Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D884A/FB0C91A68AC511EBA035025FC4F9AE02/3BB489968AC811EBB12F0865C4F9AE02.roa
File: 3BB489968AC811EBB12F0865C4F9AE02.roa (raw, json)
Hash identifier: DAplM8wcZ4uDvnW5NgsQdewn8o8ubey0791o0jQznRo=
Subject key identifier: 90:0A:8E:D9:BD:FF:2D:D2:8A:B0:A9:16:A2:E7:37:26:F9:BD:06:B8
Certificate issuer: /CN=A91D884A/serialNumber=B74CE56D3C2A54D2BFC0B33823592ED97CB48DC2
Certificate serial: 046C
Authority key identifier: B7:4C:E5:6D:3C:2A:54:D2:BF:C0:B3:38:23:59:2E:D9:7C:B4:8D:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t0zlbTwqVNK_wLM4I1ku2Xy0jcI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D884A/FB0C91A68AC511EBA035025FC4F9AE02/3BB489968AC811EBB12F0865C4F9AE02.roa
Signing time: Tue 01 Nov 2022 01:50:44 +0000
ROA not before: Tue 01 Nov 2022 01:50:44 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 138184
IP address blocks: 103.129.156.0/22 maxlen: 22
103.129.156.0/24 maxlen: 24
103.129.157.0/24 maxlen: 24
103.129.158.0/24 maxlen: 24
103.129.159.0/24 maxlen: 24
2403:8040::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1132 (0x46c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D884A/serialNumber=B74CE56D3C2A54D2BFC0B33823592ED97CB48DC2
Validity
Not Before: Nov 1 01:50:44 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63607b74-1c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ce:18:a0:58:12:79:15:51:2d:3f:a3:f3:52:
78:0c:03:aa:ef:be:e5:58:5d:a1:21:43:b4:ae:3c:
f8:5a:85:51:35:d3:51:7c:b9:aa:c0:f7:13:eb:0e:
83:57:81:d8:48:e5:0c:3d:3a:77:8b:50:05:47:05:
2a:94:a7:1e:2f:41:d2:f8:4a:75:2b:00:76:12:f9:
be:27:38:6c:85:02:32:bd:e4:6c:f5:a9:0f:9b:64:
b5:2f:80:dc:bf:b9:ce:bc:05:c1:6a:22:05:41:d9:
14:d9:0f:50:f0:90:f6:95:c8:eb:bf:19:aa:01:af:
53:09:99:49:b2:59:8d:4f:c7:07:f6:62:1d:c7:3c:
89:60:0c:a9:27:0f:99:e5:2f:4c:ec:53:e3:01:39:
35:86:e4:1a:44:78:1a:f5:7b:c8:80:8f:9b:1c:60:
db:f0:0e:c2:8c:89:c1:3c:a4:98:e1:74:39:30:24:
b7:7f:4a:64:fd:0a:be:87:95:55:3b:73:2f:55:7a:
0e:c1:d3:96:28:b3:c8:08:df:d9:61:4e:73:8a:81:
c5:cb:15:cc:09:24:27:72:b9:30:8d:36:d6:15:85:
ea:64:01:e7:f2:f9:15:91:7d:e3:8d:58:c0:dc:de:
66:1a:5d:f3:64:3f:2e:68:0d:92:d3:60:d0:60:6e:
1b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0A:8E:D9:BD:FF:2D:D2:8A:B0:A9:16:A2:E7:37:26:F9:BD:06:B8
X509v3 Authority Key Identifier:
keyid:B7:4C:E5:6D:3C:2A:54:D2:BF:C0:B3:38:23:59:2E:D9:7C:B4:8D:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D884A/FB0C91A68AC511EBA035025FC4F9AE02/t0zlbTwqVNK_wLM4I1ku2Xy0jcI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t0zlbTwqVNK_wLM4I1ku2Xy0jcI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D884A/FB0C91A68AC511EBA035025FC4F9AE02/3BB489968AC811EBB12F0865C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.156.0/22
