Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F090C/B7C4E9365D2911EAB054FF3BC4F9AE02/41B6A11C80C311EBBF081A80C4F9AE02.roa
File: 41B6A11C80C311EBBF081A80C4F9AE02.roa (raw, json)
Hash identifier: MHUifkpZ6IEFmJPQAphrMOWLJMjLYAXwoNv6cNLWAkk=
Subject key identifier: 85:40:AD:13:4C:BA:C5:A6:E0:32:6C:7D:C0:8D:96:E1:A7:46:1E:4E
Certificate issuer: /CN=A91F090C/serialNumber=75CA9B97A8A797EB3A79078BF407C1C9425369AD
Certificate serial: 08D9
Authority key identifier: 75:CA:9B:97:A8:A7:97:EB:3A:79:07:8B:F4:07:C1:C9:42:53:69:AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dcqbl6inl-s6eQeL9AfByUJTaa0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F090C/B7C4E9365D2911EAB054FF3BC4F9AE02/41B6A11C80C311EBBF081A80C4F9AE02.roa
Signing time: Mon 30 Jan 2023 22:08:14 +0000
ROA not before: Mon 30 Jan 2023 22:08:14 +0000
ROA not after: Fri 02 Jun 2023 00:00:00 +0000
asID: 45176
IP address blocks: 119.15.152.0/23 maxlen: 23
119.15.152.0/24 maxlen: 24
119.15.153.0/24 maxlen: 24
119.15.156.0/22 maxlen: 22
119.15.156.0/24 maxlen: 24
119.15.157.0/24 maxlen: 24
119.15.158.0/24 maxlen: 24
119.15.159.0/24 maxlen: 24
2405:dbc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2265 (0x8d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F090C/serialNumber=75CA9B97A8A797EB3A79078BF407C1C9425369AD
Validity
Not Before: Jan 30 22:08:14 2023 GMT
Not After : Jun 2 00:00:00 2023 GMT
Subject: CN=63d83fcd-c6e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:03:c2:04:82:60:6f:1e:3e:ac:65:0d:57:c9:
6e:52:97:c0:4f:01:60:83:7e:37:a9:34:24:9e:58:
9e:7e:70:8f:7b:9d:ca:4c:0d:0d:18:ef:86:ab:4d:
7a:2d:fa:dd:27:0b:be:66:35:c1:9e:86:68:14:f3:
94:0d:f6:76:fa:f1:38:6b:48:a8:30:0d:da:9c:74:
fa:b3:b0:c9:ac:68:6d:38:a8:0d:81:d2:c0:de:9d:
dc:f8:9a:46:91:05:1c:e9:7e:0e:3b:62:8f:2c:b5:
84:f1:80:65:4e:bd:5f:fd:1e:69:39:8c:4a:db:52:
44:6c:f2:9e:cb:60:3b:3d:5f:8c:3c:29:74:8e:ed:
ca:33:b8:93:0e:00:f1:58:25:9d:21:e4:3d:e2:56:
90:e4:ba:27:28:26:d2:d5:3c:e0:cf:6a:66:24:a6:
60:f7:cd:40:7a:f0:04:1f:c3:05:d8:3d:d6:c0:95:
b4:48:8a:2b:c5:32:2d:2b:e6:d1:51:aa:3d:9e:38:
c0:aa:04:cf:09:a9:11:29:4d:45:20:27:b6:db:0d:
54:fe:df:44:85:43:d3:02:b1:40:31:18:f1:61:0a:
8d:3c:c4:30:89:dd:6e:d9:4f:cf:3e:43:af:e9:e1:
c4:6d:1f:38:70:3e:55:d6:dc:47:b9:21:14:77:d5:
a0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:40:AD:13:4C:BA:C5:A6:E0:32:6C:7D:C0:8D:96:E1:A7:46:1E:4E
X509v3 Authority Key Identifier:
keyid:75:CA:9B:97:A8:A7:97:EB:3A:79:07:8B:F4:07:C1:C9:42:53:69:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F090C/B7C4E9365D2911EAB054FF3BC4F9AE02/dcqbl6inl-s6eQeL9AfByUJTaa0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dcqbl6inl-s6eQeL9AfByUJTaa0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F090C/B7C4E9365D2911EAB054FF3BC4F9AE02/41B6A11C80C311EBBF081A80C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.15.152.0/23
