Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDE77/834B4C126B6011E780B8E11CC4F9AE02/77BD9A8ABC3411EAB676F260C4F9AE02.roa
File: 77BD9A8ABC3411EAB676F260C4F9AE02.roa (raw, json)
Hash identifier: AklSll87rXRsc/Rsv3zd2tcWhmmHeTQrCTrErxLV5sk=
Subject key identifier: E4:55:8D:DC:7B:79:5F:15:D6:C5:A8:0A:5C:B2:0E:6E:F9:B2:23:53
Certificate issuer: /CN=A91BDE77/serialNumber=1CBD06575EC34590B086D03743D050DAB70A3638
Certificate serial: 177C
Authority key identifier: 1C:BD:06:57:5E:C3:45:90:B0:86:D0:37:43:D0:50:DA:B7:0A:36:38
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HL0GV17DRZCwhtA3Q9BQ2rcKNjg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BDE77/834B4C126B6011E780B8E11CC4F9AE02/77BD9A8ABC3411EAB676F260C4F9AE02.roa
Signing time: Tue 20 Sep 2022 07:10:17 +0000
ROA not before: Tue 20 Sep 2022 07:10:17 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 4788
IP address blocks: 147.158.0.0/16 maxlen: 16
147.158.0.0/17 maxlen: 17
147.158.0.0/18 maxlen: 18
147.158.128.0/19 maxlen: 19
147.158.160.0/19 maxlen: 19
147.158.192.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6012 (0x177c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDE77/serialNumber=1CBD06575EC34590B086D03743D050DAB70A3638
Validity
Not Before: Sep 20 07:10:17 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63296759-7295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:48:25:ac:43:af:5a:8e:86:78:ae:c0:bb:f6:
cf:a1:84:dd:a0:7d:56:2c:7b:91:fb:3d:6e:03:5a:
07:88:93:f5:f8:ac:5d:47:f8:ad:3a:c5:03:c6:69:
64:c5:7d:00:d4:6d:ce:da:9f:05:d4:a8:74:0e:b2:
3e:40:99:f4:5a:05:b2:c1:a8:a4:fe:71:a9:7c:bc:
21:c8:a7:66:36:e0:0c:43:ba:f1:f6:b3:85:1d:33:
54:9c:1c:db:dd:e1:a4:92:ad:95:e9:3c:03:8e:03:
44:b4:3f:6f:ea:a7:e9:c4:42:d3:10:38:6a:75:bf:
aa:d8:a6:0b:97:c1:5d:f8:a1:8d:51:e8:11:bf:eb:
f6:10:5a:b5:5c:2b:39:a9:1b:15:15:9c:41:2e:5a:
fa:85:c1:7a:15:1b:bf:51:0a:20:a4:32:54:f2:a4:
1a:7b:ed:78:c6:a3:1d:72:6c:be:e1:12:1e:5d:73:
93:8d:44:56:fa:19:ab:a4:0f:66:c6:88:49:70:7a:
35:e2:ac:df:a1:b6:79:f7:36:9a:55:b1:d1:aa:f5:
fa:03:32:f1:9c:c9:ca:4f:58:e3:4f:b1:b4:fc:a0:
ae:22:a5:dc:b6:1d:35:44:24:6e:f7:3c:59:83:a9:
02:b2:e4:28:97:a9:f7:30:35:6c:33:59:ca:4e:f8:
24:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:55:8D:DC:7B:79:5F:15:D6:C5:A8:0A:5C:B2:0E:6E:F9:B2:23:53
X509v3 Authority Key Identifier:
keyid:1C:BD:06:57:5E:C3:45:90:B0:86:D0:37:43:D0:50:DA:B7:0A:36:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BDE77/834B4C126B6011E780B8E11CC4F9AE02/HL0GV17DRZCwhtA3Q9BQ2rcKNjg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HL0GV17DRZCwhtA3Q9BQ2rcKNjg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDE77/834B4C126B6011E780B8E11CC4F9AE02/77BD9A8ABC3411EAB676F260C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
