Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1022/670D3896FFF211EBB827163DC4F9AE02/FECF3312FFF411EBAC8AE24DC4F9AE02.roa
File: FECF3312FFF411EBAC8AE24DC4F9AE02.roa (raw, json)
Hash identifier: Ib4nbFNVKWk5QILR97NXsSpgp3t3RuR2nVKkaf2iYV4=
Subject key identifier: 22:17:6E:A5:69:20:BF:6B:C8:D1:AF:67:F3:8A:F8:E7:2B:25:38:3D
Certificate issuer: /CN=A91A1022/serialNumber=94AC7A1CEE19B3343DD934A2461A12D6F516DC47
Certificate serial: 0349
Authority key identifier: 94:AC:7A:1C:EE:19:B3:34:3D:D9:34:A2:46:1A:12:D6:F5:16:DC:47
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKx6HO4ZszQ92TSiRhoS1vUW3Ec.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1022/670D3896FFF211EBB827163DC4F9AE02/FECF3312FFF411EBAC8AE24DC4F9AE02.roa
Signing time: Sun 13 Nov 2022 03:12:14 +0000
ROA not before: Sun 13 Nov 2022 03:12:14 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 135026
IP address blocks: 103.103.68.0/24 maxlen: 24
103.103.69.0/24 maxlen: 24
103.103.70.0/24 maxlen: 24
103.103.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 841 (0x349)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1022/serialNumber=94AC7A1CEE19B3343DD934A2461A12D6F516DC47
Validity
Not Before: Nov 13 03:12:14 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6370608e-23c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fb:f1:e9:06:eb:e8:f6:09:aa:5e:fb:2c:ce:
95:19:14:43:5e:d0:bf:82:25:38:1d:b1:4e:76:e7:
6b:75:81:18:ce:28:24:f5:22:f2:5e:cf:a1:cf:02:
6d:31:d0:58:8a:1b:43:33:c6:a3:84:82:ed:04:c9:
af:da:9a:2c:ba:7c:0e:b4:06:ca:c1:7b:d0:ea:3b:
2c:43:a2:7f:90:07:4f:37:ca:ac:09:e9:a6:e1:aa:
18:2e:d1:40:09:06:c5:79:a9:fc:67:df:10:49:e0:
c5:c0:20:42:15:b8:0f:af:eb:0a:45:25:e5:95:56:
54:07:e5:a6:7e:6b:3b:e0:c7:1f:39:7c:06:a3:0e:
15:5f:c2:47:c8:1c:88:0c:45:14:ec:2b:7b:65:92:
1e:85:0b:e7:3f:33:4e:65:d1:20:96:3d:ae:d7:6f:
49:8d:81:52:3b:1a:16:d7:72:70:bf:63:12:02:2d:
28:11:e4:ac:c4:26:29:ea:21:cb:d2:80:31:30:18:
cc:c0:67:84:ab:f7:f9:b8:0d:9d:0e:a3:28:bc:6d:
7f:21:8e:c0:bd:06:ab:bb:1f:df:c8:76:d5:03:23:
db:55:9f:c9:58:f9:f4:c2:2f:6b:13:fc:6a:ea:3f:
de:59:87:73:ab:2e:c0:22:fb:7b:ee:1a:bf:11:e1:
4f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:17:6E:A5:69:20:BF:6B:C8:D1:AF:67:F3:8A:F8:E7:2B:25:38:3D
X509v3 Authority Key Identifier:
keyid:94:AC:7A:1C:EE:19:B3:34:3D:D9:34:A2:46:1A:12:D6:F5:16:DC:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1022/670D3896FFF211EBB827163DC4F9AE02/lKx6HO4ZszQ92TSiRhoS1vUW3Ec.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKx6HO4ZszQ92TSiRhoS1vUW3Ec.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1022/670D3896FFF211EBB827163DC4F9AE02/FECF3312FFF411EBAC8AE24DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.103.68.0/22
