Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F635F/B87B64FC6F4811E8B1585164C4F9AE02/D10B8B9CB3DE11E9A6F6FE55C4F9AE02.roa
File: D10B8B9CB3DE11E9A6F6FE55C4F9AE02.roa (raw, json)
Hash identifier: N7j0Nr2aYqqdF0cMcZ0VOzqqPpgihtOgvn8gJhWM1CQ=
Subject key identifier: 55:10:A8:F5:20:B8:27:9F:E9:6E:5E:96:C9:2D:8E:0C:61:60:72:5C
Certificate issuer: /CN=A91F635F/serialNumber=936A0FAEF7A6FD83C26CEE1E5CFB3A42FF48E180
Certificate serial: 1121
Authority key identifier: 93:6A:0F:AE:F7:A6:FD:83:C2:6C:EE:1E:5C:FB:3A:42:FF:48:E1:80
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k2oPrvem_YPCbO4eXPs6Qv9I4YA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F635F/B87B64FC6F4811E8B1585164C4F9AE02/D10B8B9CB3DE11E9A6F6FE55C4F9AE02.roa
Signing time: Wed 09 Feb 2022 06:04:31 +0000
ROA not before: Wed 09 Feb 2022 06:04:31 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 14618
IP address blocks: 43.249.44.0/22 maxlen: 24
2406:da00:ff00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4385 (0x1121)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F/serialNumber=936A0FAEF7A6FD83C26CEE1E5CFB3A42FF48E180
Validity
Not Before: Feb 9 06:04:31 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=6203596f-283d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4b:7a:c1:f2:9e:ad:7c:dc:17:eb:37:07:33:
39:c1:b8:ad:07:e9:b1:3b:6c:fb:53:79:bc:4a:a0:
ef:81:2f:f1:06:ba:3a:91:09:94:32:fa:aa:7f:1e:
f9:75:51:94:db:37:3b:16:7f:5f:6d:b9:d8:a8:ad:
89:27:5d:59:f9:96:4c:ea:e6:df:d1:7b:d9:7c:cd:
33:46:33:1f:7b:4f:a6:a1:24:cc:59:69:01:18:4f:
1f:60:e9:da:69:05:4d:c4:d0:26:bb:68:8d:2a:72:
85:f5:2a:55:a9:bc:7e:20:3e:b4:cf:34:db:72:a2:
54:72:9c:53:55:16:d7:26:7d:7b:f5:f1:65:d6:33:
2b:a1:97:2d:a1:6b:b6:e6:8a:2e:01:4f:86:08:d1:
d9:30:24:e6:79:e6:b9:d3:90:dd:0b:a4:ad:3b:ce:
44:5e:55:40:47:48:32:3d:34:6b:a5:b6:30:f9:4e:
09:dd:6a:a3:f4:33:27:bf:ef:d7:4f:bc:a3:db:4c:
25:6d:2c:c0:56:a2:a2:f5:78:80:6f:49:bf:84:79:
13:c4:7d:e4:25:7d:88:6c:23:e8:18:da:18:3d:24:
5c:7e:3b:23:66:c8:c9:61:9b:7a:91:03:b6:e4:b0:
56:64:d4:4f:d4:5e:58:2c:d6:7f:6d:bd:c0:f8:cf:
70:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:10:A8:F5:20:B8:27:9F:E9:6E:5E:96:C9:2D:8E:0C:61:60:72:5C
X509v3 Authority Key Identifier:
keyid:93:6A:0F:AE:F7:A6:FD:83:C2:6C:EE:1E:5C:FB:3A:42:FF:48:E1:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F635F/B87B64FC6F4811E8B1585164C4F9AE02/k2oPrvem_YPCbO4eXPs6Qv9I4YA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k2oPrvem_YPCbO4eXPs6Qv9I4YA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F635F/B87B64FC6F4811E8B1585164C4F9AE02/D10B8B9CB3DE11E9A6F6FE55C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.44.0/22
