Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FC387/FAD8C6965E2D11EC827FC065C4F9AE02/AE2AC7885E3511ECA889FC76C4F9AE02.roa
File: AE2AC7885E3511ECA889FC76C4F9AE02.roa (raw, json)
Hash identifier: 4kfGAek3mONejJtTBjoUAQlbQ6mnHd/pzc7swZ8sKGQ=
Subject key identifier: 12:B4:0B:99:DE:D6:23:A7:5E:4E:FA:E5:C0:C4:34:36:52:0B:DC:90
Certificate issuer: /CN=A91FC387/serialNumber=5D509478EA5B72D197E432659049454F03E4C22D
Certificate serial: 0272
Authority key identifier: 5D:50:94:78:EA:5B:72:D1:97:E4:32:65:90:49:45:4F:03:E4:C2:2D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XVCUeOpbctGX5DJlkElFTwPkwi0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FC387/FAD8C6965E2D11EC827FC065C4F9AE02/AE2AC7885E3511ECA889FC76C4F9AE02.roa
Signing time: Thu 08 Dec 2022 16:13:16 +0000
ROA not before: Thu 08 Dec 2022 16:13:16 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 13896
IP address blocks: 45.252.184.0/23 maxlen: 23
45.252.184.0/24 maxlen: 24
45.252.185.0/24 maxlen: 24
45.252.186.0/23 maxlen: 23
45.252.186.0/24 maxlen: 24
45.252.187.0/24 maxlen: 24
103.197.96.0/23 maxlen: 23
103.197.96.0/24 maxlen: 24
103.197.97.0/24 maxlen: 24
103.197.98.0/23 maxlen: 24
2403:180::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 626 (0x272)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FC387/serialNumber=5D509478EA5B72D197E432659049454F03E4C22D
Validity
Not Before: Dec 8 16:13:16 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=63920d1c-938a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:bf:90:e7:26:bb:86:df:77:15:7a:7a:67:02:
ce:b6:1b:27:7e:d7:ed:17:9e:51:f2:75:aa:21:2c:
5d:8f:bf:26:24:20:78:0a:23:1e:cc:46:52:45:36:
ca:02:c7:66:c2:6a:13:02:7d:fc:d3:a3:ff:24:2c:
43:29:aa:9a:df:2d:33:f9:0e:6e:b3:5c:5a:f1:ea:
54:80:a9:96:ba:49:43:73:ab:9d:fc:79:d5:92:0d:
b8:32:b5:75:e3:eb:df:0b:da:10:76:a8:b6:72:c6:
2b:86:1c:7c:f3:fc:ad:76:f2:cd:03:8b:7c:31:7e:
eb:2a:72:54:01:da:c0:e3:61:37:5d:5b:b9:b6:34:
c1:f9:a7:87:22:55:ba:b5:29:29:8b:7c:43:5e:51:
74:87:7e:74:c6:11:a3:63:9c:26:a2:12:70:99:67:
3f:8c:86:2b:45:10:80:94:b3:22:c7:eb:e2:7c:66:
7d:d7:a2:c0:1b:aa:16:98:70:6b:7e:c6:33:bc:4d:
cb:0b:2f:c8:17:4a:61:d2:20:74:70:65:e3:26:1e:
8c:6b:8e:72:5f:ab:9b:ad:7e:b8:67:63:01:b5:81:
38:d7:fc:7f:9e:63:56:2e:ac:7d:b9:0f:ad:0c:4e:
f9:93:4c:e2:f6:b4:44:ff:07:16:5a:01:e4:5a:e1:
94:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:B4:0B:99:DE:D6:23:A7:5E:4E:FA:E5:C0:C4:34:36:52:0B:DC:90
X509v3 Authority Key Identifier:
keyid:5D:50:94:78:EA:5B:72:D1:97:E4:32:65:90:49:45:4F:03:E4:C2:2D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FC387/FAD8C6965E2D11EC827FC065C4F9AE02/XVCUeOpbctGX5DJlkElFTwPkwi0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XVCUeOpbctGX5DJlkElFTwPkwi0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FC387/FAD8C6965E2D11EC827FC065C4F9AE02/AE2AC7885E3511ECA889FC76C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.184.0/22
