Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA26F/7A1F1C204C2B11E8996BAD28C4F9AE02/FF35666AC43911EBB9FFFC34C4F9AE02.roa
File: FF35666AC43911EBB9FFFC34C4F9AE02.roa (raw, json)
Hash identifier: 4UZMgeiAqGwpw2n+gFDzMTnL8cI2xL7Qwmp8gbLt+hc=
Subject key identifier: 37:D6:CD:BB:B6:B0:A2:80:A1:E7:31:8E:85:8D:66:BF:39:2D:AF:31
Certificate issuer: /CN=A91AA26F/serialNumber=2F8B8F0934F253B705D58E2A03D7CEEC34BECEAA
Certificate serial: 13A4
Authority key identifier: 2F:8B:8F:09:34:F2:53:B7:05:D5:8E:2A:03:D7:CE:EC:34:BE:CE:AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L4uPCTTyU7cF1Y4qA9fO7DS-zqo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AA26F/7A1F1C204C2B11E8996BAD28C4F9AE02/FF35666AC43911EBB9FFFC34C4F9AE02.roa
Signing time: Fri 12 May 2023 18:07:15 +0000
ROA not before: Fri 12 May 2023 18:07:15 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 38237
IP address blocks: 123.253.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5028 (0x13a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AA26F/serialNumber=2F8B8F0934F253B705D58E2A03D7CEEC34BECEAA
Validity
Not Before: May 12 18:07:15 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=645e8052-296d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:48:32:c6:14:e7:2e:60:54:f1:b5:be:02:97:
a1:98:df:ac:a5:c6:d1:d7:17:0d:b8:2f:4d:6e:6b:
11:31:cd:36:85:29:b2:47:02:46:b0:7b:ce:3e:ed:
46:77:7f:1d:44:b5:fa:2f:86:ee:84:f6:a6:7d:1e:
83:9c:69:4b:0e:08:87:22:f0:e7:16:84:2b:ce:4b:
88:eb:e8:56:82:b5:bd:d1:2f:c9:66:48:21:e3:20:
30:18:81:0b:2e:7e:00:43:32:d8:b1:91:3a:2b:43:
98:ad:0c:ae:06:4b:6e:fd:de:c0:46:69:18:ff:eb:
28:f9:ad:a8:81:85:a7:aa:2a:c5:0f:33:53:14:98:
32:94:d6:c3:17:3c:dd:2a:3b:1f:c2:bd:5e:71:87:
07:d1:6a:fe:2a:ed:7a:3d:47:3b:a5:47:4a:ef:86:
45:e5:3f:b2:57:2c:e4:cb:d2:c5:8f:b6:88:a4:a5:
d3:9b:2c:48:67:91:48:4b:1e:73:94:d5:6a:11:d0:
29:38:b7:a0:ca:b5:08:10:31:74:11:8d:25:56:5e:
1d:6f:c0:3e:92:ec:e1:25:7b:76:5c:1e:b0:4a:30:
7b:15:e5:62:38:5e:7e:02:9f:46:0b:8d:6d:4a:da:
a8:a3:69:8a:0b:ed:3b:81:f9:78:68:b2:fa:10:8e:
b6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D6:CD:BB:B6:B0:A2:80:A1:E7:31:8E:85:8D:66:BF:39:2D:AF:31
X509v3 Authority Key Identifier:
keyid:2F:8B:8F:09:34:F2:53:B7:05:D5:8E:2A:03:D7:CE:EC:34:BE:CE:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AA26F/7A1F1C204C2B11E8996BAD28C4F9AE02/L4uPCTTyU7cF1Y4qA9fO7DS-zqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L4uPCTTyU7cF1Y4qA9fO7DS-zqo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA26F/7A1F1C204C2B11E8996BAD28C4F9AE02/FF35666AC43911EBB9FFFC34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.253.104.0/24
