Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/521234A4890611EB9E1AC063C4F9AE02.roa
File: 521234A4890611EB9E1AC063C4F9AE02.roa (raw, json)
Hash identifier: YVIcUQHKnR/Gp8Ev/4wbSqWSi8hu1uLRwXIBUty0zZE=
Subject key identifier: 87:88:B1:29:AD:B5:A1:E6:2B:AE:88:D1:5F:4D:87:18:A1:56:FF:4F
Certificate issuer: /CN=A91A6131/serialNumber=7B059CCC60BAAAFCF6F141216EFDD68E870C2551
Certificate serial: 0548
Authority key identifier: 7B:05:9C:CC:60:BA:AA:FC:F6:F1:41:21:6E:FD:D6:8E:87:0C:25:51
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewWczGC6qvz28UEhbv3WjocMJVE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/521234A4890611EB9E1AC063C4F9AE02.roa
Signing time: Mon 22 Aug 2022 00:19:40 +0000
ROA not before: Mon 22 Aug 2022 00:19:40 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 18345
IP address blocks: 43.255.82.0/24 maxlen: 24
43.255.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1352 (0x548)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A6131/serialNumber=7B059CCC60BAAAFCF6F141216EFDD68E870C2551
Validity
Not Before: Aug 22 00:19:40 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=6302cb9c-217f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f5:57:0f:04:f9:9a:5f:26:51:97:a4:fb:a4:
93:7c:08:75:3e:bf:0c:8e:d9:1c:53:81:b2:6e:88:
4d:de:68:86:84:9e:52:34:f5:da:b0:70:f8:e4:41:
e8:bc:81:d8:bd:f7:95:d0:99:63:96:19:6d:bd:96:
18:d1:11:ad:04:9d:08:4f:23:97:07:5c:6b:9d:64:
15:a0:59:e7:a2:ed:70:2c:f8:e9:02:99:f1:d3:64:
62:43:8d:3d:17:bd:43:73:d0:e3:be:93:65:a9:22:
f1:09:03:4f:05:02:e9:79:34:f9:3e:9c:b7:c6:e2:
2c:a2:5d:42:66:91:91:25:df:08:b8:d6:44:e6:fa:
8b:4a:e7:8d:3b:39:b0:1d:75:d6:fb:f6:9b:71:ed:
cb:13:6d:fc:7d:00:38:60:6e:f5:d4:e0:ce:86:0a:
f9:a9:59:ac:02:02:18:a8:d7:88:14:b1:44:1a:e5:
22:c4:0c:f3:58:6e:18:60:a9:62:69:5f:57:45:f8:
ae:a6:d8:20:85:20:f7:46:86:01:d5:a0:a8:3f:98:
da:a6:9b:33:ba:26:68:59:64:71:e8:9b:d5:ae:68:
31:f0:fd:27:3b:56:00:36:3b:15:2a:8c:7a:bd:df:
3e:4b:9e:5a:9c:ef:92:e5:f2:56:10:c2:04:39:0a:
28:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:88:B1:29:AD:B5:A1:E6:2B:AE:88:D1:5F:4D:87:18:A1:56:FF:4F
X509v3 Authority Key Identifier:
keyid:7B:05:9C:CC:60:BA:AA:FC:F6:F1:41:21:6E:FD:D6:8E:87:0C:25:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/ewWczGC6qvz28UEhbv3WjocMJVE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewWczGC6qvz28UEhbv3WjocMJVE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/521234A4890611EB9E1AC063C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.82.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:99:30:3a:bd:67:7b:56:89:1c:70:25:d4:5f:59:74:9d:db:
