Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A9C6B/3CBD72EA03ED11EDA6669C6DC4F9AE02/C3162D7403F111EDB92F170EC4F9AE02.roa
File: C3162D7403F111EDB92F170EC4F9AE02.roa (raw, json)
Hash identifier: t5yPrXXRVqILzx5J8D5r0laf5M9VRLaD9iyR35mWtQA=
Subject key identifier: BE:7D:0D:9E:88:29:34:E2:08:12:6E:2D:15:12:E1:76:03:15:B9:3B
Certificate issuer: /CN=A91A9C6B/serialNumber=125DF400000306CB31CBE1888838A05C1C6344F3
Certificate serial: AF
Authority key identifier: 12:5D:F4:00:00:03:06:CB:31:CB:E1:88:88:38:A0:5C:1C:63:44:F3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/El30AAADBssxy-GIiDigXBxjRPM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A9C6B/3CBD72EA03ED11EDA6669C6DC4F9AE02/C3162D7403F111EDB92F170EC4F9AE02.roa
Signing time: Sat 29 Oct 2022 05:34:08 +0000
ROA not before: Sat 29 Oct 2022 05:34:08 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 17726
IP address blocks: 103.101.156.0/22 maxlen: 23
103.101.156.0/24 maxlen: 24
103.101.157.0/24 maxlen: 24
103.101.158.0/24 maxlen: 24
103.101.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175 (0xaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A9C6B/serialNumber=125DF400000306CB31CBE1888838A05C1C6344F3
Validity
Not Before: Oct 29 05:34:08 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=635cbb50-b94a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c6:b6:82:fa:38:35:e5:7e:d4:97:bb:96:c7:
03:35:8d:04:ac:8a:3c:6f:f7:4c:2c:71:e6:63:cb:
89:c8:b4:05:52:22:d3:0a:c1:b6:c4:24:2d:10:79:
eb:8b:22:cb:0c:02:3c:c4:f5:4b:63:1e:99:a9:b0:
d6:8f:6b:53:de:f7:be:3f:82:46:9b:a2:61:48:59:
19:df:8b:23:3f:85:9a:d1:65:2b:38:9f:a9:8f:d8:
9d:04:f8:f5:2b:7b:34:0d:81:cb:a5:fe:34:72:f2:
1e:1d:d9:5f:c0:c9:23:81:5b:c2:c0:c3:a0:6b:e4:
e5:b4:53:39:93:1f:8d:8d:98:b2:cc:53:11:c1:ee:
4e:74:c8:30:bf:c5:02:d0:c7:1b:c0:04:9c:0f:de:
2c:83:ae:3c:12:75:1c:31:85:e1:6f:06:d2:ae:89:
5b:3f:f3:f9:b9:e7:21:74:47:f1:70:13:55:b9:25:
48:fc:ef:00:8b:98:54:41:c2:c2:a3:3d:34:8c:a1:
76:08:5a:9f:ef:e9:22:df:96:46:82:25:61:c5:1a:
37:f5:2e:d8:53:cf:f9:0c:a5:a4:0a:a7:2c:08:e2:
8f:88:fc:28:c7:1f:9b:7e:02:7e:c4:cd:f2:c0:20:
ed:c6:73:7e:04:39:b4:d6:c4:43:2c:b0:07:79:5f:
d1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:7D:0D:9E:88:29:34:E2:08:12:6E:2D:15:12:E1:76:03:15:B9:3B
X509v3 Authority Key Identifier:
keyid:12:5D:F4:00:00:03:06:CB:31:CB:E1:88:88:38:A0:5C:1C:63:44:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A9C6B/3CBD72EA03ED11EDA6669C6DC4F9AE02/El30AAADBssxy-GIiDigXBxjRPM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/El30AAADBssxy-GIiDigXBxjRPM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A9C6B/3CBD72EA03ED11EDA6669C6DC4F9AE02/C3162D7403F111EDB92F170EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.156.0/22
