Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178CC3/E300BC7E7C6411EA951A404DC4F9AE02/18EC0DF85BEB11EDB1FE8E4BC4F9AE02.roa
File: 18EC0DF85BEB11EDB1FE8E4BC4F9AE02.roa (raw, json)
Hash identifier: KqZIY8f9thQ2T/b89PcVGhB+bU7LCjJ2Fv+6vyWko8Q=
Subject key identifier: 33:68:4B:50:CA:F3:B1:D4:C1:2B:75:EE:C0:5C:00:B0:FA:4B:B4:77
Certificate issuer: /CN=A9178CC3/serialNumber=0EBCB71A5C37764D7B7C2520C3976D82F026722B
Certificate serial: 0804
Authority key identifier: 0E:BC:B7:1A:5C:37:76:4D:7B:7C:25:20:C3:97:6D:82:F0:26:72:2B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Dry3Glw3dk17fCUgw5dtgvAmcis.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178CC3/E300BC7E7C6411EA951A404DC4F9AE02/18EC0DF85BEB11EDB1FE8E4BC4F9AE02.roa
Signing time: Fri 04 Nov 2022 02:48:01 +0000
ROA not before: Fri 04 Nov 2022 02:48:01 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 132586
IP address blocks: 202.40.0.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2052 (0x804)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178CC3/serialNumber=0EBCB71A5C37764D7B7C2520C3976D82F026722B
Validity
Not Before: Nov 4 02:48:01 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63647d61-73e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:71:c3:94:d7:97:b3:4b:fb:40:11:26:8f:07:
70:d9:c0:ab:08:53:9e:86:c8:d1:f3:19:f9:bd:ec:
a3:8c:03:fb:4d:05:8d:a7:b5:27:9e:c2:71:2c:de:
fa:15:6e:53:b6:52:a6:8f:96:6a:5d:c7:f7:aa:f2:
dd:b8:0a:a6:3e:0f:49:00:10:a8:ce:8e:74:e2:f5:
1a:54:e2:f3:2d:82:7b:a7:61:c4:f0:cf:e4:19:58:
ad:57:3a:b1:24:05:73:c1:f3:28:68:c6:d7:ab:e8:
2f:b9:79:69:f0:6b:13:ab:37:e4:f3:58:9f:ea:f0:
ef:34:b5:e4:50:bb:26:98:2d:29:4b:3d:25:f4:fb:
70:a9:86:93:5e:72:6a:cc:b6:93:49:4d:85:47:5f:
1b:62:31:23:bf:78:3e:5b:b5:ba:f4:fb:51:1b:a0:
ce:a9:64:51:60:05:70:c9:74:39:12:20:cb:24:28:
0e:e3:9c:fe:4b:d5:28:44:54:f6:22:3d:70:12:bd:
4b:01:00:fe:4b:23:8f:4f:8f:70:e4:2a:9d:fb:af:
1c:c0:66:fe:5e:3c:ae:52:72:a0:ef:1e:63:20:12:
89:95:71:c4:3d:cb:6a:29:b6:64:06:9d:ce:1f:dd:
e4:02:8f:5c:cf:4f:94:26:d4:5a:2c:9a:eb:13:37:
33:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:68:4B:50:CA:F3:B1:D4:C1:2B:75:EE:C0:5C:00:B0:FA:4B:B4:77
X509v3 Authority Key Identifier:
keyid:0E:BC:B7:1A:5C:37:76:4D:7B:7C:25:20:C3:97:6D:82:F0:26:72:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178CC3/E300BC7E7C6411EA951A404DC4F9AE02/Dry3Glw3dk17fCUgw5dtgvAmcis.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Dry3Glw3dk17fCUgw5dtgvAmcis.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178CC3/E300BC7E7C6411EA951A404DC4F9AE02/18EC0DF85BEB11EDB1FE8E4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.40.0.0/22
