Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7992/D61274EA3BCA11ECB3252B2CC4F9AE02/D25598703BCD11EC8086E031C4F9AE02.roa
File: D25598703BCD11EC8086E031C4F9AE02.roa (raw, json)
Hash identifier: 2ym+B1+qeLb6kkl5jbpY6GKlgUCknrq/VuGVpCut61A=
Subject key identifier: 27:CD:90:A8:5E:43:E9:3C:4E:CC:27:2D:4B:8A:EA:67:1B:00:7D:EF
Certificate issuer: /CN=A91B7992/serialNumber=4077216A31826A0A998A1E207FD824DDCBC7E70E
Certificate serial: 49
Authority key identifier: 40:77:21:6A:31:82:6A:0A:99:8A:1E:20:7F:D8:24:DD:CB:C7:E7:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHchajGCagqZih4gf9gk3cvH5w4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B7992/D61274EA3BCA11ECB3252B2CC4F9AE02/D25598703BCD11EC8086E031C4F9AE02.roa
Signing time: Mon 06 Dec 2021 04:01:55 +0000
ROA not before: Mon 06 Dec 2021 04:01:55 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 139640
IP address blocks: 43.225.28.0/22 maxlen: 22
103.44.20.0/22 maxlen: 22
103.44.20.0/24 maxlen: 24
103.44.21.0/24 maxlen: 24
103.44.22.0/24 maxlen: 24
103.44.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73 (0x49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B7992/serialNumber=4077216A31826A0A998A1E207FD824DDCBC7E70E
Validity
Not Before: Dec 6 04:01:55 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61ad8b32-8aa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:64:38:28:db:4f:03:41:3a:9b:51:8c:22:f5:
b0:b2:af:a4:39:98:5d:81:18:9a:f8:fe:b6:d1:e4:
d8:6a:00:2c:7f:33:46:37:48:0a:50:f4:bc:34:29:
47:04:77:b8:f2:1b:f1:7c:b4:92:99:30:89:4e:01:
1c:88:f0:5f:fd:d6:66:a9:37:e0:87:fc:3d:65:e7:
a1:8e:7b:ad:de:a6:7c:fc:3f:6d:3d:b5:ff:7b:e6:
c2:0c:8f:8a:cb:b5:60:0e:db:87:2e:05:a6:7f:a1:
c6:49:6a:0e:6e:dd:23:8c:58:fd:6f:05:c3:b9:8c:
27:d6:d3:16:95:26:28:35:be:65:35:7b:81:90:fb:
a5:e6:ed:fa:9f:65:2b:5d:c1:df:80:09:36:86:78:
9e:df:09:f8:8e:ec:48:7f:0f:c1:1c:0e:e0:bd:b1:
38:f2:5e:0d:b0:bb:e6:f0:d0:e2:6b:24:9f:19:af:
1e:2c:8a:5a:ed:3a:2f:1c:c3:b2:24:fc:3b:16:6a:
6a:37:bf:71:c3:39:5b:74:12:b4:3e:d2:e4:e8:20:
a8:6b:49:7b:d2:be:a5:dc:0a:37:fe:26:80:de:c3:
ae:71:5c:82:41:55:27:1e:ec:61:df:d4:82:77:13:
e4:e7:9b:be:e1:5b:75:b2:3e:73:dd:93:d2:29:32:
fe:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:CD:90:A8:5E:43:E9:3C:4E:CC:27:2D:4B:8A:EA:67:1B:00:7D:EF
X509v3 Authority Key Identifier:
keyid:40:77:21:6A:31:82:6A:0A:99:8A:1E:20:7F:D8:24:DD:CB:C7:E7:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B7992/D61274EA3BCA11ECB3252B2CC4F9AE02/QHchajGCagqZih4gf9gk3cvH5w4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHchajGCagqZih4gf9gk3cvH5w4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7992/D61274EA3BCA11ECB3252B2CC4F9AE02/D25598703BCD11EC8086E031C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.28.0/22
