Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/A9E8AC90A72F11EE8223F64DC4F9AE02.roa
File: A9E8AC90A72F11EE8223F64DC4F9AE02.roa (raw, json)
Hash identifier: 5Ox1I1QW9EuGi8INScoMyC6PMNFVkAdCugK+fEpBxSw=
Subject key identifier: 2D:C8:45:68:46:F1:8B:B6:E9:D8:A6:80:01:8B:ED:9D:72:BF:30:01
Certificate issuer: /CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Certificate serial: 282B
Authority key identifier: F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/A9E8AC90A72F11EE8223F64DC4F9AE02.roa
Signing time: Sat 30 Dec 2023 16:22:45 +0000
ROA not before: Sat 30 Dec 2023 16:22:45 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 60064
IP address blocks: 122.254.78.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10283 (0x282b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Validity
Not Before: Dec 30 16:22:45 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=659043d5-046e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9d:13:c9:26:09:2b:16:71:14:d5:a8:53:10:
55:15:97:de:0d:06:11:5b:de:ac:7e:a7:a8:90:c3:
80:79:f0:e8:3a:a5:60:d6:42:86:6f:b0:22:98:cc:
24:f9:d8:92:f8:50:61:27:16:b8:e1:2b:25:ac:b1:
fc:d6:78:e0:c7:8e:00:be:d7:1c:8c:ff:f4:2c:a4:
53:2c:a0:7b:c6:d7:e1:90:a2:0e:61:96:21:53:53:
4b:fb:6f:22:ac:57:be:2e:e5:1b:ea:3c:4d:92:58:
82:a6:65:e8:0c:92:50:95:a6:d6:27:78:5c:fe:b8:
c9:8d:62:b1:4d:38:96:6f:d5:6c:70:11:58:76:dc:
da:98:9b:85:ef:a3:7c:33:ef:e7:34:de:ff:51:6d:
df:ae:e6:17:c3:02:6e:93:13:f0:0c:3d:6a:0e:63:
d6:49:71:f8:00:08:a3:46:65:18:b1:b2:63:37:d9:
57:fb:ba:90:21:39:fe:2a:7a:5f:ab:f5:32:fa:d5:
16:54:90:fa:4a:dc:5a:05:8b:da:39:f1:36:a9:89:
56:2f:b4:cf:22:9c:db:0c:3f:18:5f:33:a2:ee:5d:
7a:32:92:2c:9e:89:f3:4e:35:35:de:21:46:e7:7b:
e3:8c:b2:cc:d3:c6:81:0f:06:47:aa:39:2f:d6:6c:
b3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:C8:45:68:46:F1:8B:B6:E9:D8:A6:80:01:8B:ED:9D:72:BF:30:01
X509v3 Authority Key Identifier:
keyid:F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/8A5-TIBTz_oGjrc-lYiS3YvmGow.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/A9E8AC90A72F11EE8223F64DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.254.78.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:f1:76:9b:29:97:f8:d9:18:cc:b4:f6:e8:b5:63:60:a8:43:
71:ea:fa:d8:83:9c:5b:39:6c:cf:31:e2:4c:40:45:5b:24:1a:
dc:38:44:85:e6:14:0b:f1:b2:e4:5e:df:2b:56:c9:26:b7:4d:
33:2e:37:b4:ab:ef:48:dd:c4:81:ec:f1:41:07:5c:86:90:4c:
c7:b1:2d:56:80:f6:50:cb:c2:96:92:66:49:77:89:bb:c1:03:
10:fc:27:fa:42:e6:43:0b:b1:b7:7a:90:4f:4d:a9:56:a8:df:
68:8b:c6:0a:14:c4:45:a1:84:13:91:f8:97:2e:3f:16:77:21:
31:6b:8f:9b:0a:ef:61:f2:49:d6:76:1e:b3:2f:58:30:cd:66:
b8:5e:2c:9c:eb:b2:ce:48:3a:b7:e2:9a:9f:1d:32:52:04:b3:
95:7e:fd:f8:08:9e:33:a3:ea:ea:b0:95:78:16:b9:55:0e:80:
e4:80:b6:45:51:b9:fd:22:d8:c7:6e:2f:c9:a0:5b:a4:0e:94:
de:05:8a:c1:d2:42:27:9d:5c:36:34:57:6f:2c:9c:dc:ef:82:
51:0d:35:1f:7f:9b:73:bb:af:fd:dc:d9:c7:fe:40:bb:ea:29:
c3:9e:18:8a:71:0c:cb:1d:ff:40:89:99:3a:f8:00:71:03:1e:
8a:53:78:d2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKCswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkU3NDkxMTAvBgNVBAUTKEYwMEU3RTRDODA1M0NGRkEwNjhFQjczRTk1ODg5MkRE
OEJFNjFBOEMwHhcNMjMxMjMwMTYyMjQ1WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTkwNDNkNS0wNDZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvJ0TySYJKxZxFNWoUxBVFZfeDQYRW96sfqeokMOAefDoOqVg1kKGb7AimMwk
+diS+FBhJxa44SslrLH81njgx44AvtccjP/0LKRTLKB7xtfhkKIOYZYhU1NL+28i
rFe+LuUb6jxNkliCpmXoDJJQlabWJ3hc/rjJjWKxTTiWb9VscBFYdtzamJuF76N8
M+/nNN7/UW3fruYXwwJukxPwDD1qDmPWSXH4AAijRmUYsbJjN9lX+7qQITn+Knpf
q/Uy+tUWVJD6StxaBYvaOfE2qYlWL7TPIpzbDD8YXzOi7l16MpIsnonzTjU13iFG
53vjjLLM08aBDwZHqjkv1myz8wIDAQABo4IClTCCApEwHQYDVR0OBBYEFC3IRWhG
8Yu26dimgAGL7Z1yvzABMB8GA1UdIwQYMBaAFPAOfkyAU8/6Bo63PpWIkt2L5hqM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTc0OS9CRDY0NDE5MDlG
QTQxMUU0QjhERkREMzdDNEY5QUUwMi84QTUtVElCVHpfb0dqcmMtbFlpUzNZdm1H
b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhBNS1USUJUel9vR2pyYy1sWWlTM1l2bUdvdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkU3NDkvQkQ2NDQxOTA5RkE0MTFFNEI4REZERDM3QzRGOUFFMDIvQTlFOEFDOTBB
NzJGMTFFRTgyMjNGNjREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB6/k4wDQYJKoZIhvcNAQELBQADggEBAI3xdpspl/jZGMy0
9ui1Y2CoQ3Hq+tiDnFs5bM8x4kxARVskGtw4RIXmFAvxsuRe3ytWySa3TTMuN7Sr
70jdxIHs8UEHXIaQTMexLVaA9lDLwpaSZkl3ibvBAxD8J/pC5kMLsbd6kE9NqVao
32iLxgoUxEWhhBOR+JcuPxZ3ITFrj5sK72HySdZ2HrMvWDDNZrheLJzrss5IOrfi
mp8dMlIEs5V+/fgInjOj6uqwlXgWuVUOgOSAtkVRuf0i2MduL8mgW6QOlN4FisHS
QiedXDY0V28snNzvglENNR9/m3O7r/3c2cf+QLvqKcOeGIpxDMsd/0CJmTr4AHED
HopTeNI=
-----END CERTIFICATE-----
Generated at Sat Feb 24 01:09:35 2024 by rpki-client on console-ams.rpki-client.org