IPv6:
2403:8040::/32
Signature Algorithm: sha256WithRSAEncryption
47:a9:59:f5:15:82:79:49:c8:f1:b0:09:84:e4:61:52:a9:ae:
03:07:66:ba:39:b7:a9:4f:4b:2f:1a:a8:77:5a:cb:c1:84:76:
55:1d:86:79:d3:18:da:15:f9:3b:5b:87:8f:cf:63:d0:0c:56:
04:2b:46:77:13:a3:95:a4:42:7f:1d:71:ae:b1:f0:19:c9:10:
a9:d2:05:b0:8c:cb:13:7b:f6:ee:8d:61:9d:7d:7c:aa:68:a3:
44:4f:e7:ab:a2:63:89:69:e2:70:8f:a0:a1:58:b8:ed:87:d9:
0a:0f:08:92:99:67:1a:e7:44:f2:2e:fa:21:c2:f6:e6:5c:fc:
ef:c2:6a:3c:2f:d3:66:d0:5f:24:70:5e:5d:7c:c3:18:20:bb:
68:40:68:4a:73:be:df:03:b6:42:2e:ec:e0:e4:34:45:41:6c:
8b:04:00:29:a5:c2:d5:5b:17:97:07:dc:dd:d6:9e:6c:bf:92:
24:29:4f:36:57:1c:13:2c:bf:51:1d:62:c5:52:74:92:f0:77:
86:0d:2d:0a:64:37:e6:c4:d0:d5:d7:08:99:2f:35:8e:7d:73:
1d:67:ef:25:23:32:0c:fd:61:e4:ef:3e:7e:29:54:4f:2a:79:
d5:38:e9:b1:bc:f8:34:73:24:51:95:9f:8d:5d:c6:26:7c:b3:
a1:04:88:47
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBGwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDg4NEExMTAvBgNVBAUTKEI3NENFNTZEM0MyQTU0RDJCRkMwQjMzODIzNTkyRUQ5
N0NCNDhEQzIwHhcNMjIxMTAxMDE1MDQ0WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzYwN2I3NC0xYzFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnM4YoFgSeRVRLT+j81J4DAOq777lWF2hIUO0rjz4WoVRNdNRfLmqwPcT6w6D
V4HYSOUMPTp3i1AFRwUqlKceL0HS+Ep1KwB2Evm+JzhshQIyveRs9akPm2S1L4Dc
v7nOvAXBaiIFQdkU2Q9Q8JD2lcjrvxmqAa9TCZlJslmNT8cH9mIdxzyJYAypJw+Z
5S9M7FPjATk1huQaRHga9XvIgI+bHGDb8A7CjInBPKSY4XQ5MCS3f0pk/Qq+h5VV
O3MvVXoOwdOWKLPICN/ZYU5zioHFyxXMCSQncrkwjTbWFYXqZAHn8vkVkX3jjVjA
3N5mGl3zZD8uaA2S02DQYG4brwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJAKjtm9
/y3SirCpFqLnNyb5vQa4MB8GA1UdIwQYMBaAFLdM5W08KlTSv8CzOCNZLtl8tI3C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODg0QS9GQjBDOTFBNjhB
QzUxMUVCQTAzNTAyNUZDNEY5QUUwMi90MHpsYlR3cVZOS193TE00STFrdTJYeTBq
Y0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3QwemxiVHdxVk5LX3dMTTRJMWt1Mlh5MGpjSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDg4NEEvRkIwQzkxQTY4QUM1MTFFQkEwMzUwMjVGQzRGOUFFMDIvM0JCNDg5OTY4
QUM4MTFFQkIxMkYwODY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJngZwwDQQCAAIwBwMFACQDgEAwDQYJKoZIhvcNAQELBQAD
ggEBAEepWfUVgnlJyPGwCYTkYVKprgMHZro5t6lPSy8aqHday8GEdlUdhnnTGNoV
+Ttbh4/PY9AMVgQrRncTo5WkQn8dca6x8BnJEKnSBbCMyxN79u6NYZ19fKpoo0RP
56uiY4lp4nCPoKFYuO2H2QoPCJKZZxrnRPIu+iHC9uZc/O/Cajwv02bQXyRwXl18
wxggu2hAaEpzvt8DtkIu7ODkNEVBbIsEACmlwtVbF5cH3N3Wnmy/kiQpTzZXHBMs
v1EdYsVSdJLwd4YNLQpkN+bE0NXXCJkvNY59cx1n7yUjMgz9YeTvPn4pVE8qedU4
6bG8+DRzJFGVn41dxiZ8s6EEiEc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org