Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178CC3/FD5D5B4A7C6411EA951A404DC4F9AE02/500858127C6611EAA47D984FC4F9AE02.roa
File: 500858127C6611EAA47D984FC4F9AE02.roa (raw, json)
Hash identifier: J8wRgZ8jGdDmRpg/3MeQfEoERKRNS1znKeVCaX6ls7k=
Subject key identifier: 57:28:7A:2B:12:63:0D:8E:6A:8D:B6:27:37:D3:3D:20:3B:C7:C7:24
Certificate issuer: /CN=A9178CC3/serialNumber=A5ED1E708CBFDE1BA5A91DD73940E1079BE8A67F
Certificate serial: 0848
Authority key identifier: A5:ED:1E:70:8C:BF:DE:1B:A5:A9:1D:D7:39:40:E1:07:9B:E8:A6:7F
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/pe0ecIy_3hulqR3XOUDhB5vopn8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178CC3/FD5D5B4A7C6411EA951A404DC4F9AE02/500858127C6611EAA47D984FC4F9AE02.roa
Signing time: Fri 24 Mar 2023 00:08:54 +0000
ROA not before: Fri 24 Mar 2023 00:08:54 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 137549
IP address blocks: 80.249.0.0/20 maxlen: 22
80.249.11.0/24 maxlen: 24
80.249.12.0/23 maxlen: 23
80.249.12.0/24 maxlen: 24
80.249.13.0/24 maxlen: 24
80.249.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2120 (0x848)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178CC3/serialNumber=A5ED1E708CBFDE1BA5A91DD73940E1079BE8A67F
Validity
Not Before: Mar 24 00:08:54 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=641cea16-3bac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:79:11:4c:02:75:b2:89:06:02:eb:31:37:ed:
1e:48:02:09:34:0a:41:26:54:01:21:6e:ed:77:37:
a6:1a:77:a5:73:20:ed:29:9c:96:b8:47:13:30:6f:
32:1d:ae:0a:89:d1:b1:85:a7:04:ed:0f:e8:e8:bf:
7d:bf:70:ba:ea:74:9e:04:6b:12:de:81:a5:3e:df:
29:b3:50:01:54:76:c8:36:e1:8a:09:a4:1b:0b:ae:
66:d9:5a:e9:c9:79:4d:2f:74:74:41:66:59:f5:c3:
2c:d7:87:f6:98:3c:c2:e3:c0:c3:9c:1b:75:91:9f:
25:72:19:c4:4d:c1:9c:cd:3d:88:76:d2:28:5a:e6:
9b:e2:6e:ae:98:2a:bc:ef:ee:ff:81:26:6c:00:41:
82:27:e3:48:bc:01:8b:c9:a9:33:07:06:ad:f5:8c:
28:7b:05:b4:0f:0b:c5:e1:f0:0c:66:ce:19:5d:17:
87:36:53:fd:1b:5c:22:44:ab:24:15:08:e7:0d:df:
a8:fc:87:f6:12:b8:69:8d:4f:3e:a1:e7:c5:3d:70:
43:f4:a5:c5:ed:21:0c:d2:39:79:82:78:8b:0e:e9:
3d:3a:8d:bb:77:23:37:3f:68:87:0b:41:e3:84:82:
f1:9f:8d:26:48:a0:5d:30:7f:7f:1b:b3:fb:c1:3d:
85:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:28:7A:2B:12:63:0D:8E:6A:8D:B6:27:37:D3:3D:20:3B:C7:C7:24
X509v3 Authority Key Identifier:
keyid:A5:ED:1E:70:8C:BF:DE:1B:A5:A9:1D:D7:39:40:E1:07:9B:E8:A6:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178CC3/FD5D5B4A7C6411EA951A404DC4F9AE02/pe0ecIy_3hulqR3XOUDhB5vopn8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/pe0ecIy_3hulqR3XOUDhB5vopn8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178CC3/FD5D5B4A7C6411EA951A404DC4F9AE02/500858127C6611EAA47D984FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
