Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D253A/E0EB8380BE1811ED9C216D64C4F9AE02/99D3AAC2BE1D11EDB0B88E83C4F9AE02.roa
File: 99D3AAC2BE1D11EDB0B88E83C4F9AE02.roa (raw, json)
Hash identifier: TiJ39eP5yCPvRhXoF6ZGGihNlMu8fEdwGw/SeY93rUw=
Subject key identifier: 7F:7B:F5:53:87:E9:C7:6D:5F:70:3B:8D:65:C0:62:7A:04:37:65:BE
Certificate issuer: /CN=A91D253A/serialNumber=D73797618E855FAC96221B83719D5ADEA47F9829
Certificate serial: 02
Authority key identifier: D7:37:97:61:8E:85:5F:AC:96:22:1B:83:71:9D:5A:DE:A4:7F:98:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1zeXYY6FX6yWIhuDcZ1a3qR_mCk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D253A/E0EB8380BE1811ED9C216D64C4F9AE02/99D3AAC2BE1D11EDB0B88E83C4F9AE02.roa
Signing time: Thu 09 Mar 2023 01:56:27 +0000
ROA not before: Thu 09 Mar 2023 01:56:27 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 17447
IP address blocks: 103.54.120.0/24 maxlen: 24
103.54.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D253A/serialNumber=D73797618E855FAC96221B83719D5ADEA47F9829
Validity
Not Before: Mar 9 01:56:27 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=64093cca-dbf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:04:4a:f3:c4:0e:4c:c0:6d:c8:24:94:32:5c:
95:d6:49:88:24:19:c8:d4:44:70:31:5e:90:bc:9b:
fc:d9:ae:45:f3:2d:3b:0d:e0:92:ae:a8:3f:62:f4:
98:e1:d2:39:1e:d4:d1:98:20:66:cd:bf:af:c7:a9:
f6:43:bd:93:bc:b6:5e:0b:e7:b1:a0:0b:12:2e:bf:
4a:88:6f:0b:07:e9:5b:e4:96:75:bd:08:7d:63:ad:
3f:50:bf:d0:7a:fc:6e:8b:e1:c0:87:a7:de:d9:82:
23:19:f5:1f:14:7e:92:47:54:da:9f:3f:93:3f:c3:
50:e6:a0:d3:e0:08:b5:0c:99:99:11:76:df:a1:58:
6d:a4:00:f9:56:34:9c:c7:60:b7:77:1d:6e:1e:df:
26:cd:64:57:23:5d:77:c0:71:ac:bd:a5:34:5d:34:
b3:19:1b:1f:ac:08:f6:02:e1:02:cf:cb:41:78:74:
cd:2b:27:62:a3:bd:d5:b0:c9:6d:a7:32:24:e9:7c:
de:a5:e2:7a:28:2c:99:d6:83:12:2e:52:d8:18:c9:
a0:50:dc:21:9b:fe:89:49:2d:9f:ed:06:a2:bb:7f:
fe:c3:c7:7c:7a:ca:6e:ba:06:f0:ac:e9:78:3f:27:
91:16:ca:d3:8b:43:de:57:8d:fb:48:ea:91:bb:d1:
6e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:7B:F5:53:87:E9:C7:6D:5F:70:3B:8D:65:C0:62:7A:04:37:65:BE
X509v3 Authority Key Identifier:
keyid:D7:37:97:61:8E:85:5F:AC:96:22:1B:83:71:9D:5A:DE:A4:7F:98:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D253A/E0EB8380BE1811ED9C216D64C4F9AE02/1zeXYY6FX6yWIhuDcZ1a3qR_mCk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1zeXYY6FX6yWIhuDcZ1a3qR_mCk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D253A/E0EB8380BE1811ED9C216D64C4F9AE02/99D3AAC2BE1D11EDB0B88E83C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.54.120.0/24
