Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/D1F05CEE01DE11ED8236F073C4F9AE02.roa
File: D1F05CEE01DE11ED8236F073C4F9AE02.roa (raw, json)
Hash identifier: CGOdsLX63T/A1hnNFNkhj2nDxfNDLdxk8s6ZwbLj6EA=
Subject key identifier: BF:E2:84:63:2E:F0:4E:6C:EF:68:5B:41:FC:EF:48:AA:88:64:C6:6C
Certificate issuer: /CN=A917B6E8/serialNumber=D239928966D8984EA2FA453FC53F9886B5ADCB95
Certificate serial: 0109
Authority key identifier: D2:39:92:89:66:D8:98:4E:A2:FA:45:3F:C5:3F:98:86:B5:AD:CB:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0jmSiWbYmE6i-kU_xT-YhrWty5U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/D1F05CEE01DE11ED8236F073C4F9AE02.roa
Signing time: Fri 07 Apr 2023 05:45:56 +0000
ROA not before: Fri 07 Apr 2023 05:45:56 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 17483
IP address blocks: 103.226.230.0/24 maxlen: 24
103.226.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 265 (0x109)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917B6E8/serialNumber=D239928966D8984EA2FA453FC53F9886B5ADCB95
Validity
Not Before: Apr 7 05:45:56 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=642fae14-086c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1a:69:9b:78:53:15:7f:66:f1:87:f6:fe:8d:
4f:e8:a9:99:99:32:d2:8d:f2:7a:e8:d8:fd:eb:81:
1f:e5:2c:2c:48:eb:4b:8d:56:40:fb:95:0a:78:99:
4a:82:d5:26:16:dd:33:5c:84:5b:c4:9f:61:e7:63:
2b:be:69:46:4a:68:2d:70:34:0b:1d:dc:ef:dd:c2:
b9:41:bd:63:79:a9:6e:56:63:a3:b7:9c:6f:1f:6f:
ea:dd:64:c4:36:cc:1d:4b:1d:de:a1:67:92:17:19:
33:aa:9f:c2:f2:be:ac:49:2a:e3:39:ab:7b:0a:fc:
bf:aa:05:cb:ca:4a:3b:6b:fe:3f:b1:39:96:90:f3:
0a:ed:0a:e4:e3:6a:9b:62:49:49:d7:9c:28:bd:47:
28:de:32:e7:40:90:39:7b:02:f4:86:0c:38:3b:67:
c7:3d:5d:63:95:64:b5:7b:9b:3f:f3:f7:70:50:67:
d0:39:3e:59:4d:3a:d4:ec:f2:a1:e1:86:0e:ea:94:
d2:08:0b:62:6f:16:e6:91:49:5b:fb:f2:d9:83:cd:
19:2f:58:a1:61:b4:73:db:54:ef:00:2c:21:6f:d5:
48:b5:b2:72:3e:bb:2e:1f:31:4a:2c:c1:9a:4e:af:
12:d4:10:04:49:1c:84:41:cc:01:47:02:a8:d6:e5:
e6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:E2:84:63:2E:F0:4E:6C:EF:68:5B:41:FC:EF:48:AA:88:64:C6:6C
X509v3 Authority Key Identifier:
keyid:D2:39:92:89:66:D8:98:4E:A2:FA:45:3F:C5:3F:98:86:B5:AD:CB:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/0jmSiWbYmE6i-kU_xT-YhrWty5U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0jmSiWbYmE6i-kU_xT-YhrWty5U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/D1F05CEE01DE11ED8236F073C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.226.230.0/23
