Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/F39B3DEC28B611ED8F055569C4F9AE02.roa
File: F39B3DEC28B611ED8F055569C4F9AE02.roa (raw, json)
Hash identifier: iDRlvivmkVDcxogPunzUzLpXc5ncSJtttc9bv6VIgSA=
Subject key identifier: 5B:17:38:76:50:3C:74:EB:81:E0:46:E1:4D:24:23:1F:47:31:BB:7E
Certificate issuer: /CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
Certificate serial: 0B37
Authority key identifier: E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/F39B3DEC28B611ED8F055569C4F9AE02.roa
Signing time: Tue 30 Aug 2022 22:56:16 +0000
ROA not before: Tue 30 Aug 2022 22:56:16 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 9790
IP address blocks: 60.234.0.0/16 maxlen: 20
101.98.0.0/16 maxlen: 16
110.44.16.0/22 maxlen: 24
119.224.0.0/17 maxlen: 20
119.224.128.0/20 maxlen: 20
121.98.0.0/15 maxlen: 20
124.197.0.0/18 maxlen: 20
202.49.244.0/22 maxlen: 24
202.50.170.0/24 maxlen: 24
202.53.176.0/20 maxlen: 20
202.89.128.0/19 maxlen: 20
202.150.96.0/20 maxlen: 20
202.150.112.0/20 maxlen: 20
202.180.64.0/18 maxlen: 20
202.189.160.0/20 maxlen: 20
202.191.32.0/20 maxlen: 20
203.100.208.0/20 maxlen: 20
203.160.112.0/20 maxlen: 20
203.184.0.0/18 maxlen: 20
2400:4800::/32 maxlen: 32
2402:6000::/32 maxlen: 32
2402:8200::/32 maxlen: 32
2404:4400::/28 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2871 (0xb37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
Validity
Not Before: Aug 30 22:56:16 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=630e958f-9ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a0:28:09:2a:76:46:77:c3:40:85:1d:4a:6f:
bf:82:31:02:0e:33:23:50:6d:5c:84:5b:b9:8d:39:
be:7b:64:20:64:e4:76:d3:73:7f:9a:71:d7:7c:ff:
4e:75:66:3f:65:2e:96:52:7f:95:42:7c:1b:4f:c9:
88:f2:f2:8a:dd:e3:84:51:e7:4b:b9:cf:42:6a:e5:
fd:b8:8d:e9:b1:1d:63:8c:7d:3d:3e:ad:e6:e3:4c:
b7:9d:30:27:d4:75:2c:ca:b6:a5:48:be:6f:9a:b6:
bf:6b:4f:66:4a:f0:a0:26:fb:05:31:15:1d:89:31:
94:78:87:c4:eb:c5:60:06:39:f2:ca:76:ee:51:a9:
ee:78:7b:c2:24:77:c0:12:82:4f:f7:8f:3c:17:6a:
17:6d:22:c6:37:2f:97:ed:bd:8d:85:33:d8:0c:7d:
dc:d2:88:00:4d:19:5c:bd:49:ae:84:46:ca:fe:b9:
c2:4a:12:38:7e:95:66:c1:66:ba:84:07:f3:a6:e8:
76:f3:a2:39:de:f2:62:60:96:65:8d:54:a4:07:a6:
a9:12:65:0c:cc:44:0f:18:be:6c:64:92:bf:cb:d6:
5d:7d:d8:d7:0c:38:3c:cd:de:6d:74:a2:89:2b:7e:
28:15:b8:22:70:f4:0c:c8:70:41:14:e0:99:74:e9:
b8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:17:38:76:50:3C:74:EB:81:E0:46:E1:4D:24:23:1F:47:31:BB:7E
X509v3 Authority Key Identifier:
keyid:E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/4R_pNwBqJdfGBaXkO0krKGxkmYw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/F39B3DEC28B611ED8F055569C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
60.234.0.0/16
101.98.0.0/16
110.44.16.0/22
119.224.0.0-119.224.143.255
121.98.0.0/15
124.197.0.0/18
202.49.244.0/22
202.50.170.0/24
202.53.176.0/20
202.89.128.0/19
202.150.96.0/19
202.180.64.0/18