103.54.123.0/24
Signature Algorithm: sha256WithRSAEncryption
35:5e:da:bb:d6:03:d6:39:7e:bf:a0:c3:17:48:4e:18:50:87:
94:30:da:e5:9a:3a:03:62:b4:87:e5:ce:bb:a7:97:32:1d:dd:
eb:39:3f:be:e4:d6:17:93:3f:62:4a:93:ed:73:55:24:e5:9c:
7e:f8:23:23:9b:58:a8:48:cb:06:ce:c8:7e:9c:0b:e2:eb:4b:
af:6c:6d:f0:a3:18:a3:1a:17:b6:84:a8:3b:88:db:4f:6b:73:
16:53:f2:46:53:84:6b:7f:ff:c5:d5:70:c0:aa:eb:5a:ff:da:
20:52:27:bd:cf:fa:e7:aa:e9:f3:d9:d5:a8:96:97:ff:0c:ee:
98:42:d9:13:41:74:bd:0a:8c:cf:3f:ab:96:b1:0e:79:bc:c4:
e3:7a:8b:e5:3e:9e:e1:67:88:43:58:b9:7f:61:93:b5:5f:f0:
9f:4e:be:50:4f:55:32:ae:6d:8a:a7:8d:a6:30:03:ef:00:ee:
73:74:6c:f1:43:c4:a4:c5:80:73:46:5a:84:41:c8:c2:a3:aa:
6b:3d:b2:5f:20:39:fa:78:9f:54:f7:a4:bb:ce:40:1f:a9:65:
98:af:06:a4:a3:5d:27:91:58:87:61:7b:1d:17:d5:5d:c0:29:
fe:23:ac:60:40:0b:71:30:e1:61:91:0f:50:ba:4d:bc:b5:0a:
31:8e:4a:35
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MjUzQTExMC8GA1UEBRMoRDczNzk3NjE4RTg1NUZBQzk2MjIxQjgzNzE5RDVBREVB
NDdGOTgyOTAeFw0yMzAzMDkwMTU2MjdaFw0yMzA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MDkzY2NhLWRiZjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBBErzxA5MwG3IJJQyXJXWSYgkGcjURHAxXpC8m/zZrkXzLTsN4JKuqD9i9Jjh
0jke1NGYIGbNv6/HqfZDvZO8tl4L57GgCxIuv0qIbwsH6VvklnW9CH1jrT9Qv9B6
/G6L4cCHp97ZgiMZ9R8UfpJHVNqfP5M/w1DmoNPgCLUMmZkRdt+hWG2kAPlWNJzH
YLd3HW4e3ybNZFcjXXfAcay9pTRdNLMZGx+sCPYC4QLPy0F4dM0rJ2KjvdWwyW2n
MiTpfN6l4nooLJnWgxIuUtgYyaBQ3CGb/olJLZ/tBqK7f/7Dx3x6ym66BvCs6Xg/
J5EWytOLQ95XjftI6pG70W55AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUf3v1U4fp
x21fcDuNZcBiegQ3Zb4wHwYDVR0jBBgwFoAU1zeXYY6FX6yWIhuDcZ1a3qR/mCkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQyNTNBL0UwRUI4MzgwQkUx
ODExRUQ5QzIxNkQ2NEM0RjlBRTAyLzF6ZVhZWTZGWDZ5V0lodURjWjFhM3FSX21D
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMXplWFlZNkZYNnlXSWh1RGNaMWEzcVJfbUNrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MjUzQS9FMEVCODM4MEJFMTgxMUVEOUMyMTZENjRDNEY5QUUwMi85OUQzQUFDMkJF
MUQxMUVEQjBCODhFODNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAGc2eAMEAGc2ezANBgkqhkiG9w0BAQsFAAOCAQEANV7au9YD
1jl+v6DDF0hOGFCHlDDa5Zo6A2K0h+XOu6eXMh3d6zk/vuTWF5M/YkqT7XNVJOWc
fvgjI5tYqEjLBs7IfpwL4utLr2xt8KMYoxoXtoSoO4jbT2tzFlPyRlOEa3//xdVw
wKrrWv/aIFInvc/656rp89nVqJaX/wzumELZE0F0vQqMzz+rlrEOebzE43qL5T6e
4WeIQ1i5f2GTtV/wn06+UE9VMq5tiqeNpjAD7wDuc3Rs8UPEpMWAc0ZahEHIwqOq
az2yXyA5+nifVPeku85AH6llmK8GpKNdJ5FYh2F7HRfVXcAp/iOsYEALcTDhYZEP
ULpNvLUKMY5KNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org