Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA4F1/6367F4B6623211EEA0A9DF51C4F9AE02/EDC4E9AA63EC11EE8DF64B32C4F9AE02.roa
File: EDC4E9AA63EC11EE8DF64B32C4F9AE02.roa (raw, json)
Hash identifier: nTtfmJL0mX/ve7gbr6DNKQT8hYUemuLFxIlgxj3mxuo=
Subject key identifier: B5:2F:BC:B4:B1:D8:C4:E9:2B:55:6D:F7:5B:90:9E:1F:83:6D:49:D2
Certificate issuer: /CN=A91EA4F1/serialNumber=A5EFCD2B93F39D3913A17E2AF48440D01AC8EF85
Certificate serial: 04
Authority key identifier: A5:EF:CD:2B:93:F3:9D:39:13:A1:7E:2A:F4:84:40:D0:1A:C8:EF:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pe_NK5PznTkToX4q9IRA0BrI74U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA4F1/6367F4B6623211EEA0A9DF51C4F9AE02/EDC4E9AA63EC11EE8DF64B32C4F9AE02.roa
Signing time: Fri 06 Oct 2023 02:06:15 +0000
ROA not before: Fri 06 Oct 2023 02:06:15 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 9790
IP address blocks: 202.49.41.0/24 maxlen: 24
202.50.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA4F1/serialNumber=A5EFCD2B93F39D3913A17E2AF48440D01AC8EF85
Validity
Not Before: Oct 6 02:06:15 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=651f6b97-5f77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:33:56:d7:db:f9:24:68:09:f9:f3:df:93:5e:
72:a5:6d:3b:51:78:4f:83:8f:45:03:7e:d5:5b:cc:
75:79:ab:b6:66:9f:f7:c3:64:49:00:95:a8:80:16:
72:c1:f4:7e:8d:e1:11:00:08:66:51:cd:d6:94:e7:
6a:27:af:df:31:7d:f9:e8:a8:8d:eb:63:ea:ff:78:
d7:e4:03:35:59:ec:94:47:65:0a:72:8a:90:27:cf:
53:9a:8d:8a:78:3f:b1:35:61:b7:d8:7e:e1:07:73:
7a:a7:86:2b:f1:0c:64:32:28:6a:96:e6:5d:39:76:
27:9f:11:b2:c0:12:a6:7c:95:22:c3:c9:3d:ce:23:
65:77:bb:24:e0:3e:71:fa:68:fa:90:b6:80:80:f5:
72:89:60:e0:2f:0b:1d:09:12:41:e8:78:1a:a8:ce:
fc:03:ea:d3:d3:6c:29:22:23:03:d5:6c:d4:54:81:
c0:2d:44:95:b3:01:6f:14:69:48:c7:61:95:38:44:
d5:6f:fb:5d:6c:2d:5e:ca:3d:a4:6c:5e:a3:f4:f9:
92:c9:a1:6e:b5:64:10:38:fc:c1:82:11:7d:15:53:
9c:88:95:cc:da:d7:5b:1d:c3:64:ac:98:bf:ec:d6:
43:47:f0:1b:62:7b:fd:ec:cb:19:85:f7:24:24:db:
ee:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:2F:BC:B4:B1:D8:C4:E9:2B:55:6D:F7:5B:90:9E:1F:83:6D:49:D2
X509v3 Authority Key Identifier:
keyid:A5:EF:CD:2B:93:F3:9D:39:13:A1:7E:2A:F4:84:40:D0:1A:C8:EF:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA4F1/6367F4B6623211EEA0A9DF51C4F9AE02/pe_NK5PznTkToX4q9IRA0BrI74U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pe_NK5PznTkToX4q9IRA0BrI74U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA4F1/6367F4B6623211EEA0A9DF51C4F9AE02/EDC4E9AA63EC11EE8DF64B32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.49.41.0/24
