Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7AC7/F413D708A64911EAB3DB0C6EC4F9AE02/E23FE8F6A71A11EA89325F29C4F9AE02.roa
File: E23FE8F6A71A11EA89325F29C4F9AE02.roa (raw, json)
Hash identifier: Thgke631zR7Hc/BXaD7728C0zFg87r9c7RoNb8FhZIY=
Subject key identifier: 8D:A8:7C:91:4D:82:98:EF:83:73:E7:99:81:2D:40:D3:4C:66:57:B9
Certificate issuer: /CN=A91E7AC7/serialNumber=E62727F198AB8F22CF38F4D03F6A3DF266EE80F2
Certificate serial: 072B
Authority key identifier: E6:27:27:F1:98:AB:8F:22:CF:38:F4:D0:3F:6A:3D:F2:66:EE:80:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5icn8ZirjyLPOPTQP2o98mbugPI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7AC7/F413D708A64911EAB3DB0C6EC4F9AE02/E23FE8F6A71A11EA89325F29C4F9AE02.roa
Signing time: Fri 04 Nov 2022 22:28:21 +0000
ROA not before: Fri 04 Nov 2022 22:28:21 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 45504
IP address blocks: 103.22.156.0/22 maxlen: 24
103.253.184.0/22 maxlen: 24
123.255.224.0/24 maxlen: 24
123.255.225.0/24 maxlen: 24
123.255.226.0/24 maxlen: 24
123.255.227.0/24 maxlen: 24
123.255.228.0/24 maxlen: 24
123.255.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1835 (0x72b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7AC7/serialNumber=E62727F198AB8F22CF38F4D03F6A3DF266EE80F2
Validity
Not Before: Nov 4 22:28:21 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=63659205-df56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f6:f0:9f:ef:36:b2:75:3e:8c:ef:ee:ac:40:
28:4a:d7:9b:1c:81:13:98:b0:21:6b:49:f4:54:cc:
de:c6:d7:b0:07:4d:18:86:9c:60:bf:2f:30:fc:24:
05:3b:05:bc:36:60:4a:ca:18:a4:05:0f:64:9a:b1:
ed:2a:37:b7:d2:fc:72:13:2d:8d:0e:a5:b1:1c:02:
e6:5e:4e:20:4a:87:0a:96:91:3b:2d:17:c5:c0:cd:
bd:a0:f0:66:20:36:e4:55:b8:90:3b:94:a9:37:77:
d7:81:2b:9d:32:d3:3f:14:f5:88:87:ff:db:d5:ed:
7f:25:19:66:36:41:3d:3c:89:6c:f7:6a:e2:1b:ea:
21:c3:6d:8a:4d:ab:db:f0:a1:66:44:34:e0:06:d0:
3d:c7:63:c4:83:7e:d4:14:c2:55:50:42:1d:bf:ae:
08:00:d3:70:c0:1b:da:55:f6:6d:cb:26:fd:1d:5d:
40:69:cf:b8:95:a7:c6:e1:ed:82:d2:a3:50:98:40:
e9:1e:91:c3:f7:21:1b:7f:1b:45:56:de:ae:0d:f4:
c0:3d:8b:8b:64:ae:e4:5e:a1:3b:0d:79:76:ed:7e:
0c:fc:bf:c1:c4:64:3d:7e:ea:da:e2:d0:6b:7c:25:
2d:99:da:87:e9:f9:41:76:d6:04:57:03:53:b7:14:
d0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A8:7C:91:4D:82:98:EF:83:73:E7:99:81:2D:40:D3:4C:66:57:B9
X509v3 Authority Key Identifier:
keyid:E6:27:27:F1:98:AB:8F:22:CF:38:F4:D0:3F:6A:3D:F2:66:EE:80:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7AC7/F413D708A64911EAB3DB0C6EC4F9AE02/5icn8ZirjyLPOPTQP2o98mbugPI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5icn8ZirjyLPOPTQP2o98mbugPI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7AC7/F413D708A64911EAB3DB0C6EC4F9AE02/E23FE8F6A71A11EA89325F29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.22.156.0/22
