Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F4466/06B2F4C8A8F311EBB2BA3E29C4F9AE02/447BD382DA5E11EBA323F462C4F9AE02.roa
File: 447BD382DA5E11EBA323F462C4F9AE02.roa (raw, json)
Hash identifier: FMBvnfuyCDEYEMmu6CPN963OX8JPHlSOAs1lkr6E0t0=
Subject key identifier: 5A:14:31:C1:A1:AC:5F:F8:81:EF:57:AA:96:D5:AD:53:D5:DC:FC:06
Certificate issuer: /CN=A91F4466/serialNumber=C36DD2275F39C0761DFEA4AC619D330B65F403FE
Certificate serial: 042C
Authority key identifier: C3:6D:D2:27:5F:39:C0:76:1D:FE:A4:AC:61:9D:33:0B:65:F4:03:FE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/w23SJ185wHYd_qSsYZ0zC2X0A_4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F4466/06B2F4C8A8F311EBB2BA3E29C4F9AE02/447BD382DA5E11EBA323F462C4F9AE02.roa
Signing time: Thu 03 Nov 2022 01:51:50 +0000
ROA not before: Thu 03 Nov 2022 01:51:50 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 38001
IP address blocks: 103.6.168.0/24 maxlen: 24
103.6.169.0/24 maxlen: 24
103.102.46.0/24 maxlen: 24
2401:df40:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1068 (0x42c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F4466/serialNumber=C36DD2275F39C0761DFEA4AC619D330B65F403FE
Validity
Not Before: Nov 3 01:51:50 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=63631eb6-dff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b8:7b:4f:ff:35:7c:7d:67:72:44:d9:36:2d:
72:fa:c1:b2:99:a3:17:a2:eb:55:a4:3a:7f:d8:36:
2b:b5:1f:d2:9a:2d:12:99:15:e2:ae:dd:d8:26:ea:
f6:91:75:b4:c0:bd:c5:76:29:f5:72:a9:f2:70:97:
8b:4d:43:1b:48:b9:c7:65:8d:21:4b:79:09:90:74:
64:f8:e5:c4:b6:91:a4:c0:0f:64:2e:fa:02:5a:15:
16:dd:77:f3:b4:23:73:ea:63:92:93:51:ef:fd:36:
a5:b5:9a:3d:df:17:54:0a:90:40:8d:09:8e:a7:2e:
4b:38:31:54:cf:90:82:4d:1f:08:ba:4a:9b:fb:b0:
97:ef:e3:54:4f:7f:db:1d:e9:40:56:55:b4:ec:60:
28:67:3a:c9:fe:ca:76:f0:d6:5d:1b:e0:2d:ac:0f:
00:15:d6:c9:e8:57:03:00:85:8a:a7:00:36:d5:1f:
85:f2:e8:14:0a:01:a0:30:f3:4b:9a:d9:30:cf:36:
e2:02:0d:d2:2d:d8:46:87:36:17:4d:01:17:b3:4d:
cc:3a:d7:92:c9:84:dd:5e:2b:1b:d7:a8:c6:65:59:
f1:dc:01:62:b7:76:e2:21:df:d8:89:0d:e9:d1:fd:
04:c9:ec:04:72:51:72:ce:ac:42:6f:ff:18:75:b0:
8c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:14:31:C1:A1:AC:5F:F8:81:EF:57:AA:96:D5:AD:53:D5:DC:FC:06
X509v3 Authority Key Identifier:
keyid:C3:6D:D2:27:5F:39:C0:76:1D:FE:A4:AC:61:9D:33:0B:65:F4:03:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F4466/06B2F4C8A8F311EBB2BA3E29C4F9AE02/w23SJ185wHYd_qSsYZ0zC2X0A_4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/w23SJ185wHYd_qSsYZ0zC2X0A_4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F4466/06B2F4C8A8F311EBB2BA3E29C4F9AE02/447BD382DA5E11EBA323F462C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.6.168.0/23
