Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9193E80/1C97E8188A2C11E8AA7B8B1BC4F9AE02/B2F44CC8B0DA11ED9925CF80C4F9AE02.roa
File: B2F44CC8B0DA11ED9925CF80C4F9AE02.roa (raw, json)
Hash identifier: pQL0V6i40YrreyVu2cH2rS3jwPHFanyeCayqB/A/Eys=
Subject key identifier: 5D:9D:8B:22:14:27:E0:C3:0D:71:5B:04:6F:51:52:AB:0D:67:BC:39
Certificate issuer: /CN=A9193E80/serialNumber=249A2D6CAB3E9DC3BE869E22D858DF61560E412F
Certificate serial: 1282
Authority key identifier: 24:9A:2D:6C:AB:3E:9D:C3:BE:86:9E:22:D8:58:DF:61:56:0E:41:2F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JJotbKs-ncO-hp4i2FjfYVYOQS8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9193E80/1C97E8188A2C11E8AA7B8B1BC4F9AE02/B2F44CC8B0DA11ED9925CF80C4F9AE02.roa
Signing time: Thu 22 Jun 2023 01:46:27 +0000
ROA not before: Thu 22 Jun 2023 01:46:27 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 134090
IP address blocks: 45.249.116.0/22 maxlen: 24
103.51.112.0/22 maxlen: 24
103.85.36.0/22 maxlen: 24
103.95.112.0/22 maxlen: 24
103.106.88.0/22 maxlen: 24
123.253.188.0/22 maxlen: 24
202.128.112.0/20 maxlen: 24
202.179.128.0/22 maxlen: 24
2400:a840::/32 maxlen: 34
2400:a841::/32 maxlen: 34
2400:a842::/31 maxlen: 34
2400:a844::/30 maxlen: 34
2402:2c80::/32 maxlen: 34
2402:3fc0::/32 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4738 (0x1282)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9193E80/serialNumber=249A2D6CAB3E9DC3BE869E22D858DF61560E412F
Validity
Not Before: Jun 22 01:46:27 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=6493a7f3-7daa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:71:7c:97:e4:b5:00:c8:68:7a:dc:39:e6:55:
2c:b9:3d:9b:47:5e:9f:1e:dc:91:ba:60:99:ef:de:
cd:29:56:7e:33:4b:68:49:40:f2:d7:0a:0d:52:61:
14:c1:75:2d:e7:a0:d8:05:12:70:d1:5f:98:89:06:
10:e1:b4:be:f4:5f:04:4c:78:05:63:be:0a:32:bb:
52:11:45:d9:43:a9:b6:00:1e:45:79:26:44:57:a4:
1b:7a:ce:57:33:ae:8e:f1:53:b0:e1:37:38:7d:3e:
bd:e4:0e:38:08:1f:85:15:dd:b6:24:86:66:b7:d9:
94:10:af:de:10:f2:54:7d:16:fb:3a:c8:85:e7:10:
df:7f:56:69:cf:46:27:43:dc:f3:a3:6e:01:2e:46:
e9:92:fa:84:79:5c:4f:00:49:df:3f:92:22:6e:ec:
97:f3:3e:b6:b4:51:ab:cf:69:fc:7f:2b:01:da:9c:
30:96:2e:d9:12:7c:3f:b7:97:6d:ed:c7:8b:e0:5a:
38:af:fe:02:23:32:fc:d7:fa:bc:b5:59:b4:f4:5a:
b6:4b:61:fa:59:c4:76:67:5b:79:5c:0b:98:4d:83:
a8:fb:ec:a2:45:1c:c0:68:88:c6:c1:15:a4:af:cf:
a4:58:29:3b:4f:b1:f2:16:38:e0:84:66:c7:06:b8:
36:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:9D:8B:22:14:27:E0:C3:0D:71:5B:04:6F:51:52:AB:0D:67:BC:39
X509v3 Authority Key Identifier:
keyid:24:9A:2D:6C:AB:3E:9D:C3:BE:86:9E:22:D8:58:DF:61:56:0E:41:2F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9193E80/1C97E8188A2C11E8AA7B8B1BC4F9AE02/JJotbKs-ncO-hp4i2FjfYVYOQS8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JJotbKs-ncO-hp4i2FjfYVYOQS8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9193E80/1C97E8188A2C11E8AA7B8B1BC4F9AE02/B2F44CC8B0DA11ED9925CF80C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.249.116.0/22
