Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7992/D61274EA3BCA11ECB3252B2CC4F9AE02/D2FB56E83BCD11EC8086E031C4F9AE02.roa
File: D2FB56E83BCD11EC8086E031C4F9AE02.roa (raw, json)
Hash identifier: o9C+i+ZNt2Lks426HjIb1rc/jjQbLAz51BCUWtZ83jc=
Subject key identifier: 6C:A1:83:86:55:E2:2A:1A:CA:D0:40:68:27:B4:7F:CE:99:DA:ED:58
Certificate issuer: /CN=A91B7992/serialNumber=4077216A31826A0A998A1E207FD824DDCBC7E70E
Certificate serial: 4A
Authority key identifier: 40:77:21:6A:31:82:6A:0A:99:8A:1E:20:7F:D8:24:DD:CB:C7:E7:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHchajGCagqZih4gf9gk3cvH5w4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B7992/D61274EA3BCA11ECB3252B2CC4F9AE02/D2FB56E83BCD11EC8086E031C4F9AE02.roa
Signing time: Mon 06 Dec 2021 04:01:56 +0000
ROA not before: Mon 06 Dec 2021 04:01:56 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 399955
IP address blocks: 43.225.28.0/22 maxlen: 24
103.44.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74 (0x4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B7992/serialNumber=4077216A31826A0A998A1E207FD824DDCBC7E70E
Validity
Not Before: Dec 6 04:01:56 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61ad8b34-241f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6b:7d:cf:55:ee:81:9f:df:9b:5d:76:49:5b:
9b:9c:f6:99:4a:17:c5:e3:83:b1:d8:e6:92:a3:86:
d2:23:9a:16:9d:00:cc:4d:2f:2c:04:c4:70:69:5c:
42:6a:02:1b:18:96:33:af:3d:97:02:6c:5b:45:9b:
32:ab:2a:40:52:23:bf:09:8b:0b:20:bc:39:56:cd:
88:c1:db:b3:0b:73:01:2f:5f:04:4f:e3:3c:13:5b:
a6:5c:23:c3:7b:ce:16:53:82:01:59:42:21:63:a3:
c4:66:1d:11:87:5e:a5:fb:7c:e4:0d:93:ab:a3:c3:
a9:07:dc:4b:2f:99:08:f0:13:02:15:15:48:73:5b:
bd:96:7f:c6:c2:fd:39:e2:8b:30:45:8b:0d:3f:4d:
e0:db:9f:fb:46:ec:51:45:70:d7:3e:83:f3:c2:f1:
bc:32:40:6e:df:06:bf:cc:3e:07:fa:a6:34:4a:e8:
41:f1:39:42:88:3a:68:cf:34:60:dc:a1:35:e4:05:
c4:5e:e6:ce:42:66:84:52:6f:ef:b2:85:65:b5:d1:
10:9c:fb:b7:4c:71:36:43:4b:b6:c9:32:e1:fd:a5:
f4:9d:14:97:90:52:d8:07:26:07:7f:73:3f:d9:ef:
b4:f3:9d:2a:76:ac:c8:76:a5:b9:96:dd:8f:99:40:
10:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A1:83:86:55:E2:2A:1A:CA:D0:40:68:27:B4:7F:CE:99:DA:ED:58
X509v3 Authority Key Identifier:
keyid:40:77:21:6A:31:82:6A:0A:99:8A:1E:20:7F:D8:24:DD:CB:C7:E7:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B7992/D61274EA3BCA11ECB3252B2CC4F9AE02/QHchajGCagqZih4gf9gk3cvH5w4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHchajGCagqZih4gf9gk3cvH5w4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7992/D61274EA3BCA11ECB3252B2CC4F9AE02/D2FB56E83BCD11EC8086E031C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.28.0/22