Signature Algorithm: sha256WithRSAEncryption
44:79:01:0b:74:a6:97:ec:2b:da:13:72:20:83:29:5a:f5:62:
dc:7f:f8:72:8d:33:8e:df:9a:ad:c1:74:50:10:9c:2a:6c:75:
3c:a3:a3:73:77:01:67:b3:f4:c0:cc:ab:fe:9f:51:1b:f0:ea:
8b:e5:f3:9a:b5:8f:d8:a6:d8:d3:9e:ae:e3:29:43:77:33:7e:
b9:a6:ee:4a:58:52:71:f8:10:03:d7:79:d1:bd:97:26:57:72:
47:ca:a7:85:1d:df:c8:72:27:71:cc:71:e3:73:fe:fe:93:11:
c0:49:e7:08:bd:9c:70:6c:79:48:01:1f:10:28:98:31:db:35:
4f:ad:ac:01:df:83:57:82:a8:88:80:90:79:8f:28:0d:3c:48:
b0:4d:7a:cf:0d:6c:8a:98:ab:75:c0:c4:2c:6a:ac:1f:28:c2:
e8:07:f0:0e:78:f2:f7:93:83:36:55:24:82:43:01:d9:85:b7:
44:18:4d:19:f3:76:64:f8:d1:f8:1f:1e:4a:49:e0:84:ae:09:
8e:0e:c7:15:e5:b4:be:fc:79:55:54:95:bf:da:76:a8:41:f1:
1d:40:3a:6e:4b:8f:51:8d:90:10:3e:06:23:e2:93:53:7f:13:
cb:08:47:d9:c9:b3:a7:88:58:ff:3f:62:f3:40:74:93:a0:33:
d1:d4:e3:ae
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCAQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhDQzMxMTAvBgNVBAUTKDBFQkNCNzFBNUMzNzc2NEQ3QjdDMjUyMEMzOTc2RDgy
RjAyNjcyMkIwHhcNMjIxMTA0MDI0ODAxWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzY0N2Q2MS03M2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+HHDlNeXs0v7QBEmjwdw2cCrCFOehsjR8xn5veyjjAP7TQWNp7UnnsJxLN76
FW5TtlKmj5ZqXcf3qvLduAqmPg9JABCozo504vUaVOLzLYJ7p2HE8M/kGVitVzqx
JAVzwfMoaMbXq+gvuXlp8GsTqzfk81if6vDvNLXkULsmmC0pSz0l9PtwqYaTXnJq
zLaTSU2FR18bYjEjv3g+W7W69PtRG6DOqWRRYAVwyXQ5EiDLJCgO45z+S9UoRFT2
Ij1wEr1LAQD+SyOPT49w5Cqd+68cwGb+XjyuUnKg7x5jIBKJlXHEPctqKbZkBp3O
H93kAo9cz0+UJtRaLJrrEzczVwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDNoS1DK
87HUwSt17sBcALD6S7R3MB8GA1UdIwQYMBaAFA68txpcN3ZNe3wlIMOXbYLwJnIr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OENDMy9FMzAwQkM3RTdD
NjQxMUVBOTUxQTQwNERDNEY5QUUwMi9EcnkzR2x3M2RrMTdmQ1VndzVkdGd2QW1j
aXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RyeTNHbHczZGsxN2ZDVWd3NWR0Z3ZBbWNpcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhDQzMvRTMwMEJDN0U3QzY0MTFFQTk1MUE0MDREQzRGOUFFMDIvMThFQzBERjg1
QkVCMTFFREIxRkU4RTRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKKAAwDQYJKoZIhvcNAQELBQADggEBAER5AQt0ppfsK9oT
ciCDKVr1Ytx/+HKNM47fmq3BdFAQnCpsdTyjo3N3AWez9MDMq/6fURvw6ovl85q1
j9im2NOeruMpQ3czfrmm7kpYUnH4EAPXedG9lyZXckfKp4Ud38hyJ3HMceNz/v6T
EcBJ5wi9nHBseUgBHxAomDHbNU+trAHfg1eCqIiAkHmPKA08SLBNes8NbIqYq3XA
xCxqrB8owugH8A548veTgzZVJIJDAdmFt0QYTRnzdmT40fgfHkpJ4ISuCY4OxxXl
tL78eVVUlb/adqhB8R1AOm5Lj1GNkBA+BiPik1N/E8sIR9nJs6eIWP8/YvNAdJOg
M9HU464=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org