Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9185EFE/1E42DE001D7811EDB5585E1EC4F9AE02/F29AA38ED3E111EDA66FCC2AC4F9AE02.roa
File: F29AA38ED3E111EDA66FCC2AC4F9AE02.roa (raw, json)
Hash identifier: 4mepRnw/9dr5WHKW5PJWzQjuL5EdZjmiSdgQzFWaM0M=
Subject key identifier: 1F:4A:D0:84:A7:95:B1:FC:08:53:40:0D:85:92:0D:CE:BC:85:41:C2
Certificate issuer: /CN=A9185EFE/serialNumber=7EE8CE64A7B4005121460AA3BA59443C956E35D0
Certificate serial: 011D
Authority key identifier: 7E:E8:CE:64:A7:B4:00:51:21:46:0A:A3:BA:59:44:3C:95:6E:35:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fujOZKe0AFEhRgqjullEPJVuNdA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9185EFE/1E42DE001D7811EDB5585E1EC4F9AE02/F29AA38ED3E111EDA66FCC2AC4F9AE02.roa
Signing time: Sun 01 Oct 2023 03:44:05 +0000
ROA not before: Sun 01 Oct 2023 03:44:05 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 140682
IP address blocks: 103.141.36.0/24 maxlen: 24
2001:df1:2340::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 285 (0x11d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9185EFE/serialNumber=7EE8CE64A7B4005121460AA3BA59443C956E35D0
Validity
Not Before: Oct 1 03:44:05 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6518eb05-98bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:92:53:93:6a:26:bc:8d:43:91:88:a2:a5:bd:
56:0a:33:92:a2:d5:c7:bd:9c:20:6a:86:b2:fd:fd:
57:10:d0:f7:dd:56:82:99:9b:70:52:c8:7c:4e:7c:
b0:ce:5a:9f:0f:88:3c:df:fb:66:14:0e:7f:e9:2a:
b4:f4:34:75:ef:5e:2d:6b:e5:74:0e:29:3a:13:f1:
45:ef:ea:16:c5:a2:f9:cd:45:c8:91:88:d5:6d:be:
cf:17:47:51:6e:d3:7d:02:ae:ac:8d:b2:c8:8b:6b:
6c:61:be:d5:b1:52:77:e2:98:32:8a:2c:1e:62:28:
fe:fc:ac:68:13:d4:e2:f8:74:51:6a:c6:a9:6a:8f:
38:1a:b8:24:45:d1:13:96:02:66:d3:be:f2:a8:8e:
27:fe:62:70:b5:d1:cc:92:b6:df:28:07:35:8d:a7:
87:70:02:c9:df:f0:5c:d8:71:1e:34:a3:90:60:1e:
94:b1:54:d3:12:9b:62:f5:9e:be:61:d7:a7:51:f5:
6d:ad:4f:a1:d5:c9:b4:2a:fd:67:2e:a7:6a:60:2e:
aa:15:01:26:38:e9:b9:0c:fd:c7:49:74:71:4e:4a:
84:76:98:47:62:f4:89:5e:61:c1:67:89:63:df:64:
28:05:c9:95:a1:31:46:0b:9a:be:a3:ea:e9:fe:70:
42:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:4A:D0:84:A7:95:B1:FC:08:53:40:0D:85:92:0D:CE:BC:85:41:C2
X509v3 Authority Key Identifier:
keyid:7E:E8:CE:64:A7:B4:00:51:21:46:0A:A3:BA:59:44:3C:95:6E:35:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9185EFE/1E42DE001D7811EDB5585E1EC4F9AE02/fujOZKe0AFEhRgqjullEPJVuNdA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fujOZKe0AFEhRgqjullEPJVuNdA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185EFE/1E42DE001D7811EDB5585E1EC4F9AE02/F29AA38ED3E111EDA66FCC2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.141.36.0/24
