Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA0BF/5272F720B97A11ED8E542047C4F9AE02/89D1BB90B98211EDA271347EC4F9AE02.roa
File: 89D1BB90B98211EDA271347EC4F9AE02.roa (raw, json)
Hash identifier: 47TYJlKZIcNE2Ogg1UQK2Y8G1chgasVrBKbQgME8jKE=
Subject key identifier: 4C:D9:65:03:E6:E1:67:B8:45:8D:63:00:DA:BA:96:C2:AB:E0:0F:24
Certificate issuer: /CN=A91FA0BF/serialNumber=ADE8C4FE0B27CC5C521A3049B6649E264CB25A5A
Certificate serial: 02
Authority key identifier: AD:E8:C4:FE:0B:27:CC:5C:52:1A:30:49:B6:64:9E:26:4C:B2:5A:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rejE_gsnzFxSGjBJtmSeJkyyWlo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FA0BF/5272F720B97A11ED8E542047C4F9AE02/89D1BB90B98211EDA271347EC4F9AE02.roa
Signing time: Fri 03 Mar 2023 05:16:23 +0000
ROA not before: Fri 03 Mar 2023 05:16:23 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 138512
IP address blocks: 103.93.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FA0BF/serialNumber=ADE8C4FE0B27CC5C521A3049B6649E264CB25A5A
Validity
Not Before: Mar 3 05:16:23 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=640182a7-c837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:12:ee:ea:47:00:fc:aa:46:a1:ca:f1:dc:d3:
01:36:e4:75:dc:00:30:01:66:10:2b:e7:ed:c8:03:
95:87:fe:f9:5b:a9:76:00:c9:b4:3d:27:79:a9:03:
ff:c7:97:18:0b:fd:ec:ca:75:de:81:81:ae:a1:a2:
ed:44:6e:bb:5a:72:df:97:72:27:68:4f:b2:92:83:
15:20:a5:8a:d5:a8:bb:04:58:9a:21:87:3e:0c:b7:
a7:d8:65:45:73:19:51:b7:24:d4:e7:84:6a:aa:ee:
6f:61:26:b9:79:f5:b7:96:ac:4a:46:91:03:b2:ca:
49:c2:9c:77:d5:d3:ec:7b:8c:79:06:95:d2:12:e8:
3c:b6:31:68:22:49:80:5c:2d:07:61:47:bb:0a:f8:
af:ab:b0:32:74:c2:44:0f:c3:9b:55:ed:53:18:57:
76:4b:7b:b0:94:2d:58:f4:f8:5b:51:53:77:85:af:
3c:12:0c:64:ef:f9:a3:99:e7:aa:94:86:2d:c9:42:
79:f9:8d:41:1d:74:ce:ad:21:85:66:5a:8b:fb:d1:
cb:d7:10:fe:de:6a:7f:5c:ac:72:75:57:f8:08:a7:
31:5c:87:3c:e0:23:3f:c6:c7:84:e0:ee:cb:54:15:
f0:be:06:5f:70:6a:ab:64:de:67:2f:4b:a4:18:20:
62:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D9:65:03:E6:E1:67:B8:45:8D:63:00:DA:BA:96:C2:AB:E0:0F:24
X509v3 Authority Key Identifier:
keyid:AD:E8:C4:FE:0B:27:CC:5C:52:1A:30:49:B6:64:9E:26:4C:B2:5A:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FA0BF/5272F720B97A11ED8E542047C4F9AE02/rejE_gsnzFxSGjBJtmSeJkyyWlo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rejE_gsnzFxSGjBJtmSeJkyyWlo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA0BF/5272F720B97A11ED8E542047C4F9AE02/89D1BB90B98211EDA271347EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.93.214.0/24
