Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191B70/96119F9C8EFE11EC87A6EA17C4F9AE02/C7D684A4550811EDB38D9172C4F9AE02.roa
File: C7D684A4550811EDB38D9172C4F9AE02.roa (raw, json)
Hash identifier: 0OKXUfyhNR9Bmb1gq1aMUsJ/EJyO3/LSZPscxAuZUgk=
Subject key identifier: 85:47:26:85:7E:21:BE:40:30:AD:E9:3A:D8:FB:55:F1:23:16:BB:E6
Certificate issuer: /CN=A9191B70/serialNumber=DE1CEB8F829943D9F33A470A886E3839C3EA715D
Certificate serial: 01D4
Authority key identifier: DE:1C:EB:8F:82:99:43:D9:F3:3A:47:0A:88:6E:38:39:C3:EA:71:5D
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3hzrj4KZQ9nzOkcKiG44OcPqcV0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191B70/96119F9C8EFE11EC87A6EA17C4F9AE02/C7D684A4550811EDB38D9172C4F9AE02.roa
Signing time: Wed 26 Oct 2022 08:32:52 +0000
ROA not before: Wed 26 Oct 2022 08:32:52 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 38327
IP address blocks: 158.89.0.0/16 maxlen: 16
158.89.0.0/17 maxlen: 17
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 468 (0x1d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191B70/serialNumber=DE1CEB8F829943D9F33A470A886E3839C3EA715D
Validity
Not Before: Oct 26 08:32:52 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=6358f0b4-0c16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:94:21:5a:4a:40:ad:fe:7c:99:79:88:2b:f2:
dd:24:0a:46:2e:37:37:6e:1c:e7:1d:a5:ee:29:12:
70:b6:70:c4:09:71:3a:96:b3:7f:98:d5:95:42:3c:
03:98:52:47:68:31:4f:1d:c5:23:6e:1f:09:e5:d2:
4d:c6:8d:cd:90:ba:4d:87:ff:3e:1a:f8:4f:8e:1b:
94:3a:62:69:84:18:85:44:21:83:ab:f6:c0:d8:51:
49:1f:ff:42:fb:90:3c:52:58:fa:8e:5b:16:12:8f:
b9:84:a1:f6:1c:8c:f4:dd:b9:07:7c:7d:62:c0:88:
1b:24:4e:21:9a:3a:f5:00:6b:d9:36:8c:eb:0d:1a:
57:df:f7:97:e1:79:25:6b:97:ea:d0:53:ab:7e:7a:
8e:ed:d5:ea:f4:e8:52:f0:66:af:4f:bc:0e:9a:bf:
e4:5f:de:07:df:32:ab:81:fe:72:5e:fd:f9:6d:a4:
c7:47:93:57:78:e1:5e:5f:22:f0:79:01:fb:52:71:
d1:bf:a0:25:73:23:e5:1f:e8:d0:2d:0f:0e:5d:53:
85:5b:82:47:ee:91:35:16:d8:01:87:e2:f8:ad:64:
80:3a:6f:12:d0:32:eb:cd:f1:9b:4e:45:ae:f7:5d:
52:e8:eb:74:cb:72:d7:b3:86:dd:58:ca:5e:3e:8d:
ee:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:47:26:85:7E:21:BE:40:30:AD:E9:3A:D8:FB:55:F1:23:16:BB:E6
X509v3 Authority Key Identifier:
keyid:DE:1C:EB:8F:82:99:43:D9:F3:3A:47:0A:88:6E:38:39:C3:EA:71:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191B70/96119F9C8EFE11EC87A6EA17C4F9AE02/3hzrj4KZQ9nzOkcKiG44OcPqcV0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3hzrj4KZQ9nzOkcKiG44OcPqcV0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191B70/96119F9C8EFE11EC87A6EA17C4F9AE02/C7D684A4550811EDB38D9172C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
