Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91474C3/6F8B52A01D7011E2BC11DAB408B02CD2/DCA7C1ECB0F811E595E0F761C4F9AE02.roa
File: DCA7C1ECB0F811E595E0F761C4F9AE02.roa (raw, json)
Hash identifier: 4DCzMrS23y6D/kybetlk2S0srHOzdeBvs5HMeNPfJ5E=
Subject key identifier: 63:9D:ED:DB:22:C9:56:9F:8B:E0:3C:DC:5F:B4:0A:19:E8:D5:F7:E6
Certificate issuer: /CN=A91474C3/serialNumber=F3FEF462A4D8E2F7FA0735A6AB645EE5635DA8F2
Certificate serial: 3421
Authority key identifier: F3:FE:F4:62:A4:D8:E2:F7:FA:07:35:A6:AB:64:5E:E5:63:5D:A8:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8_70YqTY4vf6BzWmq2Re5WNdqPI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91474C3/6F8B52A01D7011E2BC11DAB408B02CD2/DCA7C1ECB0F811E595E0F761C4F9AE02.roa
Signing time: Tue 02 Apr 2024 14:50:11 +0000
ROA not before: Tue 02 Apr 2024 14:50:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6939
IP address blocks: 27.50.32.0/21 maxlen: 21
2400:7a00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13345 (0x3421)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91474C3
Validity
Not Before: Apr 2 14:50:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660c1b23-198d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f6:56:60:87:bb:6f:a8:42:e0:4d:4a:28:60:
ac:a6:5d:63:f8:7f:7a:70:b7:47:16:76:e7:ae:24:
86:95:27:56:04:a2:aa:86:ec:6d:7e:da:fc:2c:83:
42:e0:2a:cb:be:f5:11:16:60:bf:b9:c1:05:05:05:
a3:14:18:90:63:9a:13:9d:64:34:fb:3a:5c:1f:68:
c9:52:7a:73:83:04:97:87:6c:07:b3:09:f3:4a:e1:
bc:05:eb:41:3c:65:f4:bf:0f:ca:20:9b:1d:c5:d7:
13:1d:02:b5:df:c1:77:e7:d3:6a:a4:87:9f:81:bc:
1b:0b:40:44:70:79:0a:ec:9b:e0:66:74:70:50:da:
42:a2:78:45:2d:44:07:19:12:3e:b7:73:bb:02:22:
81:61:ec:31:4d:f0:4d:10:ea:59:9f:3e:77:e2:94:
93:d7:ff:22:07:83:c3:23:1d:76:67:cc:7b:2c:17:
2d:62:e4:03:9e:f1:aa:a9:e2:b1:c6:22:7e:5f:a3:
75:57:30:40:f8:c4:42:b6:9d:e4:d6:2d:22:50:db:
ca:8b:93:03:14:da:b8:ba:63:d5:50:b8:71:ac:33:
80:dc:f1:18:8c:76:e1:ee:2c:c5:56:d2:bc:eb:4e:
91:36:2c:12:64:7d:8f:82:5a:de:70:c5:40:72:2b:
e3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9D:ED:DB:22:C9:56:9F:8B:E0:3C:DC:5F:B4:0A:19:E8:D5:F7:E6
X509v3 Authority Key Identifier:
keyid:F3:FE:F4:62:A4:D8:E2:F7:FA:07:35:A6:AB:64:5E:E5:63:5D:A8:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91474C3/6F8B52A01D7011E2BC11DAB408B02CD2/8_70YqTY4vf6BzWmq2Re5WNdqPI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8_70YqTY4vf6BzWmq2Re5WNdqPI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91474C3/6F8B52A01D7011E2BC11DAB408B02CD2/DCA7C1ECB0F811E595E0F761C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.50.32.0/21
