Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA4F1/6367F4B6623211EEA0A9DF51C4F9AE02/0D14103863ED11EEBEC67F32C4F9AE02.roa
File: 0D14103863ED11EEBEC67F32C4F9AE02.roa (raw, json)
Hash identifier: qcTBu1cf+8TS6pPEINAoFJL7hT8JdoLdKIZbOl91V8U=
Subject key identifier: 0C:2C:91:04:13:CE:62:B6:9D:E2:D8:B6:EF:33:A9:3E:8C:32:65:43
Certificate issuer: /CN=A91EA4F1/serialNumber=A5EFCD2B93F39D3913A17E2AF48440D01AC8EF85
Certificate serial: 06
Authority key identifier: A5:EF:CD:2B:93:F3:9D:39:13:A1:7E:2A:F4:84:40:D0:1A:C8:EF:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pe_NK5PznTkToX4q9IRA0BrI74U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA4F1/6367F4B6623211EEA0A9DF51C4F9AE02/0D14103863ED11EEBEC67F32C4F9AE02.roa
Signing time: Fri 06 Oct 2023 02:07:07 +0000
ROA not before: Fri 06 Oct 2023 02:07:07 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 132857
IP address blocks: 202.49.41.0/24 maxlen: 24
202.50.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA4F1/serialNumber=A5EFCD2B93F39D3913A17E2AF48440D01AC8EF85
Validity
Not Before: Oct 6 02:07:07 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=651f6bcb-de9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9e:bc:96:bf:84:b2:e8:a3:93:c0:cf:73:b9:
ae:15:fa:4d:86:8c:63:37:b4:b5:24:62:d2:47:b9:
7b:21:57:8e:b7:f1:bf:11:ec:f9:44:03:77:83:cc:
72:71:38:bc:30:32:b8:a5:5e:97:07:14:a1:05:bf:
ed:ca:b6:21:6e:98:86:a4:50:19:30:02:58:64:18:
4e:5d:10:f5:c6:69:37:f5:6a:89:93:f4:48:12:af:
ae:dc:92:b1:52:60:9f:4c:bc:3c:16:46:7a:28:6e:
09:0f:0c:e6:4a:6e:59:2d:80:43:75:ae:b8:5a:14:
53:22:e6:a0:51:30:83:60:7a:b4:6c:99:c0:1b:18:
0d:27:79:fa:21:9d:06:37:af:26:bf:fc:2d:61:28:
4b:4c:b3:4b:bb:18:61:4f:3f:bc:bf:f8:89:63:2d:
e0:bf:60:40:87:03:35:2c:eb:cc:e2:99:20:9e:08:
9d:c6:c6:52:ab:16:5f:be:87:72:7c:22:33:96:1f:
ca:56:c0:12:69:a5:a5:05:a0:6b:80:63:e4:29:dc:
4e:d0:36:c9:90:82:36:bd:dd:05:6f:6d:40:ae:36:
30:39:63:93:93:66:7a:0a:43:db:be:39:c2:07:bf:
2b:50:36:48:e4:c0:9f:30:56:4e:be:81:7d:fd:3a:
61:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2C:91:04:13:CE:62:B6:9D:E2:D8:B6:EF:33:A9:3E:8C:32:65:43
X509v3 Authority Key Identifier:
keyid:A5:EF:CD:2B:93:F3:9D:39:13:A1:7E:2A:F4:84:40:D0:1A:C8:EF:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA4F1/6367F4B6623211EEA0A9DF51C4F9AE02/pe_NK5PznTkToX4q9IRA0BrI74U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pe_NK5PznTkToX4q9IRA0BrI74U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA4F1/6367F4B6623211EEA0A9DF51C4F9AE02/0D14103863ED11EEBEC67F32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.49.41.0/24
