Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7C52/BED4B8B063AC11EC84D4B63AC4F9AE02/43C84A6663B011ECA27BD40DC4F9AE02.roa
File: 43C84A6663B011ECA27BD40DC4F9AE02.roa (raw, json)
Hash identifier: 3cITMQz5nMgk9w2sT0CEgL55sCI3K6JU+5blYDr2iLg=
Subject key identifier: 65:79:74:39:A3:2C:9F:A7:D9:6B:D0:9A:66:C2:7A:A0:EC:9C:72:4F
Certificate issuer: /CN=A91E7C52/serialNumber=F0EF61C96FD69D1AF14E800C7C16C7A65D58E25C
Certificate serial: 02B7
Authority key identifier: F0:EF:61:C9:6F:D6:9D:1A:F1:4E:80:0C:7C:16:C7:A6:5D:58:E2:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8O9hyW_WnRrxToAMfBbHpl1Y4lw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7C52/BED4B8B063AC11EC84D4B63AC4F9AE02/43C84A6663B011ECA27BD40DC4F9AE02.roa
Signing time: Sat 03 Jun 2023 04:42:23 +0000
ROA not before: Sat 03 Jun 2023 04:42:23 +0000
ROA not after: Sun 01 Oct 2023 00:00:00 +0000
asID: 7607
IP address blocks: 103.178.98.0/23 maxlen: 24
2001:df0:3940::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 695 (0x2b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7C52/serialNumber=F0EF61C96FD69D1AF14E800C7C16C7A65D58E25C
Validity
Not Before: Jun 3 04:42:23 2023 GMT
Not After : Oct 1 00:00:00 2023 GMT
Subject: CN=647ac4ae-a458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fe:97:cc:7c:6c:69:0e:75:45:81:e5:68:52:
7a:50:82:5c:e2:08:40:47:d4:49:3b:af:3f:9e:3b:
2d:b2:3b:0c:12:e8:b0:3c:fd:81:8d:4e:65:77:c0:
9d:21:4d:8e:e5:aa:90:54:85:96:4f:18:2d:32:24:
1e:13:0e:d1:e3:b6:d0:64:22:26:a5:b6:2a:01:1e:
9f:3f:8b:f0:07:d7:d3:e9:4e:59:16:77:a0:c2:6e:
be:ad:61:bd:08:09:a8:49:5d:0f:72:e3:dc:30:08:
a9:e4:b7:f3:ad:1c:5c:3f:3a:8c:00:bc:6d:99:3d:
93:65:65:3b:4c:b5:a7:cf:09:c2:2e:93:d2:67:88:
b7:b9:b2:9e:4b:b2:9d:64:26:27:3f:ca:57:d5:35:
6b:6d:f2:54:a2:dc:bb:65:2a:b3:82:64:5e:f0:b3:
a4:2f:bd:59:be:74:d0:40:c5:13:aa:ea:a9:dc:a7:
ef:99:a0:5e:32:53:e7:44:6c:ff:71:fb:fc:70:45:
7e:83:8b:c9:73:1a:ce:f3:3d:5e:6f:9b:e4:70:05:
4a:8a:e6:8d:2c:f7:bd:68:20:6c:52:3d:d6:c5:73:
09:91:2e:7c:a1:d6:1b:86:4e:26:c7:19:28:81:76:
77:80:df:0b:e9:9a:eb:d4:34:cf:2e:e3:20:0e:e0:
47:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:79:74:39:A3:2C:9F:A7:D9:6B:D0:9A:66:C2:7A:A0:EC:9C:72:4F
X509v3 Authority Key Identifier:
keyid:F0:EF:61:C9:6F:D6:9D:1A:F1:4E:80:0C:7C:16:C7:A6:5D:58:E2:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7C52/BED4B8B063AC11EC84D4B63AC4F9AE02/8O9hyW_WnRrxToAMfBbHpl1Y4lw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8O9hyW_WnRrxToAMfBbHpl1Y4lw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7C52/BED4B8B063AC11EC84D4B63AC4F9AE02/43C84A6663B011ECA27BD40DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.178.98.0/23
