Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/47E5A1E8A74811EDAEAA2D2AC4F9AE02.roa
File: 47E5A1E8A74811EDAEAA2D2AC4F9AE02.roa (raw, json)
Hash identifier: PO9pNJmIlmIfHoKY2iRKnzAkCuSZtwNhy1x1xr4xviI=
Subject key identifier: 25:D4:98:36:A4:AC:42:4C:4E:B4:EA:CF:43:5D:5A:82:0E:B2:59:6C
Certificate issuer: /CN=A918C287/serialNumber=847014B15AFA781D228192BE054153DB6667D576
Certificate serial: 010E
Authority key identifier: 84:70:14:B1:5A:FA:78:1D:22:81:92:BE:05:41:53:DB:66:67:D5:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hHAUsVr6eB0igZK-BUFT22Zn1XY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/47E5A1E8A74811EDAEAA2D2AC4F9AE02.roa
Signing time: Wed 08 Feb 2023 00:34:01 +0000
ROA not before: Wed 08 Feb 2023 00:34:01 +0000
ROA not after: Sat 01 May 2038 00:00:00 +0000
asID: 12345678
IP address blocks: 203.176.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 270 (0x10e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C287/serialNumber=847014B15AFA781D228192BE054153DB6667D576
Validity
Not Before: Feb 8 00:34:01 2023 GMT
Not After : May 1 00:00:00 2038 GMT
Subject: CN=63e2edf8-1e1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0a:42:fa:98:15:be:94:65:2d:3d:0b:61:5a:
4b:f2:aa:9e:7b:63:5e:32:73:6d:f9:80:01:1d:dd:
95:ef:09:0a:3d:0b:bf:ba:9f:68:2f:10:e7:12:e8:
d9:50:9e:0f:67:56:66:ce:a5:58:73:46:03:30:7f:
d3:87:f2:72:b0:3d:91:40:72:6c:87:20:09:2d:27:
9d:30:3f:82:7e:78:8a:bf:df:83:3a:2f:e7:13:51:
d2:b3:b9:19:b0:f2:3a:34:5f:4c:66:7e:33:61:9f:
3a:4c:b5:61:30:86:42:05:63:4f:15:13:dc:10:88:
d1:21:94:e8:e1:61:be:af:81:3a:1f:0a:b4:04:ab:
58:c2:d5:97:4d:74:5b:1f:27:2b:3c:7f:d7:41:8a:
ff:09:09:50:73:51:ad:bb:9e:cc:47:53:3e:4e:56:
74:a6:f7:38:bf:45:d6:be:6f:5d:3e:4b:49:a5:81:
b5:31:0e:65:26:b9:6f:f5:15:91:0e:6e:ab:f7:b9:
2a:0d:8f:7b:65:53:fe:f3:a4:84:86:0d:8e:a1:68:
1f:e9:33:73:27:d2:c1:3f:22:f1:7f:25:20:75:bb:
b1:39:0d:4d:48:a4:74:8e:ce:d2:c0:bd:08:93:7c:
7b:b6:f2:10:0b:bf:2c:cf:42:f2:ab:2d:24:18:3e:
78:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D4:98:36:A4:AC:42:4C:4E:B4:EA:CF:43:5D:5A:82:0E:B2:59:6C
X509v3 Authority Key Identifier:
keyid:84:70:14:B1:5A:FA:78:1D:22:81:92:BE:05:41:53:DB:66:67:D5:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/hHAUsVr6eB0igZK-BUFT22Zn1XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hHAUsVr6eB0igZK-BUFT22Zn1XY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/47E5A1E8A74811EDAEAA2D2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.176.189.0/24
Signature Algorithm: sha256WithRSAEncryption