119.15.156.0/22
IPv6:
2405:dbc0::/32
Signature Algorithm: sha256WithRSAEncryption
67:a7:ad:8c:ec:7d:cd:94:48:29:db:d3:26:7c:85:e4:2c:d5:
aa:bd:98:49:86:6b:e1:98:65:fa:7e:96:cf:fd:21:8e:ae:22:
c8:1d:db:f0:6b:2b:fd:a8:c1:46:e8:1b:87:70:5e:06:9b:60:
9a:eb:17:59:de:c1:92:df:ba:0b:39:17:8d:1e:9a:ca:90:07:
15:8c:70:1a:bd:90:2d:2a:51:09:c2:4c:e8:72:16:6e:c3:35:
f3:83:7a:1f:66:fb:5c:f7:9d:10:99:73:2a:89:92:49:a8:16:
ea:9f:fa:03:a2:9b:0b:26:d4:d9:c5:5f:86:ec:20:db:6a:ef:
0b:52:f3:ed:da:e7:06:db:6d:b2:d7:53:f8:0d:04:7f:a1:ac:
ac:45:2d:13:95:2a:60:de:a2:ab:6a:e2:c7:75:d6:2d:fc:8c:
ec:61:71:1d:2b:5e:25:ff:4f:cc:a7:51:7c:e8:40:c0:b1:6d:
c2:10:2f:01:a8:ae:e2:91:04:b3:4a:6a:97:f4:d8:c0:f9:f1:
57:58:09:14:ec:a1:47:2d:ae:30:96:6e:f0:f4:6d:43:0d:d8:
97:96:92:d6:7b:d9:21:55:04:22:9b:fa:01:fb:8a:ab:6d:09:
a0:0b:ac:5f:fd:ba:3c:f2:75:0c:03:bf:f0:ae:ec:9c:b8:12:
1b:fe:a2:18
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCNkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjA5MEMxMTAvBgNVBAUTKDc1Q0E5Qjk3QThBNzk3RUIzQTc5MDc4QkY0MDdDMUM5
NDI1MzY5QUQwHhcNMjMwMTMwMjIwODE0WhcNMjMwNjAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q4M2ZjZC1jNmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsgPCBIJgbx4+rGUNV8luUpfATwFgg343qTQknliefnCPe53KTA0NGO+Gq016
LfrdJwu+ZjXBnoZoFPOUDfZ2+vE4a0ioMA3anHT6s7DJrGhtOKgNgdLA3p3c+JpG
kQUc6X4OO2KPLLWE8YBlTr1f/R5pOYxK21JEbPKey2A7PV+MPCl0ju3KM7iTDgDx
WCWdIeQ94laQ5LonKCbS1Tzgz2pmJKZg981AevAEH8MF2D3WwJW0SIorxTItK+bR
Uao9njjAqgTPCakRKU1FICe22w1U/t9EhUPTArFAMRjxYQqNPMQwid1u2U/PPkOv
6eHEbR84cD5V1txHuSEUd9Wg1QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIVArRNM
usWm4DJsfcCNluGnRh5OMB8GA1UdIwQYMBaAFHXKm5eop5frOnkHi/QHwclCU2mt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMDkwQy9CN0M0RTkzNjVE
MjkxMUVBQjA1NEZGM0JDNEY5QUUwMi9kY3FibDZpbmwtczZlUWVMOUFmQnlVSlRh
YTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RjcWJsNmlubC1zNmVRZUw5QWZCeVVKVGFhMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjA5MEMvQjdDNEU5MzY1RDI5MTFFQUIwNTRGRjNCQzRGOUFFMDIvNDFCNkExMUM4
MEMzMTFFQkJGMDgxQTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAF3D5gDBAJ3D5wwDQQCAAIwBwMFACQF28AwDQYJKoZIhvcN
AQELBQADggEBAGenrYzsfc2USCnb0yZ8heQs1aq9mEmGa+GYZfp+ls/9IY6uIsgd
2/BrK/2owUboG4dwXgabYJrrF1newZLfugs5F40emsqQBxWMcBq9kC0qUQnCTOhy
Fm7DNfODeh9m+1z3nRCZcyqJkkmoFuqf+gOimwsm1NnFX4bsINtq7wtS8+3a5wbb
bbLXU/gNBH+hrKxFLROVKmDeoqtq4sd11i38jOxhcR0rXiX/T8ynUXzoQMCxbcIQ
LwGoruKRBLNKapf02MD58VdYCRTsoUctrjCWbvD0bUMN2JeWktZ72SFVBCKb+gH7
iqttCaALrF/9ujzydQwDv/Cu7Jy4Ehv+ohg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org