Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BFB49/FA2DFE1AC50C11EB86C6585AC4F9AE02/B9099400C50F11EB85FC9A7BC4F9AE02.roa
File: B9099400C50F11EB85FC9A7BC4F9AE02.roa (raw, json)
Hash identifier: 0vxJjv0GuN17KAVv1XWrMG+qZbOX4WDl6KuANCRp78o=
Subject key identifier: 0A:21:92:63:07:9D:08:CD:DA:97:5B:17:97:84:C3:AA:AE:A1:B5:11
Certificate issuer: /CN=A91BFB49/serialNumber=DB0BE621EF60ED96E1B3CA46BBF17BDB6A67CB8E
Certificate serial: 01B7
Authority key identifier: DB:0B:E6:21:EF:60:ED:96:E1:B3:CA:46:BB:F1:7B:DB:6A:67:CB:8E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2wvmIe9g7Zbhs8pGu_F722pny44.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BFB49/FA2DFE1AC50C11EB86C6585AC4F9AE02/B9099400C50F11EB85FC9A7BC4F9AE02.roa
Signing time: Sun 09 Jan 2022 14:42:27 +0000
ROA not before: Sun 09 Jan 2022 14:42:27 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 136933
IP address blocks: 116.206.176.0/22 maxlen: 22
116.206.176.0/24 maxlen: 24
116.206.177.0/24 maxlen: 24
116.206.178.0/24 maxlen: 24
116.206.179.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 439 (0x1b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BFB49/serialNumber=DB0BE621EF60ED96E1B3CA46BBF17BDB6A67CB8E
Validity
Not Before: Jan 9 14:42:27 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61daf453-7915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2d:a7:08:5e:70:50:0b:94:06:06:fe:d3:f0:
9e:78:b1:59:0d:de:5d:6f:b0:85:b8:0c:93:cb:94:
93:0b:ce:1c:df:41:7c:6f:6a:a2:d3:42:82:ab:87:
f3:75:82:81:1b:a7:d5:fe:d5:00:81:55:dd:e0:35:
74:02:8e:a8:d4:b5:2c:f3:1b:d9:1b:22:c3:32:b8:
32:02:d9:8e:2d:d3:3b:ae:6c:40:51:61:2a:cd:22:
fa:39:00:0b:5a:2d:c6:27:ba:9f:8c:05:a2:3b:4d:
1d:32:bb:de:41:09:ba:55:98:58:d1:22:d4:73:d5:
e3:c0:6c:33:e0:79:2e:53:f3:22:dc:18:73:2d:81:
da:ee:0f:f2:40:63:22:ad:06:39:5f:33:3a:f1:f7:
18:69:ef:4b:14:39:ec:3b:23:3b:3f:c4:52:63:48:
54:7a:a9:42:16:e7:8d:6c:c6:b1:8f:bf:e6:c1:60:
16:78:02:49:aa:f9:da:12:63:9b:87:4f:11:a6:60:
5f:e0:59:56:2e:8e:cd:eb:ad:ea:85:51:e9:4d:82:
d0:6b:49:89:fe:03:f9:e4:fb:59:22:df:58:c7:47:
3e:3a:81:37:af:7a:d9:a6:31:32:9e:b4:34:ce:6e:
f8:01:e9:8c:a1:3b:31:8c:63:87:10:d7:63:c2:bd:
ac:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:21:92:63:07:9D:08:CD:DA:97:5B:17:97:84:C3:AA:AE:A1:B5:11
X509v3 Authority Key Identifier:
keyid:DB:0B:E6:21:EF:60:ED:96:E1:B3:CA:46:BB:F1:7B:DB:6A:67:CB:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BFB49/FA2DFE1AC50C11EB86C6585AC4F9AE02/2wvmIe9g7Zbhs8pGu_F722pny44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2wvmIe9g7Zbhs8pGu_F722pny44.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BFB49/FA2DFE1AC50C11EB86C6585AC4F9AE02/B9099400C50F11EB85FC9A7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.206.176.0/22
