Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/BAE036700A3411ECA236F260C4F9AE02.roa
File: BAE036700A3411ECA236F260C4F9AE02.roa (raw, json)
Hash identifier: GjgEmx2tatRfJxSR59L/fNZ+wedwR6ll0hIbDVWqrSU=
Subject key identifier: C0:B0:94:6E:AC:02:C2:D0:70:00:64:A9:DE:8D:CD:B3:69:5F:89:40
Certificate issuer: /CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Certificate serial: 2347
Authority key identifier: F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/BAE036700A3411ECA236F260C4F9AE02.roa
Signing time: Tue 31 Aug 2021 09:04:17 +0000
ROA not before: Tue 31 Aug 2021 09:04:17 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 136933
IP address blocks: 122.254.92.0/22 maxlen: 24
122.254.96.0/22 maxlen: 22
122.254.100.0/22 maxlen: 22
122.254.104.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9031 (0x2347)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Validity
Not Before: Aug 31 09:04:17 2021 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=612df090-0826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c3:22:ed:0f:1e:04:9b:e9:1a:ea:2c:6a:e5:
d1:e0:68:a3:a2:b6:2f:70:86:ad:8d:50:93:bf:33:
40:5f:88:87:7b:14:0d:28:bb:e0:a2:42:5b:ce:9b:
5b:0a:55:3a:fd:86:04:e6:5a:8d:fc:83:f6:d4:27:
02:de:81:4f:c2:e5:62:7c:a0:e6:1a:2b:3c:f1:75:
5f:86:b2:bd:1b:92:e1:d1:e6:4b:36:13:b6:d5:f7:
5b:c6:07:4e:e2:f7:e6:48:25:da:ea:c1:4b:66:5a:
db:77:48:99:22:ec:f6:e5:ee:cf:9f:72:11:e6:16:
aa:c1:06:f7:f7:83:fa:12:08:fa:fd:62:98:5d:22:
e7:01:ce:61:cb:8b:99:f8:17:f6:cf:64:b0:12:2c:
7b:d5:0a:47:bd:51:8f:bf:70:bb:c7:fc:6c:0f:76:
c6:a9:17:92:de:b7:30:4b:9c:ba:c2:f3:a9:35:61:
63:fc:a0:44:6b:b4:fa:c9:fe:c7:8a:bb:81:dd:bb:
63:1b:bc:2b:3b:4f:04:7a:5c:8d:ee:60:10:81:08:
1f:e8:bc:7b:44:85:fb:ca:b7:dd:72:97:10:f0:ea:
18:45:5b:ea:47:e7:bc:5c:4f:2b:88:c1:3a:c8:ab:
87:44:8c:73:a1:33:2a:7b:f4:03:0c:1d:ff:1f:12:
1b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:B0:94:6E:AC:02:C2:D0:70:00:64:A9:DE:8D:CD:B3:69:5F:89:40
X509v3 Authority Key Identifier:
keyid:F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/8A5-TIBTz_oGjrc-lYiS3YvmGow.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/BAE036700A3411ECA236F260C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.254.92.0-122.254.107.255
Signature Algorithm: sha256WithRSAEncryption
18:24:a6:ef:9e:28:07:ed:3c:9d:92:a2:d0:48:77:24:93:a1:
f7:db:4b:74:9c:d0:68:d6:15:0d:51:df:46:77:a6:56:2c:f3:
b4:2d:33:76:af:87:8d:b2:e5:92:a8:93:68:ec:aa:d4:c9:aa:
50:c1:d5:6b:6d:c7:97:2b:8e:1f:0d:28:ef:d8:07:a0:ec:24:
d5:d1:c2:fc:1f:97:74:15:62:4c:26:6b:d3:95:a4:22:25:ca:
dd:f3:64:3c:7b:8c:f5:c4:af:75:73:6f:f1:33:86:09:2f:d4:
83:84:59:cc:19:db:dd:ed:44:ec:b4:77:cb:89:04:72:b1:1e:
e5:f2:5a:a1:07:36:64:1e:c0:88:4f:37:68:a3:4f:13:85:4c:
e1:0f:c8:50:fd:aa:99:1e:ef:30:e9:92:27:54:e7:c4:f1:85:
c3:79:f5:d4:3a:26:f0:53:a2:d2:42:e6:4c:90:df:67:fc:41:
96:88:87:ef:f2:6f:04:69:74:3d:25:25:cb:57:37:b2:3d:84:
81:be:0f:9a:33:f2:51:3c:be:1c:06:bd:39:d5:1a:c2:46:80:
f1:6b:74:af:cc:6f:a7:ed:23:35:2f:eb:d8:ae:38:1a:0a:ac:
97:8c:78:e2:fc:de:ad:c0:cf:e7:f6:35:cf:b2:41:cb:2f:e2:
03:75:15:a8
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICI0cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkU3NDkxMTAvBgNVBAUTKEYwMEU3RTRDODA1M0NGRkEwNjhFQjczRTk1ODg5MkRE
OEJFNjFBOEMwHhcNMjEwODMxMDkwNDE3WhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTJkZjA5MC0wODI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApMMi7Q8eBJvpGuosauXR4GijorYvcIatjVCTvzNAX4iHexQNKLvgokJbzptb
ClU6/YYE5lqN/IP21CcC3oFPwuVifKDmGis88XVfhrK9G5Lh0eZLNhO21fdbxgdO
4vfmSCXa6sFLZlrbd0iZIuz25e7Pn3IR5haqwQb394P6Egj6/WKYXSLnAc5hy4uZ
+Bf2z2SwEix71QpHvVGPv3C7x/xsD3bGqReS3rcwS5y6wvOpNWFj/KBEa7T6yf7H
iruB3btjG7wrO08EelyN7mAQgQgf6Lx7RIX7yrfdcpcQ8OoYRVvqR+e8XE8riME6
yKuHRIxzoTMqe/QDDB3/HxIbEQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFMCwlG6s
AsLQcABkqd6NzbNpX4lAMB8GA1UdIwQYMBaAFPAOfkyAU8/6Bo63PpWIkt2L5hqM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTc0OS9CRDY0NDE5MDlG
QTQxMUU0QjhERkREMzdDNEY5QUUwMi84QTUtVElCVHpfb0dqcmMtbFlpUzNZdm1H
b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhBNS1USUJUel9vR2pyYy1sWWlTM1l2bUdvdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkU3NDkvQkQ2NDQxOTA5RkE0MTFFNEI4REZERDM3QzRGOUFFMDIvQkFFMDM2NzAw
QTM0MTFFQ0EyMzZGMjYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAnr+XAMEAnr+aDANBgkqhkiG9w0BAQsFAAOCAQEAGCSm
754oB+08nZKi0Eh3JJOh99tLdJzQaNYVDVHfRnemVizztC0zdq+HjbLlkqiTaOyq
1MmqUMHVa23HlyuOHw0o79gHoOwk1dHC/B+XdBViTCZr05WkIiXK3fNkPHuM9cSv
dXNv8TOGCS/Ug4RZzBnb3e1E7LR3y4kEcrEe5fJaoQc2ZB7AiE83aKNPE4VM4Q/I
UP2qmR7vMOmSJ1TnxPGFw3n11Dom8FOi0kLmTJDfZ/xBloiH7/JvBGl0PSUly1c3
sj2Egb4PmjPyUTy+HAa9OdUawkaA8Wt0r8xvp+0jNS/r2K44Ggqsl4x44vzercDP
5/Y1z7JByy/iA3UVqA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org