Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918806F/B21E0C986F4A11E8B627496CC4F9AE02/2E798FCCB3EE11E9A813740DC4F9AE02.roa
File: 2E798FCCB3EE11E9A813740DC4F9AE02.roa (raw, json)
Hash identifier: KTJCoP9WGvyimRriZrhBfkGqmkj8/9kSHfe+DNckGPc=
Subject key identifier: 05:52:47:C8:CF:5F:B8:34:4D:86:9F:68:27:C3:5D:71:58:79:1E:A3
Certificate issuer: /CN=A918806F/serialNumber=F78E183D0056C92BC70C3B40A64977A41280EF33
Certificate serial: 1101
Authority key identifier: F7:8E:18:3D:00:56:C9:2B:C7:0C:3B:40:A6:49:77:A4:12:80:EF:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/944YPQBWySvHDDtApkl3pBKA7zM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918806F/B21E0C986F4A11E8B627496CC4F9AE02/2E798FCCB3EE11E9A813740DC4F9AE02.roa
Signing time: Wed 06 Apr 2022 06:04:36 +0000
ROA not before: Wed 06 Apr 2022 06:04:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 103.8.172.0/22 maxlen: 24
2403:b300::/32 maxlen: 32
2403:b300:ff00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4353 (0x1101)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F/serialNumber=F78E183D0056C92BC70C3B40A64977A41280EF33
Validity
Not Before: Apr 6 06:04:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=624d2d74-72df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:da:ff:e9:63:f8:2c:ce:62:db:db:df:8f:63:
1b:71:57:e9:20:0d:ee:cd:0c:98:c2:57:68:c8:bc:
89:10:01:3a:9c:d0:f6:f0:c0:0c:fc:17:cf:9e:ff:
99:6a:e3:a6:03:e7:f1:9c:04:e4:d0:ae:7b:90:c3:
35:30:a8:fb:6c:e1:4a:8c:47:e7:45:ec:a7:3d:b1:
14:b5:17:62:36:93:07:f6:06:3a:98:df:6f:3f:f9:
ab:67:9d:96:90:92:7f:89:b9:85:ca:e7:10:ad:cd:
78:58:99:c5:96:e7:c6:81:8d:af:ad:9d:90:56:24:
8e:0d:5d:cf:d6:5f:c8:a5:05:64:8f:a6:41:a3:74:
e3:a3:68:f9:4c:4f:62:e8:94:5b:0c:5b:bc:50:ed:
da:8d:3b:28:ca:ba:0b:ca:a7:a2:0e:82:12:52:ff:
9d:37:30:77:65:59:20:1e:d3:50:7c:70:59:43:af:
52:d9:15:45:17:44:b2:61:9a:9e:3a:80:ef:ed:d8:
2d:ce:7a:40:2b:26:f8:cf:34:fe:49:64:28:21:39:
d1:08:aa:4b:45:a2:51:13:3e:0e:0b:5b:14:8a:eb:
c9:ac:e8:fb:cb:78:6e:0e:23:d6:0e:8a:ac:07:79:
7c:d2:6e:f6:5f:55:eb:d5:09:27:e6:6f:99:f2:1a:
61:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:52:47:C8:CF:5F:B8:34:4D:86:9F:68:27:C3:5D:71:58:79:1E:A3
X509v3 Authority Key Identifier:
keyid:F7:8E:18:3D:00:56:C9:2B:C7:0C:3B:40:A6:49:77:A4:12:80:EF:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918806F/B21E0C986F4A11E8B627496CC4F9AE02/944YPQBWySvHDDtApkl3pBKA7zM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/944YPQBWySvHDDtApkl3pBKA7zM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918806F/B21E0C986F4A11E8B627496CC4F9AE02/2E798FCCB3EE11E9A813740DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.8.172.0/22
