Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/3DBA580CFEA011E9A9780E7FC4F9AE02.roa
File: 3DBA580CFEA011E9A9780E7FC4F9AE02.roa (raw, json)
Hash identifier: aIPLyPJZGPMZIcHrcDkRjOKnGt+REFHnfIqOeAod8Wc=
Subject key identifier: FF:CE:02:1B:2E:3A:73:AF:45:F1:73:58:4F:BA:AA:B9:A2:DC:67:0B
Certificate issuer: /CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
Certificate serial: 0B2C
Authority key identifier: E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/3DBA580CFEA011E9A9780E7FC4F9AE02.roa
Signing time: Sun 28 Aug 2022 19:56:14 +0000
ROA not before: Sun 28 Aug 2022 19:56:14 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 55561
IP address blocks: 43.243.60.0/22 maxlen: 24
103.38.164.0/22 maxlen: 24
202.180.99.0/24 maxlen: 24
202.180.101.0/24 maxlen: 24
202.180.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2860 (0xb2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
Validity
Not Before: Aug 28 19:56:14 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=630bc85e-8c3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:86:b9:83:db:08:59:6c:10:6d:64:2f:44:ac:
d7:d5:b6:f2:45:09:00:e2:9c:43:64:d1:31:72:4a:
fe:f9:23:a4:3f:5c:88:89:62:7e:54:8a:fc:a6:0f:
4c:dd:b3:46:eb:23:f1:d4:98:3b:df:f0:00:30:ad:
44:eb:c5:fb:3f:60:68:8a:3c:47:ec:23:99:2d:8d:
d2:09:af:4e:66:de:f0:0b:c9:0d:33:f7:98:f5:ca:
26:56:ae:83:96:b6:15:c5:1e:c4:36:08:81:eb:96:
66:dd:29:63:4d:3d:0a:01:a9:90:f6:5d:56:a1:74:
84:02:e9:d5:6d:bc:ac:0a:6d:f0:39:e6:ae:c4:71:
22:cf:5d:ad:fa:f9:41:0d:3c:c3:5c:f4:66:5c:b3:
95:cb:ce:6d:cf:d2:11:62:57:67:9d:71:12:f0:76:
b3:6c:d7:38:4f:7b:3a:13:b8:ed:6b:cb:88:a6:fc:
c8:dd:30:9a:ef:ad:e0:9a:ce:f7:ab:6b:44:9c:cd:
40:4e:52:68:b6:60:f8:e4:c2:8e:00:33:2b:54:ae:
0e:b0:15:0c:3f:46:84:f0:c7:9c:10:13:7b:76:a9:
ab:af:81:25:78:03:25:cc:92:2e:28:3f:a8:dd:84:
69:b3:47:a9:ca:01:4e:b2:5b:41:95:fb:c1:fb:0b:
3c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CE:02:1B:2E:3A:73:AF:45:F1:73:58:4F:BA:AA:B9:A2:DC:67:0B
X509v3 Authority Key Identifier:
keyid:E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/4R_pNwBqJdfGBaXkO0krKGxkmYw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/3DBA580CFEA011E9A9780E7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.60.0/22
103.38.164.0/22
202.180.99.0/24
202.180.101.0-202.180.102.255
Signature Algorithm: sha256WithRSAEncryption
34:8a:72:c2:07:a1:e4:be:a5:f0:34:f5:68:7e:35:02:2a:c6:
dd:1d:2c:9c:4d:12:ca:13:be:e7:63:43:51:df:8b:b1:98:f8:
5a:2d:ff:29:b9:44:4d:85:35:95:7b:69:07:92:b7:10:f9:d3:
f0:d4:64:44:ab:e1:56:2e:c6:a8:34:08:cb:24:97:05:eb:7d:
9b:c1:d5:51:57:79:66:68:2c:53:e9:34:b7:6e:8f:15:3c:02:
4a:c9:19:ca:ab:0f:05:dd:0e:bb:92:89:0c:1b:8c:4a:4a:d1:
c6:76:34:39:6b:80:1f:3d:66:cd:28:26:c2:03:20:3e:ce:b4:
59:06:10:ae:0d:b6:8e:b2:0e:bb:b2:70:78:d7:c0:92:db:f3:
b3:36:ff:be:65:a8:cc:54:37:08:d5:f3:14:e3:e7:92:c0:65:
cc:11:1c:08:3c:c9:68:ab:7c:04:46:90:4d:a0:c7:11:4a:d3:
2c:08:5d:bf:ad:d4:82:25:51:e8:dd:8a:b2:d0:2c:07:f2:da:
6e:ad:73:8b:60:7d:6c:d2:1e:ee:34:08:ea:11:62:1a:bd:6b:
05:b9:04:8e:ce:a6:59:5b:b9:8d:9e:5b:4c:58:74:9a:46:ea:
1e:b1:8a:77:d5:c0:ed:16:1e:91:3c:6d:c7:ef:0e:6d:f2:b8:
02:da:dd:9f
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICCywwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUUwQzQxMTAvBgNVBAUTKEUxMUZFOTM3MDA2QTI1RDdDNjA1QTVFNDNCNDkyQjI4
NkM2NDk5OEMwHhcNMjIwODI4MTk1NjE0WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBiYzg1ZS04YzNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsYa5g9sIWWwQbWQvRKzX1bbyRQkA4pxDZNExckr++SOkP1yIiWJ+VIr8pg9M
3bNG6yPx1Jg73/AAMK1E68X7P2BoijxH7COZLY3SCa9OZt7wC8kNM/eY9comVq6D
lrYVxR7ENgiB65Zm3SljTT0KAamQ9l1WoXSEAunVbbysCm3wOeauxHEiz12t+vlB
DTzDXPRmXLOVy85tz9IRYldnnXES8HazbNc4T3s6E7jta8uIpvzI3TCa763gms73
q2tEnM1ATlJotmD45MKOADMrVK4OsBUMP0aE8MecEBN7dqmrr4EleAMlzJIuKD+o
3YRps0epygFOsltBlfvB+ws8JQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFP/OAhsu
OnOvRfFzWE+6qrmi3GcLMB8GA1UdIwQYMBaAFOEf6TcAaiXXxgWl5DtJKyhsZJmM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTBDNC82QTlFM0JEOEYx
NDcxMUU5OUE5QUI3MTJDNEY5QUUwMi80Ul9wTndCcUpkZkdCYVhrTzBrcktHeGtt
WXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRSX3BOd0JxSmRmR0JhWGtPMGtyS0d4a21Zdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUUwQzQvNkE5RTNCRDhGMTQ3MTFFOTlBOUFCNzEyQzRGOUFFMDIvM0RCQTU4MENG
RUEwMTFFOUE5NzgwRTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAIr8zwDBAJnJqQDBADKtGMwDAMEAMq0ZQMEAMq0ZjANBgkq
hkiG9w0BAQsFAAOCAQEANIpywgeh5L6l8DT1aH41AirG3R0snE0SyhO+52NDUd+L
sZj4Wi3/KblETYU1lXtpB5K3EPnT8NRkRKvhVi7GqDQIyySXBet9m8HVUVd5Zmgs
U+k0t26PFTwCSskZyqsPBd0Ou5KJDBuMSkrRxnY0OWuAHz1mzSgmwgMgPs60WQYQ
rg22jrIOu7JweNfAktvzszb/vmWozFQ3CNXzFOPnksBlzBEcCDzJaKt8BEaQTaDH
EUrTLAhdv63UgiVR6N2KstAsB/Labq1zi2B9bNIe7jQI6hFiGr1rBbkEjs6mWVu5
jZ5bTFh0mkbqHrGKd9XA7RYekTxtx+8ObfK4Atrdnw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:01 2023 by rpki-client on console-ams.rpki-client.org