Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/7DDA2328DC4E11EEAF4DE453C4F9AE02.roa
File: 7DDA2328DC4E11EEAF4DE453C4F9AE02.roa (raw, json)
Hash identifier: ok/y6I+Avhtzg9EkxBA6Ud72VeGrN4nAvwer3vKiokU=
Subject key identifier: 3A:A8:B6:67:69:CC:1B:6A:F2:96:56:F1:32:C4:EE:DF:47:8E:EA:13
Certificate issuer: /CN=A9184D71/serialNumber=DDF9FDA94BBA359A37E0DBB007571AFF3E5117A2
Certificate serial: 17B0
Authority key identifier: DD:F9:FD:A9:4B:BA:35:9A:37:E0:DB:B0:07:57:1A:FF:3E:51:17:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fn9qUu6NZo34NuwB1ca_z5RF6I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/7DDA2328DC4E11EEAF4DE453C4F9AE02.roa
Signing time: Thu 07 Mar 2024 06:46:57 +0000
ROA not before: Thu 07 Mar 2024 06:46:57 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 38001
IP address blocks: 45.119.200.0/24 maxlen: 24
45.119.201.0/24 maxlen: 24
45.119.202.0/24 maxlen: 24
103.60.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6064 (0x17b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9184D71/serialNumber=DDF9FDA94BBA359A37E0DBB007571AFF3E5117A2
Validity
Not Before: Mar 7 06:46:57 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65e962e1-06ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:fc:64:19:0a:eb:ef:e9:6d:16:14:c2:25:bb:
7e:b8:87:1a:b7:3f:50:6f:dd:d6:b6:67:c6:86:10:
22:c6:55:76:da:84:3c:13:54:e0:8d:52:0b:ff:14:
6a:38:cd:c0:a2:47:1d:5f:34:06:d1:7c:df:7d:ac:
4f:6e:5f:41:d7:f7:61:03:22:39:47:6e:b6:01:47:
61:8e:c3:62:2f:bf:3a:c4:4c:cd:ee:68:96:40:dd:
2a:39:a0:22:ee:b5:e0:0d:d5:6c:6f:79:8a:48:ae:
ca:d4:63:0d:68:f7:69:64:10:61:6e:a8:cc:fb:ee:
53:81:5d:dd:9c:49:ec:31:d5:ee:dd:21:52:ba:2b:
d3:64:f3:63:62:df:c1:16:ae:1b:ba:1b:cc:b0:b9:
5e:41:90:01:e5:b7:b8:61:04:b2:a5:3f:d8:d8:9a:
1e:5f:ff:9a:e6:89:06:1a:39:2b:32:58:1e:1b:fd:
30:c2:33:90:79:ed:f8:84:98:61:7b:7e:e7:fa:20:
79:fb:91:28:b9:e8:3e:38:79:93:d9:f7:59:30:e9:
42:46:5e:83:9f:13:f0:7a:96:b8:c6:2e:1b:1f:31:
0e:a8:af:5c:a8:5f:1b:b1:55:03:bd:a3:16:09:12:
27:e3:64:53:b0:7e:24:4b:5c:5b:9e:53:a5:53:de:
b9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A8:B6:67:69:CC:1B:6A:F2:96:56:F1:32:C4:EE:DF:47:8E:EA:13
X509v3 Authority Key Identifier:
keyid:DD:F9:FD:A9:4B:BA:35:9A:37:E0:DB:B0:07:57:1A:FF:3E:51:17:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/3fn9qUu6NZo34NuwB1ca_z5RF6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fn9qUu6NZo34NuwB1ca_z5RF6I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/7DDA2328DC4E11EEAF4DE453C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.119.200.0-45.119.202.255