Signature Algorithm: sha256WithRSAEncryption
49:db:4f:e5:7e:eb:b3:a7:ed:a1:e8:47:2a:3e:32:e6:51:f0:
b1:37:9c:36:c9:a3:0f:91:fa:fe:95:dc:a2:76:ae:2e:27:9b:
f6:20:38:de:11:93:64:f9:8c:70:a9:09:b6:9a:33:53:04:2f:
67:13:ac:10:1b:50:9b:18:73:45:c3:71:f4:dc:f2:e8:82:3a:
3f:f4:64:1e:c5:c4:49:48:0f:d8:4c:fa:63:24:e6:c3:20:8e:
66:a9:84:d7:79:00:a9:76:ff:dd:e7:77:13:22:31:31:57:8f:
64:19:5d:87:ef:4a:8c:3e:2e:d2:5c:a3:07:67:7e:f1:c0:4a:
67:73:dc:f2:1a:ac:9a:42:e8:52:b2:e7:7b:77:d0:f7:69:d7:
5e:f2:ce:7e:70:3a:db:3d:a0:5f:e1:66:a5:67:0a:93:6c:28:
22:07:c1:b2:b9:84:d7:4c:1f:ba:42:5f:42:a2:75:61:d8:cd:
3b:30:b0:14:95:a2:59:dc:6d:ae:ff:17:90:b9:2e:33:04:3d:
02:8f:b7:93:60:b9:81:21:f6:d6:4b:58:96:54:01:f0:37:16:
f4:b0:5c:74:84:c6:96:fc:5a:20:f3:ce:92:de:77:bc:50:28:
c2:e4:07:d1:94:85:aa:78:d3:b2:d3:34:ad:d1:d6:1c:9e:d6:
60:58:36:d9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICE6QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUEyNkYxMTAvBgNVBAUTKDJGOEI4RjA5MzRGMjUzQjcwNUQ1OEUyQTAzRDdDRUVD
MzRCRUNFQUEwHhcNMjMwNTEyMTgwNzE1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDVlODA1Mi0yOTZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmkgyxhTnLmBU8bW+ApehmN+spcbR1xcNuC9NbmsRMc02hSmyRwJGsHvOPu1G
d38dRLX6L4buhPamfR6DnGlLDgiHIvDnFoQrzkuI6+hWgrW90S/JZkgh4yAwGIEL
Ln4AQzLYsZE6K0OYrQyuBktu/d7ARmkY/+so+a2ogYWnqirFDzNTFJgylNbDFzzd
Kjsfwr1ecYcH0Wr+Ku16PUc7pUdK74ZF5T+yVyzky9LFj7aIpKXTmyxIZ5FISx5z
lNVqEdApOLegyrUIEDF0EY0lVl4db8A+kuzhJXt2XB6wSjB7FeViOF5+Ap9GC41t
Stqoo2mKC+07gfl4aLL6EI62eQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDfWzbu2
sKKAoecxjoWNZr85La8xMB8GA1UdIwQYMBaAFC+Ljwk08lO3BdWOKgPXzuw0vs6q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTI2Ri83QTFGMUMyMDRD
MkIxMUU4OTk2QkFEMjhDNEY5QUUwMi9MNHVQQ1RUeVU3Y0YxWTRxQTlmTzdEUy16
cW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0w0dVBDVFR5VTdjRjFZNHFBOWZPN0RTLXpxby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUEyNkYvN0ExRjFDMjA0QzJCMTFFODk5NkJBRDI4QzRGOUFFMDIvRkYzNTY2NkFD
NDM5MTFFQkI5RkZGQzM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB7/WgwDQYJKoZIhvcNAQELBQADggEBAEnbT+V+67On7aHo
Ryo+MuZR8LE3nDbJow+R+v6V3KJ2ri4nm/YgON4Rk2T5jHCpCbaaM1MEL2cTrBAb
UJsYc0XDcfTc8uiCOj/0ZB7FxElID9hM+mMk5sMgjmaphNd5AKl2/93ndxMiMTFX
j2QZXYfvSow+LtJcowdnfvHASmdz3PIarJpC6FKy53t30Pdp117yzn5wOts9oF/h
ZqVnCpNsKCIHwbK5hNdMH7pCX0KidWHYzTswsBSVolncba7/F5C5LjMEPQKPt5Ng
uYEh9tZLWJZUAfA3FvSwXHSExpb8WiDzzpLed7xQKMLkB9GUhap407LTNK3R1hye
1mBYNtk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org