Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DE14F/13E39B081E7711E7A02AD840C4F9AE02/AA03636C1F7A11E79F9FB53DC4F9AE02.roa
File: AA03636C1F7A11E79F9FB53DC4F9AE02.roa (raw, json)
Hash identifier: 4Gj7KAMkyZCPE6ARcd+rv3aRfZk+TUG3cxtvkbH5Qg4=
Subject key identifier: 45:04:ED:33:0E:A7:42:D3:92:FC:CF:41:42:34:44:78:5D:36:13:33
Certificate issuer: /CN=A91DE14F/serialNumber=B605060F0F0CDC580E4182C270078F71048F0E39
Certificate serial: 16FB
Authority key identifier: B6:05:06:0F:0F:0C:DC:58:0E:41:82:C2:70:07:8F:71:04:8F:0E:39
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tgUGDw8M3FgOQYLCcAePcQSPDjk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DE14F/13E39B081E7711E7A02AD840C4F9AE02/AA03636C1F7A11E79F9FB53DC4F9AE02.roa
Signing time: Fri 31 Dec 2021 17:13:14 +0000
ROA not before: Fri 31 Dec 2021 17:13:14 +0000
ROA not after: Sun 01 May 2022 00:00:00 +0000
asID: 206819
IP address blocks: 103.17.12.0/22 maxlen: 22
103.17.12.0/24 maxlen: 24
103.17.13.0/24 maxlen: 24
103.17.14.0/24 maxlen: 24
103.17.15.0/24 maxlen: 24
139.5.32.0/22 maxlen: 22
139.5.32.0/24 maxlen: 24
139.5.33.0/24 maxlen: 24
139.5.34.0/24 maxlen: 24
139.5.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5883 (0x16fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DE14F/serialNumber=B605060F0F0CDC580E4182C270078F71048F0E39
Validity
Not Before: Dec 31 17:13:14 2021 GMT
Not After : May 1 00:00:00 2022 GMT
Subject: CN=61cf3a29-a5f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:94:99:a8:d8:3c:59:7c:58:39:99:72:70:b0:
9c:9d:13:32:28:b0:36:d4:93:90:85:f2:73:b0:1b:
12:9e:a6:81:bf:6d:54:67:32:fd:25:ee:26:a3:d0:
59:72:49:e8:94:8f:ee:04:83:2b:80:84:e5:8b:f6:
57:ba:da:6d:df:7c:02:bc:d1:91:79:6f:a1:fb:8c:
88:65:4b:5c:a7:94:41:bd:44:c4:73:4e:33:e8:4e:
dc:dd:ed:8d:12:c2:4a:f9:f2:5f:c4:ae:ce:2b:0e:
d7:d8:a2:bb:14:c0:70:63:55:e4:1b:19:36:8a:bd:
2a:e8:0b:b7:2f:0e:d6:4b:f7:5d:67:fc:2c:bb:8b:
66:27:96:a5:c8:b7:4f:13:2e:02:bc:07:93:32:dc:
27:5e:65:15:bf:1d:60:39:09:fc:90:ef:9c:29:14:
fa:3c:0f:95:63:c8:7f:d9:51:4d:33:47:88:e2:22:
0e:2b:e1:64:f9:9d:24:08:b4:71:f9:2f:83:b7:bd:
76:82:a6:a7:c4:fc:07:cc:93:f0:4a:7f:3a:ff:db:
24:b5:be:7a:73:e7:92:77:db:aa:57:af:13:20:9b:
b6:ea:b5:d9:0b:04:d3:17:9d:45:38:38:96:c2:a0:
00:cf:fd:0d:34:18:63:30:0c:3e:84:23:b0:e4:7a:
64:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:04:ED:33:0E:A7:42:D3:92:FC:CF:41:42:34:44:78:5D:36:13:33
X509v3 Authority Key Identifier:
keyid:B6:05:06:0F:0F:0C:DC:58:0E:41:82:C2:70:07:8F:71:04:8F:0E:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DE14F/13E39B081E7711E7A02AD840C4F9AE02/tgUGDw8M3FgOQYLCcAePcQSPDjk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tgUGDw8M3FgOQYLCcAePcQSPDjk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DE14F/13E39B081E7711E7A02AD840C4F9AE02/AA03636C1F7A11E79F9FB53DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.17.12.0/22
