Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/F4FD274C892211EC88B4E72CC4F9AE02.roa
File: F4FD274C892211EC88B4E72CC4F9AE02.roa (raw, json)
Hash identifier: 5h9ko5CKmYqW3caNPwmLrb1D6Czmp8jkYBL31DsBaWQ=
Subject key identifier: 9A:CF:7D:B7:D7:0A:5F:AA:B4:2D:4B:E5:AF:11:2A:90:54:CD:2A:06
Certificate issuer: /CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
Certificate serial: 0AC7
Authority key identifier: E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/F4FD274C892211EC88B4E72CC4F9AE02.roa
Signing time: Thu 21 Jul 2022 04:45:49 +0000
ROA not before: Thu 21 Jul 2022 04:45:49 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 9790
IP address blocks: 60.234.0.0/16 maxlen: 20
101.98.0.0/16 maxlen: 16
110.44.16.0/22 maxlen: 24
119.224.0.0/17 maxlen: 20
119.224.128.0/20 maxlen: 20
121.98.0.0/15 maxlen: 20
124.197.0.0/18 maxlen: 20
202.49.82.0/24 maxlen: 24
202.49.244.0/22 maxlen: 24
202.50.170.0/24 maxlen: 24
202.53.176.0/20 maxlen: 20
202.89.128.0/19 maxlen: 20
202.150.96.0/20 maxlen: 20
202.150.112.0/20 maxlen: 20
202.180.64.0/18 maxlen: 20
202.180.79.0/24 maxlen: 24
202.189.160.0/20 maxlen: 20
202.191.32.0/20 maxlen: 20
203.100.208.0/20 maxlen: 20
203.160.112.0/20 maxlen: 20
203.184.0.0/18 maxlen: 20
2400:4800::/32 maxlen: 32
2402:6000::/32 maxlen: 32
2402:8200::/32 maxlen: 32
2404:4400::/28 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2759 (0xac7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
Validity
Not Before: Jul 21 04:45:49 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=62d8d9fd-2ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9a:b5:2c:69:44:db:43:24:0d:05:14:24:5a:
c6:6c:61:a0:f3:c1:57:62:80:d2:a4:f5:60:71:c3:
2b:6a:54:b7:27:42:8f:38:97:f2:bf:62:17:ab:e5:
0c:83:b8:c9:c5:51:37:bc:88:cd:94:af:3b:59:a6:
a3:ef:41:eb:c9:ea:56:33:3c:9d:36:89:72:b0:4d:
bc:76:76:fb:54:4e:87:91:17:25:66:17:00:c5:a3:
a0:aa:4f:98:77:cf:45:91:20:d9:9d:de:d1:4a:3a:
01:c0:4d:b2:14:0d:7e:8d:cb:92:b4:a2:17:79:ae:
b7:b8:bc:ce:32:24:43:76:c1:de:30:a2:87:60:4d:
85:46:02:82:71:07:90:0e:f0:cf:d5:d9:5c:05:ff:
96:90:53:07:09:2a:80:1a:43:97:9f:f6:e5:d2:a5:
8b:6f:a7:66:06:e4:94:2d:c0:66:3a:c5:58:81:08:
7d:cf:04:9e:92:83:99:6d:93:a6:f9:cc:8f:70:67:
3c:54:9d:88:2e:89:f5:aa:b0:40:94:21:d0:2f:75:
be:bf:df:4c:ab:38:e3:f8:ed:b7:27:05:d4:26:17:
ed:de:cf:31:dc:4f:3c:2c:bc:47:cf:0b:fb:cb:af:
70:fc:99:61:51:cf:24:90:a1:a6:2c:4b:2a:d7:0a:
89:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:CF:7D:B7:D7:0A:5F:AA:B4:2D:4B:E5:AF:11:2A:90:54:CD:2A:06
X509v3 Authority Key Identifier:
keyid:E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/4R_pNwBqJdfGBaXkO0krKGxkmYw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/F4FD274C892211EC88B4E72CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
60.234.0.0/16
101.98.0.0/16
110.44.16.0/22
119.224.0.0-119.224.143.255
121.98.0.0/15
124.197.0.0/18
202.49.82.0/24
202.49.244.0/22
202.50.170.0/24
202.53.176.0/20
202.89.128.0/19
