Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917EA0F/30C46C32FCB511EA82B5EC0BC4F9AE02/E31FD938FCB611EA9B245911C4F9AE02.roa
File: E31FD938FCB611EA9B245911C4F9AE02.roa (raw, json)
Hash identifier: djdXqQaRLlCMxSp+AHDnkVD6gcek1i6vSJH7bur6pz0=
Subject key identifier: AA:AB:F5:90:DD:91:42:60:DF:37:B2:73:45:50:4F:F8:75:5C:D5:3A
Certificate issuer: /CN=A917EA0F/serialNumber=B6A07A52DDDA2E139D1D1B265686D6CEB1B65D4E
Certificate serial: 05DF
Authority key identifier: B6:A0:7A:52:DD:DA:2E:13:9D:1D:1B:26:56:86:D6:CE:B1:B6:5D:4E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tqB6Ut3aLhOdHRsmVobWzrG2XU4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917EA0F/30C46C32FCB511EA82B5EC0BC4F9AE02/E31FD938FCB611EA9B245911C4F9AE02.roa
Signing time: Mon 14 Nov 2022 23:49:40 +0000
ROA not before: Mon 14 Nov 2022 23:49:40 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 55699
IP address blocks: 45.127.204.0/22 maxlen: 22
103.78.216.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1503 (0x5df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917EA0F/serialNumber=B6A07A52DDDA2E139D1D1B265686D6CEB1B65D4E
Validity
Not Before: Nov 14 23:49:40 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6372d414-f4f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5d:1e:e4:a2:d2:bb:17:dc:f9:2c:76:b2:30:
c7:99:d9:b2:8b:c8:45:a7:ab:52:ba:b0:3d:2c:90:
d9:2b:bf:f0:ce:7a:83:da:db:61:30:7a:f4:0c:eb:
fc:7b:0c:51:78:8b:41:9e:02:9f:50:01:7f:ec:88:
61:a6:34:fe:ae:22:2e:dd:84:db:6a:f3:84:d9:87:
10:09:dc:a3:5a:d6:ab:08:27:75:1a:6a:52:97:22:
c8:1e:fc:4e:75:25:3f:c0:5b:57:25:0d:e1:8d:63:
82:25:66:a2:e3:7c:1e:d6:60:c8:0d:d8:45:f9:3d:
31:ef:44:0c:28:16:fa:cd:2e:4f:6a:fd:e8:d7:57:
0f:04:6e:09:8b:7c:be:76:7d:f8:a0:a4:5f:89:2b:
f4:ee:93:32:f8:4b:64:89:76:88:fd:46:79:f2:2e:
56:4e:48:9b:3b:bf:e8:03:c2:c5:1d:ad:de:4a:50:
e6:07:bd:57:65:40:3a:a2:ba:8f:f1:7e:b0:6f:f1:
40:9e:c3:29:a2:f2:26:0d:d6:80:19:8c:cb:cf:5c:
6c:ab:31:f1:0e:aa:41:46:5d:99:a1:4b:21:9c:ef:
a2:c5:61:1e:de:fd:c2:c9:7d:70:68:93:3e:cf:de:
99:ef:ca:61:07:ac:ce:56:dd:58:63:fe:61:98:c2:
5d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:AB:F5:90:DD:91:42:60:DF:37:B2:73:45:50:4F:F8:75:5C:D5:3A
X509v3 Authority Key Identifier:
keyid:B6:A0:7A:52:DD:DA:2E:13:9D:1D:1B:26:56:86:D6:CE:B1:B6:5D:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917EA0F/30C46C32FCB511EA82B5EC0BC4F9AE02/tqB6Ut3aLhOdHRsmVobWzrG2XU4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tqB6Ut3aLhOdHRsmVobWzrG2XU4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917EA0F/30C46C32FCB511EA82B5EC0BC4F9AE02/E31FD938FCB611EA9B245911C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.127.204.0/22