a3:74:fa:85:d3:3f:8e:62:b9:45:24:b2:97:1a:95:06:24:a6:
8e:6a:ee:85:aa:84:8d:74:b2:0f:21:68:6c:87:fe:38:a8:29:
a5:e3:aa:8c:f0:19:70:dc:c8:1b:9c:de:d0:03:43:b8:4e:14:
12:19:7b:5e:68:56:ab:6b:5b:a9:6f:24:ba:91:9b:16:bd:f4:
b7:47:c1:01:20:33:59:ea:9c:38:34:51:1e:f1:0b:47:4f:3b:
2d:9d:6b:d5:6b:23:32:87:d8:0e:20:29:e8:4a:a4:40:27:a1:
46:f4:fb:55:c7:4c:de:0d:70:55:b3:a6:6c:c6:b0:ad:ef:a1:
06:df:12:78:b7:1b:c3:44:16:67:42:e7:79:18:b9:70:1c:34:
cd:1a:8a:08:7e:32:2e:5d:80:79:fc:46:dd:2c:79:58:8b:49:
4a:56:52:e8:01:67:88:7e:2e:96:85:63:7d:c1:66:f6:f3:22:
41:0f:65:d6:89:68:74:3e:b6:78:d6:b1:41:49:ec:67:6e:4b:
22:eb:4a:25:9f:f9:4d:59:d6:ef:20:59:fd:c2:77:b9:15:f9:
f1:be:e4:83:63:08:24:9e:b3:ad:1c:d4:c7:72:f0:31:5f:b1:
35:5c:20:49
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBUgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTYxMzExMTAvBgNVBAUTKDdCMDU5Q0NDNjBCQUFBRkNGNkYxNDEyMTZFRkRENjhF
ODcwQzI1NTEwHhcNMjIwODIyMDAxOTQwWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzAyY2I5Yy0yMTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzvVXDwT5ml8mUZek+6STfAh1Pr8MjtkcU4GybohN3miGhJ5SNPXasHD45EHo
vIHYvfeV0JljlhltvZYY0RGtBJ0ITyOXB1xrnWQVoFnnou1wLPjpApnx02RiQ409
F71Dc9DjvpNlqSLxCQNPBQLpeTT5Ppy3xuIsol1CZpGRJd8IuNZE5vqLSueNOzmw
HXXW+/abce3LE238fQA4YG711ODOhgr5qVmsAgIYqNeIFLFEGuUixAzzWG4YYKli
aV9XRfiuptgghSD3RoYB1aCoP5jappszuiZoWWRx6JvVrmgx8P0nO1YANjsVKox6
vd8+S55anO+S5fJWEMIEOQoo1wIDAQABo4IClTCCApEwHQYDVR0OBBYEFIeIsSmt
taHmK66I0V9NhxihVv9PMB8GA1UdIwQYMBaAFHsFnMxguqr89vFBIW791o6HDCVR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjEzMS8wRkNCM0QzODI4
RDYxMUVCODRFNEM5M0JDNEY5QUUwMi9ld1djekdDNnF2ejI4VUVoYnYzV2pvY01K
VkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V3V2N6R0M2cXZ6MjhVRWhidjNXam9jTUpWRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTYxMzEvMEZDQjNEMzgyOEQ2MTFFQjg0RTRDOTNCQzRGOUFFMDIvNTIxMjM0QTQ4
OTA2MTFFQjlFMUFDMDYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEr/1IwDQYJKoZIhvcNAQELBQADggEBACqZMDq9Z3tWiRxw
JdRfWXSd26N0+oXTP45iuUUkspcalQYkpo5q7oWqhI10sg8haGyH/jioKaXjqozw
GXDcyBuc3tADQ7hOFBIZe15oVqtrW6lvJLqRmxa99LdHwQEgM1nqnDg0UR7xC0dP
Oy2da9VrIzKH2A4gKehKpEAnoUb0+1XHTN4NcFWzpmzGsK3voQbfEni3G8NEFmdC
53kYuXAcNM0aigh+Mi5dgHn8Rt0seViLSUpWUugBZ4h+LpaFY33BZvbzIkEPZdaJ
aHQ+tnjWsUFJ7GduSyLrSiWf+U1Z1u8gWf3Cd7kV+fG+5INjCCSes60c1Mdy8DFf
sTVcIEk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org