Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA397/8052F814C0F011EABA308B4FC4F9AE02/DF32A18AC0F111EA8A6FFE50C4F9AE02.roa
File: DF32A18AC0F111EA8A6FFE50C4F9AE02.roa (raw, json)
Hash identifier: qait45FcXKDr+Tbt+2MzXfJZIiPiFCHtw9J3Y6F8q40=
Subject key identifier: 79:3B:06:0F:AA:7D:6F:48:5B:54:60:D7:C5:F8:D2:62:BD:18:80:A0
Certificate issuer: /CN=A91DA397/serialNumber=DB457DD2F7346176F0159199FD8BD59D4D9D417F
Certificate serial: 0597
Authority key identifier: DB:45:7D:D2:F7:34:61:76:F0:15:91:99:FD:8B:D5:9D:4D:9D:41:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/20V90vc0YXbwFZGZ_YvVnU2dQX8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA397/8052F814C0F011EABA308B4FC4F9AE02/DF32A18AC0F111EA8A6FFE50C4F9AE02.roa
Signing time: Wed 01 Jun 2022 11:26:40 +0000
ROA not before: Wed 01 Jun 2022 11:26:40 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 17819
IP address blocks: 45.116.132.0/24 maxlen: 24
45.116.135.0/24 maxlen: 24
103.9.92.0/24 maxlen: 24
103.9.93.0/24 maxlen: 24
103.9.94.0/24 maxlen: 24
103.9.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1431 (0x597)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA397/serialNumber=DB457DD2F7346176F0159199FD8BD59D4D9D417F
Validity
Not Before: Jun 1 11:26:40 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62974cef-7e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:02:f1:d5:61:ed:a2:fe:13:f3:17:94:48:dd:
64:8e:af:bb:eb:71:d2:eb:de:03:a0:e6:9e:42:f1:
c9:11:99:c6:1d:da:d8:8e:56:67:29:e0:d9:b2:07:
89:05:60:57:a8:fc:4f:ad:0f:1b:57:ed:ff:76:96:
9d:de:4d:df:06:be:35:3d:d1:fa:a1:e3:b3:43:ed:
8e:ee:54:83:77:dc:f3:56:87:37:37:95:da:8f:b6:
2d:d6:5c:0a:cd:4f:15:54:20:56:d4:31:7d:5a:5f:
76:68:69:81:0a:82:18:36:55:a0:85:05:93:ca:00:
31:d8:99:b7:56:5c:9c:f9:68:7e:60:5e:72:f7:75:
1f:dd:e7:eb:ca:1e:67:ef:9e:0f:78:a1:f9:12:e4:
09:23:b4:f3:2e:49:57:72:7c:ca:dc:a1:ac:28:af:
4f:f9:66:b7:99:92:01:ab:16:26:1d:1c:c3:7c:d5:
13:a9:2f:23:77:97:3b:27:21:d4:f9:a0:f9:27:f4:
45:aa:21:50:36:55:64:a5:d8:22:dc:6c:37:d6:45:
aa:bd:db:d2:83:54:14:e6:2f:2f:a6:26:e0:f0:1b:
a1:49:ed:fc:c4:c9:0c:0a:e7:02:c2:e0:11:2c:01:
0f:f2:39:3f:32:7c:d9:47:3d:02:8f:c7:d2:73:0b:
7e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:3B:06:0F:AA:7D:6F:48:5B:54:60:D7:C5:F8:D2:62:BD:18:80:A0
X509v3 Authority Key Identifier:
keyid:DB:45:7D:D2:F7:34:61:76:F0:15:91:99:FD:8B:D5:9D:4D:9D:41:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA397/8052F814C0F011EABA308B4FC4F9AE02/20V90vc0YXbwFZGZ_YvVnU2dQX8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/20V90vc0YXbwFZGZ_YvVnU2dQX8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA397/8052F814C0F011EABA308B4FC4F9AE02/DF32A18AC0F111EA8A6FFE50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.116.132.0/24
