Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0EF4/99E3491841D811ECBFB5FC78C4F9AE02/7563495E41DC11ECBDB44C82C4F9AE02.roa
File: 7563495E41DC11ECBDB44C82C4F9AE02.roa (raw, json)
Hash identifier: quw/KuMZb9bT1ostasMTBbify1KlTkKxqkcFcWt6Gks=
Subject key identifier: FD:C9:33:FC:AD:70:9A:6A:7D:17:81:9B:0C:2A:C2:AA:EC:50:0F:B7
Certificate issuer: /CN=A91B0EF4/serialNumber=0EAB3520F03859FC0BD2F4FB1B36D269BBEA4844
Certificate serial: 02
Authority key identifier: 0E:AB:35:20:F0:38:59:FC:0B:D2:F4:FB:1B:36:D2:69:BB:EA:48:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Dqs1IPA4WfwL0vT7GzbSabvqSEQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0EF4/99E3491841D811ECBFB5FC78C4F9AE02/7563495E41DC11ECBDB44C82C4F9AE02.roa
Signing time: Wed 10 Nov 2021 04:12:46 +0000
ROA not before: Wed 10 Nov 2021 04:12:46 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 133739
IP address blocks: 43.243.236.0/22 maxlen: 24
103.39.60.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0EF4/serialNumber=0EAB3520F03859FC0BD2F4FB1B36D269BBEA4844
Validity
Not Before: Nov 10 04:12:46 2021 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=618b46be-7615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:25:a9:b5:dc:69:22:ce:d0:b1:28:eb:0e:f1:
e2:29:dd:c6:1a:74:3c:9d:44:73:d8:22:b5:1e:1e:
59:61:af:90:d7:fb:f6:dd:4e:55:51:5a:38:e3:8e:
8d:41:9c:d9:82:60:21:6b:94:2f:bd:49:8b:14:2d:
b1:6b:6d:06:fa:5d:e6:4d:12:52:2c:91:4b:95:f3:
94:a4:4c:27:bb:94:f1:79:a6:ad:42:e8:fd:d2:f9:
4e:3d:72:a3:3f:5e:ce:aa:97:e3:7c:2f:1b:0b:35:
31:59:da:2d:8e:98:8f:9e:5f:b3:4c:1f:0a:c9:d8:
9b:85:83:67:d9:c2:76:71:ac:1f:3d:99:a3:30:a9:
62:63:fe:a2:98:c5:3c:ca:b3:da:32:5f:b5:62:c1:
72:9a:a7:b3:3b:32:2a:f4:63:02:e0:45:5f:e7:91:
75:74:d3:7a:aa:58:e5:73:ac:97:84:42:9f:3c:8c:
d5:3a:e0:34:0d:8b:2e:f9:17:82:47:b3:b4:86:75:
70:a8:c8:a5:79:51:20:3d:9a:33:83:71:53:47:ab:
f7:09:5a:fb:de:05:b6:25:05:40:79:9e:ef:31:23:
57:84:a1:b1:a0:1d:4f:9c:25:c0:e6:e7:f6:a5:91:
61:55:86:00:71:54:86:52:1b:db:71:9a:34:45:33:
7e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C9:33:FC:AD:70:9A:6A:7D:17:81:9B:0C:2A:C2:AA:EC:50:0F:B7
X509v3 Authority Key Identifier:
keyid:0E:AB:35:20:F0:38:59:FC:0B:D2:F4:FB:1B:36:D2:69:BB:EA:48:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0EF4/99E3491841D811ECBFB5FC78C4F9AE02/Dqs1IPA4WfwL0vT7GzbSabvqSEQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Dqs1IPA4WfwL0vT7GzbSabvqSEQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0EF4/99E3491841D811ECBFB5FC78C4F9AE02/7563495E41DC11ECBDB44C82C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.236.0/22
