Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD4CC/4C8EBEE2279311EAA00E9724C4F9AE02/DCE5418AFBC011EABD414749C4F9AE02.roa
File: DCE5418AFBC011EABD414749C4F9AE02.roa (raw, json)
Hash identifier: UIcRMB4wkxY6bLHxDwgembvqwamcWodjjyu9RHpn6JA=
Subject key identifier: C2:26:37:4E:63:BB:15:EF:79:FB:D3:0B:2F:A8:D0:79:21:27:60:EB
Certificate issuer: /CN=A91FD4CC/serialNumber=77692363E02CD579EC52E18148A72ADEC9968753
Certificate serial: 093B
Authority key identifier: 77:69:23:63:E0:2C:D5:79:EC:52:E1:81:48:A7:2A:DE:C9:96:87:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2kjY-As1XnsUuGBSKcq3smWh1M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FD4CC/4C8EBEE2279311EAA00E9724C4F9AE02/DCE5418AFBC011EABD414749C4F9AE02.roa
Signing time: Fri 05 Aug 2022 08:26:50 +0000
ROA not before: Fri 05 Aug 2022 08:26:50 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 23959
IP address blocks: 103.121.208.0/24 maxlen: 24
103.121.209.0/24 maxlen: 24
103.121.210.0/24 maxlen: 24
103.121.211.0/24 maxlen: 24
2403:71c0:2000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2363 (0x93b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FD4CC/serialNumber=77692363E02CD579EC52E18148A72ADEC9968753
Validity
Not Before: Aug 5 08:26:50 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=62ecd449-137b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a5:ab:c9:a2:c3:24:73:0f:72:8b:ee:29:64:
ee:41:71:92:58:73:bb:7d:27:29:5e:58:7b:2a:ac:
6a:41:e4:63:c8:8f:14:9d:d4:85:82:83:70:2f:52:
39:dd:ef:8c:15:97:d4:59:dd:a8:c7:23:98:bc:0b:
ad:dc:4f:48:8c:59:bd:a3:59:a4:8c:37:e3:29:05:
c5:8d:64:9e:cd:0c:cc:37:4a:d7:b5:ed:c1:1b:a7:
7d:28:18:8e:c7:50:0f:aa:ee:37:e0:53:7f:bc:50:
22:75:76:46:61:50:a8:68:27:d8:9d:00:ec:ae:1d:
64:2b:16:8f:1d:89:9b:08:1f:e8:ca:17:14:17:b6:
5f:5f:de:e7:dc:27:e8:d1:29:0a:d5:4d:fc:4d:3b:
f4:e9:fd:41:da:b5:c2:31:da:d4:ce:f4:5d:08:9c:
d0:ea:6b:c8:f3:41:5a:56:3c:b2:66:a0:05:cd:98:
71:23:f3:83:47:e9:8d:f0:6b:13:44:ca:d2:d5:bc:
80:fd:c9:9c:1f:0d:66:f6:95:42:e8:9c:f9:5f:03:
29:1d:fc:f7:95:8b:85:fd:16:f0:51:b0:af:d3:a9:
dd:1a:ac:8c:78:d9:bb:90:4d:f8:a2:f1:c8:24:c6:
5e:be:79:47:a0:be:f3:4a:93:5f:e9:25:e4:c4:3c:
4c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:26:37:4E:63:BB:15:EF:79:FB:D3:0B:2F:A8:D0:79:21:27:60:EB
X509v3 Authority Key Identifier:
keyid:77:69:23:63:E0:2C:D5:79:EC:52:E1:81:48:A7:2A:DE:C9:96:87:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FD4CC/4C8EBEE2279311EAA00E9724C4F9AE02/d2kjY-As1XnsUuGBSKcq3smWh1M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2kjY-As1XnsUuGBSKcq3smWh1M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD4CC/4C8EBEE2279311EAA00E9724C4F9AE02/DCE5418AFBC011EABD414749C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.208.0/22