IPv6:
2400:7a00::/32
Signature Algorithm: sha256WithRSAEncryption
06:6a:6a:4c:0c:31:07:b7:7d:c4:6b:87:5c:d0:9a:73:43:15:
ca:50:98:fe:cd:68:ac:43:4a:2b:1e:c2:a2:db:b2:00:9f:98:
06:ec:b0:e3:7c:bc:80:97:6f:aa:2e:48:54:a3:bd:b3:10:11:
e7:e7:27:93:4b:17:c2:05:8f:26:b7:4a:3c:03:f0:69:73:9b:
64:c1:f4:bb:4e:5a:da:0c:1f:0b:fb:10:0f:b4:cb:bf:8f:84:
ab:c8:17:06:e3:a1:74:80:f5:fa:fc:3f:16:42:bc:8a:fa:dd:
0e:cf:72:8f:82:7f:c2:1b:eb:8d:b8:b9:ac:76:49:c3:c7:4d:
6d:d5:4e:c8:66:28:36:4d:d1:06:d0:3f:f4:7f:71:76:c9:b9:
6c:c7:31:d9:8e:85:7e:b0:90:0e:ee:70:73:95:89:4b:4e:5d:
1d:7d:94:8c:9e:67:fe:ad:f0:cc:07:ea:c8:dd:02:8a:95:36:
f6:1b:c7:10:96:81:1f:b1:0b:83:1f:b0:4a:da:db:7c:f7:fe:
c2:8b:3e:f5:9b:13:ae:84:e2:6f:f2:95:3c:6b:a4:8c:e9:e4:
08:91:d6:20:00:fc:c3:85:ff:bc:85:06:46:59:0f:97:b6:2e:
e3:e8:83:62:4f:52:d1:00:0a:28:2e:e5:13:01:e5:a5:33:db:
20:88:33:c4
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICNCEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc0QzMxMTAvBgNVBAUTKEYzRkVGNDYyQTREOEUyRjdGQTA3MzVBNkFCNjQ1RUU1
NjM1REE4RjIwHhcNMjQwNDAyMTQ1MDExWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBjMWIyMy0xOThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsvZWYIe7b6hC4E1KKGCspl1j+H96cLdHFnbnriSGlSdWBKKqhuxtftr8LINC
4CrLvvURFmC/ucEFBQWjFBiQY5oTnWQ0+zpcH2jJUnpzgwSXh2wHswnzSuG8BetB
PGX0vw/KIJsdxdcTHQK138F359NqpIefgbwbC0BEcHkK7JvgZnRwUNpConhFLUQH
GRI+t3O7AiKBYewxTfBNEOpZnz534pST1/8iB4PDIx12Z8x7LBctYuQDnvGqqeKx
xiJ+X6N1VzBA+MRCtp3k1i0iUNvKi5MDFNq4umPVULhxrDOA3PEYjHbh7izFVtK8
606RNiwSZH2PglrecMVAcivjiwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGOd7dsi
yVafi+A83F+0Chno1ffmMB8GA1UdIwQYMBaAFPP+9GKk2OL3+gc1pqtkXuVjXajy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzRDMy82RjhCNTJBMDFE
NzAxMUUyQkMxMURBQjQwOEIwMkNEMi84XzcwWXFUWTR2ZjZCeldtcTJSZTVXTmRx
UEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhfNzBZcVRZNHZmNkJ6V21xMlJlNVdOZHFQSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc0QzMvNkY4QjUyQTAxRDcwMTFFMkJDMTFEQUI0MDhCMDJDRDIvRENBN0MxRUNC
MEY4MTFFNTk1RTBGNzYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAMbMiAwDQQCAAIwBwMFACQAegAwDQYJKoZIhvcNAQELBQAD
ggEBAAZqakwMMQe3fcRrh1zQmnNDFcpQmP7NaKxDSisewqLbsgCfmAbssON8vICX
b6ouSFSjvbMQEefnJ5NLF8IFjya3SjwD8Glzm2TB9LtOWtoMHwv7EA+0y7+PhKvI
FwbjoXSA9fr8PxZCvIr63Q7Pco+Cf8Ib6424uax2ScPHTW3VTshmKDZN0QbQP/R/
cXbJuWzHMdmOhX6wkA7ucHOViUtOXR19lIyeZ/6t8MwH6sjdAoqVNvYbxxCWgR+x
C4MfsEra23z3/sKLPvWbE66E4m/ylTxrpIzp5AiR1iAA/MOF/7yFBkZZD5e2LuPo
g2JPUtEACigu5RMB5aUz2yCIM8Q=
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:56:49 2025 by rpki-client