Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914B758/4C7A2868D36E11ECB2614453C4F9AE02/1CA2FA08D37711EC9A8FF526C4F9AE02.roa
File: 1CA2FA08D37711EC9A8FF526C4F9AE02.roa (raw, json)
Hash identifier: x1s3eQy6LeBQljvpss9e0xqe6y4ivgOueGGP5hZZQd4=
Subject key identifier: 9B:74:A0:B7:02:93:82:0C:A5:16:EC:31:F9:95:72:7B:50:8E:48:40
Certificate issuer: /CN=A914B758/serialNumber=AF55581BA127E2090A0A5462FE7BCE70616F2CDC
Certificate serial: 025E
Authority key identifier: AF:55:58:1B:A1:27:E2:09:0A:0A:54:62:FE:7B:CE:70:61:6F:2C:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r1VYG6En4gkKClRi_nvOcGFvLNw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914B758/4C7A2868D36E11ECB2614453C4F9AE02/1CA2FA08D37711EC9A8FF526C4F9AE02.roa
Signing time: Mon 03 Jun 2024 04:32:47 +0000
ROA not before: Mon 03 Jun 2024 04:32:47 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 149830
IP address blocks: 2001:df0:bac0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 606 (0x25e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914B758
Validity
Not Before: Jun 3 04:32:47 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=665d476f-7fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2b:4c:fb:77:20:90:81:36:a4:64:51:33:86:
74:ff:41:79:aa:5f:e7:90:5b:df:6c:23:aa:0a:ba:
33:4c:92:72:6a:f6:27:56:9f:b4:d8:48:7d:0e:ca:
e6:ea:1b:31:83:1b:a7:7f:bf:63:8d:d0:ec:df:7e:
8c:e1:5a:36:7e:f9:e7:a8:4c:67:62:18:47:f1:23:
27:af:26:7b:56:c7:98:e6:3e:14:38:a5:bc:ac:c1:
10:40:44:ae:7c:10:1d:33:b7:1b:39:6e:cc:69:a2:
9d:b8:32:a8:db:6c:7d:33:ed:5b:ee:d5:1a:c1:a9:
99:e0:70:ad:42:c0:c5:f2:a9:7b:7f:a8:78:d3:56:
33:cc:f9:7b:34:f2:5b:b5:5b:15:50:c5:bf:50:ec:
23:b4:c5:0c:d6:06:95:a3:17:af:6b:d2:8f:d9:64:
98:e1:65:95:1d:31:5a:6b:b7:f2:49:18:42:03:14:
9d:06:07:3a:c0:39:cd:b4:79:37:b6:7a:55:2b:a9:
f5:a9:59:6d:5b:61:6c:83:47:a0:30:51:f7:45:f8:
9d:5c:ee:6a:1f:a7:23:0c:a3:45:77:ad:54:c0:40:
d7:a4:35:36:f6:4b:78:60:a1:0e:23:d2:c4:e4:90:
03:31:a8:f5:a3:9f:b8:c5:1a:cf:44:52:17:06:6a:
a5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:74:A0:B7:02:93:82:0C:A5:16:EC:31:F9:95:72:7B:50:8E:48:40
X509v3 Authority Key Identifier:
keyid:AF:55:58:1B:A1:27:E2:09:0A:0A:54:62:FE:7B:CE:70:61:6F:2C:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914B758/4C7A2868D36E11ECB2614453C4F9AE02/r1VYG6En4gkKClRi_nvOcGFvLNw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r1VYG6En4gkKClRi_nvOcGFvLNw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914B758/4C7A2868D36E11ECB2614453C4F9AE02/1CA2FA08D37711EC9A8FF526C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df0:bac0::/48
