Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919415E/36ADECB4077711EB8B721776C4F9AE02/960DC72C0DDC11EB85E3337CC4F9AE02.roa
File: 960DC72C0DDC11EB85E3337CC4F9AE02.roa (raw, json)
Hash identifier: oix30cNI1Kte+5IV6TLv7qsp0WO9S9cmODO/f9cQh0k=
Subject key identifier: DA:7F:83:67:F0:26:0A:75:9F:6F:54:14:9A:02:76:14:61:F0:B1:D1
Certificate issuer: /CN=A919415E/serialNumber=148F5641F913117614A1F36466F038B8E546DE40
Certificate serial: 02F8
Authority key identifier: 14:8F:56:41:F9:13:11:76:14:A1:F3:64:66:F0:38:B8:E5:46:DE:40
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FI9WQfkTEXYUofNkZvA4uOVG3kA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919415E/36ADECB4077711EB8B721776C4F9AE02/960DC72C0DDC11EB85E3337CC4F9AE02.roa
Signing time: Tue 19 Oct 2021 23:09:00 +0000
ROA not before: Tue 19 Oct 2021 23:09:00 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 55766
IP address blocks: 43.252.96.0/22 maxlen: 22
43.252.96.0/24 maxlen: 24
43.252.97.0/24 maxlen: 24
43.252.98.0/24 maxlen: 24
43.252.99.0/24 maxlen: 24
103.22.184.0/22 maxlen: 22
103.22.184.0/24 maxlen: 24
103.22.185.0/24 maxlen: 24
103.22.186.0/24 maxlen: 24
103.22.187.0/24 maxlen: 24
103.27.152.0/22 maxlen: 22
103.27.152.0/24 maxlen: 24
103.27.153.0/24 maxlen: 24
103.27.154.0/24 maxlen: 24
103.27.155.0/24 maxlen: 24
223.29.240.0/22 maxlen: 22
223.29.240.0/24 maxlen: 24
223.29.241.0/24 maxlen: 24
223.29.242.0/24 maxlen: 24
223.29.243.0/24 maxlen: 24
2400:f280:2000::/40 maxlen: 40
2400:f280:2300::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 760 (0x2f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919415E/serialNumber=148F5641F913117614A1F36466F038B8E546DE40
Validity
Not Before: Oct 19 23:09:00 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=616f500b-c3eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0b:83:e3:c6:17:04:bd:62:9f:48:05:06:a1:
25:35:1b:16:84:4f:aa:70:c8:ff:a1:cb:d3:34:f1:
b3:79:2e:bb:09:1b:15:7d:0f:45:4f:2e:53:66:9d:
2b:0e:87:59:ac:25:0b:da:32:bf:54:2f:66:cd:1e:
11:3a:b4:db:5e:59:0c:20:32:9c:d5:c4:2a:5f:73:
55:3d:34:24:d5:70:0d:8b:69:5b:83:c7:7a:db:3c:
eb:bf:da:5c:62:92:4f:c2:68:2a:91:55:6f:66:fc:
db:6f:37:63:13:5a:d8:f7:31:4f:33:5a:72:2a:9d:
61:a0:c7:4d:9e:94:9c:6c:79:f2:a0:c0:88:4f:04:
27:45:17:5e:03:b8:0d:7d:5d:23:35:79:bb:8f:36:
35:cd:71:7c:3e:59:bc:25:83:86:14:f3:c6:74:af:
f1:40:5c:17:e0:ed:66:6b:c9:eb:47:8f:b0:77:9f:
e2:d0:f4:34:e5:a4:e7:08:31:45:b6:99:e5:0c:f5:
48:3d:41:c1:ed:f1:4f:db:09:95:63:d6:1b:22:37:
9f:b5:60:49:6b:d2:1b:7d:a3:c5:c0:4c:8f:cf:b7:
86:ff:12:73:ef:31:7b:93:63:63:00:aa:f1:51:13:
96:fc:a4:c5:28:0d:ac:00:23:80:90:32:d3:a3:98:
4d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:7F:83:67:F0:26:0A:75:9F:6F:54:14:9A:02:76:14:61:F0:B1:D1
X509v3 Authority Key Identifier:
