Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/D2B0A0F801DE11ED8236F073C4F9AE02.roa
File: D2B0A0F801DE11ED8236F073C4F9AE02.roa (raw, json)
Hash identifier: Tp/PA26VasuD2wxS51VOacKDpoYgQswL2NxuV7g5wmg=
Subject key identifier: 9C:1B:E8:2D:2C:94:D2:69:6A:52:1D:31:ED:27:69:4B:78:3A:24:6E
Certificate issuer: /CN=A917B6E8/serialNumber=D239928966D8984EA2FA453FC53F9886B5ADCB95
Certificate serial: 010A
Authority key identifier: D2:39:92:89:66:D8:98:4E:A2:FA:45:3F:C5:3F:98:86:B5:AD:CB:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0jmSiWbYmE6i-kU_xT-YhrWty5U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/D2B0A0F801DE11ED8236F073C4F9AE02.roa
Signing time: Fri 07 Apr 2023 05:45:57 +0000
ROA not before: Fri 07 Apr 2023 05:45:57 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 59329
IP address blocks: 103.226.228.0/24 maxlen: 24
103.226.229.0/24 maxlen: 24
103.226.230.0/24 maxlen: 24
103.226.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 266 (0x10a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917B6E8/serialNumber=D239928966D8984EA2FA453FC53F9886B5ADCB95
Validity
Not Before: Apr 7 05:45:57 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=642fae15-6c53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:84:23:1f:9a:57:67:f8:d6:49:33:1c:d8:c0:
74:29:f6:b4:c9:be:7e:a3:90:8d:d0:92:e0:60:e7:
2d:d4:9d:db:a9:6f:72:4a:d7:4b:c6:8e:61:b9:14:
73:62:70:26:91:93:3d:28:22:2a:be:1f:e4:80:87:
60:c2:1c:97:63:fa:9a:d6:9e:5b:25:7b:76:e7:5a:
f2:c6:1f:93:36:f1:48:e6:e3:d3:90:c7:0e:04:6b:
52:c5:6f:71:2e:b2:b1:cd:c6:53:bf:d9:eb:09:33:
b4:a6:8c:9e:6f:e4:0a:e2:fb:29:8b:41:2e:86:0f:
33:f1:8d:00:27:06:46:ac:5f:94:ec:f3:7e:09:9c:
6b:f6:25:9b:80:f5:43:26:ca:7d:34:4c:c3:15:61:
ec:59:c1:d6:ff:f0:ef:b0:cc:cd:ba:ec:a2:b6:86:
6a:13:d6:c3:eb:42:fa:d2:61:6c:62:d2:f5:ba:30:
d0:36:3d:8c:00:c1:65:a9:9b:e5:03:5c:23:4a:f9:
f0:e3:9e:38:a4:3c:60:9d:9e:8f:72:d3:69:30:75:
9d:d2:c6:1c:5f:a4:ae:27:71:69:25:68:52:15:a9:
c5:d3:43:49:0e:de:d1:84:36:c4:26:ee:e9:7d:be:
22:fc:b3:b4:de:86:17:68:95:ec:10:ec:0d:fc:f5:
97:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:1B:E8:2D:2C:94:D2:69:6A:52:1D:31:ED:27:69:4B:78:3A:24:6E
X509v3 Authority Key Identifier:
keyid:D2:39:92:89:66:D8:98:4E:A2:FA:45:3F:C5:3F:98:86:B5:AD:CB:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/0jmSiWbYmE6i-kU_xT-YhrWty5U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0jmSiWbYmE6i-kU_xT-YhrWty5U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/D2B0A0F801DE11ED8236F073C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.226.228.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:74:b6:b1:17:f6:14:d4:e4:76:26:2a:b0:a0:8c:63:0e:3f:
