Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/58757E723F3F11EEBEA9D075C4F9AE02.roa
File: 58757E723F3F11EEBEA9D075C4F9AE02.roa (raw, json)
Hash identifier: TNJUBTnEDTm9YRmp25V0NHaa3aDyCyvgJzPCpJe/1x8=
Subject key identifier: F1:8E:67:86:31:85:51:E3:3B:C2:49:EF:A5:CC:19:29:C6:76:8B:C7
Certificate issuer: /CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Certificate serial: 2791
Authority key identifier: F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/58757E723F3F11EEBEA9D075C4F9AE02.roa
Signing time: Sun 20 Aug 2023 09:52:59 +0000
ROA not before: Sun 20 Aug 2023 09:52:59 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 138195
IP address blocks: 122.254.64.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10129 (0x2791)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Validity
Not Before: Aug 20 09:52:59 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64e1e27b-9c18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:45:fd:e5:37:91:2a:f2:c2:30:8b:97:3a:78:
60:86:75:e4:ea:88:d6:cf:59:fe:73:35:8b:67:3a:
f3:3d:3e:62:0d:b2:95:14:80:2f:89:39:d7:ad:cd:
da:58:17:5e:71:69:e7:0b:49:53:b1:02:18:fc:88:
b2:59:b0:47:f7:6f:45:cb:c0:76:f1:39:8d:84:bb:
eb:18:4b:34:e4:68:3d:92:c7:c9:41:7d:cd:14:02:
c7:a6:a2:d4:e3:43:43:90:8b:21:04:91:11:b4:23:
5c:f8:47:b4:ff:bf:01:e5:e1:43:ac:4d:03:e3:b0:
f5:b4:e5:45:97:7a:50:12:b5:a2:b5:df:e1:26:15:
45:b5:e7:12:af:0f:b8:65:92:71:fd:f3:cb:b2:c4:
56:89:a6:e3:af:f5:d5:81:f1:ae:71:46:3c:24:4d:
5a:04:5f:a5:d0:b3:a4:27:88:5a:50:a5:e6:63:d4:
b3:33:0d:1d:74:a6:ff:49:7a:53:51:f8:e8:2f:67:
99:10:77:2d:98:52:56:06:c0:81:1b:1c:fc:62:13:
fa:70:3d:e3:b7:cb:b9:75:97:2b:b9:df:8a:e3:9e:
ec:e9:2b:21:70:6e:bf:98:a7:24:da:f0:3d:7c:f3:
9b:6e:5a:0e:fe:8d:f1:8f:93:a6:d2:e1:f0:4b:c6:
f9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:8E:67:86:31:85:51:E3:3B:C2:49:EF:A5:CC:19:29:C6:76:8B:C7
X509v3 Authority Key Identifier:
keyid:F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/8A5-TIBTz_oGjrc-lYiS3YvmGow.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/58757E723F3F11EEBEA9D075C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.254.64.0/24
Signature Algorithm: sha256WithRSAEncryption
54:3f:54:1b:9a:a0:0d:a4:95:e0:0d:2b:ac:88:77:9d:8a:29:
25:24:22:2c:d5:f7:80:42:95:62:7c:8c:9c:09:15:17:db:cf:
5c:55:78:59:57:93:c2:e8:4e:25:14:1f:a8:42:e9:f2:e9:ac:
82:9f:76:5b:73:f2:35:bc:2d:8c:ba:f7:67:40:28:24:0f:f9:
cc:9b:6f:49:dc:43:ce:0a:3c:b1:f1:21:00:d3:0f:8d:8b:a9:
a7:12:5d:59:5b:99:ec:0d:0d:64:d9:50:03:1d:50:6a:ca:32:
b2:46:b3:4f:b6:b5:72:77:9e:28:f5:f6:c7:ce:f7:06:e5:54:
11:72:89:37:f8:c8:0c:b6:50:2a:6b:1e:22:08:7b:e5:0a:6f:
69:21:bb:1c:df:62:f5:1f:97:dc:64:c2:b8:99:c3:0e:2e:ad:
1b:e3:a0:6f:02:a8:42:ff:e8:f1:b2:e0:84:d7:71:37:ce:d3:
25:df:e3:5c:07:51:38:5d:03:45:5e:34:69:91:3b:4d:14:87:
15:16:38:83:3a:74:f9:20:47:18:62:9d:6b:cf:ba:e0:29:60:
29:0b:d1:da:4e:7f:99:6d:c2:86:ff:1f:80:d4:77:71:c7:f2:
8c:e8:cf:cb:55:d0:d0:89:2a:73:e5:0c:0c:cd:34:74:b4:cc:
98:62:5e:90
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJ5EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkU3NDkxMTAvBgNVBAUTKEYwMEU3RTRDODA1M0NGRkEwNjhFQjczRTk1ODg5MkRE
OEJFNjFBOEMwHhcNMjMwODIwMDk1MjU5WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGUxZTI3Yi05YzE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuEX95TeRKvLCMIuXOnhghnXk6ojWz1n+czWLZzrzPT5iDbKVFIAviTnXrc3a
WBdecWnnC0lTsQIY/IiyWbBH929Fy8B28TmNhLvrGEs05Gg9ksfJQX3NFALHpqLU
40NDkIshBJERtCNc+Ee0/78B5eFDrE0D47D1tOVFl3pQErWitd/hJhVFtecSrw+4
ZZJx/fPLssRWiabjr/XVgfGucUY8JE1aBF+l0LOkJ4haUKXmY9SzMw0ddKb/SXpT
UfjoL2eZEHctmFJWBsCBGxz8YhP6cD3jt8u5dZcrud+K457s6SshcG6/mKck2vA9
fPObbloO/o3xj5Om0uHwS8b5MQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPGOZ4Yx
hVHjO8JJ76XMGSnGdovHMB8GA1UdIwQYMBaAFPAOfkyAU8/6Bo63PpWIkt2L5hqM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTc0OS9CRDY0NDE5MDlG
QTQxMUU0QjhERkREMzdDNEY5QUUwMi84QTUtVElCVHpfb0dqcmMtbFlpUzNZdm1H
b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhBNS1USUJUel9vR2pyYy1sWWlTM1l2bUdvdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkU3NDkvQkQ2NDQxOTA5RkE0MTFFNEI4REZERDM3QzRGOUFFMDIvNTg3NTdFNzIz
RjNGMTFFRUJFQTlEMDc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB6/kAwDQYJKoZIhvcNAQELBQADggEBAFQ/VBuaoA2kleAN
K6yId52KKSUkIizV94BClWJ8jJwJFRfbz1xVeFlXk8LoTiUUH6hC6fLprIKfdltz
8jW8LYy692dAKCQP+cybb0ncQ84KPLHxIQDTD42LqacSXVlbmewNDWTZUAMdUGrK
MrJGs0+2tXJ3nij19sfO9wblVBFyiTf4yAy2UCprHiIIe+UKb2khuxzfYvUfl9xk
wriZww4urRvjoG8CqEL/6PGy4ITXcTfO0yXf41wHUThdA0VeNGmRO00UhxUWOIM6
dPkgRxhinWvPuuApYCkL0dpOf5ltwob/H4DUd3HH8ozoz8tV0NCJKnPlDAzNNHS0
zJhiXpA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:40 2024 by rpki-client on console-ams.rpki-client.org