Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/9B17FBBE678011EA82DC7F32C4F9AE02.roa
File: 9B17FBBE678011EA82DC7F32C4F9AE02.roa (raw, json)
Hash identifier: 6kkap2xveWjNLkP4JDf+598I67GVq95d8LL9dDbnBzs=
Subject key identifier: 97:8C:68:BB:B1:17:64:83:FD:A9:14:D6:3C:E9:C6:1C:73:D4:C6:23
Certificate issuer: /CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Certificate serial: 276D
Authority key identifier: F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/9B17FBBE678011EA82DC7F32C4F9AE02.roa
Signing time: Wed 28 Jun 2023 16:02:36 +0000
ROA not before: Wed 28 Jun 2023 16:02:36 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 45650
IP address blocks: 122.254.80.0/21 maxlen: 24
122.254.88.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10093 (0x276d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Validity
Not Before: Jun 28 16:02:36 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=649c599c-73e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:74:26:49:3d:6b:02:9f:8f:70:61:5d:fe:23:
59:ca:ff:e6:e9:13:bf:eb:da:c3:7f:f4:00:06:6f:
40:12:65:8c:1e:ed:ed:71:a1:f0:54:a1:fb:93:d0:
a8:aa:18:83:cd:a3:7c:4d:89:84:3b:08:65:61:9a:
72:85:ce:2c:dc:5f:29:44:b1:c0:db:a7:21:cc:7f:
30:55:2e:a2:6f:70:4f:27:ca:c9:3d:89:b8:75:4a:
e7:52:b9:cb:29:09:bd:f0:17:38:f1:48:6d:f8:e4:
cb:d2:ae:40:e5:ea:a8:38:70:94:c1:f5:6e:08:e4:
b3:ea:34:51:6e:51:0a:4d:cf:f9:1e:08:b5:c7:3b:
31:54:81:0e:5e:7b:20:86:ee:04:85:b7:47:69:f5:
b3:a2:9d:96:44:66:5e:3c:16:5d:d7:22:89:58:ef:
98:6b:83:61:b8:f7:9c:64:84:e3:12:03:b3:6a:50:
59:5f:05:a8:4f:7c:e8:8b:c1:88:aa:dc:58:1b:3d:
3c:c3:d2:31:19:f0:7c:eb:3f:71:26:88:94:cd:32:
c0:ae:4d:b4:94:92:76:c1:90:42:bd:48:16:3b:cf:
c4:78:a9:ec:21:0f:38:14:94:a7:1f:8a:c1:6b:dd:
22:b7:b0:95:7f:a9:f4:71:56:a6:55:af:69:b0:0f:
19:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:8C:68:BB:B1:17:64:83:FD:A9:14:D6:3C:E9:C6:1C:73:D4:C6:23
X509v3 Authority Key Identifier:
keyid:F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/8A5-TIBTz_oGjrc-lYiS3YvmGow.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/9B17FBBE678011EA82DC7F32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.254.80.0-122.254.91.255
Signature Algorithm: sha256WithRSAEncryption
54:de:3a:b5:b0:d6:03:fd:82:76:bb:d7:5f:b4:fa:69:e6:a5:
2d:87:e3:ab:98:89:fb:14:95:cb:25:4b:19:c4:21:b1:60:be:
f6:10:49:58:a0:df:15:f8:31:1d:10:34:d4:e7:49:d0:26:e3:
d3:2a:00:1b:4a:fb:b9:da:d5:1c:3f:8e:3a:52:bd:d6:a0:16:
e7:5c:5e:c0:a4:01:52:18:13:a7:4c:7d:ef:f1:a8:c8:67:0c:
29:4f:8c:e2:ce:8e:d5:f3:34:3d:f7:90:51:e8:a5:b2:b9:31:
28:f4:d3:aa:6a:cf:51:23:81:f6:ea:83:79:0a:7b:83:1e:c5:
b2:45:af:82:16:e1:5a:4a:ec:4e:74:fa:9c:4e:a7:74:63:df:
48:8c:b8:c8:ca:60:37:1e:90:4c:59:51:b6:55:4c:bc:8f:31:
b2:99:df:78:81:05:32:59:91:ba:df:85:15:4b:bf:58:0e:1b:
56:e4:5f:40:cb:32:69:e6:1d:28:f6:33:0c:49:7c:9a:48:ab:
16:b5:9b:30:78:7f:2e:e7:56:4a:0c:a5:ce:57:5c:f0:c5:18:
81:95:bf:f9:82:55:7a:40:81:7a:d5:80:2a:3b:a7:62:a1:0e:
70:d4:db:89:26:6c:32:e6:cc:ee:e1:a1:42:56:45:2c:2e:11:
37:1b:0a:81
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICJ20wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkU3NDkxMTAvBgNVBAUTKEYwMEU3RTRDODA1M0NGRkEwNjhFQjczRTk1ODg5MkRE
OEJFNjFBOEMwHhcNMjMwNjI4MTYwMjM2WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDljNTk5Yy03M2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx3QmST1rAp+PcGFd/iNZyv/m6RO/69rDf/QABm9AEmWMHu3tcaHwVKH7k9Co
qhiDzaN8TYmEOwhlYZpyhc4s3F8pRLHA26chzH8wVS6ib3BPJ8rJPYm4dUrnUrnL
KQm98Bc48Uht+OTL0q5A5eqoOHCUwfVuCOSz6jRRblEKTc/5Hgi1xzsxVIEOXnsg
hu4EhbdHafWzop2WRGZePBZd1yKJWO+Ya4NhuPecZITjEgOzalBZXwWoT3zoi8GI
qtxYGz08w9IxGfB86z9xJoiUzTLArk20lJJ2wZBCvUgWO8/EeKnsIQ84FJSnH4rB
a90it7CVf6n0cVamVa9psA8ZgQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFJeMaLux
F2SD/akU1jzpxhxz1MYjMB8GA1UdIwQYMBaAFPAOfkyAU8/6Bo63PpWIkt2L5hqM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTc0OS9CRDY0NDE5MDlG
QTQxMUU0QjhERkREMzdDNEY5QUUwMi84QTUtVElCVHpfb0dqcmMtbFlpUzNZdm1H
b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhBNS1USUJUel9vR2pyYy1sWWlTM1l2bUdvdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkU3NDkvQkQ2NDQxOTA5RkE0MTFFNEI4REZERDM3QzRGOUFFMDIvOUIxN0ZCQkU2
NzgwMTFFQTgyREM3RjMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEBHr+UAMEAnr+WDANBgkqhkiG9w0BAQsFAAOCAQEAVN46
tbDWA/2CdrvXX7T6aealLYfjq5iJ+xSVyyVLGcQhsWC+9hBJWKDfFfgxHRA01OdJ
0Cbj0yoAG0r7udrVHD+OOlK91qAW51xewKQBUhgTp0x97/GoyGcMKU+M4s6O1fM0
PfeQUeilsrkxKPTTqmrPUSOB9uqDeQp7gx7FskWvghbhWkrsTnT6nE6ndGPfSIy4
yMpgNx6QTFlRtlVMvI8xspnfeIEFMlmRut+FFUu/WA4bVuRfQMsyaeYdKPYzDEl8
mkirFrWbMHh/LudWSgylzldc8MUYgZW/+YJVekCBetWAKjunYqEOcNTbiSZsMubM
7uGhQlZFLC4RNxsKgQ==
-----END CERTIFICATE-----
Generated at Sat Feb 24 01:09:35 2024 by rpki-client on console-ams.rpki-client.org