Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7B28/36933B0656EC11ECB40B5025C4F9AE02/DB6E64A856F011EC95A9B62CC4F9AE02.roa
File: DB6E64A856F011EC95A9B62CC4F9AE02.roa (raw, json)
Hash identifier: uFtxBDMUefisN40n33DfXZpuWDBV7Y/JyXkwLK/4LQU=
Subject key identifier: D6:1C:63:F6:19:B7:7E:1D:FC:57:05:D1:25:37:D8:62:23:74:0E:BF
Certificate issuer: /CN=A91C7B28/serialNumber=F7E82AC51840C3EEE21A1618A1E5B222BD6DB2EF
Certificate serial: 0115
Authority key identifier: F7:E8:2A:C5:18:40:C3:EE:E2:1A:16:18:A1:E5:B2:22:BD:6D:B2:EF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9-gqxRhAw-7iGhYYoeWyIr1tsu8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7B28/36933B0656EC11ECB40B5025C4F9AE02/DB6E64A856F011EC95A9B62CC4F9AE02.roa
Signing time: Fri 22 Apr 2022 04:33:28 +0000
ROA not before: Fri 22 Apr 2022 04:33:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 135060
IP address blocks: 111.235.140.0/22 maxlen: 22
111.235.140.0/24 maxlen: 24
111.235.141.0/24 maxlen: 24
111.235.142.0/24 maxlen: 24
111.235.143.0/24 maxlen: 24
125.254.60.0/24 maxlen: 24
125.254.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 277 (0x115)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7B28/serialNumber=F7E82AC51840C3EEE21A1618A1E5B222BD6DB2EF
Validity
Not Before: Apr 22 04:33:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62623018-709a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a6:1c:43:c8:3e:57:f0:90:ed:15:54:9b:23:
73:b8:04:a5:d1:dc:29:aa:af:48:3b:23:05:5d:ab:
cc:9d:59:76:18:86:d4:72:d1:5a:da:b3:df:2d:58:
ec:11:7c:c0:e1:2a:95:92:69:76:4c:e3:b3:27:33:
07:06:0c:05:91:72:9a:3c:90:68:64:d3:58:49:fe:
ba:8a:aa:6a:fe:fb:93:19:f0:5d:87:11:86:2a:f9:
7f:97:2f:eb:ba:06:83:23:fb:94:c4:2a:4d:c3:d0:
9d:4e:d9:9f:fe:25:45:3d:9a:69:27:f7:71:2f:d6:
2e:e0:84:21:96:37:91:b9:5e:8a:76:cf:ff:a0:be:
1b:1a:7d:fd:b8:ce:d0:76:b1:4d:bb:8e:23:b9:f4:
79:58:ba:68:b7:37:8d:a5:02:00:d0:64:46:f0:28:
3c:43:60:36:3b:53:35:28:2b:35:ac:7b:b0:6a:d8:
af:36:ae:91:2d:63:28:6f:e5:7d:ca:91:68:25:e7:
c5:5b:32:53:55:90:c4:38:49:f3:40:be:ee:55:55:
10:7e:07:e4:22:b3:39:eb:46:6d:c6:5b:f3:a2:e8:
53:f1:27:a5:7a:5a:b6:82:1f:c6:b7:78:5c:86:31:
c8:e6:0a:11:be:cb:71:ea:82:34:e0:a9:57:da:fb:
c4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:1C:63:F6:19:B7:7E:1D:FC:57:05:D1:25:37:D8:62:23:74:0E:BF
X509v3 Authority Key Identifier:
keyid:F7:E8:2A:C5:18:40:C3:EE:E2:1A:16:18:A1:E5:B2:22:BD:6D:B2:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7B28/36933B0656EC11ECB40B5025C4F9AE02/9-gqxRhAw-7iGhYYoeWyIr1tsu8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9-gqxRhAw-7iGhYYoeWyIr1tsu8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7B28/36933B0656EC11ECB40B5025C4F9AE02/DB6E64A856F011EC95A9B62CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.235.140.0/22
