Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/81B4CD3C1D6E11E286A612B008B02CD2/71B24C28292411EBAAD29217C4F9AE02.roa
File: 71B24C28292411EBAAD29217C4F9AE02.roa (raw, json)
Hash identifier: NcvjYUw0Te7kzp2+aghS4J/ALGlMm/x2iFlsDY/ZLTY=
Subject key identifier: FA:31:EB:5D:36:C8:7B:94:36:83:E6:11:92:65:F3:94:03:1C:F1:4D
Certificate issuer: /CN=A918C287/serialNumber=2FD2C489B1BFBA0100EA6487EB7D27CE4EC67493
Certificate serial: 2F1E
Authority key identifier: 2F:D2:C4:89:B1:BF:BA:01:00:EA:64:87:EB:7D:27:CE:4E:C6:74:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L9LEibG_ugEA6mSH630nzk7GdJM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C287/81B4CD3C1D6E11E286A612B008B02CD2/71B24C28292411EBAAD29217C4F9AE02.roa
Signing time: Tue 17 Nov 2020 22:50:06 +0000
ROA not before: Tue 17 Nov 2020 22:50:06 +0000
ROA not after: Sat 01 May 2038 00:00:00 +0000
asID: 131211
IP address blocks: 203.176.189.0/24 maxlen: 32
2401:4600::/32 maxlen: 32
2401:4600::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12062 (0x2f1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C287/serialNumber=2FD2C489B1BFBA0100EA6487EB7D27CE4EC67493
Validity
Not Before: Nov 17 22:50:06 2020 GMT
Not After : May 1 00:00:00 2038 GMT
Subject: CN=5fb4539e-54b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ce:ca:c1:a3:15:ac:ad:ea:d6:6a:30:af:86:
6e:e2:35:e1:8c:f7:ef:dc:ae:5d:f7:5c:b0:a8:34:
0a:ba:27:40:f1:ab:94:e4:ff:9b:be:8d:82:68:e9:
57:b3:b3:f3:7e:6a:3f:02:4f:38:be:a4:21:9e:ce:
be:a2:e4:fe:9f:e8:49:b4:10:c0:1a:f3:3b:80:e1:
d5:35:64:c6:67:6a:5c:53:20:f1:d3:d6:50:9b:21:
d1:1b:aa:17:51:ce:65:a1:e4:51:f2:13:2b:80:5c:
e0:6e:d1:47:a6:f5:79:dd:6c:fd:8b:6e:9e:2f:f1:
e4:19:d2:35:75:25:85:1d:cc:2c:a9:e9:d4:3c:6e:
4e:fd:d9:8e:a7:78:fa:05:2d:1d:07:8f:5b:f8:ed:
dc:56:39:f6:7c:9b:a6:4f:26:88:4f:5f:ad:57:3e:
17:89:71:63:58:fd:d4:c8:4e:58:9c:5e:a9:a4:d9:
99:b6:0c:dd:e2:e6:26:86:7e:6c:3e:96:8d:57:7c:
7a:32:a3:20:4b:57:d9:e0:35:4e:1a:a8:53:12:f1:
27:64:cb:92:5f:46:87:78:78:76:9b:9b:07:bc:75:
e5:10:15:99:3d:b2:73:97:03:98:57:2b:65:40:03:
02:b8:87:3c:de:ee:3b:26:b6:3b:42:f3:e3:db:77:
a5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:31:EB:5D:36:C8:7B:94:36:83:E6:11:92:65:F3:94:03:1C:F1:4D
X509v3 Authority Key Identifier:
keyid:2F:D2:C4:89:B1:BF:BA:01:00:EA:64:87:EB:7D:27:CE:4E:C6:74:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C287/81B4CD3C1D6E11E286A612B008B02CD2/L9LEibG_ugEA6mSH630nzk7GdJM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L9LEibG_ugEA6mSH630nzk7GdJM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/81B4CD3C1D6E11E286A612B008B02CD2/71B24C28292411EBAAD29217C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.176.189.0/24