103.102.46.0/24
IPv6:
2401:df40:2::/48
Signature Algorithm: sha256WithRSAEncryption
6a:f5:1a:eb:ed:43:3f:55:06:d3:2d:13:21:aa:d9:f5:11:0e:
b6:ea:5d:ad:ce:87:eb:ac:40:c1:74:44:72:e8:b1:84:7e:7f:
dc:4e:03:a4:cd:a0:8f:6c:cb:54:c6:8c:1b:28:d8:57:cf:f8:
2b:97:e8:32:7b:d5:7d:ef:6e:c5:16:8c:b3:f6:12:5d:c0:f2:
ce:e6:cc:3a:15:2b:9d:32:2c:93:e3:76:6c:09:0d:47:2d:7c:
6d:87:b7:a2:e1:6c:ad:ba:b9:53:82:74:e1:11:d9:2c:54:5b:
68:f9:9e:d5:be:0d:ca:89:5c:1d:88:c7:35:d0:5c:85:8e:67:
0d:c5:bc:77:9a:31:4a:30:a9:df:ae:14:6e:7e:71:05:1d:2a:
e4:c8:2f:a7:84:03:2c:4e:b1:ae:fb:61:64:67:5b:34:91:38:
6d:dd:8a:db:ef:5c:9e:37:16:dc:1f:9d:2d:85:27:33:b3:0f:
79:92:bf:a8:f3:4f:c9:db:9e:29:77:b7:4f:6b:96:ce:e0:6d:
59:38:41:78:7c:30:47:8c:85:7b:b2:0e:e7:75:91:88:92:82:
28:cf:f6:00:43:e5:8c:59:cf:1c:38:69:df:9d:7a:05:7f:03:
3f:e9:9e:ac:ce:74:52:36:9f:e5:19:b5:39:f3:1e:1b:4a:e5:
33:c5:9b:0e
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICBCwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjQ0NjYxMTAvBgNVBAUTKEMzNkREMjI3NUYzOUMwNzYxREZFQTRBQzYxOUQzMzBC
NjVGNDAzRkUwHhcNMjIxMTAzMDE1MTUwWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzYzMWViNi1kZmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1rh7T/81fH1nckTZNi1y+sGymaMXoutVpDp/2DYrtR/Smi0SmRXirt3YJur2
kXW0wL3Fdin1cqnycJeLTUMbSLnHZY0hS3kJkHRk+OXEtpGkwA9kLvoCWhUW3Xfz
tCNz6mOSk1Hv/TaltZo93xdUCpBAjQmOpy5LODFUz5CCTR8Iukqb+7CX7+NUT3/b
HelAVlW07GAoZzrJ/sp28NZdG+AtrA8AFdbJ6FcDAIWKpwA21R+F8ugUCgGgMPNL
mtkwzzbiAg3SLdhGhzYXTQEXs03MOteSyYTdXisb16jGZVnx3AFit3biId/YiQ3p
0f0EyewEclFyzqxCb/8YdbCMBQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFFoUMcGh
rF/4ge9XqpbVrVPV3PwGMB8GA1UdIwQYMBaAFMNt0idfOcB2Hf6krGGdMwtl9AP+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNDQ2Ni8wNkIyRjRDOEE4
RjMxMUVCQjJCQTNFMjlDNEY5QUUwMi93MjNTSjE4NXdIWWRfcVNzWVowekMyWDBB
XzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3cyM1NKMTg1d0hZZF9xU3NZWjB6QzJYMEFfNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjQ0NjYvMDZCMkY0QzhBOEYzMTFFQkIyQkEzRTI5QzRGOUFFMDIvNDQ3QkQzODJE
QTVFMTFFQkEzMjNGNDYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAFnBqgDBABnZi4wDwQCAAIwCQMHACQB30AAAjANBgkqhkiG
9w0BAQsFAAOCAQEAavUa6+1DP1UG0y0TIarZ9REOtupdrc6H66xAwXREcuixhH5/
3E4DpM2gj2zLVMaMGyjYV8/4K5foMnvVfe9uxRaMs/YSXcDyzubMOhUrnTIsk+N2
bAkNRy18bYe3ouFsrbq5U4J04RHZLFRbaPme1b4NyolcHYjHNdBchY5nDcW8d5ox
SjCp364Ubn5xBR0q5Mgvp4QDLE6xrvthZGdbNJE4bd2K2+9cnjcW3B+dLYUnM7MP
eZK/qPNPydueKXe3T2uWzuBtWThBeHwwR4yFe7IO53WRiJKCKM/2AEPljFnPHDhp
3516BX8DP+merM50Ujaf5Rm1OfMeG0rlM8WbDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:48 2024 by rpki-client on console-fra.rpki-client.org