Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/4B623C8CD78511EEA090E379C4F9AE02.roa
File: 4B623C8CD78511EEA090E379C4F9AE02.roa (raw, json)
Hash identifier: mv0KszXp5CVKja4nK1pmYH1yWEaEPEaZ0kYP+yQ+Siw=
Subject key identifier: 95:AF:73:D1:43:8C:96:7A:AD:A5:3D:D2:8D:7B:CD:AB:77:8F:D9:7E
Certificate issuer: /CN=A917B6E8/serialNumber=D239928966D8984EA2FA453FC53F9886B5ADCB95
Certificate serial: 01D8
Authority key identifier: D2:39:92:89:66:D8:98:4E:A2:FA:45:3F:C5:3F:98:86:B5:AD:CB:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0jmSiWbYmE6i-kU_xT-YhrWty5U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/4B623C8CD78511EEA090E379C4F9AE02.roa
Signing time: Wed 01 May 2024 05:07:16 +0000
ROA not before: Wed 01 May 2024 05:07:16 +0000
ROA not after: Thu 29 Aug 2024 00:00:00 +0000
asID: 135602
IP address blocks: 103.226.228.0/24 maxlen: 24
103.226.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 472 (0x1d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917B6E8/serialNumber=D239928966D8984EA2FA453FC53F9886B5ADCB95
Validity
Not Before: May 1 05:07:16 2024 GMT
Not After : Aug 29 00:00:00 2024 GMT
Subject: CN=6631ce03-551c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bb:21:e9:c9:4c:b1:6b:87:b4:b0:82:57:61:
1c:38:7e:05:c1:67:4c:70:b3:5f:13:a8:12:bb:09:
a9:f8:2a:85:f5:bf:92:a2:bf:71:ec:78:18:1f:80:
cd:38:0a:8b:fd:b5:d8:3a:3c:b5:ca:70:58:80:f1:
a3:d8:f7:eb:b5:55:ef:db:12:81:63:43:41:f0:01:
ad:26:e4:16:75:c4:8e:78:ae:fb:35:e3:ea:5a:22:
c6:2b:17:f9:3d:96:1e:d8:45:75:c6:81:eb:c0:23:
75:c6:b2:08:17:a2:1b:e8:0d:be:c2:9a:c7:ae:b1:
f0:c4:dd:cb:7b:f5:6a:47:4d:91:cf:c6:63:8e:0c:
1a:cd:c0:8f:be:d0:e6:6d:88:83:96:63:28:89:b9:
72:1e:b1:8d:6c:a9:59:45:10:c1:17:0a:40:85:62:
6c:d2:b8:32:c6:cb:be:6a:65:64:61:cc:f4:2e:98:
b6:2f:85:ed:61:65:a9:ce:71:7b:24:09:70:79:f9:
86:7d:b6:ed:50:1b:a3:51:e0:6d:81:3c:41:1a:d1:
ae:e3:3d:ee:59:a5:04:47:cb:7f:0c:3e:f9:9c:a7:
77:1d:33:cf:ce:2a:62:dc:36:1b:fc:04:58:3f:cc:
9e:75:3f:d3:72:5d:0e:db:86:3f:0e:f9:08:9f:c5:
95:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:AF:73:D1:43:8C:96:7A:AD:A5:3D:D2:8D:7B:CD:AB:77:8F:D9:7E
X509v3 Authority Key Identifier:
keyid:D2:39:92:89:66:D8:98:4E:A2:FA:45:3F:C5:3F:98:86:B5:AD:CB:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/0jmSiWbYmE6i-kU_xT-YhrWty5U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0jmSiWbYmE6i-kU_xT-YhrWty5U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/4B623C8CD78511EEA090E379C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.226.228.0/23
