Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91856F6/879F388E869E11EB9A049627C4F9AE02/3EB7EA50B9AC11EE8DAD473AC4F9AE02.roa
File: 3EB7EA50B9AC11EE8DAD473AC4F9AE02.roa (raw, json)
Hash identifier: EOb6nklxEDV/GnEAtQrwzh18t1W5aJlvKLVRib6cjx0=
Subject key identifier: 77:6D:2A:34:FB:C9:C6:AA:CF:FF:FD:3F:A9:4A:1E:8E:3D:E2:A4:F8
Certificate issuer: /CN=A91856F6/serialNumber=3A084422257FF5F179A50ECBFC02EBF725BB9343
Certificate serial: 05B0
Authority key identifier: 3A:08:44:22:25:7F:F5:F1:79:A5:0E:CB:FC:02:EB:F7:25:BB:93:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OghEIiV_9fF5pQ7L_ALr9yW7k0M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91856F6/879F388E869E11EB9A049627C4F9AE02/3EB7EA50B9AC11EE8DAD473AC4F9AE02.roa
Signing time: Tue 23 Jan 2024 04:59:53 +0000
ROA not before: Tue 23 Jan 2024 04:59:53 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 24192
IP address blocks: 103.14.40.0/22 maxlen: 22
103.14.40.0/23 maxlen: 23
103.14.42.0/23 maxlen: 23
103.253.192.0/24 maxlen: 24
103.253.194.0/23 maxlen: 24
202.174.112.0/21 maxlen: 21
2406:1200::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1456 (0x5b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91856F6/serialNumber=3A084422257FF5F179A50ECBFC02EBF725BB9343
Validity
Not Before: Jan 23 04:59:53 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65af47c9-7f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4a:19:9e:90:0a:c5:00:94:a2:73:a3:6f:65:
21:54:db:1e:eb:23:24:4c:52:f0:ce:2a:38:3c:3b:
74:76:db:72:ea:e2:79:d5:16:cb:85:d6:40:e2:f5:
b0:f0:ba:3c:f8:d2:fe:40:32:01:03:86:36:03:af:
8f:45:b8:a5:db:5f:7c:97:08:fc:04:3b:c0:c0:21:
50:32:c0:38:b1:4a:2d:db:1a:13:ee:34:a3:3a:03:
3e:a5:09:d4:1f:48:60:46:c1:1b:b5:cc:c8:c2:d6:
bc:2b:48:b5:2a:1b:7e:c1:a0:48:79:4c:27:d7:37:
22:d0:cb:03:b7:5e:c5:23:85:ff:ea:04:ea:3e:7f:
8e:29:ee:93:b5:ca:4c:f7:c5:3c:b4:74:8c:3c:46:
03:d5:2c:60:09:09:22:6d:8f:41:ea:34:ea:01:70:
90:dc:fb:08:3e:f6:d8:30:93:b5:0b:14:ad:9e:5b:
99:67:b7:25:cf:11:f4:81:65:8d:2e:69:76:d1:d1:
91:69:e0:1b:45:76:2b:2d:79:b6:b2:da:2b:ee:27:
7a:db:7e:6d:ee:92:9d:52:b2:88:9c:99:b7:e9:2b:
63:8a:5f:81:b6:c4:d7:cc:f7:b1:c3:06:17:24:a4:
04:80:5a:cd:c5:04:c1:6c:8f:96:5f:d2:72:43:89:
06:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:6D:2A:34:FB:C9:C6:AA:CF:FF:FD:3F:A9:4A:1E:8E:3D:E2:A4:F8
X509v3 Authority Key Identifier:
keyid:3A:08:44:22:25:7F:F5:F1:79:A5:0E:CB:FC:02:EB:F7:25:BB:93:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91856F6/879F388E869E11EB9A049627C4F9AE02/OghEIiV_9fF5pQ7L_ALr9yW7k0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OghEIiV_9fF5pQ7L_ALr9yW7k0M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91856F6/879F388E869E11EB9A049627C4F9AE02/3EB7EA50B9AC11EE8DAD473AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.14.40.0/22