103.44.20.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:ff:a0:e1:79:6e:6f:bf:1f:b1:9a:a3:12:eb:9e:36:01:1c:
02:a1:78:52:bd:47:35:98:ed:cb:a5:c4:bd:c1:25:ff:63:ca:
ee:58:df:40:8f:52:4b:6f:45:e7:16:e7:c5:48:9e:47:ba:b9:
70:06:dc:16:c8:b9:67:49:1c:38:40:c2:25:b0:ac:7f:cb:3d:
11:13:44:82:d0:42:31:8c:c6:30:8e:5c:ee:ac:85:63:6a:91:
a4:82:50:40:bb:b7:51:d2:11:33:30:fe:a6:f6:4c:dc:33:79:
fa:c8:82:0f:59:b3:34:54:2d:4c:89:57:4f:9b:99:00:be:33:
92:4d:09:47:fb:a5:8a:70:51:94:d7:77:21:f7:8a:fb:b1:1a:
bd:57:fc:d4:49:9b:08:d9:cd:09:ce:9f:d2:a0:4e:7a:f6:f7:
7e:23:8b:ea:86:a8:1a:57:46:04:07:f0:9b:7d:96:5d:07:6e:
38:65:28:d7:a1:29:ff:e8:93:4b:dd:69:03:3e:cc:54:bb:b3:
4d:6a:2e:d4:5b:81:89:13:f7:06:ed:da:bf:31:d3:ef:24:d5:
84:83:37:75:6a:69:1d:68:d7:31:aa:3c:f7:04:92:00:2e:92:
ce:ab:64:b8:d5:01:bb:77:08:d6:f2:41:25:2c:64:4d:51:f1:
8b:ed:b8:30
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBSTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
Nzk5MjExMC8GA1UEBRMoNDA3NzIxNkEzMTgyNkEwQTk5OEExRTIwN0ZEODI0RERD
QkM3RTcwRTAeFw0yMTEyMDYwNDAxNTVaFw0yMzAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxYWQ4YjMyLThhYTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDjZDgo208DQTqbUYwi9bCyr6Q5mF2BGJr4/rbR5NhqACx/M0Y3SApQ9Lw0KUcE
d7jyG/F8tJKZMIlOARyI8F/91mapN+CH/D1l56GOe63epnz8P209tf975sIMj4rL
tWAO24cuBaZ/ocZJag5u3SOMWP1vBcO5jCfW0xaVJig1vmU1e4GQ+6Xm7fqfZStd
wd+ACTaGeJ7fCfiO7Eh/D8EcDuC9sTjyXg2wu+bw0OJrJJ8Zrx4silrtOi8cw7Ik
/DsWamo3v3HDOVt0ErQ+0uToIKhrSXvSvqXcCjf+JoDew65xXIJBVSce7GHf1IJ3
E+Tnm77hW3WyPnPdk9IpMv4rAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUJ82QqF5D
6TxOzCctS4rqZxsAfe8wHwYDVR0jBBgwFoAUQHchajGCagqZih4gf9gk3cvH5w4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3OTkyL0Q2MTI3NEVBM0JD
QTExRUNCMzI1MkIyQ0M0RjlBRTAyL1FIY2hhakdDYWdxWmloNGdmOWdrM2N2SDV3
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUUhjaGFqR0NhZ3FaaWg0Z2Y5Z2szY3ZINXc0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
Nzk5Mi9ENjEyNzRFQTNCQ0ExMUVDQjMyNTJCMkNDNEY5QUUwMi9EMjU1OTg3MDNC
Q0QxMUVDODA4NkUwMzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAivhHAMEAmcsFDANBgkqhkiG9w0BAQsFAAOCAQEAv/+g4Xlu
b78fsZqjEuueNgEcAqF4Ur1HNZjty6XEvcEl/2PK7ljfQI9SS29F5xbnxUieR7q5
cAbcFsi5Z0kcOEDCJbCsf8s9ERNEgtBCMYzGMI5c7qyFY2qRpIJQQLu3UdIRMzD+
pvZM3DN5+siCD1mzNFQtTIlXT5uZAL4zkk0JR/ulinBRlNd3IfeK+7EavVf81Emb
CNnNCc6f0qBOevb3fiOL6oaoGldGBAfwm32WXQduOGUo16Ep/+iTS91pAz7MVLuz
TWou1FuBiRP3Bu3avzHT7yTVhIM3dWppHWjXMao89wSSAC6SzqtkuNUBu3cI1vJB
JSxkTVHxi+24MA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:02 2023 by rpki-client on console-ams.rpki-client.org