Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F09F7/A9BB8CFCF73811E9B366E435C4F9AE02/5673F914F73B11E9B0F1433EC4F9AE02.roa
File: 5673F914F73B11E9B0F1433EC4F9AE02.roa (raw, json)
Hash identifier: dYT3lg5CCV7bcCZItJY+t1QxmYe/MzkfES+O7np9bJA=
Subject key identifier: 77:E5:79:16:AB:84:E6:D2:11:38:87:30:DD:02:1C:D7:4B:99:7A:24
Certificate issuer: /CN=A91F09F7/serialNumber=C57B47C94068F551119400F8D9BE19F91D982EA1
Certificate serial: 0994
Authority key identifier: C5:7B:47:C9:40:68:F5:51:11:94:00:F8:D9:BE:19:F9:1D:98:2E:A1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xXtHyUBo9VERlAD42b4Z-R2YLqE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F09F7/A9BB8CFCF73811E9B366E435C4F9AE02/5673F914F73B11E9B0F1433EC4F9AE02.roa
Signing time: Mon 23 May 2022 20:09:37 +0000
ROA not before: Mon 23 May 2022 20:09:37 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 63949
IP address blocks: 45.118.132.0/22 maxlen: 24
103.3.60.0/22 maxlen: 24
103.29.68.0/22 maxlen: 24
2400:8900::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2452 (0x994)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F09F7/serialNumber=C57B47C94068F551119400F8D9BE19F91D982EA1
Validity
Not Before: May 23 20:09:37 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=628bea00-9281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c1:39:ad:0c:53:03:b7:b9:3c:d2:83:f7:2f:
58:b1:08:41:3b:c8:0d:63:59:12:7d:15:9c:21:35:
ea:60:3d:c1:84:7a:77:09:b3:81:7b:6a:c9:03:1d:
cb:bf:8c:64:2f:d3:84:2b:88:53:90:5c:f9:c9:a6:
e2:7e:4b:e0:9a:a9:f7:36:14:cf:17:0b:05:75:30:
da:3b:4a:9a:99:ab:5c:04:a4:4a:ed:16:1c:e3:b7:
10:84:94:b6:27:b5:b2:2c:4e:38:2f:61:dd:50:fa:
4f:5f:da:ef:10:87:b8:c8:b5:77:ed:98:0a:61:75:
87:c8:7e:cd:02:d1:3a:c2:e3:df:de:14:c9:fc:fd:
4a:aa:e3:d6:b8:cb:d9:71:88:4d:6e:19:25:f8:7f:
4c:d5:d0:85:a7:de:c7:b6:6a:c8:da:f4:69:e6:c3:
72:55:d4:ea:df:a8:57:55:93:67:e6:ca:0c:51:43:
bd:0e:e3:05:77:3f:07:89:74:27:b2:97:d0:23:39:
67:9e:9a:eb:20:7d:fb:18:5a:94:ca:44:16:2d:30:
25:aa:31:6a:f1:3e:ed:51:d2:dc:73:ba:dd:ce:16:
05:16:c4:2d:59:5e:ce:34:5f:f8:64:80:7d:6c:05:
45:a3:09:a8:31:0b:b2:76:dd:11:11:e9:e7:32:40:
a5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E5:79:16:AB:84:E6:D2:11:38:87:30:DD:02:1C:D7:4B:99:7A:24
X509v3 Authority Key Identifier:
keyid:C5:7B:47:C9:40:68:F5:51:11:94:00:F8:D9:BE:19:F9:1D:98:2E:A1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F09F7/A9BB8CFCF73811E9B366E435C4F9AE02/xXtHyUBo9VERlAD42b4Z-R2YLqE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xXtHyUBo9VERlAD42b4Z-R2YLqE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F09F7/A9BB8CFCF73811E9B366E435C4F9AE02/5673F914F73B11E9B0F1433EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.132.0/22
