Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDE77/3A66965C1D8411E291A515DA08B02CD2/C58FAB9EC98C11E5915CA987C4F9AE02.roa
File: C58FAB9EC98C11E5915CA987C4F9AE02.roa (raw, json)
Hash identifier: ssefbRJCKASuSQXdO77udYDKzaCFaoW6o5mz0qbq3U8=
Subject key identifier: F5:C0:46:22:00:8A:71:03:7F:3C:1B:17:77:FA:4A:04:33:02:7D:8E
Certificate issuer: /CN=A91BDE77/serialNumber=9C0BD53F9C4B7C8E3C1C0C7F2BD3FD17CE2C2FE2
Certificate serial: 3331
Authority key identifier: 9C:0B:D5:3F:9C:4B:7C:8E:3C:1C:0C:7F:2B:D3:FD:17:CE:2C:2F:E2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nAvVP5xLfI48HAx_K9P9F84sL-I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BDE77/3A66965C1D8411E291A515DA08B02CD2/C58FAB9EC98C11E5915CA987C4F9AE02.roa
Signing time: Tue 16 Aug 2022 02:30:19 +0000
ROA not before: Tue 16 Aug 2022 02:30:19 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 24514
IP address blocks: 1.9.21.0/24 maxlen: 24
1.9.65.0/24 maxlen: 24
203.106.56.0/21 maxlen: 21
203.106.64.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13105 (0x3331)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDE77/serialNumber=9C0BD53F9C4B7C8E3C1C0C7F2BD3FD17CE2C2FE2
Validity
Not Before: Aug 16 02:30:19 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=62fb013b-b396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:07:79:55:f5:f5:35:87:ab:9a:e8:58:e5:b3:
9c:ec:04:96:e4:44:8e:da:3e:f7:36:d4:9e:8f:28:
9f:0c:09:ee:dc:a2:28:36:7d:3c:be:06:37:74:23:
02:43:cd:24:33:37:ef:b6:fd:bc:bf:0e:de:2c:0e:
9e:26:56:62:52:81:c3:cd:7f:c3:17:f2:56:c9:1c:
34:e3:7b:f5:2e:7e:ee:a8:7b:9e:69:4d:90:e0:66:
6e:ca:60:d0:92:c6:0f:56:e2:94:d5:6a:1d:cb:09:
72:85:1a:85:5d:8f:aa:07:d7:3e:a6:a4:98:f1:23:
7a:d2:de:07:23:3b:5a:ce:18:9c:e1:71:eb:e7:f6:
b2:8d:7d:da:26:93:3c:62:15:9f:39:f6:1c:5d:f9:
55:0c:87:c9:e6:56:ac:d6:c0:a4:e4:6f:f9:5b:89:
9c:6e:d5:64:76:30:c1:93:e4:69:4d:5c:97:83:a7:
3d:6d:58:f2:ba:8d:ce:66:61:99:c0:c3:8a:42:3d:
4a:89:c8:b9:0d:56:75:f8:82:2c:b6:dc:0a:a9:74:
b9:43:b2:0e:c5:2d:c0:28:3f:c7:cf:56:f4:9a:cc:
bb:3d:dc:84:1c:1b:86:14:3b:96:e4:63:df:2f:31:
1c:44:8a:46:a0:7f:72:8d:fd:61:ff:b5:1b:aa:92:
0e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C0:46:22:00:8A:71:03:7F:3C:1B:17:77:FA:4A:04:33:02:7D:8E
X509v3 Authority Key Identifier:
keyid:9C:0B:D5:3F:9C:4B:7C:8E:3C:1C:0C:7F:2B:D3:FD:17:CE:2C:2F:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BDE77/3A66965C1D8411E291A515DA08B02CD2/nAvVP5xLfI48HAx_K9P9F84sL-I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nAvVP5xLfI48HAx_K9P9F84sL-I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDE77/3A66965C1D8411E291A515DA08B02CD2/C58FAB9EC98C11E5915CA987C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.9.21.0/24
