Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/C963CF266CB711EEA88AC06CC4F9AE02/79F02D78C99511EEA8E6C03CC4F9AE02.roa
File: 79F02D78C99511EEA8E6C03CC4F9AE02.roa (raw, json)
Hash identifier: E5ODpLGVPyEmmhGiQ4Q7ivJT9xliLUp88QpXpd35arw=
Subject key identifier: AB:E3:59:8B:C5:B9:1D:AA:C1:13:67:DC:EC:AB:F0:E3:AC:94:BA:1A
Certificate issuer: /CN=A918C287/serialNumber=355AC83FAA75D7DA7AC861DB2007F62600BA4292
Certificate serial: 51
Authority key identifier: 35:5A:C8:3F:AA:75:D7:DA:7A:C8:61:DB:20:07:F6:26:00:BA:42:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NVrIP6p119p6yGHbIAf2JgC6QpI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C287/C963CF266CB711EEA88AC06CC4F9AE02/79F02D78C99511EEA8E6C03CC4F9AE02.roa
Signing time: Thu 15 Feb 2024 23:23:42 +0000
ROA not before: Thu 15 Feb 2024 23:23:42 +0000
ROA not after: Sat 01 May 2038 00:00:00 +0000
asID: 4608
IP address blocks: 203.176.189.0/25 maxlen: 25
203.176.189.128/25 maxlen: 25
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81 (0x51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C287/serialNumber=355AC83FAA75D7DA7AC861DB2007F62600BA4292
Validity
Not Before: Feb 15 23:23:42 2024 GMT
Not After : May 1 00:00:00 2038 GMT
Subject: CN=65ce9cfe-55d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:48:86:69:90:97:38:a5:2c:6c:7f:b9:71:64:
52:6d:12:cb:2b:59:5b:2e:69:2b:e4:89:67:ed:6a:
ce:44:a9:9b:7d:7a:9a:2f:56:d4:c1:07:87:eb:59:
f1:66:c5:7f:bd:84:0a:f9:5c:f6:70:49:c8:47:8f:
ca:0d:9a:b8:c3:19:02:6b:71:f5:86:51:31:37:1c:
33:e2:c8:fe:9d:ad:3f:13:35:3a:13:25:fd:46:69:
ad:3c:31:12:e9:d5:62:83:d5:d5:64:5a:dd:a1:9d:
1e:07:e3:00:c9:7c:00:61:e1:89:c3:57:8a:96:16:
19:16:9f:77:08:70:3b:49:35:bb:7c:9b:80:16:95:
1f:3b:7b:45:c8:b5:c7:c9:01:79:49:0f:3b:68:2a:
73:e5:ef:d0:f4:b8:2f:0f:4e:7b:bc:63:18:af:92:
c1:b6:ef:c2:ce:71:09:53:4e:92:0e:ec:f1:3b:ad:
b3:33:ab:62:3e:54:6e:e3:99:44:b4:dd:26:d3:fc:
31:50:2a:7a:ca:67:f8:e8:07:8a:66:db:4b:1d:cd:
60:a7:08:64:25:06:af:ab:2e:82:09:98:96:50:5a:
d5:f1:1a:02:82:74:b9:d4:3d:6a:ee:8f:89:02:82:
b6:d4:ab:c8:c7:0b:dc:19:ff:3a:23:7d:64:a9:12:
8c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:E3:59:8B:C5:B9:1D:AA:C1:13:67:DC:EC:AB:F0:E3:AC:94:BA:1A
X509v3 Authority Key Identifier:
keyid:35:5A:C8:3F:AA:75:D7:DA:7A:C8:61:DB:20:07:F6:26:00:BA:42:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C287/C963CF266CB711EEA88AC06CC4F9AE02/NVrIP6p119p6yGHbIAf2JgC6QpI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NVrIP6p119p6yGHbIAf2JgC6QpI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/C963CF266CB711EEA88AC06CC4F9AE02/79F02D78C99511EEA8E6C03CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.176.189.0/24