103.78.216.0/22
Signature Algorithm: sha256WithRSAEncryption
50:b5:0b:25:9f:07:74:df:f5:49:8f:29:46:ee:35:45:e2:df:
5e:85:56:5d:8b:4f:5c:4f:73:0e:d3:32:de:48:9e:55:5e:ce:
e6:06:2b:4d:9b:7f:b8:d4:3a:47:ef:50:d7:16:f3:9b:b1:dd:
1f:bb:d9:a7:d8:96:d6:ba:96:7f:3f:9f:2a:62:3f:bf:3a:d2:
33:6b:ca:72:79:1a:e8:75:88:53:4d:dd:3e:78:ad:59:7d:d8:
e4:77:b1:2b:71:26:ba:2f:27:de:ed:26:00:34:a0:0d:59:d5:
70:73:33:f1:97:0a:96:b0:46:5d:80:dd:50:4b:36:d5:3c:e9:
57:87:fc:1c:d8:84:4f:a8:97:1e:fa:24:ee:ff:9b:e3:58:5c:
c7:2b:23:2f:7d:5f:99:7a:39:12:3c:b6:59:01:a6:84:72:5a:
7b:58:71:bc:09:ce:ea:d3:a4:59:0c:12:60:21:73:93:e6:af:
08:73:7a:29:56:9d:51:8f:51:1b:24:06:68:a7:e6:c9:48:f8:
22:9a:3f:bd:b5:7b:56:2d:20:dc:c4:7a:c3:69:9e:a8:c7:c9:
e0:59:8a:4c:5a:35:01:aa:dd:10:f8:bd:eb:8e:c9:f7:86:7b:
0e:dc:30:bf:32:e6:6a:f8:8d:30:ce:fc:6e:5f:83:17:4f:c3:
f0:c0:6f:c7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBd8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VBMEYxMTAvBgNVBAUTKEI2QTA3QTUyREREQTJFMTM5RDFEMUIyNjU2ODZENkNF
QjFCNjVENEUwHhcNMjIxMTE0MjM0OTQwWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzcyZDQxNC1mNGY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu10e5KLSuxfc+Sx2sjDHmdmyi8hFp6tSurA9LJDZK7/wznqD2tthMHr0DOv8
ewxReItBngKfUAF/7IhhpjT+riIu3YTbavOE2YcQCdyjWtarCCd1GmpSlyLIHvxO
dSU/wFtXJQ3hjWOCJWai43we1mDIDdhF+T0x70QMKBb6zS5Pav3o11cPBG4Ji3y+
dn34oKRfiSv07pMy+EtkiXaI/UZ58i5WTkibO7/oA8LFHa3eSlDmB71XZUA6orqP
8X6wb/FAnsMpovImDdaAGYzLz1xsqzHxDqpBRl2ZoUshnO+ixWEe3v3CyX1waJM+
z96Z78phB6zOVt1YY/5hmMJdmwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKqr9ZDd
kUJg3zeyc0VQT/h1XNU6MB8GA1UdIwQYMBaAFLagelLd2i4TnR0bJlaG1s6xtl1O
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUEwRi8zMEM0NkMzMkZD
QjUxMUVBODJCNUVDMEJDNEY5QUUwMi90cUI2VXQzYUxoT2RIUnNtVm9iV3pyRzJY
VTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RxQjZVdDNhTGhPZEhSc21Wb2JXenJHMlhVNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VBMEYvMzBDNDZDMzJGQ0I1MTFFQTgyQjVFQzBCQzRGOUFFMDIvRTMxRkQ5MzhG
Q0I2MTFFQTlCMjQ1OTExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAItf8wDBAJnTtgwDQYJKoZIhvcNAQELBQADggEBAFC1CyWf
B3Tf9UmPKUbuNUXi316FVl2LT1xPcw7TMt5InlVezuYGK02bf7jUOkfvUNcW85ux
3R+72afYlta6ln8/nypiP7860jNrynJ5Guh1iFNN3T54rVl92OR3sStxJrovJ97t
JgA0oA1Z1XBzM/GXCpawRl2A3VBLNtU86VeH/BzYhE+olx76JO7/m+NYXMcrIy99
X5l6ORI8tlkBpoRyWntYcbwJzurTpFkMEmAhc5PmrwhzeilWnVGPURskBmin5slI
+CKaP721e1YtINzEesNpnqjHyeBZikxaNQGq3RD4veuOyfeGew7cML8y5mr4jTDO
/G5fgxdPw/DAb8c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-ams.rpki-client.org