Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFF35/D1FF58321D8911E2B3006AE308B02CD2/FE33B958FC0F11EA9FFA082BC4F9AE02.roa
File: FE33B958FC0F11EA9FFA082BC4F9AE02.roa (raw, json)
Hash identifier: ZEX3ZCaEVAZCkU2wjMsD8CBPu08E45PeYBxgM16nsXs=
Subject key identifier: 26:91:F6:AA:24:66:89:BA:3D:E5:C9:AC:1F:FD:EF:A8:12:C9:EC:C5
Certificate issuer: /CN=A91AFF35/serialNumber=8FE55F941DEAB3492DF0CE6AB11551B55DDCD861
Certificate serial: 32C9
Authority key identifier: 8F:E5:5F:94:1D:EA:B3:49:2D:F0:CE:6A:B1:15:51:B5:5D:DC:D8:61
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/j-VflB3qs0kt8M5qsRVRtV3c2GE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AFF35/D1FF58321D8911E2B3006AE308B02CD2/FE33B958FC0F11EA9FFA082BC4F9AE02.roa
Signing time: Fri 04 Nov 2022 14:40:27 +0000
ROA not before: Fri 04 Nov 2022 14:40:27 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 17971
IP address blocks: 49.236.192.0/20 maxlen: 24
103.17.168.0/22 maxlen: 24
112.137.160.0/20 maxlen: 24
119.110.96.0/20 maxlen: 24
202.71.96.0/20 maxlen: 24
202.75.32.0/20 maxlen: 24
202.75.48.0/20 maxlen: 24
210.48.144.0/20 maxlen: 24
218.100.22.0/24 maxlen: 24
2401:b000::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13001 (0x32c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AFF35/serialNumber=8FE55F941DEAB3492DF0CE6AB11551B55DDCD861
Validity
Not Before: Nov 4 14:40:27 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=6365245b-45c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:da:04:ae:a4:db:24:c4:11:0e:2d:5f:38:fc:
4c:bd:a1:77:8f:ae:19:5c:03:12:04:a2:a5:ba:2c:
9a:55:70:e2:4f:de:55:a9:4f:f5:b9:30:cf:0b:5c:
6b:23:97:11:4a:1a:3f:6a:75:7e:db:69:41:2a:94:
ed:c6:5c:3b:f4:0f:54:6e:24:a5:87:40:22:d2:92:
06:04:93:df:67:f0:2f:b4:93:02:e0:d7:ba:7c:c3:
4f:92:1e:d0:f7:65:2a:97:51:12:3b:67:0b:b9:98:
ef:8b:e8:6d:4e:60:87:9a:d9:3a:e5:69:b0:95:f8:
4c:e3:f8:f2:6c:1c:7c:0e:67:dc:84:64:9d:b0:21:
75:f2:be:e1:f0:47:f2:02:f8:b7:ff:83:86:e5:71:
36:0e:de:60:7b:b4:cd:57:6b:c9:60:cc:34:a4:b1:
aa:5a:45:45:69:d8:36:91:34:d9:bf:da:f0:07:f7:
c0:0e:ae:08:18:f9:4a:f1:81:c2:b7:c6:b3:58:41:
bd:8f:81:b6:00:fd:9b:62:c4:9f:71:23:62:a4:64:
22:38:4a:20:64:7f:55:53:35:49:99:99:22:ad:d5:
34:47:89:9f:c5:be:79:db:3b:28:1f:4b:61:66:df:
66:08:82:bf:47:c3:b8:5f:d8:c9:a6:b3:98:fc:db:
0e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:91:F6:AA:24:66:89:BA:3D:E5:C9:AC:1F:FD:EF:A8:12:C9:EC:C5
X509v3 Authority Key Identifier:
keyid:8F:E5:5F:94:1D:EA:B3:49:2D:F0:CE:6A:B1:15:51:B5:5D:DC:D8:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AFF35/D1FF58321D8911E2B3006AE308B02CD2/j-VflB3qs0kt8M5qsRVRtV3c2GE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/j-VflB3qs0kt8M5qsRVRtV3c2GE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFF35/D1FF58321D8911E2B3006AE308B02CD2/FE33B958FC0F11EA9FFA082BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.236.192.0/20
