Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/CE67732CA95911EE9927E135C4F9AE02.roa
File: CE67732CA95911EE9927E135C4F9AE02.roa (raw, json)
Hash identifier: JcGaYrhtny1N6kAjYvKaBNviDrd4ixcTcoUkNKKEclk=
Subject key identifier: 70:B6:08:5D:A1:BF:BF:89:3D:ED:57:62:35:A6:C0:78:9F:48:B2:53
Certificate issuer: /CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Certificate serial: 282E
Authority key identifier: F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/CE67732CA95911EE9927E135C4F9AE02.roa
Signing time: Tue 02 Jan 2024 10:29:28 +0000
ROA not before: Tue 02 Jan 2024 10:29:28 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 197730
IP address blocks: 122.254.68.0/24 maxlen: 24
122.254.69.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10286 (0x282e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Validity
Not Before: Jan 2 10:29:28 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=6593e587-6ef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8b:7f:69:19:d1:1b:f9:9b:df:5c:43:2c:de:
ff:f5:db:02:b6:0b:7f:dd:20:7a:17:63:85:2c:9c:
60:0f:64:55:ef:e8:a7:e2:9a:8e:59:09:29:d1:23:
22:65:a7:0f:6c:a0:d9:33:7c:94:81:73:3d:c4:32:
e2:d2:08:fb:20:44:bf:f5:04:8d:f1:6f:7b:c8:63:
50:27:d2:1e:ae:be:d6:0f:37:eb:d5:ce:6b:25:f4:
42:87:a2:3e:07:26:38:2d:41:ec:f7:c2:eb:a1:55:
1b:d6:82:dc:84:58:c6:62:26:d6:8c:d1:ac:7f:41:
f1:af:e8:63:b5:bf:53:b8:d3:41:ad:a4:8a:b0:86:
51:db:c5:00:d6:64:b3:64:e8:51:fa:b1:59:3a:e8:
22:41:ff:f9:fd:1b:23:0d:80:06:52:41:49:9c:15:
98:be:47:e4:83:7f:58:03:53:5b:d1:13:d7:a0:3b:
f6:0d:c3:06:88:39:ed:53:1b:00:5b:96:20:c9:20:
db:25:0e:1e:ce:49:b9:cc:e9:fc:63:83:87:a2:e3:
68:ff:68:eb:98:de:70:17:46:af:3e:68:45:39:9b:
66:c3:5a:98:a0:83:7a:fb:7f:92:11:16:5b:5b:28:
42:bb:f0:95:a2:b0:aa:7c:f4:df:e0:4d:36:27:cf:
c3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B6:08:5D:A1:BF:BF:89:3D:ED:57:62:35:A6:C0:78:9F:48:B2:53
X509v3 Authority Key Identifier:
keyid:F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/8A5-TIBTz_oGjrc-lYiS3YvmGow.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/CE67732CA95911EE9927E135C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.254.68.0/23
Signature Algorithm: sha256WithRSAEncryption
59:db:48:1e:7e:5c:d0:ba:92:63:63:ac:42:a7:b8:61:84:d3:
33:fd:c8:c2:49:db:cd:e8:54:0b:b3:ee:c1:3f:4a:f7:fb:be:
08:ef:2f:8a:c2:e4:aa:3d:a8:5a:ee:6b:87:d5:7d:67:b0:f2:
c1:d0:ec:69:e5:47:ac:c1:83:42:f1:1c:0e:36:1a:46:5d:19:
9b:1a:29:31:a5:e9:ab:96:35:d6:85:2f:6a:ad:8b:ed:23:38:
93:3c:96:32:ad:2e:e6:89:d7:3f:56:8b:1d:fc:fd:b2:e0:f5:
58:82:b2:6b:f2:4c:c2:66:a4:d0:d1:34:c6:ef:68:a9:f6:21:
65:cf:f0:1b:2b:52:b5:fe:a5:ed:89:2c:ac:3b:be:74:b8:b5:
87:2b:cf:78:49:8c:59:c2:03:0d:89:11:0b:b3:13:67:43:56:
65:af:a3:d6:b8:15:0d:6c:c0:c0:c0:35:f5:ea:40:aa:34:a2:
26:6b:03:3e:1e:77:09:7a:83:2d:32:f6:19:88:8a:cd:d4:8b:
cf:3e:cc:3d:e6:dc:8f:35:dc:ec:78:39:23:5b:a7:a2:67:c9:
da:7f:d1:9f:73:50:d0:87:18:cc:ed:c4:fd:54:bc:a5:27:62:
11:93:96:20:59:60:63:32:89:c6:33:30:35:f3:3b:d4:0e:4f:
cb:b6:27:4f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKC4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkU3NDkxMTAvBgNVBAUTKEYwMEU3RTRDODA1M0NGRkEwNjhFQjczRTk1ODg5MkRE
OEJFNjFBOEMwHhcNMjQwMTAyMTAyOTI4WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTkzZTU4Ny02ZWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu4t/aRnRG/mb31xDLN7/9dsCtgt/3SB6F2OFLJxgD2RV7+in4pqOWQkp0SMi
ZacPbKDZM3yUgXM9xDLi0gj7IES/9QSN8W97yGNQJ9Ierr7WDzfr1c5rJfRCh6I+
ByY4LUHs98LroVUb1oLchFjGYibWjNGsf0Hxr+hjtb9TuNNBraSKsIZR28UA1mSz
ZOhR+rFZOugiQf/5/RsjDYAGUkFJnBWYvkfkg39YA1Nb0RPXoDv2DcMGiDntUxsA
W5YgySDbJQ4ezkm5zOn8Y4OHouNo/2jrmN5wF0avPmhFOZtmw1qYoIN6+3+SERZb
WyhCu/CVorCqfPTf4E02J8/DlQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHC2CF2h
v7+JPe1XYjWmwHifSLJTMB8GA1UdIwQYMBaAFPAOfkyAU8/6Bo63PpWIkt2L5hqM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTc0OS9CRDY0NDE5MDlG
QTQxMUU0QjhERkREMzdDNEY5QUUwMi84QTUtVElCVHpfb0dqcmMtbFlpUzNZdm1H
b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhBNS1USUJUel9vR2pyYy1sWWlTM1l2bUdvdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkU3NDkvQkQ2NDQxOTA5RkE0MTFFNEI4REZERDM3QzRGOUFFMDIvQ0U2NzczMkNB
OTU5MTFFRTk5MjdFMTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAF6/kQwDQYJKoZIhvcNAQELBQADggEBAFnbSB5+XNC6kmNj
rEKnuGGE0zP9yMJJ283oVAuz7sE/Svf7vgjvL4rC5Ko9qFrua4fVfWew8sHQ7Gnl
R6zBg0LxHA42GkZdGZsaKTGl6auWNdaFL2qti+0jOJM8ljKtLuaJ1z9Wix38/bLg
9ViCsmvyTMJmpNDRNMbvaKn2IWXP8BsrUrX+pe2JLKw7vnS4tYcrz3hJjFnCAw2J
EQuzE2dDVmWvo9a4FQ1swMDANfXqQKo0oiZrAz4edwl6gy0y9hmIis3Ui88+zD3m
3I813Ox4OSNbp6Jnydp/0Z9zUNCHGMztxP1UvKUnYhGTliBZYGMyicYzMDXzO9QO
T8u2J08=
-----END CERTIFICATE-----
Generated at Sat Feb 24 01:09:35 2024 by rpki-client on console-ams.rpki-client.org