Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91905300000/7/323430303a363832303a3a2f33322d3634203d3e2039383838.roa
File: 323430303a363832303a3a2f33322d3634203d3e2039383838.roa (raw, json)
Hash identifier: jc67ZI4EWsLatExokDjIxFSzUQroh3ovYn/aj5dO+6o=
Subject key identifier: 44:76:45:9D:C5:63:70:8E:34:D8:76:56:2F:12:C1:F8:82:73:F4:3C
Certificate issuer: /CN=A919619E0000/serialNumber=4B1987D5160068092602529871C93EA320045A75
Certificate serial: 02668BBBB403F4FCDD58662CBCE5E1B1C07EFB8D
Authority key identifier: 4B:19:87:D5:16:00:68:09:26:02:52:98:71:C9:3E:A3:20:04:5A:75
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SxmH1RYAaAkmAlKYcck-oyAEWnU.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91905300000/7/323430303a363832303a3a2f33322d3634203d3e2039383838.roa
Signing time: Sun 01 Jan 2023 05:02:25 +0000
ROA not before: Sun 01 Jan 2023 04:57:25 +0000
ROA not after: Sun 31 Dec 2023 05:02:25 +0000
asID: 9888
IP address blocks: 2400:6820::/32 maxlen: 64
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:66:8b:bb:b4:03:f4:fc:dd:58:66:2c:bc:e5:e1:b1:c0:7e:fb:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919619E0000/serialNumber=4B1987D5160068092602529871C93EA320045A75
Validity
Not Before: Jan 1 04:57:25 2023 GMT
Not After : Dec 31 05:02:25 2023 GMT
Subject: CN=4476459DC563708E34D876562F12C1F88273F43C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:38:30:cd:96:a3:44:d1:a3:aa:7a:3b:06:bf:
dd:e5:31:19:b8:89:62:d6:c9:b9:23:9a:d6:e8:9f:
8f:b4:51:87:49:32:3a:43:7a:be:f6:d8:bd:94:18:
55:cf:8d:1d:c6:a0:3a:1a:11:ca:f2:89:40:a2:6e:
43:f9:32:2d:db:b6:da:15:d9:ba:7d:ab:b4:fe:f6:
8b:c1:be:c1:eb:bb:cc:d6:f4:f2:21:8b:a6:d2:93:
cb:f9:f9:d8:e5:11:4c:ec:31:3d:63:8f:e0:ec:8c:
24:e4:29:b4:76:13:d1:45:ed:3e:23:9c:07:20:a9:
b1:4c:5c:ae:8a:82:d1:ce:22:b3:4d:a8:c7:95:cf:
f1:8e:09:bb:bb:c0:08:e1:73:ed:58:9a:d7:41:56:
e0:82:2c:9f:e2:0c:c5:4f:0b:07:a1:d5:8b:b7:9c:
47:82:63:8e:5f:3e:5b:77:97:b2:d2:67:c3:f1:ec:
0c:a7:7c:4c:77:bf:77:35:9d:8d:b6:cb:f6:56:0a:
2c:f2:95:83:68:0b:c3:d3:8b:de:f5:14:db:e6:18:
80:62:37:ae:d4:35:e9:ff:ff:72:15:8a:9c:ec:39:
ee:66:4f:f8:3f:cd:d3:c2:cb:2e:0f:a9:7f:ae:0b:
6a:f3:6c:c2:d5:ed:44:cd:12:93:4c:54:36:02:6a:
5c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:76:45:9D:C5:63:70:8E:34:D8:76:56:2F:12:C1:F8:82:73:F4:3C
X509v3 Authority Key Identifier:
keyid:4B:19:87:D5:16:00:68:09:26:02:52:98:71:C9:3E:A3:20:04:5A:75
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91905300000/7/4B1987D5160068092602529871C93EA320045A75.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SxmH1RYAaAkmAlKYcck-oyAEWnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/7/323430303a363832303a3a2f33322d3634203d3e2039383838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6820::/32
