Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC0D1/EB450A1EA75A11E9A2A3B64EC4F9AE02/2AEFA722A76111E9A3157F5EC4F9AE02.roa
File: 2AEFA722A76111E9A3157F5EC4F9AE02.roa (raw, json)
Hash identifier: ijAokxjfwal69drr4/oDk6XdfmFU6z9utRZOytPzEus=
Subject key identifier: D8:45:00:98:D5:87:C4:3C:BB:F3:38:3E:13:DB:52:26:E6:33:65:17
Certificate issuer: /CN=A91AC0D1/serialNumber=E93831CCD93F3CCB562D50AF383E9FDA64F7943A
Certificate serial: 098E
Authority key identifier: E9:38:31:CC:D9:3F:3C:CB:56:2D:50:AF:38:3E:9F:DA:64:F7:94:3A
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6TgxzNk_PMtWLVCvOD6f2mT3lDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AC0D1/EB450A1EA75A11E9A2A3B64EC4F9AE02/2AEFA722A76111E9A3157F5EC4F9AE02.roa
Signing time: Tue 02 Nov 2021 07:44:52 +0000
ROA not before: Tue 02 Nov 2021 07:44:52 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 7645
IP address blocks: 128.184.0.0/16 maxlen: 16
139.132.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2446 (0x98e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AC0D1/serialNumber=E93831CCD93F3CCB562D50AF383E9FDA64F7943A
Validity
Not Before: Nov 2 07:44:52 2021 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=6180ec73-a634
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:dc:26:e4:b7:7e:e9:ce:40:00:b3:73:d0:d1:
ab:ed:04:8f:fd:78:89:ac:7a:20:8e:a5:7a:40:d8:
35:fa:fd:07:e6:8c:bc:92:76:e4:56:94:e6:f1:70:
dd:ff:08:7c:b0:99:73:60:19:2a:a0:f7:b2:2d:ce:
d1:9a:4d:d5:1d:94:92:86:1a:88:57:64:bf:8e:f1:
2b:4c:cb:99:3d:25:00:e2:35:8d:78:87:54:dd:36:
0a:b0:57:d6:f2:aa:7b:1c:93:db:0e:41:06:26:e7:
7a:c1:3a:b8:ea:76:29:e2:f7:e7:84:ac:96:21:ad:
02:95:59:88:30:cc:aa:18:52:19:08:8a:50:65:2e:
e5:41:9a:de:6d:75:2e:ab:c9:ae:c0:1c:93:e2:83:
c0:8c:0e:f1:ad:25:37:d0:ea:17:fa:ad:28:72:ce:
5c:a3:2c:87:a3:66:ce:20:a7:7b:de:ff:43:d0:78:
79:df:fb:e8:d4:65:7a:bf:f8:fd:83:da:88:96:54:
82:5d:20:f3:f1:77:fd:b7:7e:4a:46:ab:c5:3b:46:
2f:90:ae:2c:75:66:84:7e:c0:f7:ad:f4:ab:fe:1c:
88:db:4a:a5:08:1d:9c:0a:46:b1:f1:21:68:7a:e4:
51:32:06:ea:cd:bf:9b:1e:10:aa:66:30:8e:b0:39:
54:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:45:00:98:D5:87:C4:3C:BB:F3:38:3E:13:DB:52:26:E6:33:65:17
X509v3 Authority Key Identifier:
keyid:E9:38:31:CC:D9:3F:3C:CB:56:2D:50:AF:38:3E:9F:DA:64:F7:94:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AC0D1/EB450A1EA75A11E9A2A3B64EC4F9AE02/6TgxzNk_PMtWLVCvOD6f2mT3lDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6TgxzNk_PMtWLVCvOD6f2mT3lDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC0D1/EB450A1EA75A11E9A2A3B64EC4F9AE02/2AEFA722A76111E9A3157F5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
