Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/D5D31784BF8A11ECADAA8E54C4F9AE02/D6E09D46BF8E11ECBFAAA95DC4F9AE02.roa
File: D6E09D46BF8E11ECBFAAA95DC4F9AE02.roa (raw, json)
Hash identifier: UmM/I/qJY1vCn1plga+4E5keBT2AQVu+fgdR5qKCbUs=
Subject key identifier: DA:07:12:FC:9F:94:37:EB:3A:92:E0:3C:FE:9D:57:C7:B3:39:DA:7D
Certificate issuer: /CN=A918C287/serialNumber=6DD5082DC85293BD2E692BD0FAAAB5C256678CC8
Certificate serial: 02
Authority key identifier: 6D:D5:08:2D:C8:52:93:BD:2E:69:2B:D0:FA:AA:B5:C2:56:67:8C:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bdUILchSk70uaSvQ-qq1wlZnjMg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C287/D5D31784BF8A11ECADAA8E54C4F9AE02/D6E09D46BF8E11ECBFAAA95DC4F9AE02.roa
Signing time: Tue 19 Apr 2022 03:14:36 +0000
ROA not before: Tue 19 Apr 2022 03:14:36 +0000
ROA not after: Sat 01 May 2038 00:00:00 +0000
asID: 131211
IP address blocks: 203.176.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C287/serialNumber=6DD5082DC85293BD2E692BD0FAAAB5C256678CC8
Validity
Not Before: Apr 19 03:14:36 2022 GMT
Not After : May 1 00:00:00 2038 GMT
Subject: CN=625e291b-3784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:d1:0f:35:4f:93:57:a9:05:e0:3b:77:cb:5b:
4f:b1:38:f4:59:55:b1:a8:a9:f4:64:0b:c6:b0:c0:
b4:c1:5b:3f:4d:9f:77:24:33:16:67:a2:da:c9:64:
9b:eb:75:d3:5c:e1:7d:40:69:b1:59:94:07:44:32:
47:70:5f:e8:23:9f:2b:3c:f2:cf:b4:54:c3:d1:7d:
3f:7b:59:32:e4:1a:a8:c6:be:84:8e:50:e3:d8:35:
08:d0:b8:6f:fb:7e:9c:00:56:41:92:7f:d4:ff:f3:
60:9d:61:3d:6c:2a:b1:e3:5d:6d:f4:5e:a6:71:8b:
86:6b:58:23:b6:c1:cb:2d:9a:8e:18:b8:81:b7:f0:
95:06:c9:87:67:8b:45:1f:51:7f:cc:d2:88:5c:b3:
32:15:6d:33:24:1f:ce:37:23:e6:8c:74:9d:9c:4f:
1e:52:4f:d4:1d:bf:4a:e2:ee:37:14:a1:ea:ae:b7:
73:6a:43:e5:39:99:cd:1c:9f:1d:81:03:c8:5d:7c:
7f:bc:dc:47:54:ae:82:51:6c:c5:7b:9a:af:89:0a:
63:26:36:b8:3f:53:5a:a4:3c:d2:b3:59:ff:32:56:
f1:ad:5a:84:a8:f0:fc:87:03:2e:e8:a2:a3:10:0c:
db:6f:b3:a2:dc:56:46:08:38:cb:55:57:cb:cd:d9:
f3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:07:12:FC:9F:94:37:EB:3A:92:E0:3C:FE:9D:57:C7:B3:39:DA:7D
X509v3 Authority Key Identifier:
keyid:6D:D5:08:2D:C8:52:93:BD:2E:69:2B:D0:FA:AA:B5:C2:56:67:8C:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C287/D5D31784BF8A11ECADAA8E54C4F9AE02/bdUILchSk70uaSvQ-qq1wlZnjMg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bdUILchSk70uaSvQ-qq1wlZnjMg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/D5D31784BF8A11ECADAA8E54C4F9AE02/D6E09D46BF8E11ECBFAAA95DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.176.189.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:e9:56:6f:b2:af:60:78:ae:08:ba:10:6f:fd:ce:d0:f7:a5:
