Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/F9CB1E5ABF7111EE806CB182C4F9AE02.roa
File: F9CB1E5ABF7111EE806CB182C4F9AE02.roa (raw, json)
Hash identifier: pS29Ljdr6W25s2Hduyo4rCqyFsm2/2KQ7prNwHso1r0=
Subject key identifier: BF:19:05:4F:1A:FE:68:56:50:3C:0A:CA:DC:6F:FF:08:0F:59:8D:DD
Certificate issuer: /CN=A91187FD/serialNumber=68852AB7F2714FCF54D75F0AAE3068ADC38B35CC
Certificate serial: 013A
Authority key identifier: 68:85:2A:B7:F2:71:4F:CF:54:D7:5F:0A:AE:30:68:AD:C3:8B:35:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIUqt_JxT89U118KrjBorcOLNcw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/F9CB1E5ABF7111EE806CB182C4F9AE02.roa
Signing time: Fri 23 Aug 2024 05:07:24 +0000
ROA not before: Fri 23 Aug 2024 05:07:24 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 152184
IP address blocks: 2401:3fa0:110::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 314 (0x13a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91187FD
Validity
Not Before: Aug 23 05:07:24 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66c8190c-72c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bb:ce:61:0f:ea:48:8e:e0:21:bf:73:27:24:
d2:72:e6:26:2d:74:9f:00:e5:05:20:b1:5e:cf:2f:
15:6e:e8:48:5b:c7:1c:81:7c:81:ca:b1:de:fb:dc:
37:16:06:cd:0f:9b:b0:0c:8b:c7:65:59:da:2f:02:
fe:b7:8b:ac:65:2f:3c:36:e5:2b:a2:47:a0:90:2d:
71:69:f8:3f:1e:e8:54:f0:11:3e:51:02:1f:64:0c:
bb:0e:6e:c4:cf:74:4e:c4:26:28:da:0c:9a:68:c5:
8c:dd:ce:b9:70:86:78:29:a3:80:06:b0:20:5c:e1:
bc:6a:42:31:e9:e9:54:d2:43:a8:e8:59:62:a9:d4:
cd:7a:71:26:1e:5a:85:27:aa:60:a2:95:87:d3:77:
1d:ee:c2:4b:f1:2a:ef:b5:67:ab:56:5f:ee:11:01:
4f:41:71:91:6c:c7:e1:bd:cc:ed:26:0d:47:72:05:
d3:b3:17:19:87:e2:a9:41:dd:de:92:e4:bd:7b:a1:
3e:53:87:55:ed:f2:c0:fb:eb:31:2e:71:2a:d7:81:
02:d8:4f:82:97:cd:09:48:59:f0:1a:2f:32:22:3c:
b2:6d:f8:c4:2a:70:4a:45:ff:df:57:e9:1a:2d:04:
d4:3a:cd:8b:d2:51:8a:71:06:6a:26:92:b9:2a:57:
1e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:19:05:4F:1A:FE:68:56:50:3C:0A:CA:DC:6F:FF:08:0F:59:8D:DD
X509v3 Authority Key Identifier:
keyid:68:85:2A:B7:F2:71:4F:CF:54:D7:5F:0A:AE:30:68:AD:C3:8B:35:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/aIUqt_JxT89U118KrjBorcOLNcw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIUqt_JxT89U118KrjBorcOLNcw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/F9CB1E5ABF7111EE806CB182C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3fa0:110::/44
Signature Algorithm: sha256WithRSAEncryption