37:b6:18:eb:83:c0:7d:ec:36:41:24:e0:d1:e6:a4:47:ca:73:
bf:d1:18:0b:4a:c6:63:ae:10:a4:40:e5:95:f2:43:e5:04:06:
46:06:db:52:23:a0:f2:70:73:61:b2:1e:96:c9:31:b6:dc:ea:
ef:af:4c:52:ab:be:e3:a1:1c:4a:39:0d:8a:3a:ca:ab:72:dc:
ff:a6:f0:88:86:2e:6c:e6:ba:93:e2:d4:ef:84:b0:99:1a:9a:
f6:7a:f4:60:76:1b:ea:e4:7f:82:54:8d:09:51:82:bb:dd:e1:
a9:10:bf:b5:c6:e6:91:a7:ea:56:9a:74:a1:69:f4:d4:72:0e:
0a:4a:57:10:9c:8e:2c:3c:85:42:53:fc:ce:4d:33:23:92:fe:
d4:9c:e4:32:9a:3d:9d:49:8d:70:43:89:4f:0e:60:a1:89:f8:
65:72:d8:90:fc:f2:2b:64:58:0d:9e:9c:a4:bb:7a:e7:db:f6:
ef:1d:76:69:43:d7:07:6b:94:30:b9:81:93:c4:a0:8c:71:2f:
dd:4c:30:8a:7d:77:00:31:0d:07:ad:41:08:63:35:5f:11:16:
42:67:9d:28:d3:d6:e4:be:66:37:51:bd:01:01:08:49:e1:aa:
65:c0:a5:1a:56:b0:b6:cf:79:79:6c:70:46:1f:5a:5c:22:50:
78:9d:0c:3d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAQ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEMyODcxMTAvBgNVBAUTKDg0NzAxNEIxNUFGQTc4MUQyMjgxOTJCRTA1NDE1M0RC
NjY2N0Q1NzYwHhcNMjMwMjA4MDAzNDAxWhcNMzgwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2UyZWRmOC0xZTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0wpC+pgVvpRlLT0LYVpL8qqee2NeMnNt+YABHd2V7wkKPQu/up9oLxDnEujZ
UJ4PZ1ZmzqVYc0YDMH/Th/JysD2RQHJshyAJLSedMD+CfniKv9+DOi/nE1HSs7kZ
sPI6NF9MZn4zYZ86TLVhMIZCBWNPFRPcEIjRIZTo4WG+r4E6Hwq0BKtYwtWXTXRb
HycrPH/XQYr/CQlQc1Gtu57MR1M+TlZ0pvc4v0XWvm9dPktJpYG1MQ5lJrlv9RWR
Dm6r97kqDY97ZVP+86SEhg2OoWgf6TNzJ9LBPyLxfyUgdbuxOQ1NSKR0js7SwL0I
k3x7tvIQC78sz0Lyqy0kGD54vwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCXUmDak
rEJMTrTqz0NdWoIOsllsMB8GA1UdIwQYMBaAFIRwFLFa+ngdIoGSvgVBU9tmZ9V2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzI4Ny84NjFGRDg3QUY1
QUExMUVDQkYxNUU3NzRDNEY5QUUwMi9oSEFVc1ZyNmVCMGlnWkstQlVGVDIyWm4x
WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hIQVVzVnI2ZUIwaWdaSy1CVUZUMjJabjFYWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEMyODcvODYxRkQ4N0FGNUFBMTFFQ0JGMTVFNzc0QzRGOUFFMDIvNDdFNUExRThB
NzQ4MTFFREFFQUEyRDJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLsL0wDQYJKoZIhvcNAQELBQADggEBADe2GOuDwH3sNkEk
4NHmpEfKc7/RGAtKxmOuEKRA5ZXyQ+UEBkYG21IjoPJwc2GyHpbJMbbc6u+vTFKr
vuOhHEo5DYo6yqty3P+m8IiGLmzmupPi1O+EsJkamvZ69GB2G+rkf4JUjQlRgrvd
4akQv7XG5pGn6laadKFp9NRyDgpKVxCcjiw8hUJT/M5NMyOS/tSc5DKaPZ1JjXBD
iU8OYKGJ+GVy2JD88itkWA2enKS7eufb9u8ddmlD1wdrlDC5gZPEoIxxL91MMIp9
dwAxDQetQQhjNV8RFkJnnSjT1uS+ZjdRvQEBCEnhqmXApRpWsLbPeXlscEYfWlwi
UHidDD0=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:36:01 2023 by rpki-client on console.sobornost.net