Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/50F934AEFFCE11EEAF1CA783C4F9AE02.roa
File: 50F934AEFFCE11EEAF1CA783C4F9AE02.roa (raw, json)
Hash identifier: sVvAJAto5nS+PJW2xudvaNZimEOtDLNCZ3HK4HpuOtY=
Subject key identifier: A8:42:2D:0F:DA:07:8B:73:32:3E:1D:E5:C6:4D:92:78:03:3D:11:49
Certificate issuer: /CN=A91187FD/serialNumber=68852AB7F2714FCF54D75F0AAE3068ADC38B35CC
Certificate serial: 0139
Authority key identifier: 68:85:2A:B7:F2:71:4F:CF:54:D7:5F:0A:AE:30:68:AD:C3:8B:35:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIUqt_JxT89U118KrjBorcOLNcw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/50F934AEFFCE11EEAF1CA783C4F9AE02.roa
Signing time: Fri 23 Aug 2024 05:07:23 +0000
ROA not before: Fri 23 Aug 2024 05:07:23 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 152161
IP address blocks: 2401:3fa0:fe00::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 313 (0x139)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91187FD
Validity
Not Before: Aug 23 05:07:23 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66c8190b-dd25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4f:4c:80:b7:1f:1b:e4:7f:91:a4:e7:3d:1e:
ae:8c:15:13:ab:1c:d9:5d:25:af:52:75:eb:b2:44:
a3:ab:34:5c:37:2f:fd:c0:17:53:56:8d:c5:80:b6:
99:87:eb:c0:13:75:ec:49:6d:c8:b1:55:e6:4b:c2:
c9:a9:fa:60:9d:48:5e:08:6c:69:f5:db:b8:52:ad:
4d:75:e8:c0:fe:8b:e8:e6:9f:a4:9b:ef:e5:6b:c2:
37:d9:8f:23:24:70:4b:03:5f:60:63:7f:b5:43:63:
89:ec:34:bf:c2:4e:54:47:99:45:4b:b2:40:40:d4:
27:53:a1:ff:82:44:d1:f8:45:0e:b5:2f:37:b4:ad:
5e:4e:fd:56:9c:32:88:8e:22:ac:fa:4a:6b:2d:30:
e3:9d:41:15:1f:57:b5:0e:0f:0f:4c:75:c9:ae:55:
d6:b0:1b:f4:da:e5:10:02:ee:85:df:c1:15:6f:1f:
a3:71:05:35:74:1b:68:37:f3:46:5c:da:b0:21:db:
63:38:c6:d0:7e:22:81:36:2b:05:d2:88:cb:47:24:
58:39:52:2f:15:06:0a:b2:45:6b:ee:24:d1:c4:6c:
ef:a5:cf:83:6e:db:1b:f0:3c:4f:75:22:54:78:74:
25:61:b3:44:70:ec:6f:f3:d6:d8:19:d9:d7:4b:05:
10:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:42:2D:0F:DA:07:8B:73:32:3E:1D:E5:C6:4D:92:78:03:3D:11:49
X509v3 Authority Key Identifier:
keyid:68:85:2A:B7:F2:71:4F:CF:54:D7:5F:0A:AE:30:68:AD:C3:8B:35:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/aIUqt_JxT89U118KrjBorcOLNcw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIUqt_JxT89U118KrjBorcOLNcw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/50F934AEFFCE11EEAF1CA783C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3fa0:fe00::/40
Signature Algorithm: sha256WithRSAEncryption