202.150.96.0/19
202.180.64.0/18
202.189.160.0/20
202.191.32.0/20
203.100.208.0/20
203.160.112.0/20
203.184.0.0/18
IPv6:
2400:4800::/32
2402:6000::/32
2402:8200::/32
2404:4400::/28
Signature Algorithm: sha256WithRSAEncryption
5e:6d:cc:c8:ea:dd:75:45:28:9b:6b:ae:9c:ab:1f:c1:6d:31:
cc:2f:4a:5e:32:98:67:20:db:d1:9f:dc:5a:46:a2:cb:a9:4d:
c1:fc:65:5e:9c:64:28:5a:6a:03:ec:8c:45:7d:6f:63:7d:d6:
96:35:7b:0d:4d:79:12:ee:a4:3d:f0:b4:71:e6:4e:2d:85:9a:
14:e3:e1:1a:79:a8:51:f9:29:06:c5:8b:c7:f3:f1:2b:57:d8:
ba:59:c5:f8:68:37:7b:1e:67:05:e5:bc:d7:bd:68:bd:74:87:
25:ae:be:06:29:1b:77:c3:67:2a:b9:60:0f:77:ef:66:f6:ff:
36:94:e0:a2:1e:5c:c8:a8:40:49:35:a1:33:bf:3f:29:f3:4e:
73:54:f9:b1:31:eb:16:82:5f:b4:7a:bb:17:f5:6b:e8:a5:b6:
09:f0:e3:37:ce:31:6a:5e:5a:33:8c:4f:46:8e:a8:b6:0a:e2:
c4:14:e3:96:96:51:27:82:6c:2f:07:26:b9:6f:f9:3e:6a:25:
60:11:c6:e2:d5:1b:c6:96:3f:24:f6:ee:f3:41:9e:f4:35:ba:
0c:9a:f8:da:8b:ea:4a:0c:ac:54:f4:f9:25:ae:87:d9:8c:cd:
52:5e:fb:b2:e4:d3:44:3c:c2:24:32:33:02:f8:88:c8:25:97:
e3:0d:d3:4e
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICCscwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUUwQzQxMTAvBgNVBAUTKEUxMUZFOTM3MDA2QTI1RDdDNjA1QTVFNDNCNDkyQjI4
NkM2NDk5OEMwHhcNMjIwNzIxMDQ0NTQ5WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmQ4ZDlmZC0yZWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsJq1LGlE20MkDQUUJFrGbGGg88FXYoDSpPVgccMralS3J0KPOJfyv2IXq+UM
g7jJxVE3vIjNlK87Waaj70HryepWMzydNolysE28dnb7VE6HkRclZhcAxaOgqk+Y
d89FkSDZnd7RSjoBwE2yFA1+jcuStKIXea63uLzOMiRDdsHeMKKHYE2FRgKCcQeQ
DvDP1dlcBf+WkFMHCSqAGkOXn/bl0qWLb6dmBuSULcBmOsVYgQh9zwSekoOZbZOm
+cyPcGc8VJ2ILon1qrBAlCHQL3W+v99Mqzjj+O23JwXUJhft3s8x3E88LLxHzwv7
y69w/JlhUc8kkKGmLEsq1wqJ4QIDAQABo4IDJjCCAyIwHQYDVR0OBBYEFJrPfbfX
Cl+qtC1L5a8RKpBUzSoGMB8GA1UdIwQYMBaAFOEf6TcAaiXXxgWl5DtJKyhsZJmM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTBDNC82QTlFM0JEOEYx
NDcxMUU5OUE5QUI3MTJDNEY5QUUwMi80Ul9wTndCcUpkZkdCYVhrTzBrcktHeGtt
WXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRSX3BOd0JxSmRmR0JhWGtPMGtyS0d4a21Zdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUUwQzQvNkE5RTNCRDhGMTQ3MTFFOTlBOUFCNzEyQzRGOUFFMDIvRjRGRDI3NEM4
OTIyMTFFQzg4QjRFNzJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga8GCCsGAQUFBwEHAQH/
BIGfMIGcMHYEAgABMHADAwA86gMDAGViAwQCbiwQMAsDAwV34AMEBHfggAMDAXli
AwQGfMUAAwQAyjFSAwQCyjH0AwQAyjKqAwQEyjWwAwQFylmAAwQFypZgAwQGyrRA
AwQEyr2gAwQEyr8gAwQEy2TQAwQEy6BwAwQGy7gAMCIEAgACMBwDBQAkAEgAAwUA
JAJgAAMFACQCggADBQQkBEQAMA0GCSqGSIb3DQEBCwUAA4IBAQBebczI6t11RSib
a66cqx/BbTHML0peMphnINvRn9xaRqLLqU3B/GVenGQoWmoD7IxFfW9jfdaWNXsN
TXkS7qQ98LRx5k4thZoU4+EaeahR+SkGxYvH8/ErV9i6WcX4aDd7HmcF5bzXvWi9
dIclrr4GKRt3w2cquWAPd+9m9v82lOCiHlzIqEBJNaEzvz8p805zVPmxMesWgl+0
ersX9WvopbYJ8OM3zjFqXlozjE9Gjqi2CuLEFOOWllEngmwvBya5b/k+aiVgEcbi
1RvGlj8k9u7zQZ70NboMmvjai+pKDKxU9PklrofZjM1SXvuy5NNEPMIkMjMC+IjI
JZfjDdNO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:04 2023 by rpki-client on console-fra.rpki-client.org