103.39.60.0/22
Signature Algorithm: sha256WithRSAEncryption
85:84:34:f1:e8:42:03:a7:f3:de:f4:70:05:55:01:fb:4b:b9:
2d:59:19:c7:31:ec:6d:74:92:17:dd:35:90:b6:a5:87:04:14:
a4:e8:48:2b:fe:35:70:b6:a0:cd:98:14:af:c7:af:99:cd:f3:
6f:ec:86:83:01:36:57:06:21:27:6c:9d:c6:e6:47:7c:3c:66:
96:6a:3f:42:fb:7f:fa:e9:4d:be:7b:ca:dc:a5:4b:12:3b:f6:
c5:5c:76:d7:2b:da:9c:18:19:b6:6b:38:09:85:72:0d:73:22:
7d:16:02:a3:47:db:47:86:c3:c0:cc:c1:c4:c3:33:de:f0:36:
7b:2a:1c:59:65:80:77:18:32:d5:46:18:56:96:a5:e5:7f:96:
07:8e:b7:2a:47:b2:02:58:c0:6c:53:4c:06:88:b1:ca:25:f3:
bd:0e:d2:3c:9a:4b:a8:69:d1:e5:10:47:a8:1a:7c:4c:f8:d7:
96:08:54:43:6a:7f:80:a2:ab:8c:3b:65:95:8c:b0:f4:36:b6:
44:1b:1a:54:7e:f4:ad:17:f1:e9:cd:aa:83:48:e0:34:0c:05:
5b:fb:e9:f5:db:0a:2e:da:77:b7:62:28:28:dd:17:fd:87:34:
cf:1c:52:70:84:79:dd:43:e3:d3:3c:09:ad:6a:99:a3:e7:af:
07:a5:f6:39
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
MEVGNDExMC8GA1UEBRMoMEVBQjM1MjBGMDM4NTlGQzBCRDJGNEZCMUIzNkQyNjlC
QkVBNDg0NDAeFw0yMTExMTAwNDEyNDZaFw0yMjEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxOGI0NmJlLTc2MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDpJam13GkiztCxKOsO8eIp3cYadDydRHPYIrUeHllhr5DX+/bdTlVRWjjjjo1B
nNmCYCFrlC+9SYsULbFrbQb6XeZNElIskUuV85SkTCe7lPF5pq1C6P3S+U49cqM/
Xs6ql+N8LxsLNTFZ2i2OmI+eX7NMHwrJ2JuFg2fZwnZxrB89maMwqWJj/qKYxTzK
s9oyX7ViwXKap7M7Mir0YwLgRV/nkXV003qqWOVzrJeEQp88jNU64DQNiy75F4JH
s7SGdXCoyKV5USA9mjODcVNHq/cJWvveBbYlBUB5nu8xI1eEobGgHU+cJcDm5/al
kWFVhgBxVIZSG9txmjRFM34bAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQU/ckz/K1w
mmp9F4GbDCrCquxQD7cwHwYDVR0jBBgwFoAUDqs1IPA4WfwL0vT7GzbSabvqSEQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIwRUY0Lzk5RTM0OTE4NDFE
ODExRUNCRkI1RkM3OEM0RjlBRTAyL0RxczFJUEE0V2Z3TDB2VDdHemJTYWJ2cVNF
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRHFzMUlQQTRXZndMMHZUN0d6YlNhYnZxU0VRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MEVGNC85OUUzNDkxODQxRDgxMUVDQkZCNUZDNzhDNEY5QUUwMi83NTYzNDk1RTQx
REMxMUVDQkRCNDRDODJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAivz7AMEAmcnPDANBgkqhkiG9w0BAQsFAAOCAQEAhYQ08ehC
A6fz3vRwBVUB+0u5LVkZxzHsbXSSF901kLalhwQUpOhIK/41cLagzZgUr8evmc3z
b+yGgwE2VwYhJ2ydxuZHfDxmlmo/Qvt/+ulNvnvK3KVLEjv2xVx21yvanBgZtms4
CYVyDXMifRYCo0fbR4bDwMzBxMMz3vA2eyocWWWAdxgy1UYYVpal5X+WB463Kkey
AljAbFNMBoixyiXzvQ7SPJpLqGnR5RBHqBp8TPjXlghUQ2p/gKKrjDtllYyw9Da2
RBsaVH70rRfx6c2qg0jgNAwFW/vp9dsKLtp3t2IoKN0X/Yc0zxxScIR53UPj0zwJ
rWqZo+evB6X2OQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org