IPv6:
2001:df1:2340::/48
Signature Algorithm: sha256WithRSAEncryption
90:c9:51:1f:40:a5:0c:9e:cb:b5:6e:1d:34:9f:41:86:a9:6f:
13:bf:33:5a:24:fb:1c:86:b8:b5:c9:7f:03:63:9d:67:e5:fa:
22:1b:69:e7:f9:1d:c6:3e:32:69:2c:b0:f3:ab:90:e0:ab:8d:
bb:5f:2c:17:1b:44:25:93:96:2f:e1:1b:8f:fb:c0:28:9f:63:
f4:74:77:d7:5d:26:3e:82:a1:91:90:77:4a:55:d5:c7:3a:19:
2a:55:7f:86:d8:8e:24:de:3c:21:32:92:42:11:df:ba:17:32:
c1:80:21:ac:08:fe:87:91:f5:7a:63:d8:48:77:d5:c6:25:fe:
3e:84:33:dc:01:e5:7b:5d:29:16:8c:93:04:83:b5:b0:9c:76:
b4:eb:7f:3e:b2:71:1e:10:ba:15:60:17:4a:55:9f:4f:f8:48:
eb:82:c7:81:b8:93:49:1c:f8:3e:0a:7b:43:37:2c:ea:a6:69:
f7:f1:dc:09:28:c2:86:f9:01:37:7f:45:e5:a7:44:12:7d:5f:
11:44:5a:37:51:65:2f:53:42:69:3d:b0:23:71:7e:67:c3:cc:
14:b9:f9:54:3a:5b:9a:b1:76:e4:a7:7e:ee:d0:6c:35:23:a0:
e3:e3:e1:65:ac:b5:30:dd:69:03:1e:ce:51:c4:9b:45:2a:48:
30:86:3a:21
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAR0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODVFRkUxMTAvBgNVBAUTKDdFRThDRTY0QTdCNDAwNTEyMTQ2MEFBM0JBNTk0NDND
OTU2RTM1RDAwHhcNMjMxMDAxMDM0NDA1WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE4ZWIwNS05OGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqJJTk2omvI1DkYiipb1WCjOSotXHvZwgaoay/f1XEND33VaCmZtwUsh8Tnyw
zlqfD4g83/tmFA5/6Sq09DR1714ta+V0Dik6E/FF7+oWxaL5zUXIkYjVbb7PF0dR
btN9Aq6sjbLIi2tsYb7VsVJ34pgyiiweYij+/KxoE9Ti+HRRasapao84GrgkRdET
lgJm077yqI4n/mJwtdHMkrbfKAc1jaeHcALJ3/Bc2HEeNKOQYB6UsVTTEpti9Z6+
YdenUfVtrU+h1cm0Kv1nLqdqYC6qFQEmOOm5DP3HSXRxTkqEdphHYvSJXmHBZ4lj
32QoBcmVoTFGC5q+o+rp/nBCIwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFB9K0ISn
lbH8CFNADYWSDc68hUHCMB8GA1UdIwQYMBaAFH7ozmSntABRIUYKo7pZRDyVbjXQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUVGRS8xRTQyREUwMDFE
NzgxMUVEQjU1ODVFMUVDNEY5QUUwMi9mdWpPWktlMEFGRWhSZ3FqdWxsRVBKVnVO
ZEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Z1ak9aS2UwQUZFaFJncWp1bGxFUEpWdU5kQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODVFRkUvMUU0MkRFMDAxRDc4MTFFREI1NTg1RTFFQzRGOUFFMDIvRjI5QUEzOEVE
M0UxMTFFREE2NkZDQzJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnjSQwDwQCAAIwCQMHACABDfEjQDANBgkqhkiG9w0BAQsF
AAOCAQEAkMlRH0ClDJ7LtW4dNJ9BhqlvE78zWiT7HIa4tcl/A2OdZ+X6Ihtp5/kd
xj4yaSyw86uQ4KuNu18sFxtEJZOWL+Ebj/vAKJ9j9HR3110mPoKhkZB3SlXVxzoZ
KlV/htiOJN48ITKSQhHfuhcywYAhrAj+h5H1emPYSHfVxiX+PoQz3AHle10pFoyT
BIO1sJx2tOt/PrJxHhC6FWAXSlWfT/hI64LHgbiTSRz4Pgp7Qzcs6qZp9/HcCSjC
hvkBN39F5adEEn1fEURaN1FlL1NCaT2wI3F+Z8PMFLn5VDpbmrF25Kd+7tBsNSOg
4+PhZay1MN1pAx7OUcSbRSpIMIY6IQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org