Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9123D9C/455942D650B211E9B5DB6A6BC4F9AE02/CC320712ACE011EAB535D034C4F9AE02.roa
File: CC320712ACE011EAB535D034C4F9AE02.roa (raw, json)
Hash identifier: zMOHMtYvfaZCDF6LwsEB8Dwbb4ZwRXv/YDIZ3yaOB+U=
Subject key identifier: 9C:21:67:F5:CD:84:73:76:06:85:5B:FF:D7:72:FF:F2:09:EE:D0:D8
Certificate issuer: /CN=A9123D9C/serialNumber=5B2CF0FB62F160F1838AEE3E6CDE07544DFF8BFF
Certificate serial: 1022
Authority key identifier: 5B:2C:F0:FB:62:F1:60:F1:83:8A:EE:3E:6C:DE:07:54:4D:FF:8B:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wyzw-2LxYPGDiu4-bN4HVE3_i_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9123D9C/455942D650B211E9B5DB6A6BC4F9AE02/CC320712ACE011EAB535D034C4F9AE02.roa
Signing time: Wed 12 Feb 2025 18:06:01 +0000
ROA not before: Wed 12 Feb 2025 18:06:01 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 138467
IP address blocks: 2404:9ec0:5::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4130 (0x1022)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9123D9C
Validity
Not Before: Feb 12 18:06:01 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ace309-b478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c0:f2:62:bd:88:fe:a2:ee:13:3a:b7:5e:70:
7d:03:88:fc:52:bc:c2:3a:a4:ad:51:a8:c1:ab:72:
aa:57:22:64:29:05:26:82:3d:4d:33:88:d6:30:52:
b1:67:4f:bb:75:9e:c1:a8:c7:ed:d2:60:d5:2a:48:
0e:e2:e3:47:b2:99:07:de:00:9f:b2:e1:16:cf:f4:
65:74:dc:b5:4c:cf:ba:92:99:cb:5f:a0:df:d6:96:
3d:70:b2:d2:28:01:eb:63:54:f3:38:b2:11:13:1a:
b1:2d:3e:08:ac:34:7c:d4:0f:fb:f1:65:0f:04:96:
ac:35:4c:33:85:06:3d:dd:e4:dc:05:12:42:2d:19:
04:50:a1:25:a2:38:90:06:89:64:8b:51:4c:fd:f7:
e2:3c:81:d2:23:08:5d:e9:35:84:0e:4c:21:bb:aa:
b1:ad:a5:83:17:81:ab:f0:9d:79:db:32:f5:21:7e:
e5:af:c4:fb:8e:85:f1:ca:3a:f9:ed:36:35:4e:54:
dd:50:fa:ac:d0:57:46:67:b6:9a:a1:dc:18:b9:fd:
e9:fd:84:6b:71:d8:c1:af:8d:96:3d:13:24:e9:11:
a9:b0:e0:6b:54:c8:fa:2c:dc:09:71:1c:fe:05:9b:
62:cd:03:63:a2:50:d7:c0:dd:65:b2:2b:cc:ea:9e:
ff:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:21:67:F5:CD:84:73:76:06:85:5B:FF:D7:72:FF:F2:09:EE:D0:D8
X509v3 Authority Key Identifier:
keyid:5B:2C:F0:FB:62:F1:60:F1:83:8A:EE:3E:6C:DE:07:54:4D:FF:8B:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9123D9C/455942D650B211E9B5DB6A6BC4F9AE02/Wyzw-2LxYPGDiu4-bN4HVE3_i_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wyzw-2LxYPGDiu4-bN4HVE3_i_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123D9C/455942D650B211E9B5DB6A6BC4F9AE02/CC320712ACE011EAB535D034C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:9ec0:5::/48
