Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F635F/B87B64FC6F4811E8B1585164C4F9AE02/BB35559C7BEE11EDB0C43C11C4F9AE02.roa
File: BB35559C7BEE11EDB0C43C11C4F9AE02.roa (raw, json)
Hash identifier: TqzAiAO38Bee7si0C1WzY4tJ7hXMnvdQNV4DSjF0CuM=
Subject key identifier: 0B:1B:58:56:F7:16:94:C2:C5:86:6B:9B:BD:6C:23:33:BE:E0:C3:AD
Certificate issuer: /CN=A91F635F/serialNumber=936A0FAEF7A6FD83C26CEE1E5CFB3A42FF48E180
Certificate serial: 132E
Authority key identifier: 93:6A:0F:AE:F7:A6:FD:83:C2:6C:EE:1E:5C:FB:3A:42:FF:48:E1:80
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k2oPrvem_YPCbO4eXPs6Qv9I4YA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F635F/B87B64FC6F4811E8B1585164C4F9AE02/BB35559C7BEE11EDB0C43C11C4F9AE02.roa
Signing time: Wed 14 Dec 2022 20:34:40 +0000
ROA not before: Wed 14 Dec 2022 20:34:40 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 14618
IP address blocks: 43.249.44.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4910 (0x132e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F/serialNumber=936A0FAEF7A6FD83C26CEE1E5CFB3A42FF48E180
Validity
Not Before: Dec 14 20:34:40 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=639a335f-82bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b2:35:e2:43:09:32:15:22:21:5b:e5:5e:10:
f8:57:df:d9:29:17:1e:b9:b3:94:72:a8:dc:e3:cd:
ac:5b:6e:95:5c:16:41:90:ba:94:0a:ed:c5:bc:c7:
ba:f9:9b:ec:13:05:2d:ef:c9:0f:c3:83:8c:b0:40:
74:71:87:b8:90:3a:6f:16:df:70:02:2e:76:fb:c0:
1f:00:1f:cb:22:2f:00:75:4e:ac:f0:8e:b0:b2:b6:
9f:17:56:9b:33:3b:df:f9:a7:30:be:4b:7c:e4:0c:
0c:3c:30:f0:e1:72:bd:3d:56:bc:42:cf:f9:4f:5b:
c9:30:fc:57:d0:0e:2b:69:90:85:87:40:60:30:1a:
47:0e:a2:1e:20:32:f9:bf:04:74:bb:1c:33:b1:a0:
63:fb:c6:2c:97:a6:ca:1a:73:d5:a0:eb:51:3f:ed:
f4:e9:05:85:fb:85:3d:11:b9:53:44:eb:1d:3a:71:
3d:d4:a2:1b:b5:4b:1c:6d:49:b4:80:f5:f9:08:95:
8b:d3:5c:b2:85:f7:13:ab:61:01:66:d6:9e:7a:75:
5d:e4:5f:72:44:e6:16:63:ea:a4:d3:ce:59:2f:8b:
71:4c:8d:8c:e8:25:da:d2:58:e6:f9:7b:fa:be:49:
0e:40:b2:59:18:4e:70:64:c9:c2:68:ad:3d:98:5c:
2e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:1B:58:56:F7:16:94:C2:C5:86:6B:9B:BD:6C:23:33:BE:E0:C3:AD
X509v3 Authority Key Identifier:
keyid:93:6A:0F:AE:F7:A6:FD:83:C2:6C:EE:1E:5C:FB:3A:42:FF:48:E1:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F635F/B87B64FC6F4811E8B1585164C4F9AE02/k2oPrvem_YPCbO4eXPs6Qv9I4YA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k2oPrvem_YPCbO4eXPs6Qv9I4YA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F635F/B87B64FC6F4811E8B1585164C4F9AE02/BB35559C7BEE11EDB0C43C11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.44.0/22