Signature Algorithm: sha256WithRSAEncryption
1b:7f:0f:dd:06:9d:c1:a7:a2:0c:e1:c3:67:03:f4:a0:d1:8d:
fd:6e:63:9d:63:b5:62:f8:6c:c7:5b:65:cc:54:dd:1b:8e:63:
ec:a2:62:c6:27:be:b6:ca:aa:0d:d0:d2:81:d8:d5:0f:ae:2b:
7f:3e:30:21:d2:31:95:67:d9:9e:0b:5e:27:44:8d:d1:02:60:
78:b0:5b:58:89:9b:e8:82:3e:83:a9:0b:a6:6f:97:29:50:92:
48:f4:d4:5c:2c:5a:d1:f8:f2:5e:d3:2f:6c:76:06:39:10:bb:
36:10:d3:0a:b1:09:4b:d9:ed:ab:98:88:3b:ad:3f:61:0a:b7:
4c:02:5c:9f:71:1c:2d:21:eb:9e:e4:9a:23:aa:b9:97:f7:a9:
97:76:0c:73:83:d6:4f:2c:b6:a0:c0:ef:ba:ed:5b:ac:05:10:
c4:59:68:2c:ec:ef:12:ab:f3:08:a1:92:33:89:0e:22:ec:f4:
b7:b8:8b:4a:21:72:2f:75:08:8a:8f:a3:c3:11:f4:bc:c3:92:
f9:67:0e:c2:aa:da:9e:22:53:82:5b:50:2e:96:ff:b0:22:6e:
fd:9d:72:74:d1:3b:bf:fe:81:6e:47:fc:4c:d0:af:95:60:c7:
5c:7d:01:3a:75:be:2b:20:77:53:5b:2b:0e:18:0f:d5:46:ec:
61:87:93:47
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIUAmaLu7QD9PzdWGYsvOXhscB++40wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxOTYxOUUwMDAwMTEwLwYDVQQFEyg0QjE5ODdENTE2
MDA2ODA5MjYwMjUyOTg3MUM5M0VBMzIwMDQ1QTc1MB4XDTIzMDEwMTA0NTcyNVoX
DTIzMTIzMTA1MDIyNVowMzExMC8GA1UEAxMoNDQ3NjQ1OURDNTYzNzA4RTM0RDg3
NjU2MkYxMkMxRjg4MjczRjQzQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMs4MM2Wo0TRo6p6Owa/3eUxGbiJYtbJuSOa1uifj7RRh0kyOkN6vvbYvZQY
Vc+NHcagOhoRyvKJQKJuQ/kyLdu22hXZun2rtP72i8G+weu7zNb08iGLptKTy/n5
2OURTOwxPWOP4OyMJOQptHYT0UXtPiOcByCpsUxcroqC0c4is02ox5XP8Y4Ju7vA
COFz7Via10FW4IIsn+IMxU8LB6HVi7ecR4Jjjl8+W3eXstJnw/HsDKd8THe/dzWd
jbbL9lYKLPKVg2gLw9OL3vUU2+YYgGI3rtQ16f//chWKnOw57mZP+D/N08LLLg+p
f64LavNswtXtRM0Sk0xUNgJqXP0CAwEAAaOCAg4wggIKMB0GA1UdDgQWBBREdkWd
xWNwjjTYdlYvEsH4gnP0PDAfBgNVHSMEGDAWgBRLGYfVFgBoCSYCUphxyT6jIARa
dTAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MDUzMDAwMDAvNy80QjE5ODdE
NTE2MDA2ODA5MjYwMjUyOTg3MUM5M0VBMzIwMDQ1QTc1LmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9TeG1IMVJZQWFB
a21BbEtZY2NrLW95QUVXblUuY2VyMIGHBggrBgEFBQcBCwR7MHkwdwYIKwYBBQUH
MAuGa3JzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxOTA1
MzAwMDAwLzcvMzIzNDMwMzAzYTM2MzgzMjMwM2EzYTJmMzMzMjJkMzYzNDIwM2Qz
ZTIwMzkzODM4Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYB
BQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAGggMA0GCSqGSIb3DQEBCwUAA4IBAQAb
fw/dBp3Bp6IM4cNnA/Sg0Y39bmOdY7Vi+GzHW2XMVN0bjmPsomLGJ762yqoN0NKB
2NUPrit/PjAh0jGVZ9meC14nRI3RAmB4sFtYiZvogj6DqQumb5cpUJJI9NRcLFrR
+PJe0y9sdgY5ELs2ENMKsQlL2e2rmIg7rT9hCrdMAlyfcRwtIeue5JojqrmX96mX
dgxzg9ZPLLagwO+67VusBRDEWWgs7O8Sq/MIoZIziQ4i7PS3uItKIXIvdQiKj6PD
EfS8w5L5Zw7CqtqeIlOCW1Aulv+wIm79nXJ00Tu//oFuR/xM0K+VYMdcfQE6db4r
IHdTWysOGA/VRuxhh5NH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:24 2024 by rpki-client on console-fra.rpki-client.org