IPv6:
2406:da00:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
38:af:50:17:90:ac:3d:f3:b5:45:ac:1e:6a:90:56:5c:24:2e:
5a:f9:a4:c6:8e:d1:fe:11:cf:56:e9:70:c7:aa:81:7d:bd:da:
72:68:d1:6a:37:c2:41:7d:86:55:ef:a6:bc:13:9e:b5:57:0d:
37:f4:74:39:87:f5:ad:27:5c:4b:a0:69:74:d1:0c:4a:9c:23:
95:4b:c2:64:77:d4:a9:bc:46:86:6a:11:3a:fd:09:0e:96:c9:
1d:b4:23:92:9a:7d:a5:2e:a3:c5:38:f8:dd:4a:82:ae:43:ba:
78:13:06:d8:7d:aa:b4:a5:96:aa:b3:a2:9c:01:5a:f9:c9:f9:
79:07:df:94:4c:ef:5e:86:20:fc:c2:21:de:7a:63:a8:c3:fa:
4d:e5:65:df:36:3b:b0:25:93:1a:10:cb:48:22:f3:2e:4f:35:
7b:02:bc:c9:89:88:0e:dc:1d:62:89:d0:d7:a5:d3:ff:b1:c6:
4a:ab:eb:79:98:92:26:f0:2d:52:c9:61:2b:f8:90:ce:fd:c3:
91:53:ee:1a:c3:2b:e3:7b:22:1c:d7:39:b6:20:8f:61:3b:bf:
e1:8a:c5:34:8c:14:e6:04:49:6d:1d:45:22:39:9b:b6:27:8d:
b3:bd:64:96:d9:8b:4f:14:f6:73:97:60:11:04:99:3d:d6:82:
81:be:e0:39
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICESEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjYzNUYxMTAvBgNVBAUTKDkzNkEwRkFFRjdBNkZEODNDMjZDRUUxRTVDRkIzQTQy
RkY0OEUxODAwHhcNMjIwMjA5MDYwNDMxWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjAzNTk2Zi0yODNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs0t6wfKerXzcF+s3BzM5wbitB+mxO2z7U3m8SqDvgS/xBro6kQmUMvqqfx75
dVGU2zc7Fn9fbbnYqK2JJ11Z+ZZM6ubf0XvZfM0zRjMfe0+moSTMWWkBGE8fYOna
aQVNxNAmu2iNKnKF9SpVqbx+ID60zzTbcqJUcpxTVRbXJn179fFl1jMroZctoWu2
5oouAU+GCNHZMCTmeea505DdC6StO85EXlVAR0gyPTRrpbYw+U4J3Wqj9DMnv+/X
T7yj20wlbSzAVqKi9XiAb0m/hHkTxH3kJX2IbCPoGNoYPSRcfjsjZsjJYZt6kQO2
5LBWZNRP1F5YLNZ/bb3A+M9wLQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFFUQqPUg
uCef6W5elsktjgxhYHJcMB8GA1UdIwQYMBaAFJNqD673pv2DwmzuHlz7OkL/SOGA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjM1Ri9CODdCNjRGQzZG
NDgxMUU4QjE1ODUxNjRDNEY5QUUwMi9rMm9QcnZlbV9ZUENiTzRlWFBzNlF2OUk0
WUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2syb1BydmVtX1lQQ2JPNGVYUHM2UXY5STRZQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjYzNUYvQjg3QjY0RkM2RjQ4MTFFOEIxNTg1MTY0QzRGOUFFMDIvRDEwQjhCOUNC
M0RFMTFFOUE2RjZGRTU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAIr+SwwDwQCAAIwCQMHACQG2gD/ADANBgkqhkiG9w0BAQsF
AAOCAQEAOK9QF5CsPfO1RaweapBWXCQuWvmkxo7R/hHPVulwx6qBfb3acmjRajfC
QX2GVe+mvBOetVcNN/R0OYf1rSdcS6BpdNEMSpwjlUvCZHfUqbxGhmoROv0JDpbJ
HbQjkpp9pS6jxTj43UqCrkO6eBMG2H2qtKWWqrOinAFa+cn5eQfflEzvXoYg/MIh
3npjqMP6TeVl3zY7sCWTGhDLSCLzLk81ewK8yYmIDtwdYonQ16XT/7HGSqvreZiS
JvAtUslhK/iQzv3DkVPuGsMr43siHNc5tiCPYTu/4YrFNIwU5gRJbR1FIjmbtieN
s71kltmLTxT2c5dgEQSZPdaCgb7gOQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:38 2024 by rpki-client on console-ams.rpki-client.org