80.249.0.0/20
Signature Algorithm: sha256WithRSAEncryption
5e:03:27:6d:f3:84:39:e3:9e:69:6e:3f:49:0b:ae:d5:23:9f:
fa:1a:d9:32:f0:30:39:26:b8:0b:75:d3:7c:0a:c7:ff:a5:fc:
4d:d6:47:62:b5:dd:00:bf:98:14:ba:79:6f:20:8b:33:7d:cf:
04:0a:ee:cb:3c:74:e8:48:7c:b5:c9:2d:02:e0:86:74:62:02:
d8:ba:d7:01:70:26:4e:3b:89:4d:f1:23:b0:f2:70:f9:75:f5:
13:01:a0:4a:24:3d:bd:69:d3:c5:26:fa:81:94:d3:76:26:f9:
3c:44:2f:ef:fd:7e:54:e4:b8:ce:a2:fb:65:9d:29:53:1f:51:
6d:3a:a2:8e:c0:d4:db:45:98:19:ad:55:ab:34:e5:c4:29:0a:
a1:ea:09:40:cb:bf:34:d4:e9:59:36:9d:7d:52:f8:33:75:95:
a1:c0:ac:bc:9e:22:4a:0f:49:27:f9:c4:df:7e:b0:6e:e7:22:
99:46:9a:52:f8:37:aa:3b:b6:68:99:0d:07:e7:f9:15:ff:22:
cd:0a:b2:d7:0f:9a:d7:46:aa:bb:c2:d8:3a:21:70:b6:1c:93:
62:55:c1:e7:96:c1:83:79:c0:27:13:cc:c0:74:8b:bf:3a:7e:
55:3d:3d:95:b7:12:b6:f7:38:87:cb:1f:7d:6c:af:51:d9:55:
c8:ac:ec:aa
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCEgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhDQzMxMTAvBgNVBAUTKEE1RUQxRTcwOENCRkRFMUJBNUE5MURENzM5NDBFMTA3
OUJFOEE2N0YwHhcNMjMwMzI0MDAwODU0WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDFjZWExNi0zYmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy3kRTAJ1sokGAusxN+0eSAIJNApBJlQBIW7tdzemGnelcyDtKZyWuEcTMG8y
Ha4KidGxhacE7Q/o6L99v3C66nSeBGsS3oGlPt8ps1ABVHbINuGKCaQbC65m2Vrp
yXlNL3R0QWZZ9cMs14f2mDzC48DDnBt1kZ8lchnETcGczT2IdtIoWuab4m6umCq8
7+7/gSZsAEGCJ+NIvAGLyakzBwat9YwoewW0DwvF4fAMZs4ZXReHNlP9G1wiRKsk
FQjnDd+o/If2ErhpjU8+oefFPXBD9KXF7SEM0jl5gniLDuk9Oo27dyM3P2iHC0Hj
hILxn40mSKBdMH9/G7P7wT2FaQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFcoeisS
Yw2Oao22JzfTPSA7x8ckMB8GA1UdIwQYMBaAFKXtHnCMv94bpakd1zlA4Qeb6KZ/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OENDMy9GRDVENUI0QTdD
NjQxMUVBOTUxQTQwNERDNEY5QUUwMi9wZTBlY0l5XzNodWxxUjNYT1VEaEI1dm9w
bjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL3BlMGVjSXlfM2h1bHFSM1hPVURoQjV2b3BuOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhDQzMvRkQ1RDVCNEE3QzY0MTFFQTk1MUE0MDREQzRGOUFFMDIvNTAwODU4MTI3
QzY2MTFFQUE0N0Q5ODRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBARQ+QAwDQYJKoZIhvcNAQELBQADggEBAF4DJ23zhDnjnmlu
P0kLrtUjn/oa2TLwMDkmuAt103wKx/+l/E3WR2K13QC/mBS6eW8gizN9zwQK7ss8
dOhIfLXJLQLghnRiAti61wFwJk47iU3xI7DycPl19RMBoEokPb1p08Um+oGU03Ym
+TxEL+/9flTkuM6i+2WdKVMfUW06oo7A1NtFmBmtVas05cQpCqHqCUDLvzTU6Vk2
nX1S+DN1laHArLyeIkoPSSf5xN9+sG7nIplGmlL4N6o7tmiZDQfn+RX/Is0KstcP
mtdGqrvC2DohcLYck2JVweeWwYN5wCcTzMB0i786flU9PZW3Erb3OIfLH31sr1HZ
Vcis7Ko=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org