0c:e4:34:7f:61:5a:a3:ee:f8:11:62:6c:db:9b:d8:88:ca:87:
b4:24:0f:cc:35:db:05:5b:ff:52:03:10:b5:65:1f:aa:05:d1:
a3:55:2c:8e:13:af:a7:91:40:5c:15:cc:f2:2c:bb:4c:28:ed:
43:28:d1:cd:ba:28:78:b5:c8:74:6c:f1:53:c5:87:28:bb:84:
4a:e2:42:72:1d:3e:59:a9:ef:f3:e7:25:87:a3:97:99:c5:65:
b7:57:ab:55:e1:82:36:f7:85:d8:9d:69:78:8b:d3:94:08:b2:
85:aa:ca:0b:a4:06:08:1f:fa:e0:fd:89:10:bc:f2:c2:81:e8:
87:34:23:29:7f:f0:13:3a:c8:a1:df:25:23:c0:c7:10:fc:90:
ee:b1:f5:d4:a4:14:77:7c:8e:1f:0c:51:d2:7c:d7:32:fc:d2:
bd:1c:e3:b9:1f:58:1b:a5:d3:5a:a4:4c:b7:86:48:54:45:4c:
f8:70:89:4f:e5:4d:f9:7d:fa:29:10:2c:31:91:8b:d2:2a:aa:
c7:95:0a:28:3c:fa:49:bf:d5:69:72:bb:c6:2b:f1:f3:39:c0:
e2:af:1c:e6:56:de:49:16:f7:18:f4:6a:dd:12:2d:d4:10:60:
f5:34:94:c8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0I2RTgxMTAvBgNVBAUTKEQyMzk5Mjg5NjZEODk4NEVBMkZBNDUzRkM1M0Y5ODg2
QjVBRENCOTUwHhcNMjMwNDA3MDU0NTU3WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJmYWUxNS02YzUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqYQjH5pXZ/jWSTMc2MB0Kfa0yb5+o5CN0JLgYOct1J3bqW9yStdLxo5huRRz
YnAmkZM9KCIqvh/kgIdgwhyXY/qa1p5bJXt251ryxh+TNvFI5uPTkMcOBGtSxW9x
LrKxzcZTv9nrCTO0poyeb+QK4vspi0Euhg8z8Y0AJwZGrF+U7PN+CZxr9iWbgPVD
Jsp9NEzDFWHsWcHW//DvsMzNuuyitoZqE9bD60L60mFsYtL1ujDQNj2MAMFlqZvl
A1wjSvnw4544pDxgnZ6PctNpMHWd0sYcX6SuJ3FpJWhSFanF00NJDt7RhDbEJu7p
fb4i/LO03oYXaJXsEOwN/PWXrwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJwb6C0s
lNJpalIdMe0naUt4OiRuMB8GA1UdIwQYMBaAFNI5kolm2JhOovpFP8U/mIa1rcuV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjZFOC9EOEUwREQzRTAx
REExMUVEQTJBRTE1NDVDNEY5QUUwMi8wam1TaVdiWW1FNmkta1VfeFQtWWhyV3R5
NVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBqbVNpV2JZbUU2aS1rVV94VC1ZaHJXdHk1VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0I2RTgvRDhFMEREM0UwMURBMTFFREEyQUUxNTQ1QzRGOUFFMDIvRDJCMEEwRjgw
MURFMTFFRDgyMzZGMDczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn4uQwDQYJKoZIhvcNAQELBQADggEBAJ10trEX9hTU5HYm
KrCgjGMOPwzkNH9hWqPu+BFibNub2IjKh7QkD8w12wVb/1IDELVlH6oF0aNVLI4T
r6eRQFwVzPIsu0wo7UMo0c26KHi1yHRs8VPFhyi7hEriQnIdPlmp7/PnJYejl5nF
ZbdXq1Xhgjb3hdidaXiL05QIsoWqygukBggf+uD9iRC88sKB6Ic0Iyl/8BM6yKHf
JSPAxxD8kO6x9dSkFHd8jh8MUdJ81zL80r0c47kfWBul01qkTLeGSFRFTPhwiU/l
Tfl9+ikQLDGRi9IqqseVCig8+km/1Wlyu8Yr8fM5wOKvHOZW3kkW9xj0at0SLdQQ
YPU0lMg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org