Signature Algorithm: sha256WithRSAEncryption
96:5f:fa:1a:69:5a:40:77:dc:32:d9:64:a0:5d:aa:c6:57:92:
37:8d:96:06:c5:73:d9:32:b5:94:79:8c:dd:57:bd:a5:a0:25:
36:e8:c1:26:db:bd:de:12:f0:31:b6:f6:4a:84:4a:64:39:88:
73:27:86:8a:a0:f9:8c:2e:8c:96:d8:6a:c8:a1:62:c9:29:b1:
b4:94:c8:09:91:93:2b:ff:48:2c:5d:15:87:ac:a6:e9:ec:7c:
88:94:e7:4e:49:9a:07:0a:0e:c8:6b:81:45:4c:a6:af:18:4f:
ee:7b:1d:76:20:9a:73:bd:f9:22:a6:c2:a7:d5:80:64:0e:c6:
ff:c1:13:27:1e:82:cf:9d:e6:22:6c:ee:7b:cb:59:1e:85:a4:
eb:fd:11:c1:68:4e:12:f2:50:9c:9d:56:00:7a:f2:fe:b3:ef:
84:40:0f:62:25:00:4d:7c:8e:b5:d1:d2:08:77:86:13:51:b5:
4d:45:ed:90:c6:fd:1e:6f:74:97:61:83:3b:3c:8b:c9:87:63:
74:2e:49:ba:21:0a:d4:32:04:52:81:de:ca:86:82:d0:0c:bb:
71:de:7f:97:71:3b:58:a1:1f:0b:e7:bf:cb:73:14:e7:13:2d:
c0:00:3b:dd:e8:fe:9e:d2:ab:f3:f0:d5:56:a1:62:32:f0:74:
d4:95:ce:9e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAbcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkZCNDkxMTAvBgNVBAUTKERCMEJFNjIxRUY2MEVEOTZFMUIzQ0E0NkJCRjE3QkRC
NkE2N0NCOEUwHhcNMjIwMTA5MTQ0MjI3WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWRhZjQ1My03OTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuS2nCF5wUAuUBgb+0/CeeLFZDd5db7CFuAyTy5STC84c30F8b2qi00KCq4fz
dYKBG6fV/tUAgVXd4DV0Ao6o1LUs8xvZGyLDMrgyAtmOLdM7rmxAUWEqzSL6OQAL
Wi3GJ7qfjAWiO00dMrveQQm6VZhY0SLUc9XjwGwz4HkuU/Mi3BhzLYHa7g/yQGMi
rQY5XzM68fcYae9LFDnsOyM7P8RSY0hUeqlCFueNbMaxj7/mwWAWeAJJqvnaEmOb
h08RpmBf4FlWLo7N663qhVHpTYLQa0mJ/gP55PtZIt9Yx0c+OoE3r3rZpjEynrQ0
zm74AemMoTsxjGOHENdjwr2sowIDAQABo4IClTCCApEwHQYDVR0OBBYEFAohkmMH
nQjN2pdbF5eEw6quobURMB8GA1UdIwQYMBaAFNsL5iHvYO2W4bPKRrvxe9tqZ8uO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRkI0OS9GQTJERkUxQUM1
MEMxMUVCODZDNjU4NUFDNEY5QUUwMi8yd3ZtSWU5ZzdaYmhzOHBHdV9GNzIycG55
NDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJ3dm1JZTlnN1piaHM4cEd1X0Y3MjJwbnk0NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkZCNDkvRkEyREZFMUFDNTBDMTFFQjg2QzY1ODVBQzRGOUFFMDIvQjkwOTk0MDBD
NTBGMTFFQjg1RkM5QTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJ0zrAwDQYJKoZIhvcNAQELBQADggEBAJZf+hppWkB33DLZ
ZKBdqsZXkjeNlgbFc9kytZR5jN1XvaWgJTbowSbbvd4S8DG29kqESmQ5iHMnhoqg
+YwujJbYasihYskpsbSUyAmRkyv/SCxdFYespunsfIiU505JmgcKDshrgUVMpq8Y
T+57HXYgmnO9+SKmwqfVgGQOxv/BEycegs+d5iJs7nvLWR6FpOv9EcFoThLyUJyd
VgB68v6z74RAD2IlAE18jrXR0gh3hhNRtU1F7ZDG/R5vdJdhgzs8i8mHY3QuSboh
CtQyBFKB3sqGgtAMu3Hef5dxO1ihHwvnv8tzFOcTLcAAO93o/p7Sq/Pw1VahYjLw
dNSVzp4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org