103.253.192.0/24
103.253.194.0/23
202.174.112.0/21
IPv6:
2406:1200::/32
Signature Algorithm: sha256WithRSAEncryption
5f:29:6f:5c:ed:93:bd:80:d6:be:a9:1a:8f:b4:55:bb:f1:d1:
9a:fe:e6:ae:78:b3:80:d4:fc:9b:b3:e8:14:06:19:5a:b8:a2:
d4:fe:24:e2:f8:21:8a:86:25:a0:b3:ae:2f:7c:95:47:a6:24:
e0:be:19:0b:57:26:c6:70:fa:4a:e6:e0:91:74:83:81:ed:94:
ae:10:f7:48:f9:49:8f:bb:5a:0f:50:17:7b:95:0c:e7:ee:c9:
da:26:b1:bf:96:2e:b7:7c:02:fa:70:9a:97:da:ee:2a:b8:3b:
c6:a2:3e:08:cc:e5:76:87:7e:e8:67:66:d8:fa:96:75:da:a4:
fb:4d:ff:6f:26:cf:4d:90:13:c6:d0:7c:7b:45:a6:c5:92:16:
f4:6d:7f:c2:64:70:db:f0:50:b1:64:16:68:57:a2:a7:a2:e5:
2c:c5:93:84:59:8b:bb:b7:65:7a:c3:64:91:fe:b0:66:ef:47:
b1:b3:ad:0d:29:2d:77:91:52:51:7c:5d:9a:ab:79:70:3d:3e:
77:5e:5a:a1:3a:ed:2e:81:c2:3d:cb:20:08:3c:b8:4f:ba:38:
ba:c2:18:e2:08:bb:e9:aa:2e:75:e6:02:93:0d:22:86:68:fe:
0e:e5:23:b4:bf:0b:8f:f4:87:a2:03:be:ad:f4:c6:8b:78:03:
89:20:19:70
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBbAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODU2RjYxMTAvBgNVBAUTKDNBMDg0NDIyMjU3RkY1RjE3OUE1MEVDQkZDMDJFQkY3
MjVCQjkzNDMwHhcNMjQwMTIzMDQ1OTUzWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWFmNDdjOS03ZjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzkoZnpAKxQCUonOjb2UhVNse6yMkTFLwzio4PDt0dtty6uJ51RbLhdZA4vWw
8Lo8+NL+QDIBA4Y2A6+PRbil2198lwj8BDvAwCFQMsA4sUot2xoT7jSjOgM+pQnU
H0hgRsEbtczIwta8K0i1Kht+waBIeUwn1zci0MsDt17FI4X/6gTqPn+OKe6TtcpM
98U8tHSMPEYD1SxgCQkibY9B6jTqAXCQ3PsIPvbYMJO1CxStnluZZ7clzxH0gWWN
Lml20dGRaeAbRXYrLXm2stor7id6235t7pKdUrKInJm36Stjil+BtsTXzPexwwYX
JKQEgFrNxQTBbI+WX9JyQ4kGxQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFHdtKjT7
ycaqz//9P6lKHo494qT4MB8GA1UdIwQYMBaAFDoIRCIlf/XxeaUOy/wC6/clu5ND
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTZGNi84NzlGMzg4RTg2
OUUxMUVCOUEwNDk2MjdDNEY5QUUwMi9PZ2hFSWlWXzlmRjVwUTdMX0FMcjl5Vzdr
ME0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09naEVJaVZfOWZGNXBRN0xfQUxyOXlXN2swTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODU2RjYvODc5RjM4OEU4NjlFMTFFQjlBMDQ5NjI3QzRGOUFFMDIvM0VCN0VBNTBC
OUFDMTFFRThEQUQ0NzNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJnDigDBABn/cADBAFn/cIDBAPKrnAwDQQCAAIwBwMFACQG
EgAwDQYJKoZIhvcNAQELBQADggEBAF8pb1ztk72A1r6pGo+0Vbvx0Zr+5q54s4DU
/Juz6BQGGVq4otT+JOL4IYqGJaCzri98lUemJOC+GQtXJsZw+krm4JF0g4HtlK4Q
90j5SY+7Wg9QF3uVDOfuydomsb+WLrd8Avpwmpfa7iq4O8aiPgjM5XaHfuhnZtj6
lnXapPtN/28mz02QE8bQfHtFpsWSFvRtf8JkcNvwULFkFmhXoqei5SzFk4RZi7u3
ZXrDZJH+sGbvR7GzrQ0pLXeRUlF8XZqreXA9PndeWqE67S6Bwj3LIAg8uE+6OLrC
GOIIu+mqLnXmApMNIoZo/g7lI7S/C4/0h6IDvq30xot4A4kgGXA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org