Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FCE8A/006FE54A5DE311E6A5AA364DC4F9AE02/FCAAD28C713D11EE86E60B7EC4F9AE02.roa
File: FCAAD28C713D11EE86E60B7EC4F9AE02.roa (raw, json)
Hash identifier: nQMU/k3DgquskQMNmlrkXslfZ4MgyZdoJQqMrDBxBl4=
Subject key identifier: CF:BE:8E:9E:40:EE:00:0B:F1:8B:B4:A9:84:B1:C5:03:FE:E3:CF:14
Certificate issuer: /CN=A91FCE8A/serialNumber=D424453667D6FCB2D8C854D6A59B781DFFFB52C6
Certificate serial: 1DBB
Authority key identifier: D4:24:45:36:67:D6:FC:B2:D8:C8:54:D6:A5:9B:78:1D:FF:FB:52:C6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1CRFNmfW_LLYyFTWpZt4Hf_7UsY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FCE8A/006FE54A5DE311E6A5AA364DC4F9AE02/FCAAD28C713D11EE86E60B7EC4F9AE02.roa
Signing time: Mon 23 Oct 2023 00:49:14 +0000
ROA not before: Mon 23 Oct 2023 00:49:14 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 134743
IP address blocks: 45.253.128.0/23 maxlen: 23
45.253.128.0/24 maxlen: 24
45.253.129.0/24 maxlen: 24
103.197.212.0/23 maxlen: 23
103.197.212.0/24 maxlen: 24
103.197.213.0/24 maxlen: 24
103.223.136.0/23 maxlen: 23
103.223.136.0/24 maxlen: 24
103.223.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7611 (0x1dbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FCE8A/serialNumber=D424453667D6FCB2D8C854D6A59B781DFFFB52C6
Validity
Not Before: Oct 23 00:49:14 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6535c30a-5eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0d:59:a9:be:25:62:5d:dd:9d:ee:7a:84:ae:
17:07:54:9d:89:fa:c0:00:86:ad:ea:60:08:4e:96:
6d:c7:46:f5:ec:f7:64:a3:51:46:8c:3a:33:60:7c:
de:45:81:e1:75:4b:22:b0:10:fc:c5:1e:46:d9:b5:
79:09:b8:a6:be:4d:1f:96:9e:ff:47:46:ab:63:f6:
3a:0f:03:3a:b1:9b:73:62:e7:da:e0:95:2c:e2:b4:
69:3a:57:f3:b9:b4:6a:04:d1:7a:19:25:f5:b1:a9:
d3:b7:53:2f:c6:b1:69:fd:32:61:c1:66:0d:61:f4:
84:97:50:4b:13:92:0e:fd:f6:a4:67:48:1d:82:f7:
1c:44:78:76:d9:15:70:46:48:77:d9:56:b0:77:32:
3e:d6:4d:fe:dd:0f:78:7a:c9:db:42:dc:46:bf:37:
9a:6b:79:2a:15:f4:f8:ba:d5:44:c3:92:86:60:13:
ef:ab:d3:7e:1e:70:f6:9c:47:9c:11:84:8e:3d:54:
07:bf:3c:c0:a6:7a:e4:23:31:b8:f8:05:8f:cf:d7:
e9:24:27:3a:98:dc:94:54:6a:07:b4:8f:c8:44:d9:
c8:1a:7a:eb:04:13:8e:5d:7f:fa:90:4d:51:e4:66:
07:69:e6:be:f9:3a:69:5f:b4:d4:59:44:05:f8:79:
11:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:BE:8E:9E:40:EE:00:0B:F1:8B:B4:A9:84:B1:C5:03:FE:E3:CF:14
X509v3 Authority Key Identifier:
keyid:D4:24:45:36:67:D6:FC:B2:D8:C8:54:D6:A5:9B:78:1D:FF:FB:52:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FCE8A/006FE54A5DE311E6A5AA364DC4F9AE02/1CRFNmfW_LLYyFTWpZt4Hf_7UsY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1CRFNmfW_LLYyFTWpZt4Hf_7UsY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FCE8A/006FE54A5DE311E6A5AA364DC4F9AE02/FCAAD28C713D11EE86E60B7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.253.128.0/23
