Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/625D7B2608BB11EDA1354C10C4F9AE02.roa
File: 625D7B2608BB11EDA1354C10C4F9AE02.roa (raw, json)
Hash identifier: w01jNNV4Bf74y7yEDXS9lIpJwCrgk5UFQnloLukQCww=
Subject key identifier: 5B:04:41:9F:14:9E:43:72:E0:0F:07:4E:DC:CA:8F:E6:AF:F2:27:B8
Certificate issuer: /CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
Certificate serial: 0B2F
Authority key identifier: E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/625D7B2608BB11EDA1354C10C4F9AE02.roa
Signing time: Sun 28 Aug 2022 19:56:17 +0000
ROA not before: Sun 28 Aug 2022 19:56:17 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 9790
IP address blocks: 60.234.0.0/16 maxlen: 20
101.98.0.0/16 maxlen: 16
110.44.16.0/22 maxlen: 24
119.224.0.0/17 maxlen: 20
119.224.128.0/20 maxlen: 20
121.98.0.0/15 maxlen: 20
124.197.0.0/18 maxlen: 20
202.49.82.0/24 maxlen: 24
202.49.244.0/22 maxlen: 24
202.50.170.0/24 maxlen: 24
202.53.176.0/20 maxlen: 20
202.89.128.0/19 maxlen: 20
202.150.96.0/20 maxlen: 20
202.150.112.0/20 maxlen: 20
202.180.64.0/18 maxlen: 20
202.189.160.0/20 maxlen: 20
202.191.32.0/20 maxlen: 20
203.100.208.0/20 maxlen: 20
203.160.112.0/20 maxlen: 20
203.184.0.0/18 maxlen: 20
2400:4800::/32 maxlen: 32
2402:6000::/32 maxlen: 32
2402:8200::/32 maxlen: 32
2404:4400::/28 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2863 (0xb2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
Validity
Not Before: Aug 28 19:56:17 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=630bc861-bfe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:59:b7:6d:29:fd:cd:6e:bb:91:ae:75:24:ef:
fa:76:4a:b7:b6:94:43:84:60:61:27:21:2f:7e:e7:
dd:25:37:bd:c5:d8:9a:84:f4:d5:1c:3a:48:d0:45:
4e:4d:12:28:eb:cc:9a:b9:14:53:b7:0b:12:53:35:
8f:1f:4c:c4:65:93:95:42:50:92:76:be:97:ae:92:
ba:cc:36:54:c0:45:a8:15:b6:eb:f4:18:79:4b:ec:
60:b1:b2:29:5b:b1:7f:81:f5:e1:bf:b4:5a:ab:f9:
06:6e:1d:b5:3e:9d:1a:de:96:ab:92:3c:8b:7e:24:
1a:69:cc:53:e3:21:da:92:b4:71:41:b1:6f:9a:e1:
37:3c:47:36:52:e9:38:23:c1:8f:b6:84:47:4b:52:
ca:92:3b:10:0c:5a:06:11:0d:44:99:17:9d:b9:1a:
7a:62:e1:53:74:69:89:5f:7f:d5:34:40:47:eb:62:
ba:eb:e7:1b:35:f3:99:78:fe:04:fc:ac:4e:ec:b4:
2c:af:41:01:fa:4f:1b:68:58:2b:eb:af:23:be:b1:
7f:26:94:45:1b:75:f7:eb:83:77:b9:d5:fe:c2:3b:
18:d2:3d:89:5e:5e:bb:ec:3c:b9:20:91:f3:f6:b1:
b5:30:1e:e0:1a:d1:e5:ab:68:fc:3a:29:6c:ae:61:
7c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:04:41:9F:14:9E:43:72:E0:0F:07:4E:DC:CA:8F:E6:AF:F2:27:B8
X509v3 Authority Key Identifier:
keyid:E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/4R_pNwBqJdfGBaXkO0krKGxkmYw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/625D7B2608BB11EDA1354C10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
60.234.0.0/16
101.98.0.0/16
110.44.16.0/22
119.224.0.0-119.224.143.255
121.98.0.0/15
124.197.0.0/18
202.49.82.0/24
202.49.244.0/22
202.50.170.0/24
202.53.176.0/20
