Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAE47/974D6D7E48F011EA886EB445C4F9AE02/FEC5DF7E834311EC8B56E409C4F9AE02.roa
File: FEC5DF7E834311EC8B56E409C4F9AE02.roa (raw, json)
Hash identifier: 6nxwZea+rBMpvBYv3UMhf5+0LkAdTrbUd9Jb9B3Fpw4=
Subject key identifier: B1:C1:D0:15:FB:87:6E:21:0D:52:DA:5B:EE:29:00:A5:D5:41:30:2D
Certificate issuer: /CN=A91FAE47/serialNumber=22F303C4AE2BBDCC1E9765106D235E9F32FF54FD
Certificate serial: 0962
Authority key identifier: 22:F3:03:C4:AE:2B:BD:CC:1E:97:65:10:6D:23:5E:9F:32:FF:54:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IvMDxK4rvcwel2UQbSNenzL_VP0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FAE47/974D6D7E48F011EA886EB445C4F9AE02/FEC5DF7E834311EC8B56E409C4F9AE02.roa
Signing time: Mon 30 Jan 2023 21:48:00 +0000
ROA not before: Mon 30 Jan 2023 21:48:00 +0000
ROA not after: Fri 02 Jun 2023 00:00:00 +0000
asID: 135019
IP address blocks: 103.106.2.0/24 maxlen: 24
2402:38c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2402 (0x962)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FAE47/serialNumber=22F303C4AE2BBDCC1E9765106D235E9F32FF54FD
Validity
Not Before: Jan 30 21:48:00 2023 GMT
Not After : Jun 2 00:00:00 2023 GMT
Subject: CN=63d83b10-c1f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:21:03:c9:a6:de:38:96:fb:4e:89:61:c4:7e:
c7:bf:86:2b:05:83:49:cf:f2:28:97:5f:fe:33:5a:
94:18:fe:8b:0a:64:3a:51:e8:6b:87:72:2f:70:ef:
83:f4:96:70:b1:f9:f9:e2:dd:21:57:b8:05:41:6d:
3b:b8:9e:7e:e6:86:a1:09:b6:bb:f9:32:67:a8:90:
ae:7b:99:fc:90:40:42:66:8c:e4:c3:d5:98:5b:cb:
98:d5:46:95:c4:8e:34:9e:72:7a:b2:33:a9:3b:fa:
46:ea:59:e9:26:e2:e3:75:2e:ea:a7:c3:a9:f5:a3:
88:cd:c9:34:c6:fe:29:ff:10:77:67:20:79:62:dd:
f6:81:2a:2b:60:36:97:4e:3f:1f:de:8a:eb:6c:1d:
0a:ad:ee:37:98:ec:3e:18:ea:09:b9:b3:6d:f2:2b:
ff:a4:bf:78:1a:77:cf:b0:14:0a:da:f2:13:5c:5d:
82:3d:55:90:b6:11:f8:21:69:8b:4f:5a:da:fd:5d:
0f:d5:b0:4c:06:b5:ab:6b:5b:e5:37:a9:34:57:53:
3f:55:4b:2b:f0:a2:fb:c8:f4:8b:c9:2a:87:ce:1a:
62:9b:d1:72:91:f2:db:76:93:c2:8e:bd:fb:c7:e6:
f6:cf:ee:0c:d3:ce:e1:b1:12:35:ba:89:10:a2:09:
16:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C1:D0:15:FB:87:6E:21:0D:52:DA:5B:EE:29:00:A5:D5:41:30:2D
X509v3 Authority Key Identifier:
keyid:22:F3:03:C4:AE:2B:BD:CC:1E:97:65:10:6D:23:5E:9F:32:FF:54:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FAE47/974D6D7E48F011EA886EB445C4F9AE02/IvMDxK4rvcwel2UQbSNenzL_VP0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IvMDxK4rvcwel2UQbSNenzL_VP0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAE47/974D6D7E48F011EA886EB445C4F9AE02/FEC5DF7E834311EC8B56E409C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.2.0/24