Signature Algorithm: sha256WithRSAEncryption
90:24:2d:c3:46:49:72:4d:db:ce:a8:3d:30:11:29:9b:78:c4:
7a:6c:75:13:7a:c6:2d:11:04:b8:e3:17:a8:b2:53:73:29:7a:
8e:b8:19:ea:72:69:7e:a8:e5:26:ff:d3:e2:62:f4:95:b0:a8:
a6:37:77:2f:bb:16:f6:03:81:32:f2:8f:33:5b:64:59:c9:ed:
69:83:26:30:9e:ba:c3:4f:52:10:f0:ea:ff:e1:c5:23:28:47:
36:62:4c:91:2e:db:cc:1e:c3:00:75:5a:41:d1:30:ca:30:76:
44:56:23:f5:fd:c9:1b:3e:b8:4a:a0:fa:b5:c4:a5:a7:56:7d:
46:1a:13:91:1b:a4:2f:ce:eb:4c:2a:2a:1a:37:9b:c4:18:86:
d3:de:e8:77:55:a6:80:f4:9a:7d:d9:01:89:5a:68:ae:d2:8e:
e9:ee:5a:5b:cd:fe:80:0c:2b:c3:38:f4:a1:5f:19:f2:8c:a9:
4e:a6:4e:8e:cf:40:bc:ec:73:14:06:1d:a7:67:25:b4:1e:51:
a5:13:13:80:f5:66:fc:44:30:91:c3:bd:c5:9c:d8:f1:bd:aa:
49:93:da:43:37:89:09:e4:78:cd:af:4e:63:64:88:f5:71:ff:
3d:ef:3d:28:86:47:5d:48:5f:f7:fe:b5:26:60:5f:9c:8c:57:
22:30:4e:38
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEy4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjYzNUYxMTAvBgNVBAUTKDkzNkEwRkFFRjdBNkZEODNDMjZDRUUxRTVDRkIzQTQy
RkY0OEUxODAwHhcNMjIxMjE0MjAzNDQwWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzlhMzM1Zi04MmJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwLI14kMJMhUiIVvlXhD4V9/ZKRceubOUcqjc482sW26VXBZBkLqUCu3FvMe6
+ZvsEwUt78kPw4OMsEB0cYe4kDpvFt9wAi52+8AfAB/LIi8AdU6s8I6wsrafF1ab
Mzvf+acwvkt85AwMPDDw4XK9PVa8Qs/5T1vJMPxX0A4raZCFh0BgMBpHDqIeIDL5
vwR0uxwzsaBj+8Ysl6bKGnPVoOtRP+306QWF+4U9EblTROsdOnE91KIbtUscbUm0
gPX5CJWL01yyhfcTq2EBZtaeenVd5F9yROYWY+qk085ZL4txTI2M6CXa0ljm+Xv6
vkkOQLJZGE5wZMnCaK09mFwucQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAsbWFb3
FpTCxYZrm71sIzO+4MOtMB8GA1UdIwQYMBaAFJNqD673pv2DwmzuHlz7OkL/SOGA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjM1Ri9CODdCNjRGQzZG
NDgxMUU4QjE1ODUxNjRDNEY5QUUwMi9rMm9QcnZlbV9ZUENiTzRlWFBzNlF2OUk0
WUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2syb1BydmVtX1lQQ2JPNGVYUHM2UXY5STRZQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjYzNUYvQjg3QjY0RkM2RjQ4MTFFOEIxNTg1MTY0QzRGOUFFMDIvQkIzNTU1OUM3
QkVFMTFFREIwQzQzQzExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr+SwwDQYJKoZIhvcNAQELBQADggEBAJAkLcNGSXJN286o
PTARKZt4xHpsdRN6xi0RBLjjF6iyU3Mpeo64GepyaX6o5Sb/0+Ji9JWwqKY3dy+7
FvYDgTLyjzNbZFnJ7WmDJjCeusNPUhDw6v/hxSMoRzZiTJEu28wewwB1WkHRMMow
dkRWI/X9yRs+uEqg+rXEpadWfUYaE5EbpC/O60wqKho3m8QYhtPe6HdVpoD0mn3Z
AYlaaK7SjunuWlvN/oAMK8M49KFfGfKMqU6mTo7PQLzscxQGHadnJbQeUaUTE4D1
ZvxEMJHDvcWc2PG9qkmT2kM3iQnkeM2vTmNkiPVx/z3vPSiGR11IX/f+tSZgX5yM
VyIwTjg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:38 2024 by rpki-client on console-ams.rpki-client.org