keyid:14:8F:56:41:F9:13:11:76:14:A1:F3:64:66:F0:38:B8:E5:46:DE:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919415E/36ADECB4077711EB8B721776C4F9AE02/FI9WQfkTEXYUofNkZvA4uOVG3kA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FI9WQfkTEXYUofNkZvA4uOVG3kA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919415E/36ADECB4077711EB8B721776C4F9AE02/960DC72C0DDC11EB85E3337CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.96.0/22
103.22.184.0/22
103.27.152.0/22
223.29.240.0/22
IPv6:
2400:f280:2000::/40
2400:f280:2300::/40
Signature Algorithm: sha256WithRSAEncryption
85:13:cb:61:8f:03:e7:7e:07:2e:c8:24:61:72:0b:25:5b:8c:
11:e8:18:35:f6:4a:87:2b:0e:42:42:44:7e:72:34:b3:0d:db:
41:f5:5d:6c:42:96:cb:1b:59:0b:46:33:8b:56:ee:27:2d:13:
26:73:67:05:42:7b:15:f4:ea:b8:42:05:b9:d8:8e:87:31:60:
30:b9:40:1d:be:4d:43:a1:e2:40:3b:a6:50:2e:b7:73:d7:3b:
70:8e:8a:29:82:58:42:8d:de:a1:c7:4e:d0:42:85:69:f4:89:
4c:88:71:b7:c5:53:48:f5:fc:5d:4d:b7:9b:ec:49:42:2f:72:
79:5d:62:5f:6a:49:ee:9d:68:d2:2d:90:b7:8d:0d:8e:6d:a3:
89:65:98:3a:7b:1d:a3:98:20:88:89:e3:f7:63:5e:04:5e:74:
d8:1c:ab:9c:c7:ec:3b:56:ba:98:2c:e4:f4:4b:7a:fc:19:25:
ab:51:fd:68:b5:98:29:2f:4c:a3:76:aa:1e:a2:10:c6:92:6b:
05:9d:d8:04:c0:01:63:0a:d1:0d:28:e1:d3:a7:0c:83:5d:c8:
97:52:7d:92:f6:07:b5:39:08:bd:8d:2f:30:4d:54:37:e9:1c:
0e:fb:ed:76:2b:e4:96:04:25:59:b6:a1:a8:3e:47:39:1e:a8:
9a:e0:76:17
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICAvgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTQxNUUxMTAvBgNVBAUTKDE0OEY1NjQxRjkxMzExNzYxNEExRjM2NDY2RjAzOEI4
RTU0NkRFNDAwHhcNMjExMDE5MjMwOTAwWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTZmNTAwYi1jM2ViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAswuD48YXBL1in0gFBqElNRsWhE+qcMj/ocvTNPGzeS67CRsVfQ9FTy5TZp0r
DodZrCUL2jK/VC9mzR4ROrTbXlkMIDKc1cQqX3NVPTQk1XANi2lbg8d62zzrv9pc
YpJPwmgqkVVvZvzbbzdjE1rY9zFPM1pyKp1hoMdNnpScbHnyoMCITwQnRRdeA7gN
fV0jNXm7jzY1zXF8Plm8JYOGFPPGdK/xQFwX4O1ma8nrR4+wd5/i0PQ05aTnCDFF
tpnlDPVIPUHB7fFP2wmVY9YbIjeftWBJa9IbfaPFwEyPz7eG/xJz7zF7k2NjAKrx
UROW/KTFKA2sACOAkDLTo5hNQwIDAQABo4ICvzCCArswHQYDVR0OBBYEFNp/g2fw
Jgp1n29UFJoCdhRh8LHRMB8GA1UdIwQYMBaAFBSPVkH5ExF2FKHzZGbwOLjlRt5A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDE1RS8zNkFERUNCNDA3
NzcxMUVCOEI3MjE3NzZDNEY5QUUwMi9GSTlXUWZrVEVYWVVvZk5rWnZBNHVPVkcz
a0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZJOVdRZmtURVhZVW9mTmtadkE0dU9WRzNrQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTQxNUUvMzZBREVDQjQwNzc3MTFFQjhCNzIxNzc2QzRGOUFFMDIvOTYwREM3MkMw
RERDMTFFQjg1RTMzMzdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MB4EAgABMBgDBAIr/GADBAJnFrgDBAJnG5gDBALfHfAwFgQCAAIwEAMGACQA
8oAgAwYAJADygCMwDQYJKoZIhvcNAQELBQADggEBAIUTy2GPA+d+By7IJGFyCyVb
jBHoGDX2SocrDkJCRH5yNLMN20H1XWxClssbWQtGM4tW7ictEyZzZwVCexX06rhC
BbnYjocxYDC5QB2+TUOh4kA7plAut3PXO3COiimCWEKN3qHHTtBChWn0iUyIcbfF
U0j1/F1Nt5vsSUIvcnldYl9qSe6daNItkLeNDY5to4llmDp7HaOYIIiJ4/djXgRe
dNgcq5zH7DtWupgs5PRLevwZJatR/Wi1mCkvTKN2qh6iEMaSawWd2ATAAWMK0Q0o
4dOnDINdyJdSfZL2B7U5CL2NLzBNVDfpHA777XYr5JYEJVm2oag+RzkeqJrgdhc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:34 2024 by rpki-client on console-fra.rpki-client.org