202.50.121.0/24
Signature Algorithm: sha256WithRSAEncryption
00:d2:eb:b5:ef:81:5b:0f:21:eb:86:f7:68:19:e4:2d:0e:79:
d8:2e:a2:1f:d6:d8:45:6b:20:1f:19:a8:4c:c9:65:5e:44:19:
f1:e9:81:aa:3a:fa:63:74:c0:0b:d7:3a:b9:55:1a:31:82:0a:
65:8d:e5:ea:70:81:34:5f:0d:ac:74:96:4b:b9:bc:b9:83:ad:
29:30:a1:a8:60:2f:02:41:51:b4:47:b7:de:9f:7e:6b:a9:8d:
00:33:42:92:31:55:80:49:99:e9:b0:77:a3:60:d7:9e:ae:42:
65:62:e8:17:9a:be:c9:a0:cd:b8:18:b1:0a:8b:96:11:37:86:
be:1f:3e:f0:17:80:b3:c2:de:e1:8d:54:5b:44:27:74:cb:dd:
0d:f8:4c:dc:1a:2f:5d:17:ea:ce:eb:4f:fe:2d:28:fd:eb:3b:
01:0e:ae:60:26:2c:c4:1f:d5:53:53:2d:8c:bf:22:d8:43:76:
da:6f:3d:53:23:4c:8a:91:aa:b1:48:46:12:7e:14:56:8a:0d:
dc:0a:3b:45:d6:1a:d2:78:16:bd:09:d1:c6:71:8f:99:08:12:
d4:2d:31:c4:9a:df:23:07:38:de:bd:3d:8f:d6:82:f4:36:ac:
e7:a9:ce:96:71:6d:d5:de:5b:26:0f:0b:0b:ff:dc:2d:5a:5f:
77:84:28:63
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
QTRGMTExMC8GA1UEBRMoQTVFRkNEMkI5M0YzOUQzOTEzQTE3RTJBRjQ4NDQwRDAx
QUM4RUY4NTAeFw0yMzEwMDYwMjA2MTVaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MWY2Yjk3LTVmNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0M1bX2/kkaAn589+TXnKlbTtReE+Dj0UDftVbzHV5q7Zmn/fDZEkAlaiAFnLB
9H6N4REACGZRzdaU52onr98xffnoqI3rY+r/eNfkAzVZ7JRHZQpyipAnz1OajYp4
P7E1YbfYfuEHc3qnhivxDGQyKGqW5l05diefEbLAEqZ8lSLDyT3OI2V3uyTgPnH6
aPqQtoCA9XKJYOAvCx0JEkHoeBqozvwD6tPTbCkiIwPVbNRUgcAtRJWzAW8UaUjH
YZU4RNVv+11sLV7KPaRsXqP0+ZLJoW61ZBA4/MGCEX0VU5yIlcza11sdw2SsmL/s
1kNH8Btie/3syxmF9yQk2+5HAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUtS+8tLHY
xOkrVW33W5CeH4NtSdIwHwYDVR0jBBgwFoAUpe/NK5PznTkToX4q9IRA0BrI74Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBNEYxLzYzNjdGNEI2NjIz
MjExRUVBMEE5REY1MUM0RjlBRTAyL3BlX05LNVB6blRrVG9YNHE5SVJBMEJySTc0
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcGVfTks1UHpuVGtUb1g0cTlJUkEwQnJJNzRVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QTRGMS82MzY3RjRCNjYyMzIxMUVFQTBBOURGNTFDNEY5QUUwMi9FREM0RTlBQTYz
RUMxMUVFOERGNjRCMzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAMoxKQMEAMoyeTANBgkqhkiG9w0BAQsFAAOCAQEAANLrte+B
Ww8h64b3aBnkLQ552C6iH9bYRWsgHxmoTMllXkQZ8emBqjr6Y3TAC9c6uVUaMYIK
ZY3l6nCBNF8NrHSWS7m8uYOtKTChqGAvAkFRtEe33p9+a6mNADNCkjFVgEmZ6bB3
o2DXnq5CZWLoF5q+yaDNuBixCouWETeGvh8+8BeAs8Le4Y1UW0QndMvdDfhM3Bov
XRfqzutP/i0o/es7AQ6uYCYsxB/VU1MtjL8i2EN22m89UyNMipGqsUhGEn4UVooN
3Ao7RdYa0ngWvQnRxnGPmQgS1C0xxJrfIwc43r09j9aC9Das56nOlnFt1d5bJg8L
C//cLVpfd4QoYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org