125.254.60.0/23
Signature Algorithm: sha256WithRSAEncryption
79:25:d7:f2:1c:03:76:30:43:9f:85:72:fc:9d:de:ee:d1:b9:
b8:c2:cb:7d:5c:38:8d:6a:ba:6d:79:95:8d:1e:e4:c2:7f:29:
02:ea:40:fc:ac:77:63:d2:4c:42:69:e4:bf:32:0c:a2:56:6f:
5a:7c:31:3a:01:92:31:e1:83:1c:1c:36:1a:3a:5d:5f:64:c0:
1d:26:e3:0c:9a:b3:82:9d:4e:70:ef:55:ba:28:59:cf:c4:56:
c2:5e:72:b7:8a:e7:22:98:18:7d:6d:35:4c:f0:43:27:96:7e:
a8:9a:ea:3a:5d:69:18:0d:15:0f:3d:3f:2f:6c:4b:c1:4c:16:
45:c2:8f:65:54:59:7a:22:7f:66:a2:7e:c3:bc:d2:ee:da:b0:
36:43:3e:e5:b4:69:5c:93:a0:9a:7f:f5:fc:33:7c:4a:51:ce:
34:09:48:bf:73:40:1f:0d:73:4b:63:fb:90:47:bc:b1:65:4f:
70:99:42:87:02:c3:e7:3b:d6:2e:3f:49:f9:52:d8:14:b7:76:
00:c8:e6:9f:5d:25:75:79:30:39:6f:08:7d:18:81:05:26:92:
07:dc:21:19:46:f8:ff:35:36:fd:65:ec:96:c7:23:35:58:17:
73:70:35:5f:3d:b8:df:39:49:cd:5d:a1:ae:ad:b2:20:c8:fa:
94:18:30:13
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICARUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzdCMjgxMTAvBgNVBAUTKEY3RTgyQUM1MTg0MEMzRUVFMjFBMTYxOEExRTVCMjIy
QkQ2REIyRUYwHhcNMjIwNDIyMDQzMzI4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjYyMzAxOC03MDlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs6YcQ8g+V/CQ7RVUmyNzuASl0dwpqq9IOyMFXavMnVl2GIbUctFa2rPfLVjs
EXzA4SqVkml2TOOzJzMHBgwFkXKaPJBoZNNYSf66iqpq/vuTGfBdhxGGKvl/ly/r
ugaDI/uUxCpNw9CdTtmf/iVFPZppJ/dxL9Yu4IQhljeRuV6Kds//oL4bGn39uM7Q
drFNu44jufR5WLpotzeNpQIA0GRG8Cg8Q2A2O1M1KCs1rHuwativNq6RLWMob+V9
ypFoJefFWzJTVZDEOEnzQL7uVVUQfgfkIrM560ZtxlvzouhT8Selelq2gh/Gt3hc
hjHI5goRvstx6oI04KlX2vvE4wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNYcY/YZ
t34d/FcF0SU32GIjdA6/MB8GA1UdIwQYMBaAFPfoKsUYQMPu4hoWGKHlsiK9bbLv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0IyOC8zNjkzM0IwNjU2
RUMxMUVDQjQwQjUwMjVDNEY5QUUwMi85LWdxeFJoQXctN2lHaFlZb2VXeUlyMXRz
dTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzktZ3F4UmhBdy03aUdoWVlvZVd5SXIxdHN1OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdCMjgvMzY5MzNCMDY1NkVDMTFFQ0I0MEI1MDI1QzRGOUFFMDIvREI2RTY0QTg1
NkYwMTFFQzk1QTlCNjJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJv64wDBAF9/jwwDQYJKoZIhvcNAQELBQADggEBAHkl1/Ic
A3YwQ5+Fcvyd3u7RubjCy31cOI1qum15lY0e5MJ/KQLqQPysd2PSTEJp5L8yDKJW
b1p8MToBkjHhgxwcNho6XV9kwB0m4wyas4KdTnDvVbooWc/EVsJecreK5yKYGH1t
NUzwQyeWfqia6jpdaRgNFQ89Py9sS8FMFkXCj2VUWXoif2aifsO80u7asDZDPuW0
aVyToJp/9fwzfEpRzjQJSL9zQB8Nc0tj+5BHvLFlT3CZQocCw+c71i4/SflS2BS3
dgDI5p9dJXV5MDlvCH0YgQUmkgfcIRlG+P81Nv1l7JbHIzVYF3NwNV89uN85Sc1d
oa6tsiDI+pQYMBM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org