147.158.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:2a:c9:ad:d4:76:46:a7:80:80:07:76:12:df:f2:5d:2f:b8:
25:1f:60:a1:bf:39:f2:a0:c9:84:1e:61:3a:11:0f:5d:ad:25:
be:c2:14:80:33:b3:ac:19:59:0c:c4:8a:35:ea:49:70:b0:64:
bc:5e:ad:fb:09:16:e8:6e:f3:1d:74:d5:3a:ec:52:83:47:67:
11:d0:cf:c7:f2:48:14:dc:b7:d5:1b:12:2e:13:55:ba:0a:bd:
61:e0:b0:56:23:92:84:69:72:5a:88:c3:9d:ce:85:c3:b2:5a:
22:ec:a5:0e:f0:dd:7b:15:87:88:39:8c:87:df:7e:1c:8f:c6:
ef:3d:6a:69:30:6e:a7:57:86:7f:f5:3f:ff:c7:6c:8f:d2:73:
09:ea:78:94:30:5b:5d:5f:1c:ac:c2:9b:54:be:e6:43:98:80:
48:f5:e8:c5:d3:90:27:de:d0:03:6e:a5:71:17:74:be:f3:b9:
94:97:2c:15:92:53:ab:f9:20:10:3b:c2:93:19:16:30:f4:9d:
f9:00:49:8b:7a:db:26:79:d8:33:26:7e:a2:12:8b:5b:9c:db:
f1:75:cc:19:c0:bb:80:ac:ae:01:6b:24:c8:eb:ae:61:5f:c5:
a3:47:c2:93:eb:30:a0:b6:43:17:52:8e:34:ad:c5:47:4a:91:
46:30:8c:81
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICF3wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkRFNzcxMTAvBgNVBAUTKDFDQkQwNjU3NUVDMzQ1OTBCMDg2RDAzNzQzRDA1MERB
QjcwQTM2MzgwHhcNMjIwOTIwMDcxMDE3WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzI5Njc1OS03Mjk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwUglrEOvWo6GeK7Au/bPoYTdoH1WLHuR+z1uA1oHiJP1+KxdR/itOsUDxmlk
xX0A1G3O2p8F1Kh0DrI+QJn0WgWywaik/nGpfLwhyKdmNuAMQ7rx9rOFHTNUnBzb
3eGkkq2V6TwDjgNEtD9v6qfpxELTEDhqdb+q2KYLl8Fd+KGNUegRv+v2EFq1XCs5
qRsVFZxBLlr6hcF6FRu/UQogpDJU8qQae+14xqMdcmy+4RIeXXOTjURW+hmrpA9m
xohJcHo14qzfobZ59zaaVbHRqvX6AzLxnMnKT1jjT7G0/KCuIqXcth01RCRu9zxZ
g6kCsuQol6n3MDVsM1nKTvgk0QIDAQABo4IClDCCApAwHQYDVR0OBBYEFORVjdx7
eV8V1sWoClyyDm75siNTMB8GA1UdIwQYMBaAFBy9Bldew0WQsIbQN0PQUNq3CjY4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCREU3Ny84MzRCNEMxMjZC
NjAxMUU3ODBCOEUxMUNDNEY5QUUwMi9ITDBHVjE3RFJaQ3dodEEzUTlCUTJyY0tO
amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0hMMEdWMTdEUlpDd2h0QTNROUJRMnJjS05qZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkRFNzcvODM0QjRDMTI2QjYwMTFFNzgwQjhFMTFDQzRGOUFFMDIvNzdCRDlBOEFC
QzM0MTFFQUI2NzZGMjYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCTnjANBgkqhkiG9w0BAQsFAAOCAQEAlyrJrdR2RqeAgAd2
Et/yXS+4JR9gob858qDJhB5hOhEPXa0lvsIUgDOzrBlZDMSKNepJcLBkvF6t+wkW
6G7zHXTVOuxSg0dnEdDPx/JIFNy31RsSLhNVugq9YeCwViOShGlyWojDnc6Fw7Ja
IuylDvDdexWHiDmMh99+HI/G7z1qaTBup1eGf/U//8dsj9JzCep4lDBbXV8crMKb
VL7mQ5iASPXoxdOQJ97QA26lcRd0vvO5lJcsFZJTq/kgEDvCkxkWMPSd+QBJi3rb
JnnYMyZ+ohKLW5zb8XXMGcC7gKyuAWskyOuuYV/Fo0fCk+swoLZDF1KONK3FR0qR
RjCMgQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org