Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2337/4F48F8F81B3311EAAD922842C4F9AE02/B7651A1CBDE411EAB947BE63C4F9AE02.roa
File: B7651A1CBDE411EAB947BE63C4F9AE02.roa (raw, json)
Hash identifier: yoJmXv8IzM6JNBVgKruNacoWFmNpZlaLoXwPyo0QY4o=
Subject key identifier: 4D:8C:47:E7:44:35:F4:C2:F4:F6:CC:E0:EF:AA:1E:73:ED:24:04:AD
Certificate issuer: /CN=A91E2337/serialNumber=351CEF945094D37A44471E1C0A7B7AB73AEBB99C
Certificate serial: 083C
Authority key identifier: 35:1C:EF:94:50:94:D3:7A:44:47:1E:1C:0A:7B:7A:B7:3A:EB:B9:9C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NRzvlFCU03pERx4cCnt6tzrruZw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E2337/4F48F8F81B3311EAAD922842C4F9AE02/B7651A1CBDE411EAB947BE63C4F9AE02.roa
Signing time: Sat 26 Feb 2022 20:46:36 +0000
ROA not before: Sat 26 Feb 2022 20:46:36 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 13444
IP address blocks: 103.84.94.0/24 maxlen: 24
103.84.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2108 (0x83c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E2337/serialNumber=351CEF945094D37A44471E1C0A7B7AB73AEBB99C
Validity
Not Before: Feb 26 20:46:36 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=621a91ac-2cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:67:57:5f:e9:0b:77:4a:cb:b4:23:d7:64:33:
85:61:63:22:8d:ca:f6:11:e5:0a:ee:a6:3e:13:d4:
9f:bd:2d:87:f2:45:60:5b:69:0f:e5:5e:6e:f2:cb:
65:bd:e6:ec:2f:cc:52:4c:29:03:33:87:37:d8:ae:
ea:26:af:1e:d6:c0:de:65:97:06:8b:c0:bd:dd:e3:
e6:50:af:cd:54:c0:7f:19:b3:77:7d:3c:b9:d5:a7:
72:81:ad:31:13:36:14:68:0b:3f:3f:e3:af:df:5f:
60:40:2e:b6:a6:cf:1f:a9:45:2f:59:49:7c:17:82:
0e:d3:67:15:f0:70:28:9b:77:f9:fa:b1:bb:31:fb:
c4:50:d6:8f:8c:c4:27:e9:62:b5:f7:db:a1:1e:b3:
f4:34:d0:32:a2:1e:41:7f:47:17:69:10:14:ec:7c:
9b:4f:b9:7f:da:a3:43:51:52:1b:cb:f8:a6:c7:10:
0a:92:31:1f:cd:b7:c6:b7:1f:5c:66:1b:fa:06:b9:
c8:c8:0f:19:a4:70:59:46:b6:20:d1:c6:e3:e0:38:
3a:2f:b7:50:4e:e9:08:c3:8a:d6:f8:3c:3f:c1:4c:
13:4d:10:22:ee:62:2e:99:32:50:b3:bb:9c:d9:21:
58:e6:4d:2e:5c:69:7f:05:d4:05:68:fb:8d:94:90:
23:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:8C:47:E7:44:35:F4:C2:F4:F6:CC:E0:EF:AA:1E:73:ED:24:04:AD
X509v3 Authority Key Identifier:
keyid:35:1C:EF:94:50:94:D3:7A:44:47:1E:1C:0A:7B:7A:B7:3A:EB:B9:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E2337/4F48F8F81B3311EAAD922842C4F9AE02/NRzvlFCU03pERx4cCnt6tzrruZw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NRzvlFCU03pERx4cCnt6tzrruZw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2337/4F48F8F81B3311EAAD922842C4F9AE02/B7651A1CBDE411EAB947BE63C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.94.0/23