103.51.112.0/22
103.85.36.0/22
103.95.112.0/22
103.106.88.0/22
123.253.188.0/22
202.128.112.0/20
202.179.128.0/22
IPv6:
2400:a840::/29
2402:2c80::/32
2402:3fc0::/32
Signature Algorithm: sha256WithRSAEncryption
11:26:c3:f9:ad:13:02:47:c8:da:88:62:bf:5a:77:97:ee:6e:
2b:7c:b1:53:28:2e:81:6a:61:36:7c:a4:5e:34:6c:c9:ff:fb:
7a:55:5e:2a:74:ee:d0:5d:85:e2:09:ec:fa:64:a7:25:4d:d5:
54:aa:70:97:d6:1c:0c:20:24:75:e5:f2:8b:72:13:9c:97:f6:
98:74:3a:a8:88:f0:34:c3:83:63:03:42:b9:cd:86:8e:7e:3d:
0d:3a:c1:56:26:ff:b2:10:56:a7:8c:ea:ec:56:f7:11:00:00:
be:a3:dc:fe:da:78:6a:17:fb:dc:27:0b:25:28:84:38:e5:76:
88:6c:23:0d:e4:a5:6f:f4:21:86:1a:97:99:8c:02:1e:42:92:
f6:c2:7b:1b:82:86:7f:57:aa:c3:50:5b:85:e2:dd:72:6e:65:
7e:3a:57:23:37:c5:92:82:e6:05:1d:2f:7d:2e:1b:f3:bd:0a:
9f:df:15:f5:9a:28:58:22:75:56:7f:d8:0b:37:0a:cb:06:0a:
cd:92:17:51:f5:9b:1c:4e:38:8b:9a:92:5d:86:76:cd:a1:c8:
54:71:d3:39:52:b8:45:af:5e:21:7b:21:a8:73:2c:c7:b5:0b:
26:65:77:6a:bf:90:54:d6:c0:6b:15:39:2a:52:c8:f0:34:0e:
43:65:9e:2f
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgICEoIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTNFODAxMTAvBgNVBAUTKDI0OUEyRDZDQUIzRTlEQzNCRTg2OUUyMkQ4NThERjYx
NTYwRTQxMkYwHhcNMjMwNjIyMDE0NjI3WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDkzYTdmMy03ZGFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn3F8l+S1AMhoetw55lUsuT2bR16fHtyRumCZ797NKVZ+M0toSUDy1woNUmEU
wXUt56DYBRJw0V+YiQYQ4bS+9F8ETHgFY74KMrtSEUXZQ6m2AB5FeSZEV6Qbes5X
M66O8VOw4Tc4fT695A44CB+FFd22JIZmt9mUEK/eEPJUfRb7OsiF5xDff1Zpz0Yn
Q9zzo24BLkbpkvqEeVxPAEnfP5IibuyX8z62tFGrz2n8fysB2pwwli7ZEnw/t5dt
7ceL4Fo4r/4CIzL81/q8tVm09Fq2S2H6WcR2Z1t5XAuYTYOo++yiRRzAaIjGwRWk
r8+kWCk7T7HyFjjghGbHBrg2YQIDAQABo4IC3DCCAtgwHQYDVR0OBBYEFF2diyIU
J+DDDXFbBG9RUqsNZ7w5MB8GA1UdIwQYMBaAFCSaLWyrPp3DvoaeIthY32FWDkEv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5M0U4MC8xQzk3RTgxODhB
MkMxMUU4QUE3QjhCMUJDNEY5QUUwMi9KSm90YktzLW5jTy1ocDRpMkZqZllWWU9R
UzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pKb3RiS3MtbmNPLWhwNGkyRmpmWVZZT1FTOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTNFODAvMUM5N0U4MTg4QTJDMTFFOEFBN0I4QjFCQzRGOUFFMDIvQjJGNDRDQzhC
MERBMTFFRDk5MjVDRjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZgYIKwYBBQUHAQcBAf8E
VzBVMDYEAgABMDADBAIt+XQDBAJnM3ADBAJnVSQDBAJnX3ADBAJnalgDBAJ7/bwD
BATKgHADBALKs4AwGwQCAAIwFQMFAyQAqEADBQAkAiyAAwUAJAI/wDANBgkqhkiG
9w0BAQsFAAOCAQEAESbD+a0TAkfI2ohiv1p3l+5uK3yxUygugWphNnykXjRsyf/7
elVeKnTu0F2F4gns+mSnJU3VVKpwl9YcDCAkdeXyi3ITnJf2mHQ6qIjwNMODYwNC
uc2Gjn49DTrBVib/shBWp4zq7Fb3EQAAvqPc/tp4ahf73CcLJSiEOOV2iGwjDeSl
b/QhhhqXmYwCHkKS9sJ7G4KGf1eqw1BbheLdcm5lfjpXIzfFkoLmBR0vfS4b870K
n98V9ZooWCJ1Vn/YCzcKywYKzZIXUfWbHE44i5qSXYZ2zaHIVHHTOVK4Ra9eIXsh
qHMsx7ULJmV3ar+QVNbAaxU5KlLI8DQOQ2WeLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org