signing time: Mon 06 Mar 2023 14:34:59 +0000
ROA not before: Mon 06 Mar 2023 14:34:59 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 137451
IP address blocks: 43.229.152.0/22 maxlen: 22
43.229.152.0/24 maxlen: 24
43.229.153.0/24 maxlen: 24
43.229.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 248 (0xf8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91788FA/serialNumber=FDDCB69FE9B7433D3A48FBEE72E659480515DD19
Validity
Not Before: Mar 6 14:34:59 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=6405fa13-0ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f1:a5:97:eb:e7:86:b3:5e:78:74:69:ff:0e:
e7:c3:9c:c7:d7:15:46:6b:ad:2c:06:d8:45:d2:ac:
09:bf:5e:36:ca:c6:ba:8b:bc:31:48:ef:5d:dd:f8:
ac:7f:fa:72:36:57:7e:91:8b:99:1c:40:1c:26:f7:
6a:c5:77:22:f4:81:89:91:72:78:16:0f:ea:0e:7e:
43:97:68:e2:1d:e6:92:72:2f:50:ce:fc:3e:b7:d3:
93:40:ac:de:47:f7:88:2e:8b:2b:0d:1c:19:1f:ab:
ac:a9:17:9d:10:ac:30:89:95:be:e8:62:6c:00:b4:
7d:97:37:6d:06:40:8b:13:75:7c:67:60:4e:10:7a:
6e:95:16:9f:03:f1:bc:61:6c:a7:2a:46:13:52:69:
ed:ee:a2:36:46:45:70:80:fe:a9:e3:5c:22:ef:6e:
94:b3:7d:a4:3d:34:1f:c4:0f:f3:65:6a:41:fd:67:
ab:e5:23:df:e5:02:14:6d:b0:ab:6a:1c:36:56:4f:
3c:91:eb:39:96:62:b1:6f:60:60:eb:e2:78:ee:16:
73:72:b9:00:2a:63:2a:77:10:29:be:06:b6:5b:e8:
56:04:c9:40:50:ce:6a:76:3d:49:5d:e0:1c:40:b6:
06:13:d2:b2:4c:f9:70:9c:05:94:cb:d2:f7:f1:1a:
0a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5D:DA:27:E6:B4:55:D2:25:16:DF:B0:D4:E5:94:3D:CD:79:C0:9B
X509v3 Authority Key Identifier:
keyid:FD:DC:B6:9F:E9:B7:43:3D:3A:48:FB:EE:72:E6:59:48:05:15:DD:19
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91788FA/0435D160034311ED98849640C4F9AE02/_dy2n-m3Qz06SPvucuZZSAUV3Rk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_dy2n-m3Qz06SPvucuZZSAUV3Rk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91788FA/0435D160034311ED98849640C4F9AE02/12294AACBC2C11EDA3F95F2EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.152.0/22
Signature Algorithm: sha256WithRSAEncryption
18:cd:42:df:6e:9e:a3:ab:84:6f:0b:ca:43:01:d7:e6:19:6a:
eb:cc:34:44:cd:e5:12:01:b9:6a:8e:05:fc:50:a2:49:f3:47:
8f:a1:4d:11:a8:d9:c9:42:5f:12:61:3c:7e:be:2d:f2:9b:50:
7d:b2:88:7e:6a:0f:b1:e1:45:b2:9f:da:f9:1f:15:81:99:91:
1c:75:c3:6f:f5:3c:d0:c5:0e:13:a6:dd:4f:19:29:38:1b:a6:
c9:e9:61:59:33:4e:84:29:af:bb:09:03:58:65:bc:b5:5d:37:
d8:7d:ad:a4:2e:50:e4:b1:21:43:71:f7:96:57:56:d2:a3:cf:
33:ff:18:5c:5c:e8:a2:71:fe:0b:72:58:4b:76:0d:fe:e8:d3:
e4:d0:6e:63:3f:74:51:a7:6e:3e:94:fa:82:39:77:96:e6:0a:
42:d1:6d:d8:8c:32:2b:1c:51:ed:e8:b0:1a:cc:b9:70:aa:e1:
01:59:6f:0d:10:15:d7:91:6f:02:27:8a:9d:38:24:18:da:18:
ec:b1:69:66:d7:fd:f8:4a:2f:79:81:02:dc:0e:ff:b1:72:f6:
fa:bc:a1:99:67:1c:92:41:2b:af:54:3f:d2:2b:dd:d5:be:de:
38:19:98:c4:7c:3c:ee:d2:5e:4e:91:45:6f:c4:46:a9:1c:d3:
45:06:07:3a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzg4RkExMTAvBgNVBAUTKEZERENCNjlGRTlCNzQzM0QzQTQ4RkJFRTcyRTY1OTQ4
MDUxNUREMTkwHhcNMjMwMzA2MTQzNDU5WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDA1ZmExMy0wY2UyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmfGll+vnhrNeeHRp/w7nw5zH1xVGa60sBthF0qwJv142ysa6i7wxSO9d3fis
f/pyNld+kYuZHEAcJvdqxXci9IGJkXJ4Fg/qDn5Dl2jiHeaSci9Qzvw+t9OTQKze
R/eILosrDRwZH6usqRedEKwwiZW+6GJsALR9lzdtBkCLE3V8Z2BOEHpulRafA/G8
YWynKkYTUmnt7qI2RkVwgP6p41wi726Us32kPTQfxA/zZWpB/Wer5SPf5QIUbbCr
ahw2Vk88kes5lmKxb2Bg6+J47hZzcrkAKmMqdxApvga2W+hWBMlAUM5qdj1JXeAc
QLYGE9KyTPlwnAWUy9L38RoKkwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIld2ifm
tFXSJRbfsNTllD3NecCbMB8GA1UdIwQYMBaAFP3ctp/pt0M9Okj77nLmWUgFFd0Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3ODhGQS8wNDM1RDE2MDAz
NDMxMUVEOTg4NDk2NDBDNEY5QUUwMi9fZHkybi1tM1F6MDZTUHZ1Y3VaWlNBVVYz
UmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19keTJuLW0zUXowNlNQdnVjdVpaU0FVVjNSay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzg4RkEvMDQzNUQxNjAwMzQzMTFFRDk4ODQ5NjQwQzRGOUFFMDIvMTIyOTRBQUNC
QzJDMTFFREEzRjk1RjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr5ZgwDQYJKoZIhvcNAQELBQADggEBABjNQt9unqOrhG8L
ykMB1+YZauvMNETN5RIBuWqOBfxQoknzR4+hTRGo2clCXxJhPH6+LfKbUH2yiH5q
D7HhRbKf2vkfFYGZkRx1w2/1PNDFDhOm3U8ZKTgbpsnpYVkzToQpr7sJA1hlvLVd
N9h9raQuUOSxIUNx95ZXVtKjzzP/GFxc6KJx/gtyWEt2Df7o0+TQbmM/dFGnbj6U
+oI5d5bmCkLRbdiMMiscUe3osBrMuXCq4QFZbw0QFdeRbwInip04JBjaGOyxaWbX
/fhKL3mBAtwO/7Fy9vq8oZlnHJJBK69UP9Ir3dW+3jgZmMR8PO7SXk6RRW/ERqkc
00UGBzo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org