Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139A90/1FE84ED2337611EF993E4673C4F9AE02/8B584EC2337D11EF9D71B72DC4F9AE02.roa
File: 8B584EC2337D11EF9D71B72DC4F9AE02.roa (raw, json)
Hash identifier: yZ1LidZrlFrNTxapIhIsCTEZZK7lTYC0s/4RKHkPEsg=
Subject key identifier: 8A:72:91:6A:DB:2D:6D:A5:98:CA:C6:E8:B0:CF:EE:3C:2D:39:AF:60
Certificate issuer: /CN=A9139A90/serialNumber=51892BE5B0B4ABC6025445F4039FC795D8BA58E2
Certificate serial: 8B
Authority key identifier: 51:89:2B:E5:B0:B4:AB:C6:02:54:45:F4:03:9F:C7:95:D8:BA:58:E2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UYkr5bC0q8YCVEX0A5_Hldi6WOI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139A90/1FE84ED2337611EF993E4673C4F9AE02/8B584EC2337D11EF9D71B72DC4F9AE02.roa
Signing time: Tue 11 Mar 2025 05:53:32 +0000
ROA not before: Tue 11 Mar 2025 05:53:32 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 38716
IP address blocks: 2402:1300::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139 (0x8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139A90
Validity
Not Before: Mar 11 05:53:32 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67cfcfdb-9408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2f:65:ad:56:51:2f:3f:da:fc:24:66:75:55:
70:7d:85:ae:2c:36:15:65:93:6a:f9:2f:34:d0:4b:
e1:d3:9f:e6:b5:19:bd:d2:59:66:72:49:fa:15:f5:
a6:d6:4e:96:70:ca:5e:44:bb:9a:c8:e7:b3:38:cc:
7f:48:d6:1b:88:48:b9:2b:95:33:40:38:6e:d2:97:
5a:9f:3e:42:45:0f:0a:61:c3:bb:a3:42:16:93:77:
cb:c5:09:5d:b8:cb:b1:f4:4e:28:1d:3b:e1:e5:0c:
48:e6:f2:7f:4d:53:7c:ba:86:90:30:58:6f:31:4b:
eb:46:bb:5b:b4:7f:fa:41:2e:c2:4c:5d:f0:5e:07:
2d:2f:01:a7:00:ea:b6:73:c5:58:f4:3e:32:bb:37:
f3:ac:b2:95:4e:13:ca:89:52:b4:b7:31:6c:00:8f:
96:b0:1e:a9:58:5a:e9:c0:5d:eb:27:c0:16:49:17:
c4:19:3d:14:77:3d:b5:4b:c4:9f:94:17:54:44:f9:
36:bc:a4:cc:85:54:72:5b:92:5e:c4:30:62:3d:34:
2d:d2:a8:cb:56:6a:76:03:ba:ad:34:78:14:53:ec:
48:28:96:5b:b8:29:13:46:10:65:d0:42:5c:ee:00:
86:fc:81:27:31:1a:93:a0:03:fb:aa:b3:fe:78:53:
5c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:72:91:6A:DB:2D:6D:A5:98:CA:C6:E8:B0:CF:EE:3C:2D:39:AF:60
X509v3 Authority Key Identifier:
keyid:51:89:2B:E5:B0:B4:AB:C6:02:54:45:F4:03:9F:C7:95:D8:BA:58:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139A90/1FE84ED2337611EF993E4673C4F9AE02/UYkr5bC0q8YCVEX0A5_Hldi6WOI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UYkr5bC0q8YCVEX0A5_Hldi6WOI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139A90/1FE84ED2337611EF993E4673C4F9AE02/8B584EC2337D11EF9D71B72DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:1300::/36