Signature Algorithm: sha256WithRSAEncryption
92:0a:bc:d9:ff:4e:c0:f6:fd:b5:aa:5c:82:14:12:4f:80:d8:
37:4e:14:ce:8d:03:c2:91:4d:61:6c:dc:06:f4:25:c3:16:a4:
62:03:7e:d0:f3:1b:75:9f:87:3f:6c:12:09:bf:87:40:f8:30:
ad:45:fa:7b:84:cf:5e:0f:75:00:73:98:fa:6f:75:b1:42:ef:
10:6e:1f:5a:1b:8e:e1:df:13:64:9b:e1:d0:da:cf:b5:fc:3a:
de:1e:fe:8e:d5:96:6b:c2:70:18:a2:48:ab:8e:f6:37:c3:8a:
6e:f0:b5:b6:c7:05:fb:d9:99:8e:3b:e2:4e:02:9c:11:68:97:
de:16:d5:62:51:e1:9d:1d:eb:6f:f3:01:e4:0b:73:9b:16:3e:
fb:aa:32:65:e3:be:fb:aa:c5:5e:87:25:b7:30:f4:c3:8f:cd:
01:0e:1a:9d:be:38:47:f1:09:9e:73:35:23:36:26:b1:eb:0e:
c7:f0:94:61:c2:13:41:84:e0:f4:bc:8e:1a:95:c2:c4:e6:87:
49:15:08:b1:32:ec:fb:d6:44:83:75:a7:87:c9:3c:c5:ed:af:
03:a4:fa:80:d2:f5:94:b7:62:c9:c6:32:f0:15:71:be:20:c0:
86:b1:04:3a:1a:a2:8f:1a:ba:8c:5a:77:cc:83:24:3e:fb:65:
7e:d3:12:d2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTlDNkIxMTAvBgNVBAUTKDEyNURGNDAwMDAwMzA2Q0IzMUNCRTE4ODg4MzhBMDVD
MUM2MzQ0RjMwHhcNMjIxMDI5MDUzNDA4WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzVjYmI1MC1iOTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuca2gvo4NeV+1Je7lscDNY0ErIo8b/dMLHHmY8uJyLQFUiLTCsG2xCQtEHnr
iyLLDAI8xPVLYx6ZqbDWj2tT3ve+P4JGm6JhSFkZ34sjP4Wa0WUrOJ+pj9idBPj1
K3s0DYHLpf40cvIeHdlfwMkjgVvCwMOga+TltFM5kx+NjZiyzFMRwe5OdMgwv8UC
0McbwAScD94sg648EnUcMYXhbwbSrolbP/P5uechdEfxcBNVuSVI/O8Ai5hUQcLC
oz00jKF2CFqf7+ki35ZGgiVhxRo39S7YU8/5DKWkCqcsCOKPiPwoxx+bfgJ+xM3y
wCDtxnN+BDm01sRDLLAHeV/RSQIDAQABo4IClTCCApEwHQYDVR0OBBYEFL59DZ6I
KTTiCBJuLRUS4XYDFbk7MB8GA1UdIwQYMBaAFBJd9AAAAwbLMcvhiIg4oFwcY0Tz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOUM2Qi8zQ0JENzJFQTAz
RUQxMUVEQTY2NjlDNkRDNEY5QUUwMi9FbDMwQUFBREJzc3h5LUdJaURpZ1hCeGpS
UE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VsMzBBQUFEQnNzeHktR0lpRGlnWEJ4alJQTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTlDNkIvM0NCRDcyRUEwM0VEMTFFREE2NjY5QzZEQzRGOUFFMDIvQzMxNjJENzQw
M0YxMTFFREI5MkYxNzBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnZZwwDQYJKoZIhvcNAQELBQADggEBAJIKvNn/TsD2/bWq
XIIUEk+A2DdOFM6NA8KRTWFs3Ab0JcMWpGIDftDzG3Wfhz9sEgm/h0D4MK1F+nuE
z14PdQBzmPpvdbFC7xBuH1objuHfE2Sb4dDaz7X8Ot4e/o7VlmvCcBiiSKuO9jfD
im7wtbbHBfvZmY474k4CnBFol94W1WJR4Z0d62/zAeQLc5sWPvuqMmXjvvuqxV6H
Jbcw9MOPzQEOGp2+OEfxCZ5zNSM2JrHrDsfwlGHCE0GE4PS8jhqVwsTmh0kVCLEy
7PvWRIN1p4fJPMXtrwOk+oDS9ZS3YsnGMvAVcb4gwIaxBDoaoo8auoxad8yDJD77
ZX7TEtI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org