45.116.135.0/24
103.9.92.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:8c:4b:a0:7d:15:1b:d5:18:41:bb:84:11:6e:0b:12:a8:78:
b0:bd:64:89:b8:78:6c:5a:50:43:e7:c6:8f:c0:09:2e:30:48:
db:0d:23:96:a8:38:b7:10:96:e3:70:40:d6:e6:58:f2:8f:69:
96:e9:19:13:25:9a:7d:3d:38:97:ed:9c:02:f6:7b:3e:76:60:
77:6e:74:3b:cd:6b:e1:72:5e:dd:b2:ca:d5:98:44:e5:a6:13:
de:e7:df:0c:9a:13:db:7d:11:77:b2:33:b1:c9:f7:c1:ad:6c:
ed:d8:c8:33:aa:07:5c:82:a9:bf:f8:fa:fa:52:09:04:a6:10:
56:ab:25:6d:f4:1c:90:37:4f:c9:9f:de:22:41:68:ba:b3:c0:
cc:40:74:d8:58:c2:e1:52:05:2e:3b:86:b3:ea:9d:f5:26:31:
4a:70:2e:fe:93:74:9e:d7:09:e9:97:cf:c8:fc:4e:26:c8:6f:
d7:d3:81:86:3f:69:70:5f:0b:a9:65:9f:f0:7a:31:42:10:fc:
e4:c4:aa:a8:1c:0e:67:09:58:f4:63:9d:6b:72:7a:22:97:89:
d8:c5:75:29:f9:f4:24:f5:3a:82:7c:84:3b:1f:f6:b8:e6:29:
8b:9a:c7:f0:65:48:50:a6:4d:ad:dd:3f:20:40:ae:ab:bf:48:
ab:95:27:b0
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REEzOTcxMTAvBgNVBAUTKERCNDU3REQyRjczNDYxNzZGMDE1OTE5OUZEOEJENTlE
NEQ5RDQxN0YwHhcNMjIwNjAxMTEyNjQwWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk3NGNlZi03ZTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAugLx1WHtov4T8xeUSN1kjq+763HS694DoOaeQvHJEZnGHdrYjlZnKeDZsgeJ
BWBXqPxPrQ8bV+3/dpad3k3fBr41PdH6oeOzQ+2O7lSDd9zzVoc3N5Xaj7Yt1lwK
zU8VVCBW1DF9Wl92aGmBCoIYNlWghQWTygAx2Jm3Vlyc+Wh+YF5y93Uf3efryh5n
754PeKH5EuQJI7TzLklXcnzK3KGsKK9P+Wa3mZIBqxYmHRzDfNUTqS8jd5c7JyHU
+aD5J/RFqiFQNlVkpdgi3Gw31kWqvdvSg1QU5i8vpibg8BuhSe38xMkMCucCwuAR
LAEP8jk/MnzZRz0Cj8fScwt+pQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFHk7Bg+q
fW9IW1Rg18X40mK9GICgMB8GA1UdIwQYMBaAFNtFfdL3NGF28BWRmf2L1Z1NnUF/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTM5Ny84MDUyRjgxNEMw
RjAxMUVBQkEzMDhCNEZDNEY5QUUwMi8yMFY5MHZjMFlYYndGWkdaX1l2Vm5VMmRR
WDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzIwVjkwdmMwWVhid0ZaR1pfWXZWblUyZFFYOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REEzOTcvODA1MkY4MTRDMEYwMTFFQUJBMzA4QjRGQzRGOUFFMDIvREYzMkExOEFD
MEYxMTFFQThBNkZGRTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAtdIQDBAAtdIcDBAJnCVwwDQYJKoZIhvcNAQELBQADggEB
AJqMS6B9FRvVGEG7hBFuCxKoeLC9ZIm4eGxaUEPnxo/ACS4wSNsNI5aoOLcQluNw
QNbmWPKPaZbpGRMlmn09OJftnAL2ez52YHdudDvNa+FyXt2yytWYROWmE97n3wya
E9t9EXeyM7HJ98GtbO3YyDOqB1yCqb/4+vpSCQSmEFarJW30HJA3T8mf3iJBaLqz
wMxAdNhYwuFSBS47hrPqnfUmMUpwLv6TdJ7XCemXz8j8TibIb9fTgYY/aXBfC6ll
n/B6MUIQ/OTEqqgcDmcJWPRjnWtyeiKXidjFdSn59CT1OoJ8hDsf9rjmKYuax/Bl
SFCmTa3dPyBArqu/SKuVJ7A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org