202.189.160.0/20
202.191.32.0/20
203.100.208.0/20
203.160.112.0/20
203.184.0.0/18
IPv6:
2400:4800::/32
2402:6000::/32
2402:8200::/32
2404:4400::/28
Signature Algorithm: sha256WithRSAEncryption
7c:bf:68:5e:9c:12:88:af:45:97:de:d2:9d:b0:77:cf:bb:11:
e6:2f:e0:14:28:02:7a:49:7e:1c:f6:6a:17:0a:a4:8e:58:d0:
e5:29:00:fc:69:c2:ce:d4:7f:a1:6f:66:0b:f4:f1:ff:55:e7:
31:40:11:32:67:39:0c:26:70:5e:56:1a:07:ab:85:95:70:90:
f9:e2:a1:b4:c1:e6:84:c5:e6:af:fc:a2:33:fc:d5:7d:6a:c4:
ed:bb:e5:bb:45:25:04:0f:a9:b5:66:b0:dd:a0:d1:a4:30:10:
95:a0:fd:c3:f9:31:23:67:b9:e6:c3:c6:a0:b3:c1:15:51:14:
2a:92:30:d2:56:aa:24:bd:d2:2d:e2:98:4d:a3:70:c4:be:81:
b1:68:df:6f:75:c4:b2:23:23:53:72:6e:c8:f1:ee:6e:a4:c4:
98:9f:a6:e4:f8:88:63:0e:24:db:7d:0c:98:ee:43:ea:72:9c:
fa:9d:9b:cc:05:a4:ac:45:ad:94:cc:0a:c5:0a:d5:f7:45:9c:
3d:be:de:42:c0:16:a0:03:fc:2e:ad:d8:c1:6c:a5:dc:06:0e:
f3:62:1a:e0:f6:77:3e:85:dc:59:6f:f8:5d:50:b1:d7:a4:b9:
ff:6e:52:a6:be:5b:fb:79:9e:81:51:06:4d:47:24:d9:95:d7:
1c:ad:66:32
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgICCzcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUUwQzQxMTAvBgNVBAUTKEUxMUZFOTM3MDA2QTI1RDdDNjA1QTVFNDNCNDkyQjI4
NkM2NDk5OEMwHhcNMjIwODMwMjI1NjE2WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBlOTU4Zi05ZmY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsaAoCSp2RnfDQIUdSm+/gjECDjMjUG1chFu5jTm+e2QgZOR203N/mnHXfP9O
dWY/ZS6WUn+VQnwbT8mI8vKK3eOEUedLuc9CauX9uI3psR1jjH09Pq3m40y3nTAn
1HUsyralSL5vmra/a09mSvCgJvsFMRUdiTGUeIfE68VgBjnyynbuUanueHvCJHfA
EoJP9488F2oXbSLGNy+X7b2NhTPYDH3c0ogATRlcvUmuhEbK/rnCShI4fpVmwWa6
hAfzpuh286I53vJiYJZljVSkB6apEmUMzEQPGL5sZJK/y9ZdfdjXDDg8zd5tdKKJ
K34oFbgicPQMyHBBFOCZdOm4owIDAQABo4IDIDCCAxwwHQYDVR0OBBYEFFsXOHZQ
PHTrgeBG4U0kIx9HMbt+MB8GA1UdIwQYMBaAFOEf6TcAaiXXxgWl5DtJKyhsZJmM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTBDNC82QTlFM0JEOEYx
NDcxMUU5OUE5QUI3MTJDNEY5QUUwMi80Ul9wTndCcUpkZkdCYVhrTzBrcktHeGtt
WXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRSX3BOd0JxSmRmR0JhWGtPMGtyS0d4a21Zdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUUwQzQvNkE5RTNCRDhGMTQ3MTFFOTlBOUFCNzEyQzRGOUFFMDIvRjM5QjNERUMy
OEI2MTFFRDhGMDU1NTY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgakGCCsGAQUFBwEHAQH/
BIGZMIGWMHAEAgABMGoDAwA86gMDAGViAwQCbiwQMAsDAwV34AMEBHfggAMDAXli
AwQGfMUAAwQCyjH0AwQAyjKqAwQEyjWwAwQFylmAAwQFypZgAwQGyrRAAwQEyr2g
AwQEyr8gAwQEy2TQAwQEy6BwAwQGy7gAMCIEAgACMBwDBQAkAEgAAwUAJAJgAAMF
ACQCggADBQQkBEQAMA0GCSqGSIb3DQEBCwUAA4IBAQB8v2henBKIr0WX3tKdsHfP
uxHmL+AUKAJ6SX4c9moXCqSOWNDlKQD8acLO1H+hb2YL9PH/VecxQBEyZzkMJnBe
VhoHq4WVcJD54qG0weaExeav/KIz/NV9asTtu+W7RSUED6m1ZrDdoNGkMBCVoP3D
+TEjZ7nmw8ags8EVURQqkjDSVqokvdIt4phNo3DEvoGxaN9vdcSyIyNTcm7I8e5u
pMSYn6bk+IhjDiTbfQyY7kPqcpz6nZvMBaSsRa2UzArFCtX3RZw9vt5CwBagA/wu
rdjBbKXcBg7zYhrg9nc+hdxZb/hdULHXpLn/blKmvlv7eZ6BUQZNRyTZldccrWYy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:01 2023 by rpki-client on console-ams.rpki-client.org