103.60.8.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:d0:38:0f:c4:80:2b:c0:b5:f3:ad:01:5b:dc:af:4e:82:cc:
6b:1f:4d:c6:06:8f:3c:2b:8d:4d:e8:55:cd:dc:83:c1:58:81:
b4:4e:d6:74:d5:99:10:f8:ae:e2:01:18:a6:b5:dc:d9:5f:e9:
0f:9b:2f:f6:da:38:f5:19:bf:b1:e6:2d:5b:f7:89:10:95:64:
20:c0:db:ae:d0:d3:68:58:0d:20:b7:0a:c3:dc:2c:ad:ae:6f:
9d:28:f7:dd:91:3f:29:42:dc:97:a9:8d:b8:9a:16:ef:69:01:
19:c0:b7:86:66:aa:c7:40:00:bf:85:2e:92:d7:e4:99:e4:9b:
fa:28:c5:ff:34:0a:52:ff:d8:cb:aa:97:5c:5b:ed:82:09:d4:
74:1d:c2:3d:09:32:50:29:72:71:0f:e2:bf:da:5e:4f:7c:36:
40:43:02:5c:fd:5c:aa:07:24:29:40:95:a2:99:ad:8f:60:04:
a2:b4:32:cf:f4:31:16:5a:bc:dc:4c:5c:ac:6a:6d:5a:08:51:
8f:ad:6e:36:ec:01:31:79:fc:3d:dc:b8:67:bb:96:72:e6:f5:
16:32:d6:86:22:13:74:01:d0:59:e9:52:39:25:d7:ff:35:d3:
32:fb:aa:e5:21:bf:6a:52:3c:47:26:be:13:88:9d:8c:fb:19:
69:c6:a6:af
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICF7AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODRENzExMTAvBgNVBAUTKERERjlGREE5NEJCQTM1OUEzN0UwREJCMDA3NTcxQUZG
M0U1MTE3QTIwHhcNMjQwMzA3MDY0NjU3WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWU5NjJlMS0wNmFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1fxkGQrr7+ltFhTCJbt+uIcatz9Qb93WtmfGhhAixlV22oQ8E1TgjVIL/xRq
OM3AokcdXzQG0XzffaxPbl9B1/dhAyI5R262AUdhjsNiL786xEzN7miWQN0qOaAi
7rXgDdVsb3mKSK7K1GMNaPdpZBBhbqjM++5TgV3dnEnsMdXu3SFSuivTZPNjYt/B
Fq4buhvMsLleQZAB5be4YQSypT/Y2JoeX/+a5okGGjkrMlgeG/0wwjOQee34hJhh
e37n+iB5+5Eoueg+OHmT2fdZMOlCRl6DnxPwepa4xi4bHzEOqK9cqF8bsVUDvaMW
CRIn42RTsH4kS1xbnlOlU965JQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFDqotmdp
zBtq8pZW8TLE7t9HjuoTMB8GA1UdIwQYMBaAFN35/alLujWaN+DbsAdXGv8+URei
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NEQ3MS85ODNBMEM5RTlE
MUYxMUU3ODc2RTY2MTFDNEY5QUUwMi8zZm45cVV1Nk5abzM0TnV3QjFjYV96NVJG
NkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNmbjlxVXU2TlpvMzROdXdCMWNhX3o1UkY2SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODRENzEvOTgzQTBDOUU5RDFGMTFFNzg3NkU2NjExQzRGOUFFMDIvN0REQTIzMjhE
QzRFMTFFRUFGNERFNDUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAy13yAMEAC13ygMEAGc8CDANBgkqhkiG9w0BAQsFAAOC
AQEA1tA4D8SAK8C1860BW9yvToLMax9NxgaPPCuNTehVzdyDwViBtE7WdNWZEPiu
4gEYprXc2V/pD5sv9to49Rm/seYtW/eJEJVkIMDbrtDTaFgNILcKw9wsra5vnSj3
3ZE/KULcl6mNuJoW72kBGcC3hmaqx0AAv4UuktfkmeSb+ijF/zQKUv/Yy6qXXFvt
ggnUdB3CPQkyUClycQ/iv9peT3w2QEMCXP1cqgckKUCVopmtj2AEorQyz/QxFlq8
3ExcrGptWghRj61uNuwBMXn8Pdy4Z7uWcub1FjLWhiITdAHQWelSOSXX/zXTMvuq
5SG/alI8Rya+E4idjPsZacamrw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org