139.5.32.0/22
Signature Algorithm: sha256WithRSAEncryption
67:2f:1b:d6:dc:7c:c2:21:ca:78:e4:37:e3:9b:5f:46:14:18:
8e:a4:7e:ff:92:87:11:1a:6d:6c:97:27:06:b7:ff:76:75:c0:
82:5d:0e:93:de:00:80:08:59:a9:2c:7c:eb:8b:1a:6c:de:bd:
dd:db:54:74:ab:fb:81:e1:a3:fd:a8:86:79:1d:6c:15:76:15:
06:ce:b8:df:9e:f1:39:96:22:4f:17:8a:64:4e:5d:b0:58:4d:
1d:1d:e7:00:30:bb:3f:68:8a:62:88:aa:df:9a:25:bc:36:1c:
50:3c:99:65:78:b3:e3:6a:47:5e:09:f0:6e:8d:d1:44:d9:0e:
56:86:55:e4:f4:12:66:46:64:f8:1d:31:f0:85:2e:c2:81:fc:
0f:1f:a7:48:1b:61:58:56:b0:f4:0c:ca:3e:45:d2:27:78:e7:
79:d5:11:f2:50:d5:13:53:2e:c4:97:48:06:ef:2c:07:c5:8d:
d8:d5:1f:87:db:ce:b7:13:ee:ab:7d:70:d5:44:2f:b2:70:17:
15:4e:17:06:6e:34:8a:03:f3:63:7c:de:36:5e:e6:f0:b5:98:
f3:18:78:1e:b4:31:f5:b2:ff:3a:05:df:0f:e4:31:97:4a:0a:
4f:40:c9:dc:ff:d9:d7:47:f5:44:d0:3d:21:19:02:25:03:ef:
77:68:9e:3a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICFvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REUxNEYxMTAvBgNVBAUTKEI2MDUwNjBGMEYwQ0RDNTgwRTQxODJDMjcwMDc4Rjcx
MDQ4RjBFMzkwHhcNMjExMjMxMTcxMzE0WhcNMjIwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWNmM2EyOS1hNWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArZSZqNg8WXxYOZlycLCcnRMyKLA21JOQhfJzsBsSnqaBv21UZzL9Je4mo9BZ
cknolI/uBIMrgITli/ZXutpt33wCvNGReW+h+4yIZUtcp5RBvUTEc04z6E7c3e2N
EsJK+fJfxK7OKw7X2KK7FMBwY1XkGxk2ir0q6Au3Lw7WS/ddZ/wsu4tmJ5alyLdP
Ey4CvAeTMtwnXmUVvx1gOQn8kO+cKRT6PA+VY8h/2VFNM0eI4iIOK+Fk+Z0kCLRx
+S+Dt712gqanxPwHzJPwSn86/9sktb56c+eSd9uqV68TIJu26rXZCwTTF51FODiW
wqAAz/0NNBhjMAw+hCOw5HpkewIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEUE7TMO
p0LTkvzPQUI0RHhdNhMzMB8GA1UdIwQYMBaAFLYFBg8PDNxYDkGCwnAHj3EEjw45
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERTE0Ri8xM0UzOUIwODFF
NzcxMUU3QTAyQUQ4NDBDNEY5QUUwMi90Z1VHRHc4TTNGZ09RWUxDY0FlUGNRU1BE
amsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RnVUdEdzhNM0ZnT1FZTENjQWVQY1FTUERqay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REUxNEYvMTNFMzlCMDgxRTc3MTFFN0EwMkFEODQwQzRGOUFFMDIvQUEwMzYzNkMx
RjdBMTFFNzlGOUZCNTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnEQwDBAKLBSAwDQYJKoZIhvcNAQELBQADggEBAGcvG9bc
fMIhynjkN+ObX0YUGI6kfv+ShxEabWyXJwa3/3Z1wIJdDpPeAIAIWaksfOuLGmze
vd3bVHSr+4Hho/2ohnkdbBV2FQbOuN+e8TmWIk8XimROXbBYTR0d5wAwuz9oimKI
qt+aJbw2HFA8mWV4s+NqR14J8G6N0UTZDlaGVeT0EmZGZPgdMfCFLsKB/A8fp0gb
YVhWsPQMyj5F0id453nVEfJQ1RNTLsSXSAbvLAfFjdjVH4fbzrcT7qt9cNVEL7Jw
FxVOFwZuNIoD82N83jZe5vC1mPMYeB60MfWy/zoF3w/kMZdKCk9Aydz/2ddH9UTQ
PSEZAiUD73donjo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org