6b:e8:65:31:44:97:4c:a7:07:ba:23:4e:fa:8b:c2:0c:5d:09:
e4:68:83:90:fb:98:c9:7f:a8:b3:ab:61:08:51:51:34:3b:0f:
55:a3:6e:a0:ea:b9:27:c8:13:2c:5c:b0:fd:a1:aa:58:b5:63:
fc:ab:e8:b4:cd:67:4e:ff:59:a4:21:20:57:4a:7a:80:95:48:
4b:25:c6:f7:94:2a:5c:62:00:2d:39:c1:ab:89:6e:e9:50:0e:
eb:5b:8f:35:8e:d1:c4:dd:90:38:9b:87:a2:24:63:f3:ee:af:
d4:7f:d3:2a:dd:e5:e2:5b:8f:58:6d:05:c0:90:d2:5e:e1:59:
99:54:95:8d:f9:67:db:4a:bf:ac:95:6b:c3:03:58:4d:93:29:
9e:3a:71:c6:ce:48:0f:b6:ae:b4:15:3b:2b:dd:0e:17:75:d1:
5a:1c:b9:ee:75:53:9d:3e:30:23:88:3b:df:ae:98:84:87:71:
f2:01:c3:05:01:a4:26:08:24:4b:38:c6:01:8f:a9:e1:d8:5d:
66:82:5b:57:89:6c:c7:c1:5b:53:55:9b:c4:75:e8:9f:1b:c4:
b9:31:91:ff:d2:73:4b:81:c9:35:9e:a4:11:50:53:fe:70:25:
e1:78:01:50:45:5d:46:2d:6d:2d:ee:3b:82:cc:c9:e4:e7:8f:
80:74:f8:97
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICATowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTg3RkQxMTAvBgNVBAUTKDY4ODUyQUI3RjI3MTRGQ0Y1NEQ3NUYwQUFFMzA2OEFE
QzM4QjM1Q0MwHhcNMjQwODIzMDUwNzI0WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM4MTkwYy03MmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqLvOYQ/qSI7gIb9zJyTScuYmLXSfAOUFILFezy8VbuhIW8ccgXyByrHe+9w3
FgbND5uwDIvHZVnaLwL+t4usZS88NuUrokegkC1xafg/HuhU8BE+UQIfZAy7Dm7E
z3ROxCYo2gyaaMWM3c65cIZ4KaOABrAgXOG8akIx6elU0kOo6FliqdTNenEmHlqF
J6pgopWH03cd7sJL8SrvtWerVl/uEQFPQXGRbMfhvcztJg1HcgXTsxcZh+KpQd3e
kuS9e6E+U4dV7fLA++sxLnEq14EC2E+Cl80JSFnwGi8yIjyybfjEKnBKRf/fV+ka
LQTUOs2L0lGKcQZqJpK5KlceWQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFL8ZBU8a
/mhWUDwKytxv/wgPWY3dMB8GA1UdIwQYMBaAFGiFKrfycU/PVNdfCq4waK3DizXM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODdGRC81NUVENkExNjEw
QTAxMUVFOTM0OTNDNTJDNEY5QUUwMi9hSVVxdF9KeFQ4OVUxMThLcmpCb3JjT0xO
Y3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FJVXF0X0p4VDg5VTExOEtyakJvcmNPTE5jdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTg3RkQvNTVFRDZBMTYxMEEwMTFFRTkzNDkzQzUyQzRGOUFFMDIvRjlDQjFFNUFC
RjcxMTFFRTgwNkNCMTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkAT+gARAwDQYJKoZIhvcNAQELBQADggEBAGvoZTFEl0yn
B7ojTvqLwgxdCeRog5D7mMl/qLOrYQhRUTQ7D1WjbqDquSfIEyxcsP2hqli1Y/yr
6LTNZ07/WaQhIFdKeoCVSEslxveUKlxiAC05wauJbulQDutbjzWO0cTdkDibh6Ik
Y/Pur9R/0yrd5eJbj1htBcCQ0l7hWZlUlY35Z9tKv6yVa8MDWE2TKZ46ccbOSA+2
rrQVOyvdDhd10Vocue51U50+MCOIO9+umISHcfIBwwUBpCYIJEs4xgGPqeHYXWaC
W1eJbMfBW1NVm8R16J8bxLkxkf/Sc0uByTWepBFQU/5wJeF4AVBFXUYtbS3uO4LM
yeTnj4B0+Jc=
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:36:35 2025 by rpki-client