1.9.65.0/24
203.106.56.0-203.106.67.255
Signature Algorithm: sha256WithRSAEncryption
7d:ba:69:43:e1:45:0d:72:61:ea:6d:4f:64:9d:a0:64:4d:08:
e3:c9:c0:8a:3f:f8:96:1c:48:35:8b:8b:e0:6d:92:a5:07:39:
a1:99:93:b6:63:ea:10:73:9a:55:9f:3c:83:88:66:df:e6:ac:
d1:73:8c:ec:63:8e:37:2f:18:e0:1c:6a:b6:a3:cf:4a:db:8f:
05:66:92:67:88:77:19:3d:86:48:33:f8:2c:54:1c:0f:02:d8:
f5:fa:00:67:fb:4d:81:5f:82:3d:65:65:82:a6:1b:a2:44:f1:
34:2d:20:66:e9:f8:3d:bb:3b:c3:1d:61:30:83:0d:75:77:cc:
79:c0:cc:6b:a7:65:58:62:81:9b:11:93:49:10:e9:7d:0a:63:
f3:3d:ee:d0:ed:bf:9c:dd:19:45:3b:dc:96:61:26:1c:5b:b6:
92:e7:46:d1:1f:6d:cd:fc:86:0e:ad:34:f9:68:b7:40:d1:3b:
5b:b9:2a:e1:ad:d3:d0:2e:70:24:58:68:2b:30:42:17:22:66:
33:85:2a:96:ec:e6:3f:ac:37:2b:67:7b:15:c4:a4:08:fa:19:
65:96:0f:80:a4:80:64:42:9e:80:8f:06:0a:e1:06:03:ae:b3:
26:cc:ef:2d:58:47:1d:f2:a2:64:97:f6:07:db:97:66:8e:9f:
97:a2:e5:2d
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICMzEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkRFNzcxMTAvBgNVBAUTKDlDMEJENTNGOUM0QjdDOEUzQzFDMEM3RjJCRDNGRDE3
Q0UyQzJGRTIwHhcNMjIwODE2MDIzMDE5WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmZiMDEzYi1iMzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtQd5VfX1NYermuhY5bOc7ASW5ESO2j73NtSejyifDAnu3KIoNn08vgY3dCMC
Q80kMzfvtv28vw7eLA6eJlZiUoHDzX/DF/JWyRw043v1Ln7uqHueaU2Q4GZuymDQ
ksYPVuKU1WodywlyhRqFXY+qB9c+pqSY8SN60t4HIztazhic4XHr5/ayjX3aJpM8
YhWfOfYcXflVDIfJ5las1sCk5G/5W4mcbtVkdjDBk+RpTVyXg6c9bVjyuo3OZmGZ
wMOKQj1Kici5DVZ1+IIsttwKqXS5Q7IOxS3AKD/Hz1b0msy7PdyEHBuGFDuW5GPf
LzEcRIpGoH9yjf1h/7UbqpIOEwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFPXARiIA
inEDfzwbF3f6SgQzAn2OMB8GA1UdIwQYMBaAFJwL1T+cS3yOPBwMfyvT/RfOLC/i
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCREU3Ny8zQTY2OTY1QzFE
ODQxMUUyOTFBNTE1REEwOEIwMkNEMi9uQXZWUDV4TGZJNDhIQXhfSzlQOUY4NHNM
LUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25BdlZQNXhMZkk0OEhBeF9LOVA5Rjg0c0wtSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkRFNzcvM0E2Njk2NUMxRDg0MTFFMjkxQTUxNURBMDhCMDJDRDIvQzU4RkFCOUVD
OThDMTFFNTkxNUNBOTg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBAABCRUDBAABCUEwDAMEA8tqOAMEAstqQDANBgkqhkiG9w0B
AQsFAAOCAQEAfbppQ+FFDXJh6m1PZJ2gZE0I48nAij/4lhxINYuL4G2SpQc5oZmT
tmPqEHOaVZ88g4hm3+as0XOM7GOONy8Y4BxqtqPPStuPBWaSZ4h3GT2GSDP4LFQc
DwLY9foAZ/tNgV+CPWVlgqYbokTxNC0gZun4Pbs7wx1hMIMNdXfMecDMa6dlWGKB
mxGTSRDpfQpj8z3u0O2/nN0ZRTvclmEmHFu2kudG0R9tzfyGDq00+Wi3QNE7W7kq
4a3T0C5wJFhoKzBCFyJmM4UqluzmP6w3K2d7FcSkCPoZZZYPgKSAZEKegI8GCuEG
A66zJszvLVhHHfKiZJf2B9uXZo6fl6LlLQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-fra.rpki-client.org