20:0e:59:01:77:92:89:bf:37:bc:5c:a7:a9:1e:16:21:19:28:
bf:52:0f:22:b9:6e:dc:b0:c4:e5:0d:c3:b7:4e:4b:d4:58:ac:
80:6a:92:eb:e4:82:73:75:96:1c:7b:55:8c:3f:0f:b9:e9:af:
4f:a1:94:d3:13:e5:13:91:fe:14:79:4d:f1:d3:dc:ad:dd:ef:
c6:02:2f:77:b9:3d:c0:17:da:d5:4d:cd:87:e2:1e:fb:b5:97:
50:db:6f:da:6c:a2:b6:78:be:e5:bd:f1:9f:d4:2e:48:16:c2:
2e:68:5c:10:51:e5:16:8b:01:77:03:de:f7:73:d3:f1:3c:76:
f7:50:4b:39:6d:83:1a:33:dc:f7:8e:75:b3:35:62:55:82:7a:
00:09:a6:9a:8f:51:c6:4c:39:c2:fe:13:16:08:82:28:5a:15:
05:43:b0:52:ba:4e:92:7d:34:de:f1:1a:38:ba:67:e1:3c:ee:
cc:46:b8:0c:ce:e6:bf:47:61:51:bc:81:c0:55:0d:ff:9e:81:
13:17:8c:89:0d:c0:25:6a:35:8c:7e:e4:99:d0:0b:bd:b0:8d:
21:e0:68:5c:8f:bc:8e:6f:0d:db:81:85:20:42:fe:58:75:f2:
a0:7e:0d:04:94:41:ef:9f:b8:ca:4a:dc:69:52:71:04:55:47:
d0:1b:d3:38
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICATkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTg3RkQxMTAvBgNVBAUTKDY4ODUyQUI3RjI3MTRGQ0Y1NEQ3NUYwQUFFMzA2OEFE
QzM4QjM1Q0MwHhcNMjQwODIzMDUwNzIzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM4MTkwYi1kZDI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyk9MgLcfG+R/kaTnPR6ujBUTqxzZXSWvUnXrskSjqzRcNy/9wBdTVo3FgLaZ
h+vAE3XsSW3IsVXmS8LJqfpgnUheCGxp9du4Uq1NdejA/ovo5p+km+/la8I32Y8j
JHBLA19gY3+1Q2OJ7DS/wk5UR5lFS7JAQNQnU6H/gkTR+EUOtS83tK1eTv1WnDKI
jiKs+kprLTDjnUEVH1e1Dg8PTHXJrlXWsBv02uUQAu6F38EVbx+jcQU1dBtoN/NG
XNqwIdtjOMbQfiKBNisF0ojLRyRYOVIvFQYKskVr7iTRxGzvpc+Dbtsb8DxPdSJU
eHQlYbNEcOxv89bYGdnXSwUQKwIDAQABo4IClzCCApMwHQYDVR0OBBYEFKhCLQ/a
B4tzMj4d5cZNkngDPRFJMB8GA1UdIwQYMBaAFGiFKrfycU/PVNdfCq4waK3DizXM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODdGRC81NUVENkExNjEw
QTAxMUVFOTM0OTNDNTJDNEY5QUUwMi9hSVVxdF9KeFQ4OVUxMThLcmpCb3JjT0xO
Y3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FJVXF0X0p4VDg5VTExOEtyakJvcmNPTE5jdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTg3RkQvNTVFRDZBMTYxMEEwMTFFRTkzNDkzQzUyQzRGOUFFMDIvNTBGOTM0QUVG
RkNFMTFFRUFGMUNBNzgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgAkAT+g/jANBgkqhkiG9w0BAQsFAAOCAQEAIA5ZAXeSib83
vFynqR4WIRkov1IPIrlu3LDE5Q3Dt05L1FisgGqS6+SCc3WWHHtVjD8PuemvT6GU
0xPlE5H+FHlN8dPcrd3vxgIvd7k9wBfa1U3Nh+Ie+7WXUNtv2myitni+5b3xn9Qu
SBbCLmhcEFHlFosBdwPe93PT8Tx291BLOW2DGjPc9451szViVYJ6AAmmmo9Rxkw5
wv4TFgiCKFoVBUOwUrpOkn003vEaOLpn4TzuzEa4DM7mv0dhUbyBwFUN/56BExeM
iQ3AJWo1jH7kmdALvbCNIeBoXI+8jm8N24GFIEL+WHXyoH4NBJRB75+4ykrcaVJx
BFVH0BvTOA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:48:51 2025 by rpki-client