IPv6:
2402:38c0::/32
Signature Algorithm: sha256WithRSAEncryption
7a:7b:6c:e4:7e:db:66:e5:3f:5a:a7:30:39:20:36:b9:51:a4:
58:34:1d:70:2d:70:2d:3d:fc:2b:5e:9f:2f:57:67:78:b3:a0:
13:e5:b6:b9:03:28:0d:17:c9:ff:b9:57:60:79:43:ad:46:ee:
51:06:45:00:d5:95:05:9d:7a:ce:26:23:d8:96:72:18:1f:94:
65:01:58:53:bf:84:cb:46:53:f3:b5:6e:ad:e2:86:73:f8:e9:
d4:ae:32:5c:2d:63:a6:b2:ee:74:d7:11:e7:30:e7:97:d0:aa:
da:1a:80:ea:74:73:bb:96:35:d2:86:80:16:0d:af:ba:21:25:
f6:c9:6a:90:16:ac:b6:c5:df:65:7c:c4:94:2e:71:d9:e1:00:
d9:02:21:26:90:58:95:48:6f:38:9f:87:91:22:0c:0b:ca:3e:
00:8b:15:67:b5:5e:e0:64:b4:f9:93:cc:8e:b4:e0:d0:d6:6e:
aa:63:7b:52:7a:6d:b2:f4:6d:3c:28:8b:90:ad:a9:a3:32:8c:
87:06:df:9f:eb:83:08:8a:6b:10:80:e8:7f:bf:16:88:93:5b:
8f:92:a7:20:09:22:bd:6b:46:60:d4:08:bf:c0:10:82:82:42:
cd:10:74:2f:99:da:95:4f:4c:59:a8:b4:73:57:59:34:f0:f4:
49:62:d3:c3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCWIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkFFNDcxMTAvBgNVBAUTKDIyRjMwM0M0QUUyQkJEQ0MxRTk3NjUxMDZEMjM1RTlG
MzJGRjU0RkQwHhcNMjMwMTMwMjE0ODAwWhcNMjMwNjAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q4M2IxMC1jMWYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsCEDyabeOJb7TolhxH7Hv4YrBYNJz/Iol1/+M1qUGP6LCmQ6Uehrh3IvcO+D
9JZwsfn54t0hV7gFQW07uJ5+5oahCba7+TJnqJCue5n8kEBCZozkw9WYW8uY1UaV
xI40nnJ6sjOpO/pG6lnpJuLjdS7qp8Op9aOIzck0xv4p/xB3ZyB5Yt32gSorYDaX
Tj8f3orrbB0Kre43mOw+GOoJubNt8iv/pL94GnfPsBQK2vITXF2CPVWQthH4IWmL
T1ra/V0P1bBMBrWra1vlN6k0V1M/VUsr8KL7yPSLySqHzhpim9FykfLbdpPCjr37
x+b2z+4M087hsRI1uokQogkWIQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLHB0BX7
h24hDVLaW+4pAKXVQTAtMB8GA1UdIwQYMBaAFCLzA8SuK73MHpdlEG0jXp8y/1T9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUU0Ny85NzRENkQ3RTQ4
RjAxMUVBODg2RUI0NDVDNEY5QUUwMi9Jdk1EeEs0cnZjd2VsMlVRYlNOZW56TF9W
UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0l2TUR4SzRydmN3ZWwyVVFiU05lbnpMX1ZQMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkFFNDcvOTc0RDZEN0U0OEYwMTFFQTg4NkVCNDQ1QzRGOUFFMDIvRkVDNURGN0U4
MzQzMTFFQzhCNTZFNDA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnagIwDQQCAAIwBwMFACQCOMAwDQYJKoZIhvcNAQELBQAD
ggEBAHp7bOR+22blP1qnMDkgNrlRpFg0HXAtcC09/Cteny9XZ3izoBPltrkDKA0X
yf+5V2B5Q61G7lEGRQDVlQWdes4mI9iWchgflGUBWFO/hMtGU/O1bq3ihnP46dSu
MlwtY6ay7nTXEecw55fQqtoagOp0c7uWNdKGgBYNr7ohJfbJapAWrLbF32V8xJQu
cdnhANkCISaQWJVIbzifh5EiDAvKPgCLFWe1XuBktPmTzI604NDWbqpje1J6bbL0
bTwoi5CtqaMyjIcG35/rgwiKaxCA6H+/FoiTW4+SpyAJIr1rRmDUCL/AEIKCQs0Q
dC+Z2pVPTFmotHNXWTTw9Eli08M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org