e9:90:86:8b:1f:74:85:cb:de:d7:e5:3a:0d:f9:00:de:64:e6:
87:e9:1e:6a:7e:1f:50:0c:53:af:76:d1:96:01:3e:d0:f8:cf:
82:65:72:7d:a9:cb:f0:eb:39:aa:ec:d4:5e:9e:ce:ee:4a:39:
e0:3d:f2:36:e3:5d:13:ee:6e:5c:23:56:6c:84:68:eb:b0:8f:
7a:48:63:4e:e9:5f:f0:c2:a6:56:58:67:ad:91:bb:71:ad:a8:
16:09:ba:89:10:62:e1:ee:e1:8f:11:50:93:9e:d8:30:8a:0b:
b8:23:5b:ab:c2:6c:aa:e5:7c:40:2d:a0:2d:0f:5a:b8:0c:48:
98:04:61:4a:f9:a7:7a:30:46:46:a8:1f:5b:23:b5:ca:89:d0:
0c:da:60:7e:5b:e1:79:76:d1:82:26:8e:80:ef:be:32:85:1a:
aa:ea:77:f1:64:d7:fc:e1:b1:56:4a:48:81:34:ef:9a:75:a9:
b7:67:f0:ff:74:86:ca:27:ac:86:4c:58:3f:e3:f2:80:ef:2e:
f9:1f:f0:5c:be:d9:82:a8:3e:6e:b4:fc:b1:41:8a:1c:32:83:
be:e5:79:cc:93:ca:ed:8a:fe:24:3d:fa:4d:79:b6:d8:c8:c3:
17:46:e4:5f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QzI4NzExMC8GA1UEBRMoNkRENTA4MkRDODUyOTNCRDJFNjkyQkQwRkFBQUI1QzI1
NjY3OENDODAeFw0yMjA0MTkwMzE0MzZaFw0zODA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNWUyOTFiLTM3ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDt0Q81T5NXqQXgO3fLW0+xOPRZVbGoqfRkC8awwLTBWz9Nn3ckMxZnotrJZJvr
ddNc4X1AabFZlAdEMkdwX+gjnys88s+0VMPRfT97WTLkGqjGvoSOUOPYNQjQuG/7
fpwAVkGSf9T/82CdYT1sKrHjXW30XqZxi4ZrWCO2wcstmo4YuIG38JUGyYdni0Uf
UX/M0ohcszIVbTMkH843I+aMdJ2cTx5ST9Qdv0ri7jcUoequt3NqQ+U5mc0cnx2B
A8hdfH+83EdUroJRbMV7mq+JCmMmNrg/U1qkPNKzWf8yVvGtWoSo8PyHAy7ooqMQ
DNtvs6LcVkYIOMtVV8vN2fO5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU2gcS/J+U
N+s6kuA8/p1Xx7M52n0wHwYDVR0jBBgwFoAUbdUILchSk70uaSvQ+qq1wlZnjMgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThDMjg3L0Q1RDMxNzg0QkY4
QTExRUNBREFBOEU1NEM0RjlBRTAyL2JkVUlMY2hTazcwdWFTdlEtcXExd2xabmpN
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYmRVSUxjaFNrNzB1YVN2US1xcTF3bFpuak1nLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QzI4Ny9ENUQzMTc4NEJGOEExMUVDQURBQThFNTRDNEY5QUUwMi9ENkUwOUQ0NkJG
OEUxMUVDQkZBQUE5NURDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMuwvTANBgkqhkiG9w0BAQsFAAOCAQEAT+lWb7KvYHiuCLoQ
b/3O0Pel6ZCGix90hcve1+U6DfkA3mTmh+kean4fUAxTr3bRlgE+0PjPgmVyfanL
8Os5quzUXp7O7ko54D3yNuNdE+5uXCNWbIRo67CPekhjTulf8MKmVlhnrZG7ca2o
Fgm6iRBi4e7hjxFQk57YMIoLuCNbq8JsquV8QC2gLQ9auAxImARhSvmnejBGRqgf
WyO1yonQDNpgflvheXbRgiaOgO++MoUaqup38WTX/OGxVkpIgTTvmnWpt2fw/3SG
yieshkxYP+PygO8u+R/wXL7Zgqg+brT8sUGKHDKDvuV5zJPK7Yr+JD36TXm22MjD
F0bkXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org