Signature Algorithm: sha256WithRSAEncryption
62:9b:42:31:61:74:59:e6:ff:f3:50:0f:de:e5:f4:35:61:fe:
69:14:bd:b9:a1:8e:96:df:99:59:c4:25:cd:fc:98:49:69:09:
42:7f:71:18:fb:27:af:48:45:18:a1:a1:4d:8b:73:2d:93:c1:
4d:98:ae:1a:9e:70:a0:c2:30:ef:11:90:b4:aa:5a:6e:b2:68:
29:78:92:dd:9a:fc:d5:c4:31:a3:67:47:16:f1:cf:10:f3:d3:
51:4a:b5:dd:48:5b:06:e0:3f:3b:64:37:c7:ac:d5:b3:fd:8f:
fa:ed:7c:27:ea:d9:48:6f:3f:e8:f0:9c:d2:04:90:b0:53:eb:
d9:4d:09:d8:22:5d:bc:d3:8b:ac:38:78:80:63:15:43:b9:bb:
51:db:0d:78:db:45:64:5d:10:05:b0:32:bd:41:1f:f7:12:3c:
02:64:b8:86:13:4c:cb:c8:db:05:24:37:88:2a:2d:20:ca:d6:
97:bf:dc:04:0b:f3:73:d4:6e:fd:28:43:f8:1d:d2:7c:df:b5:
5f:54:1f:99:01:9d:49:dd:f3:be:b8:75:02:ff:4b:b4:36:d9:
ec:4f:5a:28:58:1e:9e:1f:cd:dc:0c:76:7b:c6:dd:55:81:ce:
85:51:6e:64:ee:ec:df:87:c1:70:5d:8e:b4:04:01:f5:89:96:
3c:39:77:69
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBUTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QzI4NzExMC8GA1UEBRMoMzU1QUM4M0ZBQTc1RDdEQTdBQzg2MURCMjAwN0Y2MjYw
MEJBNDI5MjAeFw0yNDAyMTUyMzIzNDJaFw0zODA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1Y2U5Y2ZlLTU1ZDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDnSIZpkJc4pSxsf7lxZFJtEssrWVsuaSvkiWftas5EqZt9epovVtTBB4frWfFm
xX+9hAr5XPZwSchHj8oNmrjDGQJrcfWGUTE3HDPiyP6drT8TNToTJf1Gaa08MRLp
1WKD1dVkWt2hnR4H4wDJfABh4YnDV4qWFhkWn3cIcDtJNbt8m4AWlR87e0XItcfJ
AXlJDztoKnPl79D0uC8PTnu8YxivksG278LOcQlTTpIO7PE7rbMzq2I+VG7jmUS0
3SbT/DFQKnrKZ/joB4pm20sdzWCnCGQlBq+rLoIJmJZQWtXxGgKCdLnUPWruj4kC
grbUq8jHC9wZ/zojfWSpEowFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUq+NZi8W5
HarBE2fc7Kvw46yUuhowHwYDVR0jBBgwFoAUNVrIP6p119p6yGHbIAf2JgC6QpIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThDMjg3L0M5NjNDRjI2NkNC
NzExRUVBODhBQzA2Q0M0RjlBRTAyL05WcklQNnAxMTlwNnlHSGJJQWYySmdDNlFw
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTlZySVA2cDExOXA2eUdIYklBZjJKZ0M2UXBJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QzI4Ny9DOTYzQ0YyNjZDQjcxMUVFQTg4QUMwNkNDNEY5QUUwMi83OUYwMkQ3OEM5
OTUxMUVFQThFNkMwM0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMuwvTANBgkqhkiG9w0BAQsFAAOCAQEAYptCMWF0Web/81AP
3uX0NWH+aRS9uaGOlt+ZWcQlzfyYSWkJQn9xGPsnr0hFGKGhTYtzLZPBTZiuGp5w
oMIw7xGQtKpabrJoKXiS3Zr81cQxo2dHFvHPEPPTUUq13UhbBuA/O2Q3x6zVs/2P
+u18J+rZSG8/6PCc0gSQsFPr2U0J2CJdvNOLrDh4gGMVQ7m7UdsNeNtFZF0QBbAy
vUEf9xI8AmS4hhNMy8jbBSQ3iCotIMrWl7/cBAvzc9Ru/ShD+B3SfN+1X1QfmQGd
Sd3zvrh1Av9LtDbZ7E9aKFgenh/N3Ax2e8bdVYHOhVFuZO7s34fBcF2OtAQB9YmW
PDl3aQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org