Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC0D1/EB450A1EA75A11E9A2A3B64EC4F9AE02/DE83881AF21A11ECB3327130C4F9AE02.roa
File: DE83881AF21A11ECB3327130C4F9AE02.roa (raw, json)
Hash identifier: 8ie41c+jlqWHR+ID4GdugeT77CfLl5MNBFwOGmsqNiQ=
Subject key identifier: 90:2C:E1:B8:5A:EF:0A:E9:AD:65:61:E5:81:A2:86:AE:45:4B:86:DF
Certificate issuer: /CN=A91AC0D1/serialNumber=E93831CCD93F3CCB562D50AF383E9FDA64F7943A
Certificate serial: 0C44
Authority key identifier: E9:38:31:CC:D9:3F:3C:CB:56:2D:50:AF:38:3E:9F:DA:64:F7:94:3A
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6TgxzNk_PMtWLVCvOD6f2mT3lDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AC0D1/EB450A1EA75A11E9A2A3B64EC4F9AE02/DE83881AF21A11ECB3327130C4F9AE02.roa
Signing time: Wed 02 Nov 2022 19:05:44 +0000
ROA not before: Wed 02 Nov 2022 19:05:44 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 7645
IP address blocks: 128.184.0.0/16 maxlen: 24
139.132.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3140 (0xc44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AC0D1/serialNumber=E93831CCD93F3CCB562D50AF383E9FDA64F7943A
Validity
Not Before: Nov 2 19:05:44 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6362bf87-04eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cd:39:c2:92:75:92:58:47:4e:9d:c1:73:96:
51:90:b0:db:bf:53:10:0b:2a:ba:fc:21:55:5b:e8:
2e:4c:56:6d:63:76:4e:78:82:42:66:a3:d6:c4:f5:
5a:da:ad:f5:a9:83:bb:08:95:43:db:c4:e2:74:81:
47:e8:f7:63:41:9e:a4:82:4b:b3:02:d7:6d:f6:10:
ae:f2:a6:a5:5e:27:71:68:90:f5:d9:d6:46:8d:ec:
88:c7:17:cf:06:b1:70:b9:76:95:b8:3a:91:56:1c:
75:ba:93:e0:9d:29:4b:9b:32:81:79:c9:0b:d6:93:
2e:70:c6:70:e2:7a:4c:46:51:e7:4b:88:4e:29:2d:
ce:1b:a8:ec:27:f4:c2:78:59:49:41:f8:45:7b:e6:
a3:4b:c6:27:b6:c3:fe:36:65:f1:60:aa:48:65:f6:
bb:2b:d5:ea:23:fe:78:3e:51:22:16:9a:3d:46:43:
15:d9:31:53:37:bb:32:e1:64:64:7c:63:b0:1a:90:
54:53:89:73:6c:74:44:35:6f:14:a7:4e:75:37:33:
06:fe:46:7e:04:92:5e:ac:c7:c7:a4:72:ea:3f:72:
98:1f:8d:9d:95:8a:8e:fd:22:69:8b:91:f9:6e:c6:
d4:4c:79:e7:fc:36:6a:9c:61:7a:7e:1e:85:0a:61:
21:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:2C:E1:B8:5A:EF:0A:E9:AD:65:61:E5:81:A2:86:AE:45:4B:86:DF
X509v3 Authority Key Identifier:
keyid:E9:38:31:CC:D9:3F:3C:CB:56:2D:50:AF:38:3E:9F:DA:64:F7:94:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AC0D1/EB450A1EA75A11E9A2A3B64EC4F9AE02/6TgxzNk_PMtWLVCvOD6f2mT3lDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6TgxzNk_PMtWLVCvOD6f2mT3lDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC0D1/EB450A1EA75A11E9A2A3B64EC4F9AE02/DE83881AF21A11ECB3327130C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