Signature Algorithm: sha256WithRSAEncryption
67:1a:4f:91:d8:15:1b:70:9f:be:df:fa:3a:5d:63:ba:5b:c7:
bf:bc:e0:02:d3:79:da:df:29:92:17:7f:07:cb:b2:ed:a2:ef:
20:dd:a4:9d:40:01:1a:eb:09:09:67:a4:cf:b7:87:6d:cf:73:
77:22:f2:8a:28:dc:4d:45:bc:0c:8f:6e:31:4e:9c:7f:f9:7b:
8a:4a:f6:7a:ce:df:47:f2:50:bb:95:6c:b8:e3:05:ec:18:e1:
11:87:7b:ec:6b:e2:68:cb:c8:e6:23:ff:bd:55:9a:f9:78:d9:
37:14:30:17:b6:59:d6:b8:be:e8:fb:f6:e0:bc:73:7a:c5:6f:
e7:b7:1f:13:db:09:de:ae:23:94:a9:27:6a:4e:64:9a:7e:f0:
28:52:e9:97:10:97:d1:7f:4c:9d:22:01:75:d9:8b:42:27:1a:
45:0d:d0:76:7a:39:00:cd:14:f8:5f:5a:54:4d:d3:89:ef:1d:
48:38:d8:40:2f:71:11:95:16:bc:83:ce:43:71:05:58:de:90:
31:d9:88:a7:b2:11:fd:2c:c2:ad:3b:5f:6f:93:7d:fd:a8:e2:
2a:5c:28:3b:b3:83:d6:47:cf:ff:06:c8:23:55:5c:dd:91:da:
55:60:7c:3d:52:73:78:7a:46:69:f4:b6:2c:e5:1c:75:35:a7:
ee:cd:48:07
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA0kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTEwMjIxMTAvBgNVBAUTKDk0QUM3QTFDRUUxOUIzMzQzREQ5MzRBMjQ2MUExMkQ2
RjUxNkRDNDcwHhcNMjIxMTEzMDMxMjE0WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzcwNjA4ZS0yM2M2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1vvx6Qbr6PYJql77LM6VGRRDXtC/giU4HbFOdudrdYEYzigk9SLyXs+hzwJt
MdBYihtDM8ajhILtBMmv2posunwOtAbKwXvQ6jssQ6J/kAdPN8qsCemm4aoYLtFA
CQbFean8Z98QSeDFwCBCFbgPr+sKRSXllVZUB+Wmfms74McfOXwGow4VX8JHyByI
DEUU7Ct7ZZIehQvnPzNOZdEglj2u129JjYFSOxoW13Jwv2MSAi0oEeSsxCYp6iHL
0oAxMBjMwGeEq/f5uA2dDqMovG1/IY7AvQarux/fyHbVAyPbVZ/JWPn0wi9rE/xq
6j/eWYdzqy7AIvt77hq/EeFPYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCIXbqVp
IL9ryNGvZ/OK+OcrJTg9MB8GA1UdIwQYMBaAFJSsehzuGbM0Pdk0okYaEtb1FtxH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMTAyMi82NzBEMzg5NkZG
RjIxMUVCQjgyNzE2M0RDNEY5QUUwMi9sS3g2SE80WnN6UTkyVFNpUmhvUzF2VVcz
RWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xLeDZITzRac3pROTJUU2lSaG9TMXZVVzNFYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTEwMjIvNjcwRDM4OTZGRkYyMTFFQkI4MjcxNjNEQzRGOUFFMDIvRkVDRjMzMTJG
RkY0MTFFQkFDOEFFMjREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnZ0QwDQYJKoZIhvcNAQELBQADggEBAGcaT5HYFRtwn77f
+jpdY7pbx7+84ALTedrfKZIXfwfLsu2i7yDdpJ1AARrrCQlnpM+3h23Pc3ci8ooo
3E1FvAyPbjFOnH/5e4pK9nrO30fyULuVbLjjBewY4RGHe+xr4mjLyOYj/71Vmvl4
2TcUMBe2Wda4vuj79uC8c3rFb+e3HxPbCd6uI5SpJ2pOZJp+8ChS6ZcQl9F/TJ0i
AXXZi0InGkUN0HZ6OQDNFPhfWlRN04nvHUg42EAvcRGVFryDzkNxBVjekDHZiKey
Ef0swq07X2+Tff2o4ipcKDuzg9ZHz/8GyCNVXN2R2lVgfD1Sc3h6Rmn0tizlHHU1
p+7NSAc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:59 2023 by rpki-client on console-ams.rpki-client.org