Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/73C06F363F4C11EEA38AA553C4F9AE02.roa
File: 73C06F363F4C11EEA38AA553C4F9AE02.roa (raw, json)
Hash identifier: 63v8MQts+EcqQTU3B7MiqdHdpkA8rjknoxC6xHv/3tI=
Subject key identifier: 3A:6F:7D:CF:31:77:F0:3C:D1:45:A9:F0:EF:12:01:0B:C5:DF:47:68
Certificate issuer: /CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Certificate serial: 27AA
Authority key identifier: F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/73C06F363F4C11EEA38AA553C4F9AE02.roa
Signing time: Sun 20 Aug 2023 11:26:49 +0000
ROA not before: Sun 20 Aug 2023 11:26:49 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 201106
IP address blocks: 122.254.64.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10154 (0x27aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Validity
Not Before: Aug 20 11:26:49 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64e1f878-e0a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:98:21:f5:2e:44:93:90:5f:1e:75:8e:f5:12:
57:62:b1:2d:02:d1:43:30:6a:d8:5f:54:1f:e0:66:
30:81:71:9a:fd:bd:17:ca:84:7a:dc:1d:46:11:a7:
42:d9:28:03:5f:e7:3a:cd:0f:e8:b4:92:5f:47:d5:
24:26:dc:d8:9a:06:e2:c1:5d:e6:ac:b7:8b:e2:22:
ca:ac:52:b1:a4:c8:ef:12:63:76:23:80:71:7e:3c:
ce:38:75:4f:f9:15:6b:9f:9c:7f:3b:53:c3:df:17:
1e:d9:d0:48:88:c5:cb:3b:97:18:6f:45:35:b2:16:
7c:b0:f1:3a:0f:b9:57:de:8d:93:60:c1:5c:47:35:
3a:22:25:a1:a2:21:46:a6:27:b2:ac:66:e6:92:69:
a9:4f:f2:66:84:ea:69:cd:22:59:8a:bd:e8:86:53:
d5:a4:bf:22:36:f4:cd:ec:95:51:de:e0:da:5e:d3:
a1:99:87:4a:76:0b:83:86:2e:61:e3:23:ac:1e:cb:
3e:e1:eb:f9:61:1d:0f:2b:62:5b:49:79:3b:c1:44:
a0:a3:2f:13:e5:d1:c9:e7:f7:08:2e:08:87:ac:ca:
1e:00:75:67:30:59:c6:7a:3b:5b:85:d3:4b:7b:4b:
a2:dd:99:cd:d0:e4:c9:3b:0a:50:b5:55:56:51:44:
9f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6F:7D:CF:31:77:F0:3C:D1:45:A9:F0:EF:12:01:0B:C5:DF:47:68
X509v3 Authority Key Identifier:
keyid:F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/8A5-TIBTz_oGjrc-lYiS3YvmGow.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/73C06F363F4C11EEA38AA553C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.254.64.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:e1:c3:f9:3e:d6:8c:57:fe:b0:16:57:82:e3:e3:1a:32:19:
7a:5e:77:8e:e8:d4:6d:27:e5:b1:6c:1d:27:b2:3e:ef:78:f9:
41:49:c2:47:c0:8f:f8:60:8a:a8:58:88:ea:c4:c3:d9:9d:f1:
50:46:7c:5f:ef:8e:96:8a:69:3d:a5:69:b2:df:aa:f5:c1:09:
0e:88:15:51:1e:6d:ca:92:6b:d5:e7:a5:74:98:c1:32:de:e9:
6a:ed:21:b3:4b:23:16:40:68:00:de:91:ce:6a:e6:00:b3:5d:
f7:2c:cc:85:39:de:7d:e1:b0:53:7b:e7:a6:ae:b9:a7:54:ba:
a2:b1:7d:cd:46:88:60:ac:3a:2a:18:49:9c:b5:92:92:e9:b0:
67:f9:15:f1:21:dc:a1:6c:16:3a:ae:c1:33:5c:73:58:fb:4b:
a7:b3:bd:1a:e6:1f:3c:dc:48:d4:40:52:0f:08:16:22:dc:d5:
ca:0c:8e:11:1e:21:ad:85:ff:cf:80:08:53:96:ee:ba:27:7d:
77:8a:23:16:a9:ed:6b:42:77:0f:5d:6e:d0:ba:08:e5:9b:68:
e7:5f:b1:f7:9e:17:29:d2:7b:8e:b6:c1:e7:70:4d:82:7c:bd:
d3:16:4a:8c:b4:a9:ca:b5:8b:7b:50:58:9c:38:d3:70:ea:a6:
2d:2d:1d:52
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJ6owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkU3NDkxMTAvBgNVBAUTKEYwMEU3RTRDODA1M0NGRkEwNjhFQjczRTk1ODg5MkRE
OEJFNjFBOEMwHhcNMjMwODIwMTEyNjQ5WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGUxZjg3OC1lMGE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr5gh9S5Ek5BfHnWO9RJXYrEtAtFDMGrYX1Qf4GYwgXGa/b0XyoR63B1GEadC
2SgDX+c6zQ/otJJfR9UkJtzYmgbiwV3mrLeL4iLKrFKxpMjvEmN2I4BxfjzOOHVP
+RVrn5x/O1PD3xce2dBIiMXLO5cYb0U1shZ8sPE6D7lX3o2TYMFcRzU6IiWhoiFG
pieyrGbmkmmpT/JmhOppzSJZir3ohlPVpL8iNvTN7JVR3uDaXtOhmYdKdguDhi5h
4yOsHss+4ev5YR0PK2JbSXk7wUSgoy8T5dHJ5/cILgiHrMoeAHVnMFnGejtbhdNL
e0ui3ZnN0OTJOwpQtVVWUUSfFwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDpvfc8x
d/A80UWp8O8SAQvF30doMB8GA1UdIwQYMBaAFPAOfkyAU8/6Bo63PpWIkt2L5hqM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTc0OS9CRDY0NDE5MDlG
QTQxMUU0QjhERkREMzdDNEY5QUUwMi84QTUtVElCVHpfb0dqcmMtbFlpUzNZdm1H
b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhBNS1USUJUel9vR2pyYy1sWWlTM1l2bUdvdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkU3NDkvQkQ2NDQxOTA5RkE0MTFFNEI4REZERDM3QzRGOUFFMDIvNzNDMDZGMzYz
RjRDMTFFRUEzOEFBNTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB6/kAwDQYJKoZIhvcNAQELBQADggEBAL/hw/k+1oxX/rAW
V4Lj4xoyGXped47o1G0n5bFsHSeyPu94+UFJwkfAj/hgiqhYiOrEw9md8VBGfF/v
jpaKaT2labLfqvXBCQ6IFVEebcqSa9XnpXSYwTLe6WrtIbNLIxZAaADekc5q5gCz
XfcszIU53n3hsFN756auuadUuqKxfc1GiGCsOioYSZy1kpLpsGf5FfEh3KFsFjqu
wTNcc1j7S6ezvRrmHzzcSNRAUg8IFiLc1coMjhEeIa2F/8+ACFOW7ronfXeKIxap
7WtCdw9dbtC6COWbaOdfsfeeFynSe462wedwTYJ8vdMWSoy0qcq1i3tQWJw403Dq
pi0tHVI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:40 2024 by rpki-client on console-ams.rpki-client.org