Signature Algorithm: sha256WithRSAEncryption
c0:ad:ea:fa:6a:78:20:12:16:51:4d:48:ac:ab:a1:9b:00:f7:
1c:8f:09:21:74:e9:ed:08:69:d5:2c:0c:bc:3d:da:b5:75:3c:
91:d2:55:ac:5c:d3:26:0a:49:87:d5:72:85:61:82:e4:c1:bd:
bb:0b:2a:e3:62:62:9e:b8:bc:85:5a:5a:dd:8a:46:61:da:ba:
a4:de:5b:9e:2a:b2:04:4b:18:ff:18:86:65:1a:ef:38:bc:7d:
92:7f:67:9e:3b:72:31:bd:a1:89:09:ce:ab:3e:4e:e5:5c:24:
7d:e6:96:89:0d:e6:45:af:28:4d:06:f2:1d:bc:8b:0d:40:00:
15:52:a9:dc:36:d3:31:a4:3d:6e:b4:e5:10:91:8d:72:72:c2:
7b:06:2f:69:f8:7f:34:da:c3:d4:0d:14:14:c2:81:71:80:f2:
62:39:c1:19:96:bf:01:2b:26:35:58:71:38:46:b0:ad:23:e1:
53:3c:6a:ba:98:73:1a:e0:ea:e9:c7:f3:85:6c:72:82:da:24:
fc:fc:42:a9:73:f3:9b:a1:2a:4b:f6:bc:95:91:6d:d7:cc:00:
34:23:54:de:5d:ac:ed:b7:2a:ab:39:d0:e0:b0:d9:08:72:6c:
12:a3:4c:4e:78:33:d5:ca:2b:da:40:1c:e4:7f:0d:ba:a1:3f:
e0:15:20:51
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICAIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzlBOTAxMTAvBgNVBAUTKDUxODkyQkU1QjBCNEFCQzYwMjU0NDVGNDAzOUZDNzk1
RDhCQTU4RTIwHhcNMjUwMzExMDU1MzMyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmY2ZkYi05NDA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxC9lrVZRLz/a/CRmdVVwfYWuLDYVZZNq+S800Evh05/mtRm90llmckn6FfWm
1k6WcMpeRLuayOezOMx/SNYbiEi5K5UzQDhu0pdanz5CRQ8KYcO7o0IWk3fLxQld
uMux9E4oHTvh5QxI5vJ/TVN8uoaQMFhvMUvrRrtbtH/6QS7CTF3wXgctLwGnAOq2
c8VY9D4yuzfzrLKVThPKiVK0tzFsAI+WsB6pWFrpwF3rJ8AWSRfEGT0Udz21S8Sf
lBdURPk2vKTMhVRyW5JexDBiPTQt0qjLVmp2A7qtNHgUU+xIKJZbuCkTRhBl0EJc
7gCG/IEnMRqToAP7qrP+eFNc7QIDAQABo4IClzCCApMwHQYDVR0OBBYEFIpykWrb
LW2lmMrG6LDP7jwtOa9gMB8GA1UdIwQYMBaAFFGJK+WwtKvGAlRF9AOfx5XYulji
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOUE5MC8xRkU4NEVEMjMz
NzYxMUVGOTkzRTQ2NzNDNEY5QUUwMi9VWWtyNWJDMHE4WUNWRVgwQTVfSGxkaTZX
T0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VZa3I1YkMwcThZQ1ZFWDBBNV9IbGRpNldPSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzlBOTAvMUZFODRFRDIzMzc2MTFFRjk5M0U0NjczQzRGOUFFMDIvOEI1ODRFQzIz
MzdEMTFFRjlENzFCNzJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgQkAhMAADANBgkqhkiG9w0BAQsFAAOCAQEAwK3q+mp4IBIW
UU1IrKuhmwD3HI8JIXTp7Qhp1SwMvD3atXU8kdJVrFzTJgpJh9VyhWGC5MG9uwsq
42Jinri8hVpa3YpGYdq6pN5bniqyBEsY/xiGZRrvOLx9kn9nnjtyMb2hiQnOqz5O
5VwkfeaWiQ3mRa8oTQbyHbyLDUAAFVKp3DbTMaQ9brTlEJGNcnLCewYvafh/NNrD
1A0UFMKBcYDyYjnBGZa/ASsmNVhxOEawrSPhUzxquphzGuDq6cfzhWxygtok/PxC
qXPzm6EqS/a8lZFt18wANCNU3l2s7bcqqznQ4LDZCHJsEqNMTngz1cor2kAc5H8N
uqE/4BUgUQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:16:16 2025 by rpki-client