Signature Algorithm: sha256WithRSAEncryption
60:97:fe:d8:8d:9b:78:24:9a:01:ee:4d:d8:7d:0b:f1:11:8b:
13:e0:c4:78:3f:7a:82:d5:b8:28:72:7a:ae:77:6f:29:fc:d4:
26:03:e7:24:8a:7f:85:d1:87:52:87:f5:86:16:7a:d2:e0:ff:
f8:7b:dc:f8:d2:2e:3b:e8:35:3e:7f:a3:bc:36:fa:3c:68:fb:
a2:7e:a0:ce:ed:7b:12:1a:aa:b3:8d:78:0f:ce:c9:ae:62:85:
24:01:b8:6f:1d:ed:4f:b5:c2:66:3f:34:1c:15:aa:9e:f8:d7:
09:15:d8:32:cd:40:64:33:08:f1:bd:0a:b5:a5:ad:4a:fc:af:
9d:bf:a5:07:de:06:fe:66:98:de:15:a7:b9:7e:cf:ab:70:d4:
da:0b:fd:90:22:b6:a9:cc:ce:28:63:c6:ca:5a:af:b6:fe:eb:
67:18:6d:97:c9:e9:c4:f3:fc:32:a7:3a:b7:1c:7c:0d:48:11:
57:1f:5d:9d:bb:99:af:10:79:5f:d6:6a:9d:c8:b1:f8:c9:a0:
a8:7a:12:ee:a0:9c:ac:91:b4:a6:94:d0:f3:4f:ce:27:fa:e6:
b9:6c:1a:8a:12:ef:0b:fa:37:55:55:65:67:c9:10:32:da:4f:
d2:5e:89:98:a0:43:67:aa:5e:63:d2:9b:c3:c7:7d:12:6a:26:
39:ce:79:aa
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAQkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0I2RTgxMTAvBgNVBAUTKEQyMzk5Mjg5NjZEODk4NEVBMkZBNDUzRkM1M0Y5ODg2
QjVBRENCOTUwHhcNMjMwNDA3MDU0NTU2WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJmYWUxNC0wODZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxRppm3hTFX9m8Yf2/o1P6KmZmTLSjfJ66Nj964Ef5SwsSOtLjVZA+5UKeJlK
gtUmFt0zXIRbxJ9h52MrvmlGSmgtcDQLHdzv3cK5Qb1jealuVmOjt5xvH2/q3WTE
NswdSx3eoWeSFxkzqp/C8r6sSSrjOat7Cvy/qgXLyko7a/4/sTmWkPMK7Qrk42qb
YklJ15wovUco3jLnQJA5ewL0hgw4O2fHPV1jlWS1e5s/8/dwUGfQOT5ZTTrU7PKh
4YYO6pTSCAtibxbmkUlb+/LZg80ZL1ihYbRz21TvACwhb9VItbJyPrsuHzFKLMGa
Tq8S1BAESRyEQcwBRwKo1uXmvwIDAQABo4IClTCCApEwHQYDVR0OBBYEFL/ihGMu
8E5s72hbQfzvSKqIZMZsMB8GA1UdIwQYMBaAFNI5kolm2JhOovpFP8U/mIa1rcuV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjZFOC9EOEUwREQzRTAx
REExMUVEQTJBRTE1NDVDNEY5QUUwMi8wam1TaVdiWW1FNmkta1VfeFQtWWhyV3R5
NVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBqbVNpV2JZbUU2aS1rVV94VC1ZaHJXdHk1VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0I2RTgvRDhFMEREM0UwMURBMTFFREEyQUUxNTQ1QzRGOUFFMDIvRDFGMDVDRUUw
MURFMTFFRDgyMzZGMDczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn4uYwDQYJKoZIhvcNAQELBQADggEBAGCX/tiNm3gkmgHu
Tdh9C/ERixPgxHg/eoLVuChyeq53byn81CYD5ySKf4XRh1KH9YYWetLg//h73PjS
LjvoNT5/o7w2+jxo+6J+oM7texIaqrONeA/Oya5ihSQBuG8d7U+1wmY/NBwVqp74
1wkV2DLNQGQzCPG9CrWlrUr8r52/pQfeBv5mmN4Vp7l+z6tw1NoL/ZAitqnMzihj
xspar7b+62cYbZfJ6cTz/DKnOrccfA1IEVcfXZ27ma8QeV/Wap3IsfjJoKh6Eu6g
nKyRtKaU0PNPzif65rlsGooS7wv6N1VVZWfJEDLaT9JeiZigQ2eqXmPSm8PHfRJq
JjnOeao=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org