IPv6:
2403:71c0:2000::/48
Signature Algorithm: sha256WithRSAEncryption
2a:d3:f7:00:d6:99:8d:be:f8:1a:8d:a9:e1:a2:8f:aa:8a:02:
85:01:02:bf:d2:cf:14:70:2f:73:1e:e5:40:18:ed:c9:dd:6c:
c7:e5:bd:f9:44:c3:0f:80:65:2c:3d:4c:75:f6:cf:a8:98:89:
75:0b:1e:08:b0:25:29:6c:45:30:2e:64:07:1b:4f:c5:69:9a:
f6:3b:98:51:0a:82:34:58:b3:67:ee:99:38:85:09:6b:16:86:
5f:a3:3e:70:6f:8a:78:ae:5f:d0:6f:37:ac:d9:f3:ee:7e:c0:
78:10:39:e3:7f:e5:74:99:7a:c7:31:94:b9:83:00:5f:de:02:
c2:56:0d:47:bf:a1:7b:31:8f:4d:95:ed:77:48:69:e5:fe:c7:
3e:39:84:b7:e1:ae:ea:8f:f2:3f:3e:ed:29:ab:69:60:53:ae:
a9:18:14:1c:43:e0:ec:89:a3:06:fe:e1:73:6b:f3:3a:b5:fd:
87:bf:66:4b:a9:67:f9:e1:9f:f2:2d:7e:c5:17:6e:44:23:91:
53:50:49:5b:51:9a:02:76:05:c7:13:80:40:2e:96:e7:a2:02:
3b:15:bd:05:b2:5d:07:a2:dc:06:54:b9:54:ee:ef:b2:fb:38:
6a:ab:ed:f4:be:2f:ef:59:f2:dc:e1:57:2f:84:2c:0f:d3:71:
53:1f:41:30
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICCTswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkQ0Q0MxMTAvBgNVBAUTKDc3NjkyMzYzRTAyQ0Q1NzlFQzUyRTE4MTQ4QTcyQURF
Qzk5Njg3NTMwHhcNMjIwODA1MDgyNjUwWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmVjZDQ0OS0xMzdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxaWryaLDJHMPcovuKWTuQXGSWHO7fScpXlh7KqxqQeRjyI8UndSFgoNwL1I5
3e+MFZfUWd2oxyOYvAut3E9IjFm9o1mkjDfjKQXFjWSezQzMN0rXte3BG6d9KBiO
x1APqu434FN/vFAidXZGYVCoaCfYnQDsrh1kKxaPHYmbCB/oyhcUF7ZfX97n3Cfo
0SkK1U38TTv06f1B2rXCMdrUzvRdCJzQ6mvI80FaVjyyZqAFzZhxI/ODR+mN8GsT
RMrS1byA/cmcHw1m9pVC6Jz5XwMpHfz3lYuF/RbwUbCv06ndGqyMeNm7kE34ovHI
JMZevnlHoL7zSpNf6SXkxDxMwQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFMImN05j
uxXvefvTCy+o0HkhJ2DrMB8GA1UdIwQYMBaAFHdpI2PgLNV57FLhgUinKt7JlodT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRDRDQy80QzhFQkVFMjI3
OTMxMUVBQTAwRTk3MjRDNEY5QUUwMi9kMmtqWS1BczFYbnNVdUdCU0tjcTNzbVdo
MU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Qya2pZLUFzMVhuc1V1R0JTS2NxM3NtV2gxTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkQ0Q0MvNEM4RUJFRTIyNzkzMTFFQUEwMEU5NzI0QzRGOUFFMDIvRENFNTQxOEFG
QkMwMTFFQUJENDE0NzQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAJnedAwDwQCAAIwCQMHACQDccAgADANBgkqhkiG9w0BAQsF
AAOCAQEAKtP3ANaZjb74Go2p4aKPqooChQECv9LPFHAvcx7lQBjtyd1sx+W9+UTD
D4BlLD1MdfbPqJiJdQseCLAlKWxFMC5kBxtPxWma9juYUQqCNFizZ+6ZOIUJaxaG
X6M+cG+KeK5f0G83rNnz7n7AeBA543/ldJl6xzGUuYMAX94CwlYNR7+hezGPTZXt
d0hp5f7HPjmEt+Gu6o/yPz7tKatpYFOuqRgUHEPg7ImjBv7hc2vzOrX9h79mS6ln
+eGf8i1+xRduRCORU1BJW1GaAnYFxxOAQC6W56ICOxW9BbJdB6LcBlS5VO7vsvs4
aqvt9L4v71ny3OFXL4QsD9NxUx9BMA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org