IPv6:
2403:b300::/32
Signature Algorithm: sha256WithRSAEncryption
72:ad:1c:e4:db:c4:ee:0f:23:c6:0d:38:87:43:b3:43:79:e8:
06:6d:b1:b9:f3:5d:91:05:a7:59:b7:79:89:a2:4d:c7:fd:14:
49:ad:19:b2:fd:a5:65:ba:00:f1:d7:2c:30:d0:dd:f7:07:16:
21:67:62:ff:d5:70:a3:70:09:7c:b9:9a:80:51:44:aa:f7:70:
be:b5:b4:a5:9e:0e:55:20:3a:0d:81:f6:ec:dd:30:77:36:8a:
26:5d:92:97:e2:b5:87:3b:f3:d7:3d:ef:a1:57:4a:a7:39:e2:
0d:e8:70:bd:88:72:ee:b5:ee:c8:17:21:6c:65:54:8f:7f:01:
40:4e:53:2d:2c:1e:aa:9e:22:c6:f4:b5:16:90:e0:d9:e6:23:
cc:81:d2:1c:5c:20:38:53:90:fa:fb:c9:04:84:1e:0d:dc:79:
4c:94:36:4e:c1:13:2e:83:94:50:fa:7e:8a:4b:04:07:86:eb:
62:96:59:7b:9a:59:71:67:f3:cd:06:f2:07:cc:ff:46:2c:a8:
d4:3f:e3:7f:02:80:b6:53:7d:09:27:d4:66:0c:15:73:81:c4:
17:b6:a3:e0:c9:64:e3:32:92:fd:ff:d2:6d:10:db:3d:65:00:
bc:b3:6a:73:b3:e1:ee:bf:8a:33:bc:de:89:1a:01:bf:ed:1d:
6d:e2:33:57
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICEQEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODgwNkYxMTAvBgNVBAUTKEY3OEUxODNEMDA1NkM5MkJDNzBDM0I0MEE2NDk3N0E0
MTI4MEVGMzMwHhcNMjIwNDA2MDYwNDM2WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjRkMmQ3NC03MmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnNr/6WP4LM5i29vfj2MbcVfpIA3uzQyYwldoyLyJEAE6nND28MAM/BfPnv+Z
auOmA+fxnATk0K57kMM1MKj7bOFKjEfnReynPbEUtRdiNpMH9gY6mN9vP/mrZ52W
kJJ/ibmFyucQrc14WJnFlufGgY2vrZ2QViSODV3P1l/IpQVkj6ZBo3Tjo2j5TE9i
6JRbDFu8UO3ajTsoyroLyqeiDoISUv+dNzB3ZVkgHtNQfHBZQ69S2RVFF0SyYZqe
OoDv7dgtznpAKyb4zzT+SWQoITnRCKpLRaJREz4OC1sUiuvJrOj7y3huDiPWDoqs
B3l80m72X1Xr1Qkn5m+Z8hph3wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAVSR8jP
X7g0TYafaCfDXXFYeR6jMB8GA1UdIwQYMBaAFPeOGD0AVskrxww7QKZJd6QSgO8z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4ODA2Ri9CMjFFMEM5ODZG
NEExMUU4QjYyNzQ5NkNDNEY5QUUwMi85NDRZUFFCV3lTdkhERHRBcGtsM3BCS0E3
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzk0NFlQUUJXeVN2SEREdEFwa2wzcEJLQTd6TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODgwNkYvQjIxRTBDOTg2RjRBMTFFOEI2Mjc0OTZDQzRGOUFFMDIvMkU3OThGQ0NC
M0VFMTFFOUE4MTM3NDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnCKwwDQQCAAIwBwMFACQDswAwDQYJKoZIhvcNAQELBQAD
ggEBAHKtHOTbxO4PI8YNOIdDs0N56AZtsbnzXZEFp1m3eYmiTcf9FEmtGbL9pWW6
APHXLDDQ3fcHFiFnYv/VcKNwCXy5moBRRKr3cL61tKWeDlUgOg2B9uzdMHc2iiZd
kpfitYc789c976FXSqc54g3ocL2Icu617sgXIWxlVI9/AUBOUy0sHqqeIsb0tRaQ
4NnmI8yB0hxcIDhTkPr7yQSEHg3ceUyUNk7BEy6DlFD6fopLBAeG62KWWXuaWXFn
880G8gfM/0YsqNQ/438CgLZTfQkn1GYMFXOBxBe2o+DJZOMykv3/0m0Q2z1lALyz
anOz4e6/ijO83okaAb/tHW3iM1c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org