Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919BB2B/93960D465D5A11ECB2D87452C4F9AE02/B0E403F45D5E11ECB2CF1928C4F9AE02.roa
File: B0E403F45D5E11ECB2CF1928C4F9AE02.roa (raw, json)
Hash identifier: i2vWuZ78RewVejWVv1WB6xKj27+yjn8NqZmZYcd3HmE=
Subject key identifier: 2B:58:16:49:4E:A7:A8:E3:BD:43:A5:66:35:3A:F5:A7:81:4D:A6:EE
Certificate issuer: /CN=A919BB2B/serialNumber=7B3460E7AC1FB0D60AF15F8445CA2CADED1F3F60
Certificate serial: 0272
Authority key identifier: 7B:34:60:E7:AC:1F:B0:D6:0A:F1:5F:84:45:CA:2C:AD:ED:1F:3F:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ezRg56wfsNYK8V-ERcosre0fP2A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919BB2B/93960D465D5A11ECB2D87452C4F9AE02/B0E403F45D5E11ECB2CF1928C4F9AE02.roa
Signing time: Sat 17 Dec 2022 04:03:04 +0000
ROA not before: Sat 17 Dec 2022 04:03:04 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 149179
IP address blocks: 103.177.213.0/24 maxlen: 24
2001:df0:2b40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 626 (0x272)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919BB2B/serialNumber=7B3460E7AC1FB0D60AF15F8445CA2CADED1F3F60
Validity
Not Before: Dec 17 04:03:04 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=639d3f78-6edf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:67:b3:15:f8:9d:71:af:5e:86:ec:c9:8e:e6:
d9:b8:e2:66:6f:77:b0:65:7f:c4:9b:df:93:01:0c:
fb:ba:32:96:82:b7:a4:36:64:7c:92:aa:41:16:17:
11:8e:75:af:bf:ad:89:10:de:2f:0d:47:47:c7:50:
d0:90:e6:58:43:9d:7d:09:c0:6c:5e:20:fa:d3:d1:
d4:5b:30:5d:4b:ce:0d:7a:04:1d:62:36:c3:69:dc:
e5:b6:24:05:de:26:69:71:87:24:b8:80:35:4a:ff:
f3:7e:fb:b7:e5:8f:c9:4f:ae:31:b3:06:1e:53:84:
7d:13:49:f5:e5:25:a7:e7:64:91:3a:46:58:cc:9f:
2b:ba:fb:c7:3f:6c:eb:74:d7:24:c3:44:e1:3b:bf:
09:c6:db:7d:b2:5e:8d:fa:02:55:0c:d7:bb:63:66:
24:f9:b1:60:75:98:ba:17:73:1a:ff:f7:b5:34:a9:
73:e6:fe:46:72:71:37:3d:27:d2:89:65:70:e8:f8:
f3:37:69:4d:c0:2b:d2:9f:bb:66:3c:a5:d9:12:d4:
2f:d3:a9:f5:28:ef:73:b2:ec:cd:dd:a7:24:8b:bc:
4c:30:7d:24:d0:7e:e8:7a:63:32:a6:ba:25:b3:eb:
bb:fa:da:ef:6d:09:62:3d:96:70:fa:fa:e1:4e:02:
63:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:58:16:49:4E:A7:A8:E3:BD:43:A5:66:35:3A:F5:A7:81:4D:A6:EE
X509v3 Authority Key Identifier:
keyid:7B:34:60:E7:AC:1F:B0:D6:0A:F1:5F:84:45:CA:2C:AD:ED:1F:3F:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919BB2B/93960D465D5A11ECB2D87452C4F9AE02/ezRg56wfsNYK8V-ERcosre0fP2A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ezRg56wfsNYK8V-ERcosre0fP2A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919BB2B/93960D465D5A11ECB2D87452C4F9AE02/B0E403F45D5E11ECB2CF1928C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.213.0/24