103.253.184.0/22
123.255.224.0-123.255.229.255
Signature Algorithm: sha256WithRSAEncryption
1d:50:38:f9:74:3d:6b:6c:6d:fb:0e:5a:59:ec:dd:29:d3:cd:
ab:22:62:35:1d:8e:8e:d5:41:77:6c:10:92:f8:f6:9f:79:50:
74:95:be:80:e3:5e:14:71:dc:ec:78:ce:78:49:f0:cd:f1:24:
98:28:68:36:95:54:9a:e4:c5:5a:ba:0c:0a:28:de:15:ca:2b:
b1:2d:0b:ce:d7:25:7d:60:e5:32:11:3b:e3:49:f2:e7:6f:6d:
a7:ad:71:ad:86:c0:b4:b0:bf:e2:aa:b7:68:c8:e2:9a:63:1d:
c9:0c:b6:52:d0:ef:c3:e3:bf:c1:1e:41:f7:23:7d:ed:65:e0:
db:5f:6e:44:81:76:00:83:c9:78:45:5c:75:00:0f:10:74:c7:
c7:db:22:ae:d1:ab:26:2a:ad:23:15:97:f2:2c:d0:e3:77:8f:
f2:9b:e4:cc:2d:83:2b:3d:35:e4:df:61:2e:d2:02:fe:43:2e:
36:09:9a:2a:91:cd:e8:88:bb:a5:22:8f:6a:40:11:63:ab:b2:
17:f9:2d:97:20:9f:e4:20:f6:0a:51:e7:bc:44:18:6f:04:48:
3e:31:7e:3a:84:60:90:fb:60:b5:f5:32:f0:c3:ea:4e:f3:a5:
62:94:f0:2f:29:7c:7d:3f:16:62:8e:4d:9b:4e:24:f5:9a:60:
7d:f7:a2:70
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICByswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTdBQzcxMTAvBgNVBAUTKEU2MjcyN0YxOThBQjhGMjJDRjM4RjREMDNGNkEzREYy
NjZFRTgwRjIwHhcNMjIxMTA0MjIyODIxWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzY1OTIwNS1kZjU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxPbwn+82snU+jO/urEAoStebHIETmLAha0n0VMzextewB00Yhpxgvy8w/CQF
OwW8NmBKyhikBQ9kmrHtKje30vxyEy2NDqWxHALmXk4gSocKlpE7LRfFwM29oPBm
IDbkVbiQO5SpN3fXgSudMtM/FPWIh//b1e1/JRlmNkE9PIls92riG+ohw22KTavb
8KFmRDTgBtA9x2PEg37UFMJVUEIdv64IANNwwBvaVfZtyyb9HV1Aac+4lafG4e2C
0qNQmEDpHpHD9yEbfxtFVt6uDfTAPYuLZK7kXqE7DXl27X4M/L/BxGQ9fura4tBr
fCUtmdqH6flBdtYEVwNTtxTQCwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFI2ofJFN
gpjvg3PnmYEtQNNMZle5MB8GA1UdIwQYMBaAFOYnJ/GYq48izzj00D9qPfJm7oDy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0FDNy9GNDEzRDcwOEE2
NDkxMUVBQjNEQjBDNkVDNEY5QUUwMi81aWNuOFppcmp5TFBPUFRRUDJvOThtYnVn
UEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVpY244WmlyanlMUE9QVFFQMm85OG1idWdQSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTdBQzcvRjQxM0Q3MDhBNjQ5MTFFQUIzREIwQzZFQzRGOUFFMDIvRTIzRkU4RjZB
NzFBMTFFQTg5MzI1RjI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBAJnFpwDBAJn/bgwDAMEBXv/4AMEAXv/5DANBgkqhkiG9w0B
AQsFAAOCAQEAHVA4+XQ9a2xt+w5aWezdKdPNqyJiNR2OjtVBd2wQkvj2n3lQdJW+
gONeFHHc7HjOeEnwzfEkmChoNpVUmuTFWroMCijeFcorsS0LztclfWDlMhE740ny
529tp61xrYbAtLC/4qq3aMjimmMdyQy2UtDvw+O/wR5B9yN97WXg219uRIF2AIPJ
eEVcdQAPEHTHx9sirtGrJiqtIxWX8izQ43eP8pvkzC2DKz015N9hLtIC/kMuNgma
KpHN6Ii7pSKPakARY6uyF/ktlyCf5CD2ClHnvEQYbwRIPjF+OoRgkPtgtfUy8MPq
TvOlYpTwLyl8fT8WYo5Nm04k9ZpgffeicA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org