202.89.128.0/19
202.150.96.0/19
202.180.64.0/18
202.189.160.0/20
202.191.32.0/20
203.100.208.0/20
203.160.112.0/20
203.184.0.0/18
IPv6:
2400:4800::/32
2402:6000::/32
2402:8200::/32
2404:4400::/28
Signature Algorithm: sha256WithRSAEncryption
bf:85:65:31:21:0f:7e:9d:71:e1:12:d7:90:34:c1:65:a2:c9:
ac:dc:38:8c:da:5d:d1:ba:60:41:2b:dc:6d:6d:c6:a8:ec:71:
e3:cf:77:82:32:5b:8d:67:c5:cb:f1:e3:d3:c1:95:04:0b:96:
1d:b7:9e:73:5e:a7:96:ab:c5:19:62:98:ed:40:f5:d4:4e:3b:
86:4c:ce:e3:39:74:6c:ac:75:d2:73:6d:17:45:47:b4:c2:90:
c8:2e:c6:1f:04:56:c1:8e:6a:0d:60:f4:ee:1a:2a:12:c3:1a:
19:64:c5:7f:6f:59:95:2b:15:85:f0:db:e3:8c:25:56:83:01:
20:3e:34:84:7c:d5:b0:d1:df:ea:36:db:8e:1c:cc:55:9f:41:
9b:98:e1:51:f0:ce:8b:65:96:c8:3b:00:0f:8e:04:92:b5:f8:
c2:5e:d6:e2:a4:6b:fe:44:ab:f3:08:94:83:59:0e:0a:6d:00:
cb:78:a7:03:89:4a:68:e9:2a:86:b6:a4:13:fa:8d:9a:3c:3d:
a9:29:9d:50:99:c7:9d:03:3b:bc:f7:33:b6:b9:f6:1a:ec:6f:
95:6e:02:30:d9:e3:a7:b3:50:9c:ca:01:89:0d:4b:4e:ae:f0:
5d:36:63:e2:db:66:7d:f9:a0:d8:c9:42:56:d5:6b:bd:e9:5f:
9e:5d:8f:fd
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICCy8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUUwQzQxMTAvBgNVBAUTKEUxMUZFOTM3MDA2QTI1RDdDNjA1QTVFNDNCNDkyQjI4
NkM2NDk5OEMwHhcNMjIwODI4MTk1NjE3WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBiYzg2MS1iZmU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx1m3bSn9zW67ka51JO/6dkq3tpRDhGBhJyEvfufdJTe9xdiahPTVHDpI0EVO
TRIo68yauRRTtwsSUzWPH0zEZZOVQlCSdr6XrpK6zDZUwEWoFbbr9Bh5S+xgsbIp
W7F/gfXhv7Raq/kGbh21Pp0a3parkjyLfiQaacxT4yHakrRxQbFvmuE3PEc2Uuk4
I8GPtoRHS1LKkjsQDFoGEQ1EmReduRp6YuFTdGmJX3/VNEBH62K66+cbNfOZeP4E
/KxO7LQsr0EB+k8baFgr668jvrF/JpRFG3X364N3udX+wjsY0j2JXl677Dy5IJHz
9rG1MB7gGtHlq2j8OilsrmF8QwIDAQABo4IDJjCCAyIwHQYDVR0OBBYEFFsEQZ8U
nkNy4A8HTtzKj+av8ie4MB8GA1UdIwQYMBaAFOEf6TcAaiXXxgWl5DtJKyhsZJmM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTBDNC82QTlFM0JEOEYx
NDcxMUU5OUE5QUI3MTJDNEY5QUUwMi80Ul9wTndCcUpkZkdCYVhrTzBrcktHeGtt
WXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRSX3BOd0JxSmRmR0JhWGtPMGtyS0d4a21Zdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUUwQzQvNkE5RTNCRDhGMTQ3MTFFOTlBOUFCNzEyQzRGOUFFMDIvNjI1RDdCMjYw
OEJCMTFFREExMzU0QzEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga8GCCsGAQUFBwEHAQH/
BIGfMIGcMHYEAgABMHADAwA86gMDAGViAwQCbiwQMAsDAwV34AMEBHfggAMDAXli
AwQGfMUAAwQAyjFSAwQCyjH0AwQAyjKqAwQEyjWwAwQFylmAAwQFypZgAwQGyrRA
AwQEyr2gAwQEyr8gAwQEy2TQAwQEy6BwAwQGy7gAMCIEAgACMBwDBQAkAEgAAwUA
JAJgAAMFACQCggADBQQkBEQAMA0GCSqGSIb3DQEBCwUAA4IBAQC/hWUxIQ9+nXHh
EteQNMFlosms3DiM2l3RumBBK9xtbcao7HHjz3eCMluNZ8XL8ePTwZUEC5Ydt55z
XqeWq8UZYpjtQPXUTjuGTM7jOXRsrHXSc20XRUe0wpDILsYfBFbBjmoNYPTuGioS
wxoZZMV/b1mVKxWF8NvjjCVWgwEgPjSEfNWw0d/qNtuOHMxVn0GbmOFR8M6LZZbI
OwAPjgSStfjCXtbipGv+RKvzCJSDWQ4KbQDLeKcDiUpo6SqGtqQT+o2aPD2pKZ1Q
mcedAzu89zO2ufYa7G+VbgIw2eOns1CcygGJDUtOrvBdNmPi22Z9+aDYyUJW1Wu9
6V+eXY/9
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org