158.89.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:35:00:d7:05:c6:d8:70:cb:ad:5d:ef:fc:0e:83:0b:01:a5:
f3:0c:4f:d2:c8:32:e6:cb:36:ce:25:5d:4c:ec:c5:11:ac:82:
2c:06:b4:36:74:dc:0d:c9:7c:9f:3d:62:50:1f:f9:5a:d3:98:
56:c2:4a:e8:a0:87:1e:3b:10:04:eb:dd:b6:ad:3a:3c:a2:1a:
14:93:23:11:52:ae:ab:19:50:79:75:0d:f1:f4:d0:6b:b0:b2:
64:9b:5d:88:cd:0d:33:57:9d:48:2a:61:4c:82:cc:a0:a9:7c:
f6:dd:ac:a4:2f:cd:bb:eb:83:fd:3f:72:41:8b:93:3c:9e:c9:
5b:44:8d:1a:bd:73:37:2a:37:3e:cb:e2:81:4e:c2:d8:e2:78:
27:44:fb:54:65:a5:e4:38:02:5d:79:10:bd:b3:6b:c9:01:a8:
9c:d4:52:e8:f0:61:ca:fb:17:84:f0:6c:cc:3b:71:26:13:58:
e5:b4:58:18:e5:68:eb:d0:eb:89:a8:16:c2:9f:39:81:9f:63:
d9:9f:07:5e:98:e7:9a:2b:ee:50:b4:c4:54:17:25:66:d6:ac:
b1:8e:40:26:f4:70:63:61:4d:a1:cc:cb:27:d4:d4:0d:40:22:
ec:ac:5e:be:f3:24:aa:cd:f1:86:db:34:f7:ab:fd:34:16:0a:
07:68:e6:42
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICAdQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTFCNzAxMTAvBgNVBAUTKERFMUNFQjhGODI5OTQzRDlGMzNBNDcwQTg4NkUzODM5
QzNFQTcxNUQwHhcNMjIxMDI2MDgzMjUyWhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzU4ZjBiNC0wYzE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1pQhWkpArf58mXmIK/LdJApGLjc3bhznHaXuKRJwtnDECXE6lrN/mNWVQjwD
mFJHaDFPHcUjbh8J5dJNxo3NkLpNh/8+GvhPjhuUOmJphBiFRCGDq/bA2FFJH/9C
+5A8Ulj6jlsWEo+5hKH2HIz03bkHfH1iwIgbJE4hmjr1AGvZNozrDRpX3/eX4Xkl
a5fq0FOrfnqO7dXq9OhS8GavT7wOmr/kX94H3zKrgf5yXv35baTHR5NXeOFeXyLw
eQH7UnHRv6AlcyPlH+jQLQ8OXVOFW4JH7pE1FtgBh+L4rWSAOm8S0DLrzfGbTkWu
911S6Ot0y3LXs4bdWMpePo3uewIDAQABo4IClDCCApAwHQYDVR0OBBYEFIVHJoV+
Ib5AMK3pOtj7VfEjFrvmMB8GA1UdIwQYMBaAFN4c64+CmUPZ8zpHCohuODnD6nFd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MUI3MC85NjExOUY5QzhF
RkUxMUVDODdBNkVBMTdDNEY5QUUwMi8zaHpyajRLWlE5bnpPa2NLaUc0NE9jUHFj
VjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzNoenJqNEtaUTluek9rY0tpRzQ0T2NQcWNWMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTFCNzAvOTYxMTlGOUM4RUZFMTFFQzg3QTZFQTE3QzRGOUFFMDIvQzdENjg0QTQ1
NTA4MTFFREIzOEQ5MTcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCeWTANBgkqhkiG9w0BAQsFAAOCAQEASzUA1wXG2HDLrV3v
/A6DCwGl8wxP0sgy5ss2ziVdTOzFEayCLAa0NnTcDcl8nz1iUB/5WtOYVsJK6KCH
HjsQBOvdtq06PKIaFJMjEVKuqxlQeXUN8fTQa7CyZJtdiM0NM1edSCphTILMoKl8
9t2spC/Nu+uD/T9yQYuTPJ7JW0SNGr1zNyo3PsvigU7C2OJ4J0T7VGWl5DgCXXkQ
vbNryQGonNRS6PBhyvsXhPBszDtxJhNY5bRYGOVo69DriagWwp85gZ9j2Z8HXpjn
mivuULTEVBclZtassY5AJvRwY2FNoczLJ9TUDUAi7KxevvMkqs3xhts096v9NBYK
B2jmQg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:56 2023 by rpki-client on console-ams.rpki-client.org