103.197.96.0/22
IPv6:
2403:180::/32
Signature Algorithm: sha256WithRSAEncryption
8e:74:75:7b:90:2d:86:76:6b:f7:bc:72:bd:a6:1b:c9:99:4d:
9b:87:6f:91:94:18:cf:2a:a9:28:35:cf:be:60:09:bf:25:12:
95:1e:84:86:7c:12:8d:88:d3:3d:d2:59:e6:f7:5b:47:b6:13:
69:5c:2f:f8:8b:d4:84:b4:84:bd:23:c3:8c:b2:34:b0:53:cf:
ff:ff:0f:bb:f2:68:ff:b6:cf:24:f4:67:45:a5:a2:5e:ac:32:
fd:53:ae:81:bc:13:75:31:e5:06:a1:ea:d5:80:01:60:a2:08:
1b:34:6d:e9:1d:0f:b3:75:88:ee:9d:45:72:64:2a:13:a6:23:
ba:6f:31:32:e8:70:12:fa:32:0d:ae:be:fe:66:49:d2:e3:57:
88:63:dd:50:b7:c3:d2:b6:ac:a6:31:2a:82:1c:57:30:44:08:
09:3e:29:40:ed:03:e3:1e:4e:4d:47:66:86:d8:89:51:c2:89:
1f:cb:ef:2f:c4:b9:79:cc:b6:d0:e6:e2:d4:c6:75:96:9a:71:
68:e1:a8:0e:bb:74:97:e7:bd:4c:64:2f:d1:11:0c:af:25:f6:
e3:a8:ef:4b:40:f1:e5:7e:9b:4b:0f:08:f8:25:94:67:d0:df:
fb:52:48:a8:b0:13:e4:ea:16:06:c1:d3:07:b4:d4:61:59:5b:
46:45:43:90
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAnIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkMzODcxMTAvBgNVBAUTKDVENTA5NDc4RUE1QjcyRDE5N0U0MzI2NTkwNDk0NTRG
MDNFNEMyMkQwHhcNMjIxMjA4MTYxMzE2WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzkyMGQxYy05MzhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6b+Q5ya7ht93FXp6ZwLOthsnftftF55R8nWqISxdj78mJCB4CiMezEZSRTbK
AsdmwmoTAn3806P/JCxDKaqa3y0z+Q5us1xa8epUgKmWuklDc6ud/HnVkg24MrV1
4+vfC9oQdqi2csYrhhx88/ytdvLNA4t8MX7rKnJUAdrA42E3XVu5tjTB+aeHIlW6
tSkpi3xDXlF0h350xhGjY5wmohJwmWc/jIYrRRCAlLMix+vifGZ916LAG6oWmHBr
fsYzvE3LCy/IF0ph0iB0cGXjJh6Ma45yX6ubrX64Z2MBtYE41/x/nmNWLqx9uQ+t
DE75k0zi9rRE/wcWWgHkWuGUvQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFBK0C5ne
1iOnXk765cDENDZSC9yQMB8GA1UdIwQYMBaAFF1QlHjqW3LRl+QyZZBJRU8D5MIt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQzM4Ny9GQUQ4QzY5NjVF
MkQxMUVDODI3RkMwNjVDNEY5QUUwMi9YVkNVZU9wYmN0R1g1REpsa0VsRlR3UGt3
aTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hWQ1VlT3BiY3RHWDVESmxrRWxGVHdQa3dpMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkMzODcvRkFEOEM2OTY1RTJEMTFFQzgyN0ZDMDY1QzRGOUFFMDIvQUUyQUM3ODg1
RTM1MTFFQ0E4ODlGQzc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIt/LgDBAJnxWAwDQQCAAIwBwMFACQDAYAwDQYJKoZIhvcN
AQELBQADggEBAI50dXuQLYZ2a/e8cr2mG8mZTZuHb5GUGM8qqSg1z75gCb8lEpUe
hIZ8Eo2I0z3SWeb3W0e2E2lcL/iL1IS0hL0jw4yyNLBTz///D7vyaP+2zyT0Z0Wl
ol6sMv1TroG8E3Ux5Qah6tWAAWCiCBs0bekdD7N1iO6dRXJkKhOmI7pvMTLocBL6
Mg2uvv5mSdLjV4hj3VC3w9K2rKYxKoIcVzBECAk+KUDtA+MeTk1HZobYiVHCiR/L
7y/EuXnMttDm4tTGdZaacWjhqA67dJfnvUxkL9ERDK8l9uOo70tA8eV+m0sPCPgl
lGfQ3/tSSKiwE+TqFgbB0we01GFZW0ZFQ5A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org