IPv6:
2001:df0:2b40::/48
Signature Algorithm: sha256WithRSAEncryption
96:10:d5:14:ee:bc:db:d0:c7:97:62:de:f4:bd:0d:09:d9:54:
b8:41:52:61:80:0b:9c:46:5f:7d:11:69:44:e2:6b:15:a1:f4:
8d:51:c1:ea:82:97:83:4f:8f:6e:98:33:6d:57:70:59:29:82:
6c:cd:c4:bf:0b:ea:ed:9b:80:d4:d4:3e:f2:54:ab:1d:28:f1:
01:65:e4:5b:c7:d3:d8:53:00:a6:32:cb:3f:db:d7:ea:fd:60:
7a:d0:ef:9f:16:89:68:b3:e9:ff:47:66:ba:52:e9:63:4e:38:
d4:d4:0a:65:ca:1d:1e:a0:5e:1b:e6:38:5f:44:5c:e4:ed:73:
83:8b:9e:a7:bb:16:21:70:f4:d8:7e:c0:8e:93:95:47:7d:a0:
83:5f:93:3b:ae:3f:86:4f:8c:76:52:89:4f:ca:f5:02:f3:77:
ee:32:e1:5e:e4:d0:ff:fe:27:87:e6:53:8f:25:fb:27:91:b3:
14:f9:92:aa:9d:ec:96:20:f1:e0:a9:6c:48:6b:06:87:dc:45:
7f:d2:29:07:3b:e3:7f:1d:37:f6:a5:7c:19:88:ee:b4:c7:e8:
cc:ed:58:5d:0e:a4:7f:11:99:05:76:b6:a4:ac:dd:d3:85:11:
84:c8:6e:7f:1b:dc:5d:45:67:09:72:6a:1a:6d:9f:e0:21:7c:
7b:6d:76:31
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAnIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUJCMkIxMTAvBgNVBAUTKDdCMzQ2MEU3QUMxRkIwRDYwQUYxNUY4NDQ1Q0EyQ0FE
RUQxRjNGNjAwHhcNMjIxMjE3MDQwMzA0WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzlkM2Y3OC02ZWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1GezFfidca9ehuzJjubZuOJmb3ewZX/Em9+TAQz7ujKWgrekNmR8kqpBFhcR
jnWvv62JEN4vDUdHx1DQkOZYQ519CcBsXiD609HUWzBdS84NegQdYjbDadzltiQF
3iZpcYckuIA1Sv/zfvu35Y/JT64xswYeU4R9E0n15SWn52SROkZYzJ8ruvvHP2zr
dNckw0ThO78Jxtt9sl6N+gJVDNe7Y2Yk+bFgdZi6F3Ma//e1NKlz5v5GcnE3PSfS
iWVw6PjzN2lNwCvSn7tmPKXZEtQv06n1KO9zsuzN3acki7xMMH0k0H7oemMyprol
s+u7+trvbQliPZZw+vrhTgJjawIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFCtYFklO
p6jjvUOlZjU69aeBTabuMB8GA1UdIwQYMBaAFHs0YOesH7DWCvFfhEXKLK3tHz9g
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QkIyQi85Mzk2MEQ0NjVE
NUExMUVDQjJEODc0NTJDNEY5QUUwMi9lelJnNTZ3ZnNOWUs4Vi1FUmNvc3JlMGZQ
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V6Umc1Nndmc05ZSzhWLUVSY29zcmUwZlAyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUJCMkIvOTM5NjBENDY1RDVBMTFFQ0IyRDg3NDUyQzRGOUFFMDIvQjBFNDAzRjQ1
RDVFMTFFQ0IyQ0YxOTI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnsdUwDwQCAAIwCQMHACABDfArQDANBgkqhkiG9w0BAQsF
AAOCAQEAlhDVFO6829DHl2Le9L0NCdlUuEFSYYALnEZffRFpROJrFaH0jVHB6oKX
g0+PbpgzbVdwWSmCbM3Evwvq7ZuA1NQ+8lSrHSjxAWXkW8fT2FMApjLLP9vX6v1g
etDvnxaJaLPp/0dmulLpY0441NQKZcodHqBeG+Y4X0Rc5O1zg4uep7sWIXD02H7A
jpOVR32gg1+TO64/hk+MdlKJT8r1AvN37jLhXuTQ//4nh+ZTjyX7J5GzFPmSqp3s
liDx4KlsSGsGh9xFf9IpBzvjfx039qV8GYjutMfozO1YXQ6kfxGZBXa2pKzd04UR
hMhufxvcXUVnCXJqGm2f4CF8e212MQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:49 2024 by rpki-client on console-ams.rpki-client.org