Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE0C4/63A92766F14711E99A9AB712C4F9AE02/8AE5B17600E911EA81B7A65DC4F9AE02.roa
File: 8AE5B17600E911EA81B7A65DC4F9AE02.roa (raw, json)
Hash identifier: DPFOIEN7FwN4oEKWo/qrOK6fWDXtv+R8dlVPrZ4duKc=
Subject key identifier: DA:46:2E:98:2B:2A:5D:9C:27:38:98:34:C6:50:8A:AF:52:38:F1:C6
Certificate issuer: /CN=A91AE0C4/serialNumber=412B480176124E0884602689602C2AE574F0B876
Certificate serial: 0ACE
Authority key identifier: 41:2B:48:01:76:12:4E:08:84:60:26:89:60:2C:2A:E5:74:F0:B8:76
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QStIAXYSTgiEYCaJYCwq5XTwuHY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE0C4/63A92766F14711E99A9AB712C4F9AE02/8AE5B17600E911EA81B7A65DC4F9AE02.roa
Signing time: Sun 28 Aug 2022 19:55:56 +0000
ROA not before: Sun 28 Aug 2022 19:55:56 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 132264
IP address blocks: 131.203.8.0/21 maxlen: 24
131.203.16.0/22 maxlen: 24
131.203.20.0/22 maxlen: 24
131.203.24.0/22 maxlen: 24
131.203.160.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2766 (0xace)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE0C4/serialNumber=412B480176124E0884602689602C2AE574F0B876
Validity
Not Before: Aug 28 19:55:56 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=630bc84c-fb0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fb:b1:fa:35:a4:89:e9:6d:d1:d4:4a:83:0c:
b9:4d:b3:a1:77:3b:f1:b6:88:33:19:dd:fa:ed:16:
dc:77:c6:f1:4d:b4:f4:5c:8c:2f:d0:dd:e8:e2:34:
b7:32:1a:d2:b5:e2:93:79:d8:6b:ad:9f:14:b7:24:
55:61:43:21:4d:b4:4c:27:c3:bb:88:8d:43:c0:c3:
8c:30:3d:db:68:c0:22:78:b5:0a:3c:c6:7b:cb:40:
fa:3c:41:11:2b:8c:74:c3:c5:e3:d4:3f:a8:db:91:
34:a6:4d:7a:c6:ae:b0:41:c2:55:05:d9:8e:55:bc:
ee:1a:ce:36:5d:d9:a0:b0:d8:02:b5:e3:52:2d:74:
63:05:f2:87:25:c8:45:b5:1e:cb:a2:67:a4:16:d7:
8f:f0:0a:7a:c1:75:74:07:97:ed:b9:17:ce:00:25:
04:61:46:d2:cc:5f:2e:da:a4:de:9d:1c:33:ec:b3:
9c:21:46:42:91:ac:db:90:10:58:6c:5a:67:00:f3:
71:26:91:ae:0b:e4:f4:a1:36:73:4a:0f:ab:21:4d:
5c:ff:24:0b:01:16:69:ad:2e:d9:b4:12:85:d1:ce:
6f:cd:a6:99:30:38:56:9b:35:11:1c:f5:ed:b8:e5:
22:e5:06:d5:bb:45:68:f1:0f:10:16:40:8c:73:fd:
40:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:46:2E:98:2B:2A:5D:9C:27:38:98:34:C6:50:8A:AF:52:38:F1:C6
X509v3 Authority Key Identifier:
keyid:41:2B:48:01:76:12:4E:08:84:60:26:89:60:2C:2A:E5:74:F0:B8:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/63A92766F14711E99A9AB712C4F9AE02/QStIAXYSTgiEYCaJYCwq5XTwuHY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QStIAXYSTgiEYCaJYCwq5XTwuHY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/63A92766F14711E99A9AB712C4F9AE02/8AE5B17600E911EA81B7A65DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