Signature Algorithm: sha256WithRSAEncryption
5d:f6:b8:cb:f1:5e:ed:50:95:3f:bf:75:3d:f0:1a:0c:3e:ea:
c6:86:e5:bb:8f:7a:21:1d:f4:20:ce:20:b1:23:09:8f:41:7a:
73:b6:94:a1:77:32:2f:d3:bf:24:94:3a:70:b8:b0:39:fb:a2:
49:19:c2:d2:80:62:46:2f:95:e3:2c:06:e9:b5:15:eb:22:4a:
32:e0:04:da:08:a4:61:4e:21:a1:f4:0e:ee:4c:73:0a:2e:cf:
01:bf:55:67:4d:c0:c8:12:e3:d1:94:64:76:cc:9b:24:b8:74:
3e:9a:c3:2c:5a:b8:f2:66:a0:7e:48:26:e9:23:26:a7:37:2d:
7d:ab:29:eb:29:71:58:49:4a:93:d6:6a:c9:da:c3:03:81:f4:
b8:82:1b:64:67:78:ce:54:cb:af:4d:21:45:c8:91:c3:00:35:
e8:ff:06:dd:d0:5c:da:af:5d:cc:85:65:f7:81:a8:b8:70:a7:
bf:af:e7:62:a2:77:16:57:c0:fc:94:07:a8:99:50:9b:75:42:
f2:bc:77:cb:73:0e:ca:9a:0d:0b:3d:71:98:8c:64:24:08:db:
5e:1a:b5:d4:80:46:fa:8d:c6:50:d6:01:c7:eb:61:19:2b:bf:
ad:e3:38:0a:e4:33:81:4d:36:18:24:ac:f9:42:bd:28:8f:68:
04:5c:bb:eb
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICECIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjNEOUMxMTAvBgNVBAUTKDVCMkNGMEZCNjJGMTYwRjE4MzhBRUUzRTZDREUwNzU0
NERGRjhCRkYwHhcNMjUwMjEyMTgwNjAxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FjZTMwOS1iNDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtsDyYr2I/qLuEzq3XnB9A4j8UrzCOqStUajBq3KqVyJkKQUmgj1NM4jWMFKx
Z0+7dZ7BqMft0mDVKkgO4uNHspkH3gCfsuEWz/RldNy1TM+6kpnLX6Df1pY9cLLS
KAHrY1TzOLIRExqxLT4IrDR81A/78WUPBJasNUwzhQY93eTcBRJCLRkEUKElojiQ
Bolki1FM/ffiPIHSIwhd6TWEDkwhu6qxraWDF4Gr8J152zL1IX7lr8T7joXxyjr5
7TY1TlTdUPqs0FdGZ7aaodwYuf3p/YRrcdjBr42WPRMk6RGpsOBrVMj6LNwJcRz+
BZtizQNjolDXwN1lsivM6p7/KQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFJwhZ/XN
hHN2BoVb/9dy//IJ7tDYMB8GA1UdIwQYMBaAFFss8Pti8WDxg4ruPmzeB1RN/4v/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0Q5Qy80NTU5NDJENjUw
QjIxMUU5QjVEQjZBNkJDNEY5QUUwMi9XeXp3LTJMeFlQR0RpdTQtYk40SFZFM19p
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1d5enctMkx4WVBHRGl1NC1iTjRIVkUzX2lfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjNEOUMvNDU1OTQyRDY1MEIyMTFFOUI1REI2QTZCQzRGOUFFMDIvQ0MzMjA3MTJB
Q0UwMTFFQUI1MzVEMDM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkBJ7AAAUwDQYJKoZIhvcNAQELBQADggEBAF32uMvxXu1Q
lT+/dT3wGgw+6saG5buPeiEd9CDOILEjCY9BenO2lKF3Mi/TvySUOnC4sDn7okkZ
wtKAYkYvleMsBum1FesiSjLgBNoIpGFOIaH0Du5McwouzwG/VWdNwMgS49GUZHbM
myS4dD6awyxauPJmoH5IJukjJqc3LX2rKespcVhJSpPWasnawwOB9LiCG2RneM5U
y69NIUXIkcMANej/Bt3QXNqvXcyFZfeBqLhwp7+v52KidxZXwPyUB6iZUJt1QvK8
d8tzDsqaDQs9cZiMZCQI214atdSARvqNxlDWAcfrYRkrv63jOArkM4FNNhgkrPlC
vSiPaARcu+s=
-----END CERTIFICATE-----
Generated at Tue Apr 8 22:13:22 2025 by rpki-client