202.50.121.0/24
Signature Algorithm: sha256WithRSAEncryption
66:c0:5f:f0:c9:62:39:fb:a2:a5:a1:82:92:06:b9:bc:91:5f:
6a:f0:d9:39:3f:15:52:b6:c4:4d:73:0a:d9:06:96:f8:f2:ca:
89:20:9b:df:3b:b9:37:95:a4:8e:ac:fc:42:e5:a1:52:d5:5d:
c4:48:c8:02:c3:70:dc:8f:d2:59:b5:f7:23:d5:b6:0c:36:93:
c7:bf:fd:8a:e9:c5:a6:52:82:dc:0e:3c:d1:53:63:6c:62:a4:
1c:0f:a8:da:aa:72:df:4b:ac:8e:57:c5:fb:f5:31:20:b3:0e:
b5:1d:0a:e8:30:75:64:ac:44:0a:62:12:86:52:9c:88:7e:f5:
84:35:68:b1:fb:f1:86:03:5a:0e:78:fb:ec:59:88:c9:02:ff:
f0:dd:19:9b:0f:ab:4d:3d:3a:01:5f:e5:13:ea:b3:d4:37:d8:
17:a0:d6:9f:5f:bd:f4:5d:13:31:d7:51:5c:41:82:06:47:a1:
c5:44:aa:28:1e:bd:51:80:49:8a:1f:87:91:29:40:73:9e:99:
5e:a9:6e:76:38:aa:bd:23:b3:e2:04:67:3a:9d:cc:b9:e3:1b:
73:a3:3a:31:6a:df:7f:2d:0d:23:e7:47:8d:0d:14:22:7d:d1:
15:02:d3:e6:91:3a:f2:0f:ee:a6:22:26:6a:f7:ee:59:53:a0:
b1:e4:72:3c
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
QTRGMTExMC8GA1UEBRMoQTVFRkNEMkI5M0YzOUQzOTEzQTE3RTJBRjQ4NDQwRDAx
QUM4RUY4NTAeFw0yMzEwMDYwMjA3MDdaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MWY2YmNiLWRlOWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMnryWv4Sy6KOTwM9zua4V+k2GjGM3tLUkYtJHuXshV4638b8R7PlEA3eDzHJx
OLwwMrilXpcHFKEFv+3KtiFumIakUBkwAlhkGE5dEPXGaTf1aomT9EgSr67ckrFS
YJ9MvDwWRnoobgkPDOZKblktgEN1rrhaFFMi5qBRMINgerRsmcAbGA0nefohnQY3
rya//C1hKEtMs0u7GGFPP7y/+IljLeC/YECHAzUs68zimSCeCJ3GxlKrFl++h3J8
IjOWH8pWwBJppaUFoGuAY+Qp3E7QNsmQgja93QVvbUCuNjA5Y5OTZnoKQ9u+OcIH
vytQNkjkwJ8wVk6+gX39OmE9AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUDCyRBBPO
Yrad4ti27zOpPowyZUMwHwYDVR0jBBgwFoAUpe/NK5PznTkToX4q9IRA0BrI74Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBNEYxLzYzNjdGNEI2NjIz
MjExRUVBMEE5REY1MUM0RjlBRTAyL3BlX05LNVB6blRrVG9YNHE5SVJBMEJySTc0
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcGVfTks1UHpuVGtUb1g0cTlJUkEwQnJJNzRVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QTRGMS82MzY3RjRCNjYyMzIxMUVFQTBBOURGNTFDNEY5QUUwMi8wRDE0MTAzODYz
RUQxMUVFQkVDNjdGMzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAMoxKQMEAMoyeTANBgkqhkiG9w0BAQsFAAOCAQEAZsBf8Mli
OfuipaGCkga5vJFfavDZOT8VUrbETXMK2QaW+PLKiSCb3zu5N5Wkjqz8QuWhUtVd
xEjIAsNw3I/SWbX3I9W2DDaTx7/9iunFplKC3A480VNjbGKkHA+o2qpy30usjlfF
+/UxILMOtR0K6DB1ZKxECmIShlKciH71hDVosfvxhgNaDnj77FmIyQL/8N0Zmw+r
TT06AV/lE+qz1DfYF6DWn1+99F0TMddRXEGCBkehxUSqKB69UYBJih+HkSlAc56Z
XqludjiqvSOz4gRnOp3MueMbc6M6MWrffy0NI+dHjQ0UIn3RFQLT5pE68g/upiIm
avfuWVOgseRyPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org