131.203.8.0-131.203.27.255
131.203.160.0/21
Signature Algorithm: sha256WithRSAEncryption
45:68:2a:1c:ad:22:00:af:3d:71:fb:24:5e:1f:cc:db:94:7d:
f4:f9:b3:1e:cc:6b:17:24:b0:e8:40:c8:7d:02:99:a8:bb:a3:
43:40:b0:36:35:91:72:89:21:87:bf:70:90:5f:49:36:77:a2:
b8:7c:29:05:3b:bd:6f:97:14:e6:76:28:42:b5:12:b7:23:13:
c9:3c:2f:8a:1f:dc:7d:4a:74:4b:7e:5b:15:93:b4:c8:76:fe:
83:f8:7a:05:88:87:02:25:da:e8:21:ce:37:02:87:e6:00:e1:
ec:88:12:2e:53:74:19:9a:d2:31:33:14:3f:97:f6:a5:73:c8:
8e:c0:da:db:e2:28:04:d3:43:fb:a2:29:bf:2f:64:33:02:5f:
58:ba:2b:5d:1c:80:35:b3:ae:a3:be:3c:e8:dc:1f:08:85:95:
6f:8e:2e:af:d6:e9:e1:70:25:32:cc:45:2e:c4:7d:e0:0d:7f:
a4:61:e0:6b:23:64:96:cf:56:eb:61:69:d9:e1:cc:73:ec:5a:
da:08:68:b5:e8:9f:b1:47:ad:a5:7d:e0:92:c0:99:65:f1:a6:
0b:d9:82:71:e4:24:5c:4c:cc:99:94:88:83:fa:d3:5b:7e:8f:
9a:81:63:78:d5:fc:5a:45:1b:29:a5:3e:c3:3a:87:06:41:48:
98:60:2e:82
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICCs4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUUwQzQxMTAvBgNVBAUTKDQxMkI0ODAxNzYxMjRFMDg4NDYwMjY4OTYwMkMyQUU1
NzRGMEI4NzYwHhcNMjIwODI4MTk1NTU2WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBiYzg0Yy1mYjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtfux+jWkielt0dRKgwy5TbOhdzvxtogzGd367Rbcd8bxTbT0XIwv0N3o4jS3
MhrSteKTedhrrZ8UtyRVYUMhTbRMJ8O7iI1DwMOMMD3baMAieLUKPMZ7y0D6PEER
K4x0w8Xj1D+o25E0pk16xq6wQcJVBdmOVbzuGs42XdmgsNgCteNSLXRjBfKHJchF
tR7LomekFteP8Ap6wXV0B5ftuRfOACUEYUbSzF8u2qTenRwz7LOcIUZCkazbkBBY
bFpnAPNxJpGuC+T0oTZzSg+rIU1c/yQLARZprS7ZtBKF0c5vzaaZMDhWmzURHPXt
uOUi5QbVu0Vo8Q8QFkCMc/1AnQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFNpGLpgr
Kl2cJziYNMZQiq9SOPHGMB8GA1UdIwQYMBaAFEErSAF2Ek4IhGAmiWAsKuV08Lh2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTBDNC82M0E5Mjc2NkYx
NDcxMUU5OUE5QUI3MTJDNEY5QUUwMi9RU3RJQVhZU1RnaUVZQ2FKWUN3cTVYVHd1
SFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1FTdElBWFlTVGdpRVlDYUpZQ3dxNVhUd3VIWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUUwQzQvNjNBOTI3NjZGMTQ3MTFFOTlBOUFCNzEyQzRGOUFFMDIvOEFFNUIxNzYw
MEU5MTFFQTgxQjdBNjVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEA4PLCAMEAoPLGAMEA4PLoDANBgkqhkiG9w0BAQsFAAOC
AQEARWgqHK0iAK89cfskXh/M25R99PmzHsxrFySw6EDIfQKZqLujQ0CwNjWRcokh
h79wkF9JNneiuHwpBTu9b5cU5nYoQrUStyMTyTwvih/cfUp0S35bFZO0yHb+g/h6
BYiHAiXa6CHONwKH5gDh7IgSLlN0GZrSMTMUP5f2pXPIjsDa2+IoBNND+6Ipvy9k
MwJfWLorXRyANbOuo7486NwfCIWVb44ur9bp4XAlMsxFLsR94A1/pGHgayNkls9W
62Fp2eHMc+xa2ghoteifsUetpX3gksCZZfGmC9mCceQkXEzMmZSIg/rTW36PmoFj
eNX8WkUbKaU+wzqHBkFImGAugg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org