103.3.60.0/22
103.29.68.0/22
IPv6:
2400:8900::/29
Signature Algorithm: sha256WithRSAEncryption
34:37:6b:59:ab:15:a1:ef:3f:47:94:a5:ae:37:c8:83:cb:23:
92:8f:bb:b4:a7:b3:ae:de:df:6f:07:5d:23:0f:ad:b1:a7:8f:
20:f3:c1:3d:a4:88:61:34:d1:b2:2a:ee:87:19:14:a9:da:d4:
48:c8:ff:e0:21:a1:05:0f:06:0b:2a:9a:e6:83:40:65:35:58:
70:c9:9b:1c:3a:66:2a:d0:4b:9b:ce:30:26:c2:dd:d4:56:de:
06:05:c4:9f:7e:fe:34:7d:a0:3e:e2:79:83:16:e5:0f:3b:50:
f6:d9:fb:a1:f0:b7:76:13:04:6b:60:6c:48:c9:b9:ed:49:ed:
20:a9:e4:2e:57:0c:1c:a0:0a:8a:7c:01:51:d1:07:27:e9:d7:
89:7e:82:9f:23:06:8c:17:59:72:b1:84:1a:d2:3b:e4:e3:a1:
e5:97:71:97:28:78:5c:68:ca:82:89:bd:80:75:1e:4c:93:df:
c9:e2:85:84:11:8a:68:6c:7f:1b:a4:2b:16:c0:9e:3b:63:aa:
a8:a2:ce:b7:1c:4e:19:c6:b4:2e:1e:b9:a6:61:e3:e5:5c:7b:
91:1d:2c:4f:78:37:9e:86:e5:93:d0:f9:83:de:d1:83:90:0e:
5b:44:ad:81:f3:e2:4e:5d:13:6b:60:1b:77:c3:3e:26:f5:26:
d1:38:18:f6
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICCZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjA5RjcxMTAvBgNVBAUTKEM1N0I0N0M5NDA2OEY1NTExMTk0MDBGOEQ5QkUxOUY5
MUQ5ODJFQTEwHhcNMjIwNTIzMjAwOTM3WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjhiZWEwMC05MjgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3cE5rQxTA7e5PNKD9y9YsQhBO8gNY1kSfRWcITXqYD3BhHp3CbOBe2rJAx3L
v4xkL9OEK4hTkFz5yabifkvgmqn3NhTPFwsFdTDaO0qamatcBKRK7RYc47cQhJS2
J7WyLE44L2HdUPpPX9rvEIe4yLV37ZgKYXWHyH7NAtE6wuPf3hTJ/P1KquPWuMvZ
cYhNbhkl+H9M1dCFp97HtmrI2vRp5sNyVdTq36hXVZNn5soMUUO9DuMFdz8HiXQn
spfQIzlnnprrIH37GFqUykQWLTAlqjFq8T7tUdLcc7rdzhYFFsQtWV7ONF/4ZIB9
bAVFowmoMQuydt0REennMkClQQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFHfleRar
hObSETiHMN0CHNdLmXokMB8GA1UdIwQYMBaAFMV7R8lAaPVREZQA+Nm+GfkdmC6h
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMDlGNy9BOUJCOENGQ0Y3
MzgxMUU5QjM2NkU0MzVDNEY5QUUwMi94WHRIeVVCbzlWRVJsQUQ0MmI0Wi1SMllM
cUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hYdEh5VUJvOVZFUmxBRDQyYjRaLVIyWUxxRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjA5RjcvQTlCQjhDRkNGNzM4MTFFOUIzNjZFNDM1QzRGOUFFMDIvNTY3M0Y5MTRG
NzNCMTFFOUIwRjE0MzNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAItdoQDBAJnAzwDBAJnHUQwDQQCAAIwBwMFAyQAiQAwDQYJ
KoZIhvcNAQELBQADggEBADQ3a1mrFaHvP0eUpa43yIPLI5KPu7Sns67e328HXSMP
rbGnjyDzwT2kiGE00bIq7ocZFKna1EjI/+AhoQUPBgsqmuaDQGU1WHDJmxw6ZirQ
S5vOMCbC3dRW3gYFxJ9+/jR9oD7ieYMW5Q87UPbZ+6Hwt3YTBGtgbEjJue1J7SCp
5C5XDBygCop8AVHRByfp14l+gp8jBowXWXKxhBrSO+TjoeWXcZcoeFxoyoKJvYB1
HkyT38nihYQRimhsfxukKxbAnjtjqqiizrccThnGtC4euaZh4+Vce5EdLE94N56G
5ZPQ+YPe0YOQDltErYHz4k5dE2tgG3fDPib1JtE4GPY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org