103.44.20.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:9d:b2:44:27:8a:2e:c3:a9:13:fc:93:8f:9a:56:e8:97:66:
22:e9:47:52:b3:0f:a6:8b:99:b6:c3:78:41:e4:e6:28:29:d0:
3d:e7:90:20:dc:be:96:7b:20:b6:18:fe:86:6d:07:38:87:47:
14:01:ca:46:a5:c9:14:f1:90:8c:0d:7c:16:dc:ce:46:6a:54:
27:8e:78:8b:d4:db:67:b0:5e:a9:c2:80:b8:15:74:3e:ad:c0:
17:38:7f:c5:4f:0f:12:b0:ed:22:57:58:a8:b4:1b:e4:03:28:
4f:fa:af:3b:2d:5b:06:9b:ba:f3:a5:c1:0e:8c:7e:6d:c9:f3:
ff:4f:a2:f4:91:9a:c6:f5:97:9e:64:e8:37:e3:d3:90:fc:ac:
4b:d1:4b:8e:8b:e5:55:93:84:cb:71:06:b4:99:4c:a4:57:0f:
1b:fc:f3:bc:b8:d9:93:24:f8:90:c4:68:63:e1:a0:25:2a:65:
c7:03:cb:ae:21:ab:0d:e6:9d:88:ea:6a:ee:95:7f:5b:ce:89:
74:39:70:8c:44:d2:57:24:18:ed:ba:99:c1:2c:82:8e:3e:a2:
4f:4c:4b:01:d7:f7:de:d9:41:ae:a1:e0:1a:c2:12:94:14:30:
57:c3:0e:87:2d:65:d0:04:93:b3:9a:7f:65:fb:71:7d:e1:b7:
70:6d:d9:f4
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBSjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
Nzk5MjExMC8GA1UEBRMoNDA3NzIxNkEzMTgyNkEwQTk5OEExRTIwN0ZEODI0RERD
QkM3RTcwRTAeFw0yMTEyMDYwNDAxNTZaFw0yMzAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxYWQ4YjM0LTI0MWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/a33PVe6Bn9+bXXZJW5uc9plKF8Xjg7HY5pKjhtIjmhadAMxNLywExHBpXEJq
AhsYljOvPZcCbFtFmzKrKkBSI78JiwsgvDlWzYjB27MLcwEvXwRP4zwTW6ZcI8N7
zhZTggFZQiFjo8RmHRGHXqX7fOQNk6ujw6kH3EsvmQjwEwIVFUhzW72Wf8bC/Tni
izBFiw0/TeDbn/tG7FFFcNc+g/PC8bwyQG7fBr/MPgf6pjRK6EHxOUKIOmjPNGDc
oTXkBcRe5s5CZoRSb++yhWW10RCc+7dMcTZDS7bJMuH9pfSdFJeQUtgHJgd/cz/Z
77TznSp2rMh2pbmW3Y+ZQBAxAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUbKGDhlXi
KhrK0EBoJ7R/zpna7VgwHwYDVR0jBBgwFoAUQHchajGCagqZih4gf9gk3cvH5w4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3OTkyL0Q2MTI3NEVBM0JD
QTExRUNCMzI1MkIyQ0M0RjlBRTAyL1FIY2hhakdDYWdxWmloNGdmOWdrM2N2SDV3
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUUhjaGFqR0NhZ3FaaWg0Z2Y5Z2szY3ZINXc0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
Nzk5Mi9ENjEyNzRFQTNCQ0ExMUVDQjMyNTJCMkNDNEY5QUUwMi9EMkZCNTZFODNC
Q0QxMUVDODA4NkUwMzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAivhHAMEAmcsFDANBgkqhkiG9w0BAQsFAAOCAQEAGp2yRCeK
LsOpE/yTj5pW6JdmIulHUrMPpouZtsN4QeTmKCnQPeeQINy+lnsgthj+hm0HOIdH
FAHKRqXJFPGQjA18FtzORmpUJ454i9TbZ7BeqcKAuBV0Pq3AFzh/xU8PErDtIldY
qLQb5AMoT/qvOy1bBpu686XBDox+bcnz/0+i9JGaxvWXnmToN+PTkPysS9FLjovl
VZOEy3EGtJlMpFcPG/zzvLjZkyT4kMRoY+GgJSplxwPLriGrDeadiOpq7pV/W86J
dDlwjETSVyQY7bqZwSyCjj6iT0xLAdf33tlBrqHgGsISlBQwV8MOhy1l0ASTs5p/
ZftxfeG3cG3Z9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org