Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF0DF/16A0BF24EADC11E799C11F45C4F9AE02/A708FC92EADD11E7908A2A4BC4F9AE02.roa
File: A708FC92EADD11E7908A2A4BC4F9AE02.roa (raw, json)
Hash identifier: tHFIeLv6iGADl2TPKMl+g7uCvGjD3HMYPMbocfFL62M=
Subject key identifier: 4B:86:61:EF:9F:F4:7D:77:26:76:0F:2E:89:11:E7:DB:DE:3D:65:E3
Certificate issuer: /CN=A91BF0DF/serialNumber=0A93FF7C535BED8726A708AD633F6D9575F1C798
Certificate serial: 131E
Authority key identifier: 0A:93:FF:7C:53:5B:ED:87:26:A7:08:AD:63:3F:6D:95:75:F1:C7:98
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CpP_fFNb7YcmpwitYz9tlXXxx5g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BF0DF/16A0BF24EADC11E799C11F45C4F9AE02/A708FC92EADD11E7908A2A4BC4F9AE02.roa
Signing time: Sun 30 Jan 2022 18:04:11 +0000
ROA not before: Sun 30 Jan 2022 18:04:11 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 38713
IP address blocks: 103.205.176.0/24 maxlen: 24
103.205.177.0/24 maxlen: 24
103.205.178.0/24 maxlen: 24
103.205.179.0/24 maxlen: 24
160.19.20.0/24 maxlen: 24
160.19.21.0/24 maxlen: 24
160.19.22.0/24 maxlen: 24
160.19.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4894 (0x131e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BF0DF/serialNumber=0A93FF7C535BED8726A708AD633F6D9575F1C798
Validity
Not Before: Jan 30 18:04:11 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=61f6d31b-b362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:19:f8:c8:28:f9:8d:b5:c4:59:ec:cd:e5:1d:
5b:c0:4b:fd:ce:19:82:3e:e6:4e:37:f8:44:af:78:
7f:68:af:ef:57:9b:f2:06:49:74:e1:63:a1:46:a7:
48:59:a9:e4:38:cf:a9:aa:c1:ce:df:81:ed:23:6f:
e8:46:9d:b7:01:7d:d1:ab:55:d6:67:1b:5c:60:1f:
b8:2b:1e:94:2a:2c:3d:f2:64:85:7e:26:5d:e4:7f:
79:a1:bb:68:fe:82:10:9a:43:80:b9:86:5b:7c:6b:
0b:2b:b2:ac:c5:6a:89:f3:6c:53:b0:61:b0:30:3d:
e1:dc:ea:95:b5:53:fb:0e:f9:74:74:62:3b:f5:52:
60:3e:f5:a8:2d:a1:c0:32:46:09:7c:b2:4d:7b:b1:
86:8d:5d:8f:b3:90:ef:eb:92:31:23:2c:c7:86:15:
d7:95:9a:36:e3:4c:d2:0c:df:d3:62:0b:27:e6:45:
0d:2c:96:fd:ad:83:75:b7:ea:30:07:70:71:c6:2c:
67:fa:3f:df:d2:f1:12:b9:16:ff:b1:28:91:83:5d:
6b:89:33:ec:36:37:a7:6f:c9:52:fa:a8:98:98:54:
cd:22:17:87:82:76:5b:5f:8d:28:6e:e6:04:b1:35:
6d:3b:40:fa:ac:0c:f8:1d:08:5f:9a:e1:d1:71:56:
fd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:86:61:EF:9F:F4:7D:77:26:76:0F:2E:89:11:E7:DB:DE:3D:65:E3
X509v3 Authority Key Identifier:
keyid:0A:93:FF:7C:53:5B:ED:87:26:A7:08:AD:63:3F:6D:95:75:F1:C7:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BF0DF/16A0BF24EADC11E799C11F45C4F9AE02/CpP_fFNb7YcmpwitYz9tlXXxx5g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CpP_fFNb7YcmpwitYz9tlXXxx5g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF0DF/16A0BF24EADC11E799C11F45C4F9AE02/A708FC92EADD11E7908A2A4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.205.176.0/22