Signature Algorithm: sha256WithRSAEncryption
71:49:30:f5:a3:0d:fa:b3:22:12:76:4a:d1:d1:a7:a9:89:0c:
3b:95:67:aa:2c:bb:43:63:c8:e9:57:ed:1a:1a:3c:a3:ba:a1:
05:6f:be:61:7b:b2:76:58:68:2a:5a:f3:0b:cb:11:4c:cb:3e:
c6:be:60:2c:94:0e:eb:26:f4:fe:00:a7:35:a4:b8:7c:3c:fc:
cc:da:af:9a:f6:80:c2:56:dd:e9:41:f1:d3:e8:89:9b:ae:4b:
3b:66:a0:c5:7e:28:bf:11:97:72:b0:94:cb:8a:a5:33:17:07:
c7:1a:52:f4:e8:00:f7:32:47:90:0b:e6:01:2e:26:3e:14:dd:
28:ec:09:00:fe:6c:ba:b5:ac:a2:92:00:99:b4:ca:07:c9:3b:
9e:3b:f1:65:9e:82:4d:a0:bb:ab:81:3f:69:1f:cc:95:16:a9:
48:44:22:2e:0a:38:6c:70:d7:b3:f7:d0:a6:f0:93:ee:bf:da:
81:cc:57:54:e3:44:d9:5b:a1:73:ab:00:ec:fb:b7:71:f8:52:
13:7e:27:a2:58:82:a7:42:6b:fc:83:9b:97:fd:27:69:03:10:
08:ea:14:26:b4:11:5a:00:f4:da:4e:68:8b:74:4e:ce:72:e1:
00:1b:e6:fe:ba:a2:29:d6:a1:34:4e:bb:95:da:40:2e:8d:78:
0b:3f:a8:a0
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QTBCRjExMC8GA1UEBRMoQURFOEM0RkUwQjI3Q0M1QzUyMUEzMDQ5QjY2NDlFMjY0
Q0IyNUE1QTAeFw0yMzAzMDMwNTE2MjNaFw0yNDA1MjkwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MDE4MmE3LWM4MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2Eu7qRwD8qkahyvHc0wE25HXcADABZhAr5+3IA5WH/vlbqXYAybQ9J3mpA//H
lxgL/ezKdd6Bga6hou1Ebrtact+XcidoT7KSgxUgpYrVqLsEWJohhz4Mt6fYZUVz
GVG3JNTnhGqq7m9hJrl59beWrEpGkQOyyknCnHfV0+x7jHkGldIS6Dy2MWgiSYBc
LQdhR7sK+K+rsDJ0wkQPw5tV7VMYV3ZLe7CULVj0+FtRU3eFrzwSDGTv+aOZ56qU
hi3JQnn5jUEddM6tIYVmWov70cvXEP7ean9crHJ1V/gIpzFchzzgIz/Gx4Tg7stU
FfC+Bl9waqtk3mcvS6QYIGJBAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUTNllA+bh
Z7hFjWMA2rqWwqvgDyQwHwYDVR0jBBgwFoAUrejE/gsnzFxSGjBJtmSeJkyyWlow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBMEJGLzUyNzJGNzIwQjk3
QTExRUQ4RTU0MjA0N0M0RjlBRTAyL3JlakVfZ3NuekZ4U0dqQkp0bVNlSmt5eVds
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcmVqRV9nc256RnhTR2pCSnRtU2VKa3l5V2xvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QTBCRi81MjcyRjcyMEI5N0ExMUVEOEU1NDIwNDdDNEY5QUUwMi84OUQxQkI5MEI5
ODIxMUVEQTI3MTM0N0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdd1jANBgkqhkiG9w0BAQsFAAOCAQEAcUkw9aMN+rMiEnZK
0dGnqYkMO5Vnqiy7Q2PI6VftGho8o7qhBW++YXuydlhoKlrzC8sRTMs+xr5gLJQO
6yb0/gCnNaS4fDz8zNqvmvaAwlbd6UHx0+iJm65LO2agxX4ovxGXcrCUy4qlMxcH
xxpS9OgA9zJHkAvmAS4mPhTdKOwJAP5surWsopIAmbTKB8k7njvxZZ6CTaC7q4E/
aR/MlRapSEQiLgo4bHDXs/fQpvCT7r/agcxXVONE2Vuhc6sA7Pu3cfhSE34noliC
p0Jr/IObl/0naQMQCOoUJrQRWgD02k5oi3ROznLhABvm/rqiKdahNE67ldpALo14
Cz+ooA==
-----END CERTIFICATE-----
Generated at Fri Feb 16 23:32:20 2024 by rpki-client on console-ams.rpki-client.org