Signature Algorithm: sha256WithRSAEncryption
81:70:21:44:34:e1:92:eb:da:48:89:fd:c4:4c:f9:f2:47:61:
f5:b7:26:43:1f:b2:09:ea:dc:d9:96:4b:8f:56:d0:d3:11:70:
e8:01:1c:b1:9c:0b:ac:f2:72:d7:14:d8:3b:be:1c:fc:52:7e:
f2:56:ec:7c:19:1f:4d:78:f2:61:6c:2a:5d:28:d7:38:bc:9e:
98:74:a5:c2:e6:3a:8b:47:cb:fd:4d:9b:b2:e9:c5:55:a3:94:
21:c5:cc:69:64:0a:1c:2b:c5:ad:4a:82:3b:63:04:ae:65:f6:
0b:43:0e:0b:bd:10:cd:b0:26:5a:68:2d:9c:b0:e9:c5:be:b7:
97:84:0b:6c:f9:7e:6d:4d:31:a6:25:6c:c5:ca:c2:9a:e3:b1:
32:b6:fd:5c:d3:95:c3:a9:40:21:54:30:bd:80:6b:63:48:02:
ab:8e:af:1a:a5:4e:89:d6:9b:60:e5:d6:f2:a1:59:14:13:e3:
c2:c5:65:6c:fd:77:bf:8f:90:85:84:6d:d0:54:78:81:1e:be:
c0:b5:5c:14:d0:ad:13:9d:78:00:af:98:8a:25:e8:37:b3:fd:
b7:59:cf:5f:e6:1b:21:55:87:3c:2e:47:5c:88:9f:08:4d:4a:
52:a7:33:82:b5:96:67:9c:b1:1c:5f:99:cf:98:0f:c2:e2:fc:
69:5b:79:1f
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEI3NTgxMTAvBgNVBAUTKEFGNTU1ODFCQTEyN0UyMDkwQTBBNTQ2MkZFN0JDRTcw
NjE2RjJDREMwHhcNMjQwNjAzMDQzMjQ3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVkNDc2Zi03ZmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApytM+3cgkIE2pGRRM4Z0/0F5ql/nkFvfbCOqCrozTJJyavYnVp+02Eh9Dsrm
6hsxgxunf79jjdDs336M4Vo2fvnnqExnYhhH8SMnryZ7VseY5j4UOKW8rMEQQESu
fBAdM7cbOW7MaaKduDKo22x9M+1b7tUawamZ4HCtQsDF8ql7f6h401YzzPl7NPJb
tVsVUMW/UOwjtMUM1gaVoxeva9KP2WSY4WWVHTFaa7fySRhCAxSdBgc6wDnNtHk3
tnpVK6n1qVltW2Fsg0egMFH3RfidXO5qH6cjDKNFd61UwEDXpDU29kt4YKEOI9LE
5JADMaj1o5+4xRrPRFIXBmqldwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFJt0oLcC
k4IMpRbsMfmVcntQjkhAMB8GA1UdIwQYMBaAFK9VWBuhJ+IJCgpUYv57znBhbyzc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Qjc1OC80QzdBMjg2OEQz
NkUxMUVDQjI2MTQ0NTNDNEY5QUUwMi9yMVZZRzZFbjRna0tDbFJpX252T2NHRnZM
TncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3IxVllHNkVuNGdrS0NsUmlfbnZPY0dGdkxOdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEI3NTgvNEM3QTI4NjhEMzZFMTFFQ0IyNjE0NDUzQzRGOUFFMDIvMUNBMkZBMDhE
Mzc3MTFFQzlBOEZGNTI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3wusAwDQYJKoZIhvcNAQELBQADggEBAIFwIUQ04ZLr
2kiJ/cRM+fJHYfW3JkMfsgnq3NmWS49W0NMRcOgBHLGcC6zyctcU2Du+HPxSfvJW
7HwZH0148mFsKl0o1zi8nph0pcLmOotHy/1Nm7LpxVWjlCHFzGlkChwrxa1Kgjtj
BK5l9gtDDgu9EM2wJlpoLZyw6cW+t5eEC2z5fm1NMaYlbMXKwprjsTK2/VzTlcOp
QCFUML2Aa2NIAquOrxqlTonWm2Dl1vKhWRQT48LFZWz9d7+PkIWEbdBUeIEevsC1
XBTQrROdeACvmIol6Dez/bdZz1/mGyFVhzwuR1yInwhNSlKnM4K1lmecsRxfmc+Y
D8Li/GlbeR8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:08:16 2025 by rpki-client