Signature Algorithm: sha256WithRSAEncryption
16:13:7d:b9:82:6e:d1:98:79:80:6f:8e:52:b2:dc:19:16:57:
b3:b3:0d:ac:c4:08:d5:dd:e4:00:27:39:4f:e4:2f:66:5d:0e:
4d:6d:53:94:db:b4:b6:23:62:c7:67:eb:1e:75:dc:06:7a:4d:
f1:bc:a1:a3:ae:01:af:de:57:54:3d:b3:0d:53:f5:5f:00:ab:
49:06:8f:64:13:72:50:57:ab:32:55:b1:1a:7c:c1:65:7f:25:
31:91:5b:95:d5:07:f7:e9:1c:13:bd:90:43:a5:cd:36:75:ff:
7a:1d:63:7e:51:30:4f:eb:49:a6:f3:16:b3:a0:06:dc:1a:76:
97:5a:b5:4e:e3:83:f3:98:54:9b:dd:7f:c3:01:97:cb:31:65:
a2:25:48:03:72:05:8e:85:07:1f:2e:63:e0:26:69:73:eb:01:
dc:e4:80:fa:c2:10:e6:1f:6a:e5:6d:5d:1a:cb:4c:2e:d3:e1:
03:0a:55:2e:de:c0:9a:f3:46:24:4c:bd:7e:a1:60:1e:5c:10:
89:67:9d:8a:b5:cc:02:41:43:fe:94:a8:56:ec:df:c6:d8:1a:
4d:82:31:0c:d7:f9:80:45:c8:73:8b:f4:08:5e:e7:71:b8:7f:
af:09:69:14:f5:12:2c:e0:31:55:20:31:23:0b:90:a1:4f:c4:
57:43:f1:31
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCDwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTIzMzcxMTAvBgNVBAUTKDM1MUNFRjk0NTA5NEQzN0E0NDQ3MUUxQzBBN0I3QUI3
M0FFQkI5OUMwHhcNMjIwMjI2MjA0NjM2WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjFhOTFhYy0yY2Q4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9WdXX+kLd0rLtCPXZDOFYWMijcr2EeUK7qY+E9SfvS2H8kVgW2kP5V5u8stl
vebsL8xSTCkDM4c32K7qJq8e1sDeZZcGi8C93ePmUK/NVMB/GbN3fTy51adyga0x
EzYUaAs/P+Ov319gQC62ps8fqUUvWUl8F4IO02cV8HAom3f5+rG7MfvEUNaPjMQn
6WK199uhHrP0NNAyoh5Bf0cXaRAU7HybT7l/2qNDUVIby/imxxAKkjEfzbfGtx9c
Zhv6BrnIyA8ZpHBZRrYg0cbj4Dg6L7dQTukIw4rW+Dw/wUwTTRAi7mIumTJQs7uc
2SFY5k0uXGl/BdQFaPuNlJAjeQIDAQABo4IClTCCApEwHQYDVR0OBBYEFE2MR+dE
NfTC9PbM4O+qHnPtJAStMB8GA1UdIwQYMBaAFDUc75RQlNN6REceHAp7erc667mc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjMzNy80RjQ4RjhGODFC
MzMxMUVBQUQ5MjI4NDJDNEY5QUUwMi9OUnp2bEZDVTAzcEVSeDRjQ250NnR6cnJ1
WncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05SenZsRkNVMDNwRVJ4NGNDbnQ2dHpycnVady5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTIzMzcvNEY0OEY4RjgxQjMzMTFFQUFEOTIyODQyQzRGOUFFMDIvQjc2NTFBMUNC
REU0MTFFQUI5NDdCRTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnVF4wDQYJKoZIhvcNAQELBQADggEBABYTfbmCbtGYeYBv
jlKy3BkWV7OzDazECNXd5AAnOU/kL2ZdDk1tU5TbtLYjYsdn6x513AZ6TfG8oaOu
Aa/eV1Q9sw1T9V8Aq0kGj2QTclBXqzJVsRp8wWV/JTGRW5XVB/fpHBO9kEOlzTZ1
/3odY35RME/rSabzFrOgBtwadpdatU7jg/OYVJvdf8MBl8sxZaIlSANyBY6FBx8u
Y+AmaXPrAdzkgPrCEOYfauVtXRrLTC7T4QMKVS7ewJrzRiRMvX6hYB5cEIlnnYq1
zAJBQ/6UqFbs38bYGk2CMQzX+YBFyHOL9Ahe53G4f68JaRT1EizgMVUgMSMLkKFP
xFdD8TE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:10 2023 by rpki-client on console-fra.rpki-client.org