IPv6:
2401:4600::/32
Signature Algorithm: sha256WithRSAEncryption
0c:a2:d4:42:c3:b2:d2:63:a5:8a:1e:4e:38:3d:27:b2:18:00:
fb:7d:22:fc:35:d5:e0:e6:91:9c:35:90:a2:e4:46:bc:19:9c:
cf:67:71:2b:c6:fb:b4:f9:fd:56:e6:65:63:1e:e0:1e:82:0b:
0b:13:65:e3:61:0c:99:e4:46:4e:c9:56:55:58:66:d1:37:d8:
8d:2a:cf:a4:b9:40:0e:5f:37:a7:50:2d:d4:12:e6:24:1a:01:
81:6d:26:c4:fb:d4:ed:73:a4:a2:2b:04:fa:d7:c9:31:10:93:
1d:e0:cb:f1:00:98:00:22:e4:a6:5b:a4:20:45:9b:93:3c:e9:
08:5c:ed:f9:63:e5:da:10:25:f4:16:a9:6a:0f:70:44:48:7d:
16:f2:61:30:af:c8:22:cf:60:ed:0b:04:e5:80:7f:cf:b9:81:
d6:11:8e:32:54:76:f4:41:a3:44:e9:f2:b7:ef:cf:38:3c:9c:
10:6d:56:48:28:be:57:0d:e9:6a:45:f4:66:0b:8b:45:38:9c:
62:ff:f7:ce:1a:d8:f6:87:46:64:63:a3:ed:fe:e0:a8:f3:01:
6b:34:c2:09:5c:b6:b6:32:97:11:5a:72:a0:9c:98:f3:cd:57:
b9:ca:0b:fe:78:dc:e9:32:95:30:18:b7:a4:b5:45:69:ed:41:
13:8b:fa:b5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICLx4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEMyODcxMTAvBgNVBAUTKDJGRDJDNDg5QjFCRkJBMDEwMEVBNjQ4N0VCN0QyN0NF
NEVDNjc0OTMwHhcNMjAxMTE3MjI1MDA2WhcNMzgwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw01ZmI0NTM5ZS01NGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqc7KwaMVrK3q1mowr4Zu4jXhjPfv3K5d91ywqDQKuidA8auU5P+bvo2CaOlX
s7Pzfmo/Ak84vqQhns6+ouT+n+hJtBDAGvM7gOHVNWTGZ2pcUyDx09ZQmyHRG6oX
Uc5loeRR8hMrgFzgbtFHpvV53Wz9i26eL/HkGdI1dSWFHcwsqenUPG5O/dmOp3j6
BS0dB49b+O3cVjn2fJumTyaIT1+tVz4XiXFjWP3UyE5YnF6ppNmZtgzd4uYmhn5s
PpaNV3x6MqMgS1fZ4DVOGqhTEvEnZMuSX0aHeHh2m5sHvHXlEBWZPbJzlwOYVytl
QAMCuIc83u47JrY7QvPj23elMQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPox6102
yHuUNoPmEZJl85QDHPFNMB8GA1UdIwQYMBaAFC/SxImxv7oBAOpkh+t9J85OxnST
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzI4Ny84MUI0Q0QzQzFE
NkUxMUUyODZBNjEyQjAwOEIwMkNEMi9MOUxFaWJHX3VnRUE2bVNINjMwbnprN0dk
Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0w5TEVpYkdfdWdFQTZtU0g2MzBuems3R2RKTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEMyODcvODFCNENEM0MxRDZFMTFFMjg2QTYxMkIwMDhCMDJDRDIvNzFCMjRDMjgy
OTI0MTFFQkFBRDI5MjE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBADLsL0wDQQCAAIwBwMFACQBRgAwDQYJKoZIhvcNAQELBQAD
ggEBAAyi1ELDstJjpYoeTjg9J7IYAPt9Ivw11eDmkZw1kKLkRrwZnM9ncSvG+7T5
/VbmZWMe4B6CCwsTZeNhDJnkRk7JVlVYZtE32I0qz6S5QA5fN6dQLdQS5iQaAYFt
JsT71O1zpKIrBPrXyTEQkx3gy/EAmAAi5KZbpCBFm5M86Qhc7flj5doQJfQWqWoP
cERIfRbyYTCvyCLPYO0LBOWAf8+5gdYRjjJUdvRBo0Tp8rfvzzg8nBBtVkgovlcN
6WpF9GYLi0U4nGL/984a2PaHRmRjo+3+4KjzAWs0wglctrYylxFacqCcmPPNV7nK
C/543OkylTAYt6S1RWntQROL+rU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org