103.17.168.0/22
112.137.160.0/20
119.110.96.0/20
202.71.96.0/20
202.75.32.0/19
210.48.144.0/20
218.100.22.0/24
IPv6:
2401:b000::/32
Signature Algorithm: sha256WithRSAEncryption
b7:f9:a7:c4:00:a5:cc:6e:b6:5b:15:e4:3a:07:cb:87:7c:80:
49:d5:41:97:8a:66:30:dd:c6:fc:4e:04:6e:a1:26:16:d6:d9:
15:f0:04:9e:b5:50:54:8c:dc:c3:04:42:00:2c:a2:02:65:5b:
da:4a:1e:00:2a:be:66:3a:d1:7d:94:54:1e:ab:be:ab:fe:25:
61:90:ad:ad:53:d3:6e:dc:84:be:e0:9c:a4:91:87:25:56:bd:
ba:bc:fe:1d:7e:f3:99:ec:84:19:89:43:82:13:3e:52:5a:a8:
09:e4:a2:2f:01:61:62:69:30:e9:26:81:80:98:df:12:34:43:
20:39:68:07:96:14:89:fb:40:5f:0a:32:29:d4:e3:a3:f6:70:
86:72:33:c8:ef:be:13:11:61:91:96:78:c0:40:af:7d:59:4a:
20:29:34:3b:11:6b:c9:20:1c:ab:e8:80:73:92:5e:ac:74:87:
4c:e7:f4:6a:5f:dd:00:7c:0b:3a:43:dc:b9:e8:ac:35:03:48:
9b:1e:53:a3:f5:4f:8b:a0:47:1b:19:62:07:d5:a3:6e:1c:9f:
4c:20:a1:9d:70:45:60:80:21:4b:b6:ea:43:9b:74:de:c7:7c:
6a:a9:93:3c:e7:b4:28:44:ec:46:5c:58:73:9a:f6:41:6a:2c:
c9:74:5a:a9
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICMskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUZGMzUxMTAvBgNVBAUTKDhGRTU1Rjk0MURFQUIzNDkyREYwQ0U2QUIxMTU1MUI1
NUREQ0Q4NjEwHhcNMjIxMTA0MTQ0MDI3WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzY1MjQ1Yi00NWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAytoErqTbJMQRDi1fOPxMvaF3j64ZXAMSBKKluiyaVXDiT95VqU/1uTDPC1xr
I5cRSho/anV+22lBKpTtxlw79A9UbiSlh0Ai0pIGBJPfZ/AvtJMC4Ne6fMNPkh7Q
92Uql1ESO2cLuZjvi+htTmCHmtk65WmwlfhM4/jybBx8DmfchGSdsCF18r7h8Efy
Avi3/4OG5XE2Dt5ge7TNV2vJYMw0pLGqWkVFadg2kTTZv9rwB/fADq4IGPlK8YHC
t8azWEG9j4G2AP2bYsSfcSNipGQiOEogZH9VUzVJmZkirdU0R4mfxb552zsoH0th
Zt9mCIK/R8O4X9jJprOY/NsOFwIDAQABo4ICzjCCAsowHQYDVR0OBBYEFCaR9qok
Zom6PeXJrB/976gSyezFMB8GA1UdIwQYMBaAFI/lX5Qd6rNJLfDOarEVUbVd3Nhh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRkYzNS9EMUZGNTgzMjFE
ODkxMUUyQjMwMDZBRTMwOEIwMkNEMi9qLVZmbEIzcXMwa3Q4TTVxc1JWUnRWM2My
R0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2otVmZsQjNxczBrdDhNNXFzUlZSdFYzYzJHRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUZGMzUvRDFGRjU4MzIxRDg5MTFFMkIzMDA2QUUzMDhCMDJDRDIvRkUzM0I5NThG
QzBGMTFFQTlGRkEwODJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWAYIKwYBBQUHAQcBAf8E
STBHMDYEAgABMDADBAQx7MADBAJnEagDBARwiaADBAR3bmADBATKR2ADBAXKSyAD
BATSMJADBADaZBYwDQQCAAIwBwMFACQBsAAwDQYJKoZIhvcNAQELBQADggEBALf5
p8QApcxutlsV5DoHy4d8gEnVQZeKZjDdxvxOBG6hJhbW2RXwBJ61UFSM3MMEQgAs
ogJlW9pKHgAqvmY60X2UVB6rvqv+JWGQra1T027chL7gnKSRhyVWvbq8/h1+85ns
hBmJQ4ITPlJaqAnkoi8BYWJpMOkmgYCY3xI0QyA5aAeWFIn7QF8KMinU46P2cIZy
M8jvvhMRYZGWeMBAr31ZSiApNDsRa8kgHKvogHOSXqx0h0zn9Gpf3QB8CzpD3Lno
rDUDSJseU6P1T4ugRxsZYgfVo24cn0wgoZ1wRWCAIUu26kObdN7HfGqpkzzntChE
7EZcWHOa9kFqLMl0Wqk=
-----END CERTIFICATE-----
Generated at Mon Aug 21 19:19:41 2023 by rpki-client on console-fra.rpki-client.org