103.197.212.0/23
103.223.136.0/23
Signature Algorithm: sha256WithRSAEncryption
02:57:20:2a:34:1a:3b:14:17:b7:e6:4e:97:46:02:a5:c6:fb:
e9:bc:ad:27:bd:0b:14:04:dc:b0:41:51:64:c2:f6:16:40:8c:
8a:92:d4:11:4c:7e:48:d2:4e:36:d8:29:e3:29:4c:df:40:b2:
06:ee:64:e7:c4:db:f8:73:a3:eb:d9:0b:58:8a:ad:f8:86:a6:
05:f1:3d:71:a1:9e:11:fa:15:d2:0e:c6:eb:61:2b:80:35:f0:
92:38:fa:f8:dd:ff:3d:88:cf:a8:85:bf:72:e2:c3:a7:ef:44:
ae:b2:71:84:6d:88:37:2a:1d:ae:ec:cc:63:88:e3:03:34:32:
f0:22:1f:4e:38:e5:64:e3:07:b2:d7:8c:16:29:e4:7c:da:27:
68:bb:70:fc:c6:a5:ad:05:ae:62:89:a5:58:74:cb:3f:e8:8c:
9e:23:9e:40:73:ab:7d:87:4e:fa:da:a3:e3:3f:10:f0:fa:5f:
e8:91:85:4d:e5:d6:00:c4:9b:9d:cd:74:69:a5:a3:18:5f:e6:
2b:fd:e0:bb:7f:4b:ef:a5:b8:de:f9:94:8a:a6:c2:99:cf:a0:
49:a7:71:f2:41:35:e7:61:7b:f2:b8:a3:05:b3:5c:06:a5:da:
43:6a:eb:ea:c3:c6:49:26:93:70:4a:39:2a:92:00:34:4d:92:
58:bc:b3:cc
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICHbswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkNFOEExMTAvBgNVBAUTKEQ0MjQ0NTM2NjdENkZDQjJEOEM4NTRENkE1OUI3ODFE
RkZGQjUyQzYwHhcNMjMxMDIzMDA0OTE0WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTM1YzMwYS01ZWFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0Q1Zqb4lYl3dne56hK4XB1SdifrAAIat6mAITpZtx0b17Pdko1FGjDozYHze
RYHhdUsisBD8xR5G2bV5Cbimvk0flp7/R0arY/Y6DwM6sZtzYufa4JUs4rRpOlfz
ubRqBNF6GSX1sanTt1MvxrFp/TJhwWYNYfSEl1BLE5IO/fakZ0gdgvccRHh22RVw
Rkh32VawdzI+1k3+3Q94esnbQtxGvzeaa3kqFfT4utVEw5KGYBPvq9N+HnD2nEec
EYSOPVQHvzzApnrkIzG4+AWPz9fpJCc6mNyUVGoHtI/IRNnIGnrrBBOOXX/6kE1R
5GYHaea++TppX7TUWUQF+HkRLQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFM++jp5A
7gAL8Yu0qYSxxQP+488UMB8GA1UdIwQYMBaAFNQkRTZn1vyy2MhU1qWbeB3/+1LG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQ0U4QS8wMDZGRTU0QTVE
RTMxMUU2QTVBQTM2NERDNEY5QUUwMi8xQ1JGTm1mV19MTFl5RlRXcFp0NEhmXzdV
c1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFDUkZObWZXX0xMWXlGVFdwWnQ0SGZfN1VzWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkNFOEEvMDA2RkU1NEE1REUzMTFFNkE1QUEzNjREQzRGOUFFMDIvRkNBQUQyOEM3
MTNEMTFFRTg2RTYwQjdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAEt/YADBAFnxdQDBAFn34gwDQYJKoZIhvcNAQELBQADggEB
AAJXICo0GjsUF7fmTpdGAqXG++m8rSe9CxQE3LBBUWTC9hZAjIqS1BFMfkjSTjbY
KeMpTN9AsgbuZOfE2/hzo+vZC1iKrfiGpgXxPXGhnhH6FdIOxuthK4A18JI4+vjd
/z2Iz6iFv3Liw6fvRK6ycYRtiDcqHa7szGOI4wM0MvAiH0445WTjB7LXjBYp5Hza
J2i7cPzGpa0FrmKJpVh0yz/ojJ4jnkBzq32HTvrao+M/EPD6X+iRhU3l1gDEm53N
dGmloxhf5iv94Lt/S++luN75lIqmwpnPoEmncfJBNedhe/K4owWzXAal2kNq6+rD
xkkmk3BKOSqSADRNkli8s8w=
-----END CERTIFICATE-----
Generated at Mon Oct 23 22:27:51 2023 by rpki-client on console-fra.rpki-client.org