Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB475/6E7424AA207011EEA9901416C4F9AE02/FD9A3572208711EE93679414C4F9AE02.roa
File: FD9A3572208711EE93679414C4F9AE02.roa (raw, json)
Hash identifier: pN74/uPccDJMCpqENYV80eJA7DoOCSHc2B7CVERvMgY=
Subject key identifier: 2E:46:04:B0:BB:A6:4A:5D:64:DE:AE:D4:76:BC:65:D5:0B:03:CF:DB
Certificate issuer: /CN=A91CB475/serialNumber=DB94BD08C2DEFD39C74FC403935773A490D19B98
Certificate serial: 02
Authority key identifier: DB:94:BD:08:C2:DE:FD:39:C7:4F:C4:03:93:57:73:A4:90:D1:9B:98
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/25S9CMLe_TnHT8QDk1dzpJDRm5g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB475/6E7424AA207011EEA9901416C4F9AE02/FD9A3572208711EE93679414C4F9AE02.roa
Signing time: Wed 12 Jul 2023 07:44:54 +0000
ROA not before: Wed 12 Jul 2023 07:44:54 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 149024
IP address blocks: 103.176.224.0/23 maxlen: 23
103.176.224.0/24 maxlen: 24
103.176.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB475/serialNumber=DB94BD08C2DEFD39C74FC403935773A490D19B98
Validity
Not Before: Jul 12 07:44:54 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=64ae59f6-76d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f4:03:3e:56:dc:81:b6:ee:48:4e:4c:51:ee:
bf:43:05:3a:c9:3d:e7:84:21:6d:7c:ca:4e:a2:81:
c7:ff:71:d4:0d:cc:f9:a2:80:79:96:90:94:9f:4e:
4b:74:c2:d6:90:67:12:3f:38:73:d7:d2:ec:b1:2a:
be:cb:04:4f:9c:b5:9d:59:47:59:0f:eb:f3:8e:86:
f4:16:53:30:6a:66:5f:a6:9a:1e:a6:6b:4c:2e:29:
0e:00:5e:03:8e:30:0b:63:ba:23:be:1a:5d:88:8d:
bf:be:33:6a:bc:79:cc:f2:78:41:4d:61:7d:e3:39:
7a:43:87:4a:2f:4b:b2:25:e9:ad:27:73:8f:12:85:
9d:82:e2:8c:4b:a5:3d:4e:0d:2a:55:e4:06:f4:c4:
39:9f:af:c7:1f:c8:89:2d:d0:bc:7d:8e:72:72:2b:
99:90:0e:37:1a:d1:b8:26:02:e6:c2:e5:da:33:07:
b4:57:be:9b:ed:26:df:80:4e:a4:27:8b:4b:69:ba:
26:a8:6a:16:88:ec:f2:8d:1a:a1:57:92:4e:ee:62:
3d:42:49:be:1b:85:6e:20:9a:b8:4c:cb:5e:0c:52:
ac:80:f2:f4:d5:9c:ed:d9:8b:85:ee:8e:09:84:9f:
0d:63:0c:a0:b8:aa:b0:51:63:db:59:31:14:25:93:
b9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:46:04:B0:BB:A6:4A:5D:64:DE:AE:D4:76:BC:65:D5:0B:03:CF:DB
X509v3 Authority Key Identifier:
keyid:DB:94:BD:08:C2:DE:FD:39:C7:4F:C4:03:93:57:73:A4:90:D1:9B:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB475/6E7424AA207011EEA9901416C4F9AE02/25S9CMLe_TnHT8QDk1dzpJDRm5g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/25S9CMLe_TnHT8QDk1dzpJDRm5g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB475/6E7424AA207011EEA9901416C4F9AE02/FD9A3572208711EE93679414C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.224.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:25:cf:b3:01:24:93:e4:07:43:46:b5:ae:c2:c6:95:56:31:
8f:90:2d:ae:cb:e2:b2:ee:2e:8a:95:74:38:1a:48:e0:50:95:
3a:c5:f2:aa:64:cc:7d:12:20:e5:e5:85:85:c1:27:de:8d:e4:
d8:4a:be:87:d3:00:38:03:b6:12:86:1a:15:7d:91:18:03:d3:
85:92:12:f2:cc:14:5a:a0:df:32:04:79:fd:1a:0f:f0:9f:66:
fe:e1:a8:17:d1:ab:10:76:af:8f:da:5a:c0:21:e6:48:58:54:
01:90:f3:22:9a:dc:96:6e:02:51:9d:b9:da:53:4c:84:72:ef:
14:9b:20:fc:be:dc:55:49:3c:91:a3:8f:76:76:3b:a0:44:15:
1e:0a:03:be:7a:ea:2b:1d:13:59:87:38:76:47:57:9e:1a:7a:
d4:d0:09:19:72:cc:02:a9:23:76:08:7a:66:7d:3e:44:95:ab:
a4:d0:66:a1:e6:5b:bf:a6:fc:a1:d0:e7:03:14:64:ca:4b:c6:
cc:34:29:b6:d5:7b:69:53:af:df:d7:3a:f0:d9:6e:b3:2c:56:
d2:b9:91:59:53:e4:f8:1a:3a:66:61:dc:23:ae:d9:3d:89:61:
15:8b:c8:80:9b:24:14:66:67:76:7e:68:7b:24:53:c2:c2:b5:
1d:32:73:e3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
QjQ3NTExMC8GA1UEBRMoREI5NEJEMDhDMkRFRkQzOUM3NEZDNDAzOTM1NzczQTQ5
MEQxOUI5ODAeFw0yMzA3MTIwNzQ0NTRaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YWU1OWY2LTc2ZDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDP9AM+VtyBtu5ITkxR7r9DBTrJPeeEIW18yk6igcf/cdQNzPmigHmWkJSfTkt0
wtaQZxI/OHPX0uyxKr7LBE+ctZ1ZR1kP6/OOhvQWUzBqZl+mmh6ma0wuKQ4AXgOO
MAtjuiO+Gl2Ijb++M2q8eczyeEFNYX3jOXpDh0ovS7Il6a0nc48ShZ2C4oxLpT1O
DSpV5Ab0xDmfr8cfyIkt0Lx9jnJyK5mQDjca0bgmAubC5dozB7RXvpvtJt+ATqQn
i0tpuiaoahaI7PKNGqFXkk7uYj1CSb4bhW4gmrhMy14MUqyA8vTVnO3Zi4XujgmE
nw1jDKC4qrBRY9tZMRQlk7khAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQULkYEsLum
Sl1k3q7Udrxl1QsDz9swHwYDVR0jBBgwFoAU25S9CMLe/TnHT8QDk1dzpJDRm5gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCNDc1LzZFNzQyNEFBMjA3
MDExRUVBOTkwMTQxNkM0RjlBRTAyLzI1UzlDTUxlX1RuSFQ4UURrMWR6cEpEUm01
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMjVTOUNNTGVfVG5IVDhRRGsxZHpwSkRSbTVnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
QjQ3NS82RTc0MjRBQTIwNzAxMUVFQTk5MDE0MTZDNEY5QUUwMi9GRDlBMzU3MjIw
ODcxMUVFOTM2Nzk0MTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWew4DANBgkqhkiG9w0BAQsFAAOCAQEAuiXPswEkk+QHQ0a1
rsLGlVYxj5Atrsvisu4uipV0OBpI4FCVOsXyqmTMfRIg5eWFhcEn3o3k2Eq+h9MA
OAO2EoYaFX2RGAPThZIS8swUWqDfMgR5/RoP8J9m/uGoF9GrEHavj9pawCHmSFhU
AZDzIprclm4CUZ252lNMhHLvFJsg/L7cVUk8kaOPdnY7oEQVHgoDvnrqKx0TWYc4
dkdXnhp61NAJGXLMAqkjdgh6Zn0+RJWrpNBmoeZbv6b8odDnAxRkykvGzDQpttV7
aVOv39c68NlusyxW0rmRWVPk+Bo6ZmHcI67ZPYlhFYvIgJskFGZndn5oeyRTwsK1
HTJz4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org