IPv6:
2001:df0:3940::/48
Signature Algorithm: sha256WithRSAEncryption
a9:a1:2f:55:18:b2:82:1a:ba:bc:a0:f8:37:39:0a:16:09:de:
65:e7:23:9b:32:81:14:de:de:aa:0e:21:75:c3:db:07:e0:64:
11:97:ef:94:03:f1:6f:44:f7:5e:12:31:16:d2:e3:da:32:42:
b4:ae:60:16:44:b1:50:5d:bd:58:c1:a3:17:36:13:25:b5:04:
0c:d1:15:88:49:dd:e8:c0:43:2d:db:2f:05:4b:ea:c6:3b:da:
64:f2:be:b8:b2:de:95:af:dc:df:c2:ef:12:5f:a0:d5:07:19:
ee:73:29:70:b0:a2:66:59:09:2e:f3:b1:b4:dd:1f:95:ce:ce:
c5:7b:7c:a0:24:50:b2:94:31:38:da:9d:0d:53:3c:1d:17:6f:
0c:c3:e3:ba:b1:21:28:82:06:fe:0c:c2:cd:cd:39:d9:ed:3b:
10:7c:1c:9e:d6:4b:cf:7e:f5:48:68:26:74:09:f3:2f:04:11:
b1:dd:2f:dc:02:7f:42:30:10:04:68:bc:9e:30:e4:e1:2c:bf:
19:78:4e:61:96:65:36:e5:a0:f1:9e:71:45:4e:19:ce:0a:07:
4f:fa:a5:c5:b0:f0:ca:f0:8d:6a:5c:52:d8:3b:5b:d2:69:07:
d9:d4:f9:fe:5a:0a:3d:55:df:ce:24:fa:58:69:6c:e2:05:09:
b6:52:0f:f5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICArcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTdDNTIxMTAvBgNVBAUTKEYwRUY2MUM5NkZENjlEMUFGMTRFODAwQzdDMTZDN0E2
NUQ1OEUyNUMwHhcNMjMwNjAzMDQ0MjIzWhcNMjMxMDAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdhYzRhZS1hNDU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz/6XzHxsaQ51RYHlaFJ6UIJc4ghAR9RJO68/njstsjsMEuiwPP2BjU5ld8Cd
IU2O5aqQVIWWTxgtMiQeEw7R47bQZCImpbYqAR6fP4vwB9fT6U5ZFnegwm6+rWG9
CAmoSV0PcuPcMAip5LfzrRxcPzqMALxtmT2TZWU7TLWnzwnCLpPSZ4i3ubKeS7Kd
ZCYnP8pX1TVrbfJUoty7ZSqzgmRe8LOkL71ZvnTQQMUTquqp3KfvmaBeMlPnRGz/
cfv8cEV+g4vJcxrO8z1eb5vkcAVKiuaNLPe9aCBsUj3WxXMJkS58odYbhk4mxxko
gXZ3gN8L6Zrr1DTPLuMgDuBHSQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGV5dDmj
LJ+n2WvQmmbCeqDsnHJPMB8GA1UdIwQYMBaAFPDvYclv1p0a8U6ADHwWx6ZdWOJc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0M1Mi9CRUQ0QjhCMDYz
QUMxMUVDODRENEI2M0FDNEY5QUUwMi84TzloeVdfV25ScnhUb0FNZkJiSHBsMVk0
bHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhPOWh5V19XblJyeFRvQU1mQmJIcGwxWTRsdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTdDNTIvQkVENEI4QjA2M0FDMTFFQzg0RDRCNjNBQzRGOUFFMDIvNDNDODRBNjY2
M0IwMTFFQ0EyN0JENDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnsmIwDwQCAAIwCQMHACABDfA5QDANBgkqhkiG9w0BAQsF
AAOCAQEAqaEvVRiyghq6vKD4NzkKFgneZecjmzKBFN7eqg4hdcPbB+BkEZfvlAPx
b0T3XhIxFtLj2jJCtK5gFkSxUF29WMGjFzYTJbUEDNEViEnd6MBDLdsvBUvqxjva
ZPK+uLLela/c38LvEl+g1QcZ7nMpcLCiZlkJLvOxtN0flc7OxXt8oCRQspQxONqd
DVM8HRdvDMPjurEhKIIG/gzCzc052e07EHwcntZLz371SGgmdAnzLwQRsd0v3AJ/
QjAQBGi8njDk4Sy/GXhOYZZlNuWg8Z5xRU4ZzgoHT/qlxbDwyvCNalxS2Dtb0mkH
2dT5/loKPVXfziT6WGls4gUJtlIP9Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-fra.rpki-client.org