Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/CB35D6EE00ED11EA9854BE6AC4F9AE02.roa
File: CB35D6EE00ED11EA9854BE6AC4F9AE02.roa (raw, json)
Hash identifier: SNiEqlsRdLAv6RcS4IPkSyxR3jAwHB+UGjcwSoT8iuw=
Subject key identifier: 97:0A:E1:3C:CA:18:DD:56:86:AF:91:69:E0:A5:67:F1:74:09:B1:43
Certificate issuer: /CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
Certificate serial: 0B2B
Authority key identifier: E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/CB35D6EE00ED11EA9854BE6AC4F9AE02.roa
Signing time: Sun 28 Aug 2022 19:56:13 +0000
ROA not before: Sun 28 Aug 2022 19:56:13 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 55454
IP address blocks: 182.23.176.0/21 maxlen: 24
202.50.246.0/24 maxlen: 24
2404:1c00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2859 (0xb2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
Validity
Not Before: Aug 28 19:56:13 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=630bc85c-eaa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:98:10:6a:28:d6:61:3e:80:88:88:a1:44:6b:
f6:ee:a1:d8:31:11:cd:51:fc:d6:59:17:50:36:50:
f2:21:8a:89:c4:3d:98:3d:75:2b:c3:75:43:15:24:
a6:7e:17:48:5b:6e:3e:84:d9:29:56:9b:d8:e9:c3:
fd:0a:c5:3f:6e:bc:92:c0:18:10:36:cf:59:88:13:
16:78:95:42:1c:2b:da:cd:b8:c0:27:75:0e:23:8c:
91:99:d7:53:70:36:87:cb:86:b2:8b:20:9f:9e:58:
b3:1d:d6:34:6a:ba:e4:37:40:9d:a0:01:75:22:38:
63:4e:5b:e0:12:69:cf:ff:e6:18:ab:83:e8:98:00:
60:f6:d1:e1:1a:e5:56:5d:3f:33:df:8f:31:0e:7b:
46:ed:08:19:5b:1d:9e:39:a8:c1:81:de:e7:7c:16:
d1:ac:76:40:cd:1b:3f:cc:31:b9:f1:f6:68:3d:db:
18:0d:05:ce:68:c5:77:69:61:b2:ad:2b:39:45:71:
ec:13:40:34:57:93:1f:41:25:8c:15:50:71:5a:34:
b7:22:2e:76:2f:3f:be:e3:fa:ca:6a:1c:b0:23:a2:
5b:18:79:99:79:d2:c9:f6:27:ad:af:b8:2e:aa:44:
d0:f4:99:bb:ec:48:da:5a:9a:5c:fa:51:5f:3c:27:
9d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:0A:E1:3C:CA:18:DD:56:86:AF:91:69:E0:A5:67:F1:74:09:B1:43
X509v3 Authority Key Identifier:
keyid:E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/4R_pNwBqJdfGBaXkO0krKGxkmYw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/CB35D6EE00ED11EA9854BE6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
182.23.176.0/21
202.50.246.0/24
IPv6:
2404:1c00::/32
Signature Algorithm: sha256WithRSAEncryption
b0:ec:61:c8:b6:dc:43:37:47:ce:90:76:ae:a4:d1:9a:40:4c:
69:4d:0c:e7:11:66:ba:78:dd:e4:10:b2:a2:40:a4:16:6b:0b:
89:e9:e1:79:ef:25:0a:e0:91:01:7d:d0:df:ff:d0:2b:95:37:
81:fe:06:8a:8b:73:2f:7c:f9:8a:49:73:19:b7:f1:25:92:60:
34:3d:81:27:02:86:eb:87:08:1f:c0:18:1a:07:db:b0:38:7b:
68:0c:77:34:ba:40:17:1f:a0:a3:f1:55:8b:8c:3c:b6:2f:b7:
c9:ae:c6:66:93:95:21:07:1d:52:26:88:b8:9d:5e:88:c1:82:
d0:06:5a:61:50:f9:9c:96:ad:1d:ba:d4:64:fe:52:1b:13:97:
79:c8:1a:f4:8e:34:d2:f4:ea:e0:b1:9b:5e:4d:d2:2e:a9:42:
17:a2:11:db:9b:0b:ba:e8:fc:cc:3d:d4:8c:47:2d:ee:e5:75:
99:7a:3d:34:14:38:0e:7d:a4:0b:60:e9:9d:2d:d9:8c:d7:f2:
3b:02:59:eb:b1:3f:e1:ca:ac:2d:31:df:74:8d:d2:b4:eb:fc:
a4:d3:90:14:3e:15:32:e6:bf:78:8c:cb:08:c4:a3:a4:fd:5f:
98:f0:09:89:06:2c:31:5b:a3:61:7f:02:b3:79:3c:e4:e1:95:
f4:e9:3c:1e
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCyswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUUwQzQxMTAvBgNVBAUTKEUxMUZFOTM3MDA2QTI1RDdDNjA1QTVFNDNCNDkyQjI4
NkM2NDk5OEMwHhcNMjIwODI4MTk1NjEzWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBiYzg1Yy1lYWEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvZgQaijWYT6AiIihRGv27qHYMRHNUfzWWRdQNlDyIYqJxD2YPXUrw3VDFSSm
fhdIW24+hNkpVpvY6cP9CsU/brySwBgQNs9ZiBMWeJVCHCvazbjAJ3UOI4yRmddT
cDaHy4ayiyCfnlizHdY0arrkN0CdoAF1IjhjTlvgEmnP/+YYq4PomABg9tHhGuVW
XT8z348xDntG7QgZWx2eOajBgd7nfBbRrHZAzRs/zDG58fZoPdsYDQXOaMV3aWGy
rSs5RXHsE0A0V5MfQSWMFVBxWjS3Ii52Lz++4/rKahywI6JbGHmZedLJ9ietr7gu
qkTQ9Jm77EjaWppc+lFfPCed6wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJcK4TzK
GN1Whq+RaeClZ/F0CbFDMB8GA1UdIwQYMBaAFOEf6TcAaiXXxgWl5DtJKyhsZJmM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTBDNC82QTlFM0JEOEYx
NDcxMUU5OUE5QUI3MTJDNEY5QUUwMi80Ul9wTndCcUpkZkdCYVhrTzBrcktHeGtt
WXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRSX3BOd0JxSmRmR0JhWGtPMGtyS0d4a21Zdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUUwQzQvNkE5RTNCRDhGMTQ3MTFFOTlBOUFCNzEyQzRGOUFFMDIvQ0IzNUQ2RUUw
MEVEMTFFQTk4NTRCRTZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAO2F7ADBADKMvYwDQQCAAIwBwMFACQEHAAwDQYJKoZIhvcN
AQELBQADggEBALDsYci23EM3R86Qdq6k0ZpATGlNDOcRZrp43eQQsqJApBZrC4np
4XnvJQrgkQF90N//0CuVN4H+BoqLcy98+YpJcxm38SWSYDQ9gScChuuHCB/AGBoH
27A4e2gMdzS6QBcfoKPxVYuMPLYvt8muxmaTlSEHHVImiLidXojBgtAGWmFQ+ZyW
rR261GT+UhsTl3nIGvSONNL06uCxm15N0i6pQheiEdubC7ro/Mw91IxHLe7ldZl6
PTQUOA59pAtg6Z0t2YzX8jsCWeuxP+HKrC0x33SN0rTr/KTTkBQ+FTLmv3iMywjE
o6T9X5jwCYkGLDFbo2F/ArN5POThlfTpPB4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org