128.184.0.0/16
139.132.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:76:82:a5:ab:e3:5c:2d:35:75:bf:44:1a:44:98:cd:72:c5:
f9:f5:f4:6e:bd:0a:69:90:c2:54:f7:b7:47:d4:3c:5c:c1:ee:
dc:3c:35:63:3a:d9:ea:ec:c2:9c:8d:74:da:45:c8:72:07:3c:
66:ce:80:8f:1e:5e:f6:9b:87:f5:fa:48:1f:54:09:3c:7c:53:
33:ad:40:82:aa:ae:4c:3f:a9:9b:0a:a2:38:8d:aa:7d:64:4c:
79:70:a5:4c:0e:44:d9:83:2d:8a:8f:2f:ff:fa:51:b1:45:61:
06:16:20:62:84:14:88:15:93:7c:03:51:f5:7a:b3:f6:b1:4a:
83:fa:b0:41:28:65:75:28:51:26:0f:02:77:8e:bc:d4:b3:9c:
0d:e3:0b:aa:93:18:24:ea:70:88:fd:96:e4:be:6c:39:1e:e5:
63:a6:27:e0:7a:a9:12:9e:9f:8a:0a:3d:96:ec:96:2a:fa:42:
1e:81:5d:2b:ae:36:57:c7:71:ed:77:76:35:58:0c:82:5a:c6:
96:d8:5e:99:34:08:bf:07:5f:21:ff:a4:58:05:12:34:e9:ff:
ac:6d:0f:ae:0b:a0:a1:83:db:28:c6:10:67:63:e9:78:73:d6:
86:d5:a2:a8:aa:6d:aa:88:e5:a1:77:b8:5f:be:ee:e4:45:6b:
03:cb:65:75
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgICDEQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUMwRDExMTAvBgNVBAUTKEU5MzgzMUNDRDkzRjNDQ0I1NjJENTBBRjM4M0U5RkRB
NjRGNzk0M0EwHhcNMjIxMTAyMTkwNTQ0WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzYyYmY4Ny0wNGViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApM05wpJ1klhHTp3Bc5ZRkLDbv1MQCyq6/CFVW+guTFZtY3ZOeIJCZqPWxPVa
2q31qYO7CJVD28TidIFH6PdjQZ6kgkuzAtdt9hCu8qalXidxaJD12dZGjeyIxxfP
BrFwuXaVuDqRVhx1upPgnSlLmzKBeckL1pMucMZw4npMRlHnS4hOKS3OG6jsJ/TC
eFlJQfhFe+ajS8YntsP+NmXxYKpIZfa7K9XqI/54PlEiFpo9RkMV2TFTN7sy4WRk
fGOwGpBUU4lzbHRENW8Up051NzMG/kZ+BJJerMfHpHLqP3KYH42dlYqO/SJpi5H5
bsbUTHnn/DZqnGF6fh6FCmEhYwIDAQABo4ICmTCCApUwHQYDVR0OBBYEFJAs4bha
7wrprWVh5YGihq5FS4bfMB8GA1UdIwQYMBaAFOk4MczZPzzLVi1Qrzg+n9pk95Q6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQzBEMS9FQjQ1MEExRUE3
NUExMUU5QTJBM0I2NEVDNEY5QUUwMi82VGd4ek5rX1BNdFdMVkN2T0Q2ZjJtVDNs
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzZUZ3h6TmtfUE10V0xWQ3ZPRDZmMm1UM2xEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUMwRDEvRUI0NTBBMUVBNzVBMTFFOUEyQTNCNjRFQzRGOUFFMDIvREU4Mzg4MUFG
MjFBMTFFQ0IzMzI3MTMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIwYIKwYBBQUHAQcBAf8E
FDASMBAEAgABMAoDAwCAuAMDAIuEMA0GCSqGSIb3DQEBCwUAA4IBAQCBdoKlq+Nc
LTV1v0QaRJjNcsX59fRuvQppkMJU97dH1Dxcwe7cPDVjOtnq7MKcjXTaRchyBzxm
zoCPHl72m4f1+kgfVAk8fFMzrUCCqq5MP6mbCqI4jap9ZEx5cKVMDkTZgy2Kjy//
+lGxRWEGFiBihBSIFZN8A1H1erP2sUqD+rBBKGV1KFEmDwJ3jrzUs5wN4wuqkxgk
6nCI/Zbkvmw5HuVjpifgeqkSnp+KCj2W7JYq+kIegV0rrjZXx3Htd3Y1WAyCWsaW
2F6ZNAi/B18h/6RYBRI06f+sbQ+uC6Chg9soxhBnY+l4c9aG1aKoqm2qiOWhd7hf
vu7kRWsDy2V1
-----END CERTIFICATE-----
Generated at Fri Nov 24 19:02:54 2023 by rpki-client on console-ams.rpki-client.org