Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/F4FD274C892211EC88B4E72CC4F9AE02.roa
File:                     F4FD274C892211EC88B4E72CC4F9AE02.roa (raw, json)
Hash identifier:          5h9ko5CKmYqW3caNPwmLrb1D6Czmp8jkYBL31DsBaWQ=
Subject key identifier:   9A:CF:7D:B7:D7:0A:5F:AA:B4:2D:4B:E5:AF:11:2A:90:54:CD:2A:06
Certificate issuer:       /CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
Certificate serial:       0AC7
Authority key identifier: E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/F4FD274C892211EC88B4E72CC4F9AE02.roa
Signing time:             Thu 21 Jul 2022 04:45:49 +0000
ROA not before:           Thu 21 Jul 2022 04:45:49 +0000
ROA not after:            Mon 31 Oct 2022 00:00:00 +0000
asID:                     9790
IP address blocks:        60.234.0.0/16 maxlen: 20
                          101.98.0.0/16 maxlen: 16
                          110.44.16.0/22 maxlen: 24
                          119.224.0.0/17 maxlen: 20
                          119.224.128.0/20 maxlen: 20
                          121.98.0.0/15 maxlen: 20
                          124.197.0.0/18 maxlen: 20
                          202.49.82.0/24 maxlen: 24
                          202.49.244.0/22 maxlen: 24
                          202.50.170.0/24 maxlen: 24
                          202.53.176.0/20 maxlen: 20
                          202.89.128.0/19 maxlen: 20
                          202.150.96.0/20 maxlen: 20
                          202.150.112.0/20 maxlen: 20
                          202.180.64.0/18 maxlen: 20
                          202.180.79.0/24 maxlen: 24
                          202.189.160.0/20 maxlen: 20
                          202.191.32.0/20 maxlen: 20
                          203.100.208.0/20 maxlen: 20
                          203.160.112.0/20 maxlen: 20
                          203.184.0.0/18 maxlen: 20
                          2400:4800::/32 maxlen: 32
                          2402:6000::/32 maxlen: 32
                          2402:8200::/32 maxlen: 32
                          2404:4400::/28 maxlen: 36

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2759 (0xac7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
        Validity
            Not Before: Jul 21 04:45:49 2022 GMT
            Not After : Oct 31 00:00:00 2022 GMT
        Subject: CN=62d8d9fd-2ebb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:9a:b5:2c:69:44:db:43:24:0d:05:14:24:5a:
                    c6:6c:61:a0:f3:c1:57:62:80:d2:a4:f5:60:71:c3:
                    2b:6a:54:b7:27:42:8f:38:97:f2:bf:62:17:ab:e5:
                    0c:83:b8:c9:c5:51:37:bc:88:cd:94:af:3b:59:a6:
                    a3:ef:41:eb:c9:ea:56:33:3c:9d:36:89:72:b0:4d:
                    bc:76:76:fb:54:4e:87:91:17:25:66:17:00:c5:a3:
                    a0:aa:4f:98:77:cf:45:91:20:d9:9d:de:d1:4a:3a:
                    01:c0:4d:b2:14:0d:7e:8d:cb:92:b4:a2:17:79:ae:
                    b7:b8:bc:ce:32:24:43:76:c1:de:30:a2:87:60:4d:
                    85:46:02:82:71:07:90:0e:f0:cf:d5:d9:5c:05:ff:
                    96:90:53:07:09:2a:80:1a:43:97:9f:f6:e5:d2:a5:
                    8b:6f:a7:66:06:e4:94:2d:c0:66:3a:c5:58:81:08:
                    7d:cf:04:9e:92:83:99:6d:93:a6:f9:cc:8f:70:67:
                    3c:54:9d:88:2e:89:f5:aa:b0:40:94:21:d0:2f:75:
                    be:bf:df:4c:ab:38:e3:f8:ed:b7:27:05:d4:26:17:
                    ed:de:cf:31:dc:4f:3c:2c:bc:47:cf:0b:fb:cb:af:
                    70:fc:99:61:51:cf:24:90:a1:a6:2c:4b:2a:d7:0a:
                    89:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:CF:7D:B7:D7:0A:5F:AA:B4:2D:4B:E5:AF:11:2A:90:54:CD:2A:06
            X509v3 Authority Key Identifier:
                keyid:E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/4R_pNwBqJdfGBaXkO0krKGxkmYw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/F4FD274C892211EC88B4E72CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.234.0.0/16
                  101.98.0.0/16
                  110.44.16.0/22
                  119.224.0.0-119.224.143.255
                  121.98.0.0/15
                  124.197.0.0/18
                  202.49.82.0/24
                  202.49.244.0/22
                  202.50.170.0/24
                  202.53.176.0/20
                  202.89.128.0/19
                  202.150.96.0/19
                  202.180.64.0/18
                  202.189.160.0/20
                  202.191.32.0/20
                  203.100.208.0/20
                  203.160.112.0/20
                  203.184.0.0/18
                IPv6:
                  2400:4800::/32
                  2402:6000::/32
                  2402:8200::/32
                  2404:4400::/28

    Signature Algorithm: sha256WithRSAEncryption
         5e:6d:cc:c8:ea:dd:75:45:28:9b:6b:ae:9c:ab:1f:c1:6d:31:
         cc:2f:4a:5e:32:98:67:20:db:d1:9f:dc:5a:46:a2:cb:a9:4d:
         c1:fc:65:5e:9c:64:28:5a:6a:03:ec:8c:45:7d:6f:63:7d:d6:
         96:35:7b:0d:4d:79:12:ee:a4:3d:f0:b4:71:e6:4e:2d:85:9a:
         14:e3:e1:1a:79:a8:51:f9:29:06:c5:8b:c7:f3:f1:2b:57:d8:
         ba:59:c5:f8:68:37:7b:1e:67:05:e5:bc:d7:bd:68:bd:74:87:
         25:ae:be:06:29:1b:77:c3:67:2a:b9:60:0f:77:ef:66:f6:ff:
         36:94:e0:a2:1e:5c:c8:a8:40:49:35:a1:33:bf:3f:29:f3:4e:
         73:54:f9:b1:31:eb:16:82:5f:b4:7a:bb:17:f5:6b:e8:a5:b6:
         09:f0:e3:37:ce:31:6a:5e:5a:33:8c:4f:46:8e:a8:b6:0a:e2:
         c4:14:e3:96:96:51:27:82:6c:2f:07:26:b9:6f:f9:3e:6a:25:
         60:11:c6:e2:d5:1b:c6:96:3f:24:f6:ee:f3:41:9e:f4:35:ba:
         0c:9a:f8:da:8b:ea:4a:0c:ac:54:f4:f9:25:ae:87:d9:8c:cd:
         52:5e:fb:b2:e4:d3:44:3c:c2:24:32:33:02:f8:88:c8:25:97:
         e3:0d:d3:4e
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICCscwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUUwQzQxMTAvBgNVBAUTKEUxMUZFOTM3MDA2QTI1RDdDNjA1QTVFNDNCNDkyQjI4
NkM2NDk5OEMwHhcNMjIwNzIxMDQ0NTQ5WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmQ4ZDlmZC0yZWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsJq1LGlE20MkDQUUJFrGbGGg88FXYoDSpPVgccMralS3J0KPOJfyv2IXq+UM
g7jJxVE3vIjNlK87Waaj70HryepWMzydNolysE28dnb7VE6HkRclZhcAxaOgqk+Y
d89FkSDZnd7RSjoBwE2yFA1+jcuStKIXea63uLzOMiRDdsHeMKKHYE2FRgKCcQeQ
DvDP1dlcBf+WkFMHCSqAGkOXn/bl0qWLb6dmBuSULcBmOsVYgQh9zwSekoOZbZOm
+cyPcGc8VJ2ILon1qrBAlCHQL3W+v99Mqzjj+O23JwXUJhft3s8x3E88LLxHzwv7
y69w/JlhUc8kkKGmLEsq1wqJ4QIDAQABo4IDJjCCAyIwHQYDVR0OBBYEFJrPfbfX
Cl+qtC1L5a8RKpBUzSoGMB8GA1UdIwQYMBaAFOEf6TcAaiXXxgWl5DtJKyhsZJmM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTBDNC82QTlFM0JEOEYx
NDcxMUU5OUE5QUI3MTJDNEY5QUUwMi80Ul9wTndCcUpkZkdCYVhrTzBrcktHeGtt
WXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRSX3BOd0JxSmRmR0JhWGtPMGtyS0d4a21Zdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUUwQzQvNkE5RTNCRDhGMTQ3MTFFOTlBOUFCNzEyQzRGOUFFMDIvRjRGRDI3NEM4
OTIyMTFFQzg4QjRFNzJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga8GCCsGAQUFBwEHAQH/
BIGfMIGcMHYEAgABMHADAwA86gMDAGViAwQCbiwQMAsDAwV34AMEBHfggAMDAXli
AwQGfMUAAwQAyjFSAwQCyjH0AwQAyjKqAwQEyjWwAwQFylmAAwQFypZgAwQGyrRA
AwQEyr2gAwQEyr8gAwQEy2TQAwQEy6BwAwQGy7gAMCIEAgACMBwDBQAkAEgAAwUA
JAJgAAMFACQCggADBQQkBEQAMA0GCSqGSIb3DQEBCwUAA4IBAQBebczI6t11RSib
a66cqx/BbTHML0peMphnINvRn9xaRqLLqU3B/GVenGQoWmoD7IxFfW9jfdaWNXsN
TXkS7qQ98LRx5k4thZoU4+EaeahR+SkGxYvH8/ErV9i6WcX4aDd7HmcF5bzXvWi9
dIclrr4GKRt3w2cquWAPd+9m9v82lOCiHlzIqEBJNaEzvz8p805zVPmxMesWgl+0
ersX9WvopbYJ8OM3zjFqXlozjE9Gjqi2CuLEFOOWllEngmwvBya5b/k+aiVgEcbi
1RvGlj8k9u7zQZ70NboMmvjai+pKDKxU9PklrofZjM1SXvuy5NNEPMIkMjMC+IjI
JZfjDdNO
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org