160.19.20.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:33:00:e0:20:d2:58:52:db:6b:b7:cd:7a:9d:4e:33:45:77:
eb:dc:57:6b:ea:0b:39:a1:fe:7e:50:5e:88:4f:93:83:5f:33:
36:f5:ed:37:22:39:dc:73:ce:23:4a:61:b9:fc:95:db:a9:87:
99:c3:d9:7f:ff:f2:10:9d:64:b2:fb:cf:7e:3f:d5:b1:a1:ca:
29:76:d9:ac:89:45:92:7b:ed:bf:da:ac:96:83:b3:5d:69:ef:
0c:35:92:c0:fd:f8:eb:19:34:e9:2a:94:8a:91:f1:6e:b7:96:
5c:18:e5:25:e6:3c:de:aa:31:6b:42:bc:be:24:e0:35:f1:b4:
a7:6c:46:53:6e:a8:57:56:1b:59:31:f2:a7:ec:94:e2:7e:2f:
1a:45:73:e5:a5:ba:17:11:d7:54:fa:c9:b0:b1:84:56:e7:8a:
b3:96:b8:48:e4:a3:7f:6c:c4:f8:a4:ba:82:83:06:11:2a:25:
7e:2d:25:fe:6b:d5:2e:5f:e6:5e:87:4a:9c:4c:98:f6:3c:4f:
45:60:f0:3b:15:4f:80:05:87:66:71:11:e9:9e:1e:58:5b:53:
53:7f:e1:0c:8f:3a:bb:28:dc:ce:4e:8e:53:ca:01:1c:29:48:
ad:0e:78:20:c7:c8:98:ee:df:57:79:d7:31:ab:90:52:b0:70:
4b:a7:d3:3c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICEx4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkYwREYxMTAvBgNVBAUTKDBBOTNGRjdDNTM1QkVEODcyNkE3MDhBRDYzM0Y2RDk1
NzVGMUM3OTgwHhcNMjIwMTMwMTgwNDExWhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWY2ZDMxYi1iMzYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0hn4yCj5jbXEWezN5R1bwEv9zhmCPuZON/hEr3h/aK/vV5vyBkl04WOhRqdI
WankOM+pqsHO34HtI2/oRp23AX3Rq1XWZxtcYB+4Kx6UKiw98mSFfiZd5H95obto
/oIQmkOAuYZbfGsLK7KsxWqJ82xTsGGwMD3h3OqVtVP7Dvl0dGI79VJgPvWoLaHA
MkYJfLJNe7GGjV2Ps5Dv65IxIyzHhhXXlZo240zSDN/TYgsn5kUNLJb9rYN1t+ow
B3Bxxixn+j/f0vESuRb/sSiRg11riTPsNjenb8lS+qiYmFTNIheHgnZbX40obuYE
sTVtO0D6rAz4HQhfmuHRcVb9ZwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEuGYe+f
9H13JnYPLokR59vePWXjMB8GA1UdIwQYMBaAFAqT/3xTW+2HJqcIrWM/bZV18ceY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjBERi8xNkEwQkYyNEVB
REMxMUU3OTlDMTFGNDVDNEY5QUUwMi9DcFBfZkZOYjdZY21wd2l0WXo5dGxYWHh4
NWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NwUF9mRk5iN1ljbXB3aXRZejl0bFhYeHg1Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkYwREYvMTZBMEJGMjRFQURDMTFFNzk5QzExRjQ1QzRGOUFFMDIvQTcwOEZDOTJF
QUREMTFFNzkwOEEyQTRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnzbADBAKgExQwDQYJKoZIhvcNAQELBQADggEBALozAOAg
0lhS22u3zXqdTjNFd+vcV2vqCzmh/n5QXohPk4NfMzb17TciOdxzziNKYbn8ldup
h5nD2X//8hCdZLL7z34/1bGhyil22ayJRZJ77b/arJaDs11p7ww1ksD9+OsZNOkq
lIqR8W63llwY5SXmPN6qMWtCvL4k4DXxtKdsRlNuqFdWG1kx8qfslOJ+LxpFc+Wl
uhcR11T6ybCxhFbnirOWuEjko39sxPikuoKDBhEqJX4tJf5r1S5f5l6HSpxMmPY8
T0Vg8DsVT4AFh2ZxEemeHlhbU1N/4QyPOrso3M5OjlPKARwpSK0OeCDHyJju31d5
1zGrkFKwcEun0zw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org