128.184.0.0/16
139.132.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c8:b6:92:57:8f:9e:72:fa:c8:f1:20:23:11:9f:a9:62:60:b5:
93:f6:70:60:89:e6:0e:ff:32:b8:21:87:86:34:91:5d:4e:1e:
4a:01:4c:b0:3e:e0:48:16:b3:eb:e5:aa:c1:69:1b:3e:27:a7:
16:70:c2:04:a4:7b:ba:29:30:fd:f6:52:e1:87:77:51:32:cd:
df:85:78:fe:c2:97:18:c9:88:2a:2a:81:0c:f7:7c:18:e9:0d:
5e:b0:f4:1f:f0:8e:db:0c:b6:83:70:91:5e:d0:2e:3d:11:84:
c2:42:99:ce:f1:73:cd:5d:07:0a:df:7b:13:0a:6c:13:05:a3:
ab:94:78:39:44:e7:3d:b8:76:9c:8a:f9:47:b7:2a:8f:ba:4c:
df:4a:b2:cb:56:18:41:8c:85:b1:73:03:77:d0:32:30:d5:72:
85:63:b2:f0:4d:f4:31:17:24:b2:8a:89:39:20:07:bc:4c:95:
12:74:be:ab:76:68:7f:bf:22:9c:f2:53:ea:c9:60:48:da:26:
5c:0d:da:1a:8b:de:0f:4c:da:0d:dd:72:3f:3b:0d:7a:f7:0a:
b6:fd:f0:1a:af:cb:7b:57:c0:5a:1e:d7:76:f7:e1:64:e5:cb:
51:5b:3b:cc:b3:02:9a:ce:83:32:15:a2:bf:d0:8f:f1:b5:91:
41:6e:e8:91
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgICCY4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUMwRDExMTAvBgNVBAUTKEU5MzgzMUNDRDkzRjNDQ0I1NjJENTBBRjM4M0U5RkRB
NjRGNzk0M0EwHhcNMjExMTAyMDc0NDUyWhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTgwZWM3My1hNjM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3dwm5Ld+6c5AALNz0NGr7QSP/XiJrHogjqV6QNg1+v0H5oy8knbkVpTm8XDd
/wh8sJlzYBkqoPeyLc7Rmk3VHZSShhqIV2S/jvErTMuZPSUA4jWNeIdU3TYKsFfW
8qp7HJPbDkEGJud6wTq46nYp4vfnhKyWIa0ClVmIMMyqGFIZCIpQZS7lQZrebXUu
q8muwByT4oPAjA7xrSU30OoX+q0ocs5coyyHo2bOIKd73v9D0Hh53/vo1GV6v/j9
g9qIllSCXSDz8Xf9t35KRqvFO0YvkK4sdWaEfsD3rfSr/hyI20qlCB2cCkax8SFo
euRRMgbqzb+bHhCqZjCOsDlUzwIDAQABo4ICmTCCApUwHQYDVR0OBBYEFNhFAJjV
h8Q8u/M4PhPbUibmM2UXMB8GA1UdIwQYMBaAFOk4MczZPzzLVi1Qrzg+n9pk95Q6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQzBEMS9FQjQ1MEExRUE3
NUExMUU5QTJBM0I2NEVDNEY5QUUwMi82VGd4ek5rX1BNdFdMVkN2T0Q2ZjJtVDNs
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzZUZ3h6TmtfUE10V0xWQ3ZPRDZmMm1UM2xEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUMwRDEvRUI0NTBBMUVBNzVBMTFFOUEyQTNCNjRFQzRGOUFFMDIvMkFFRkE3MjJB
NzYxMTFFOUEzMTU3RjVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIwYIKwYBBQUHAQcBAf8E
FDASMBAEAgABMAoDAwCAuAMDAIuEMA0GCSqGSIb3DQEBCwUAA4IBAQDItpJXj55y
+sjxICMRn6liYLWT9nBgieYO/zK4IYeGNJFdTh5KAUywPuBIFrPr5arBaRs+J6cW
cMIEpHu6KTD99lLhh3dRMs3fhXj+wpcYyYgqKoEM93wY6Q1esPQf8I7bDLaDcJFe
0C49EYTCQpnO8XPNXQcK33sTCmwTBaOrlHg5ROc9uHacivlHtyqPukzfSrLLVhhB
jIWxcwN30DIw1XKFY7LwTfQxFySyiok5IAe8TJUSdL6rdmh/vyKc8lPqyWBI2iZc
Ddoai94PTNoN3XI/Ow169wq2/fAar8t7V8BaHtd29+Fk5ctRWzvMswKazoMyFaK/
0I/xtZFBbuiR
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org