Signature Algorithm: sha256WithRSAEncryption
77:4b:54:84:b7:cc:1c:12:60:f1:af:db:7b:78:0d:10:34:a7:
11:a8:8a:0b:86:0e:9d:48:9b:b9:7b:c9:48:fb:72:ff:2b:1e:
bf:f4:38:b5:d7:63:1f:6c:b8:17:ee:9f:ef:6b:ef:8d:ae:84:
97:9d:94:44:ad:94:21:da:83:bb:1f:ac:9d:56:ca:83:45:74:
5b:68:51:8c:46:1a:cf:c9:01:d6:5d:55:98:9a:31:e9:b5:6d:
19:2d:07:c3:26:46:f9:0a:59:3d:8b:6e:7b:df:0e:60:5d:79:
f9:b8:de:c8:fb:67:02:e2:11:de:b3:85:8e:15:07:10:91:a4:
4d:63:46:23:6b:be:83:d6:e8:46:a2:0c:04:06:93:8b:30:cc:
71:85:08:b0:88:1f:0f:ad:57:e7:c4:37:0e:58:44:87:2c:24:
36:51:85:0f:08:5f:44:bd:4b:d1:60:07:c0:8d:98:05:b0:d3:
10:f7:8f:35:eb:1e:93:45:22:f5:b0:84:1e:04:5e:a5:79:e9:
e5:81:7f:8c:57:3b:43:51:1f:7e:69:e2:d2:bf:dd:75:52:32:
b0:cc:94:63:07:9c:2e:a8:cb:eb:3e:cd:ee:57:25:0f:9e:e5:
5f:9d:53:f8:ff:a3:87:5d:67:81:cf:d2:78:06:ba:ce:34:e9:
2b:ba:e0:7f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0I2RTgxMTAvBgNVBAUTKEQyMzk5Mjg5NjZEODk4NEVBMkZBNDUzRkM1M0Y5ODg2
QjVBRENCOTUwHhcNMjQwNTAxMDUwNzE2WhcNMjQwODI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxY2UwMy01NTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApbsh6clMsWuHtLCCV2EcOH4FwWdMcLNfE6gSuwmp+CqF9b+Sor9x7HgYH4DN
OAqL/bXYOjy1ynBYgPGj2PfrtVXv2xKBY0NB8AGtJuQWdcSOeK77NePqWiLGKxf5
PZYe2EV1xoHrwCN1xrIIF6Ib6A2+wprHrrHwxN3Le/VqR02Rz8ZjjgwazcCPvtDm
bYiDlmMoiblyHrGNbKlZRRDBFwpAhWJs0rgyxsu+amVkYcz0Lpi2L4XtYWWpznF7
JAlwefmGfbbtUBujUeBtgTxBGtGu4z3uWaUER8t/DD75nKd3HTPPzipi3DYb/ARY
P8yedT/Tcl0O24Y/DvkIn8WVJQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJWvc9FD
jJZ6raU90o17zat3j9l+MB8GA1UdIwQYMBaAFNI5kolm2JhOovpFP8U/mIa1rcuV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjZFOC9EOEUwREQzRTAx
REExMUVEQTJBRTE1NDVDNEY5QUUwMi8wam1TaVdiWW1FNmkta1VfeFQtWWhyV3R5
NVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBqbVNpV2JZbUU2aS1rVV94VC1ZaHJXdHk1VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0I2RTgvRDhFMEREM0UwMURBMTFFREEyQUUxNTQ1QzRGOUFFMDIvNEI2MjNDOENE
Nzg1MTFFRUEwOTBFMzc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn4uQwDQYJKoZIhvcNAQELBQADggEBAHdLVIS3zBwSYPGv
23t4DRA0pxGoiguGDp1Im7l7yUj7cv8rHr/0OLXXYx9suBfun+9r742uhJedlESt
lCHag7sfrJ1WyoNFdFtoUYxGGs/JAdZdVZiaMem1bRktB8MmRvkKWT2LbnvfDmBd
efm43sj7ZwLiEd6zhY4VBxCRpE1jRiNrvoPW6EaiDAQGk4swzHGFCLCIHw+tV+fE
Nw5YRIcsJDZRhQ8IX0S9S9FgB8CNmAWw0xD3jzXrHpNFIvWwhB4EXqV56eWBf4xX
O0NRH35p4tK/3XVSMrDMlGMHnC6oy+s+ze5XJQ+e5V+dU/j/o4ddZ4HP0ngGus40
6Su64H8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org