Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/C2F17AB22DCE11EEA2884670C4F9AE02.roa
File: C2F17AB22DCE11EEA2884670C4F9AE02.roa (raw, json)
Hash identifier: V1fSCsWS5cdJM7voSc5ZTQaks8azUpLSc/ONX61tIJU=
Subject key identifier: DE:AB:9B:3E:6C:C3:DB:76:64:3A:6A:FC:2B:AE:24:53:A1:32:F6:95
Certificate issuer: /CN=A914BC7A/serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09
Certificate serial: 342F
Authority key identifier: 53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/C2F17AB22DCE11EEA2884670C4F9AE02.roa
Signing time: Tue 20 Aug 2024 15:31:14 +0000
ROA not before: Tue 20 Aug 2024 15:31:14 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 148001
IP address blocks: 240a:eff0::/28 maxlen: 30
240a:eff0::/30 maxlen: 32
240a:eff4::/31 maxlen: 32
240a:eff8::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13359 (0x342f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BC7A
Validity
Not Before: Aug 20 15:31:14 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66c4b6c2-03ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:98:ad:0e:1e:e6:fb:bb:1f:01:ee:45:0a:9b:
54:7a:7e:bb:fd:6e:81:87:d1:8b:29:70:68:34:41:
07:e9:07:5e:47:85:3d:64:1d:ca:1e:5e:74:2b:cb:
c8:05:f6:9a:90:c3:46:93:1d:c1:0d:51:a5:a9:86:
42:26:42:bf:b7:38:84:15:b9:ef:8e:46:ef:7b:c4:
9a:8d:b5:2b:12:09:89:7f:f7:30:7c:06:86:e8:4d:
67:fe:f3:b7:48:2b:4e:de:96:7f:a7:13:6d:ec:dd:
d9:d7:ad:b3:4b:55:34:a5:b7:c8:e6:42:72:44:16:
17:8b:5c:7b:1c:de:20:de:5b:63:55:7b:84:01:5f:
58:8e:a5:3d:f4:a9:00:e7:a9:42:c1:35:d3:30:d8:
b5:a5:3d:12:de:57:93:4f:92:ee:0e:87:9d:8f:f1:
e3:f7:ed:c1:7e:0b:e7:95:e8:b5:34:81:0f:b3:98:
e8:02:d7:0a:ac:90:4e:3d:9f:6f:12:ff:fd:c9:e8:
2d:f4:9e:81:10:90:4f:ef:5d:4c:f1:88:e7:4d:e2:
54:dc:fe:6b:51:86:2e:15:86:a7:82:c2:dd:c9:52:
7a:62:23:e7:eb:a6:46:63:e9:3a:f1:19:f5:9e:31:
8a:34:92:af:c6:80:59:da:7b:7c:46:29:4c:d3:9a:
e1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:AB:9B:3E:6C:C3:DB:76:64:3A:6A:FC:2B:AE:24:53:A1:32:F6:95
X509v3 Authority Key Identifier:
keyid:53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/C2F17AB22DCE11EEA2884670C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:eff0::/28
Signature Algorithm: sha256WithRSAEncryption
01:a7:a5:9e:a6:3c:b5:6a:06:b8:0a:14:bb:b3:f3:97:35:7e:
c7:9d:95:ef:20:fc:c2:bb:34:34:a5:9e:70:2e:e9:01:73:d3:
95:bd:10:0f:3f:82:f8:a6:19:61:c5:73:b5:7b:1c:d0:05:e7:
f0:c0:f4:b1:60:fd:b7:c1:5c:03:ad:ad:e2:12:bb:1f:d5:c4:
bc:79:a6:cc:ff:8b:9a:f6:71:78:15:01:65:09:02:58:9b:79:
ea:81:71:4c:dd:90:a8:62:2c:2f:32:44:d2:7c:f2:89:8a:31:
52:22:9e:ab:e4:eb:5d:2a:14:bb:4e:1b:bd:75:11:0b:07:8e:
9e:c3:f7:6a:a7:34:24:95:32:9c:6a:d6:4b:1e:1d:28:78:70:
08:6b:2f:92:dc:8f:85:25:a0:07:17:52:b9:af:0b:a8:71:be:
74:e0:e3:3d:8e:03:9f:9d:21:a4:1b:51:df:4e:23:d9:9b:fa:
f0:74:78:13:de:7e:ab:03:14:be:d8:2e:a6:d5:93:3e:44:85:
4e:a6:76:ff:1a:57:b8:7a:ff:f3:4c:1c:d0:55:01:79:06:12:
4c:d4:86:0b:eb:b8:a7:7e:d7:12:83:19:c1:05:6e:43:6d:07:
41:e4:89:3c:09:81:c4:26:3f:a5:bf:88:a3:09:93:d7:c7:9d:
45:db:11:07
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICNC8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJDN0ExMTAvBgNVBAUTKDUzMTJGMzk5QTZGN0VCMEREQ0Q1MUMwMzlGODNGN0I3
QTQ3QTVGMDkwHhcNMjQwODIwMTUzMTE0WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM0YjZjMi0wM2FjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyZitDh7m+7sfAe5FCptUen67/W6Bh9GLKXBoNEEH6QdeR4U9ZB3KHl50K8vI
BfaakMNGkx3BDVGlqYZCJkK/tziEFbnvjkbve8SajbUrEgmJf/cwfAaG6E1n/vO3
SCtO3pZ/pxNt7N3Z162zS1U0pbfI5kJyRBYXi1x7HN4g3ltjVXuEAV9YjqU99KkA
56lCwTXTMNi1pT0S3leTT5LuDoedj/Hj9+3Bfgvnlei1NIEPs5joAtcKrJBOPZ9v
Ev/9yegt9J6BEJBP711M8YjnTeJU3P5rUYYuFYangsLdyVJ6YiPn66ZGY+k68Rn1
njGKNJKvxoBZ2nt8RilM05rh8wIDAQABo4ICljCCApIwHQYDVR0OBBYEFN6rmz5s
w9t2ZDpq/CuuJFOhMvaVMB8GA1UdIwQYMBaAFFMS85mm9+sN3NUcA5+D97ekel8J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkM3QS80QzUyOEY3ODQ1
MDMxMUUyQkRDQTFGNzMyOTc5QkIyMC9VeEx6bWFiMzZ3M2MxUndEbjRQM3Q2UjZY
d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V4THptYWIzNnczYzFSd0RuNFAzdDZSNlh3ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJDN0EvNEM1MjhGNzg0NTAzMTFFMkJEQ0ExRjczMjk3OUJCMjAvQzJGMTdBQjIy
RENFMTFFRUEyODg0NjcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQQkCu/wMA0GCSqGSIb3DQEBCwUAA4IBAQABp6Wepjy1aga4
ChS7s/OXNX7HnZXvIPzCuzQ0pZ5wLukBc9OVvRAPP4L4phlhxXO1exzQBefwwPSx
YP23wVwDra3iErsf1cS8eabM/4ua9nF4FQFlCQJYm3nqgXFM3ZCoYiwvMkTSfPKJ
ijFSIp6r5OtdKhS7Thu9dRELB46ew/dqpzQklTKcatZLHh0oeHAIay+S3I+FJaAH
F1K5rwuocb504OM9jgOfnSGkG1HfTiPZm/rwdHgT3n6rAxS+2C6m1ZM+RIVOpnb/
Gle4ev/zTBzQVQF5BhJM1IYL67inftcSgxnBBW5DbQdB5Ik8CYHEJj+lv4ijCZPX
x51F2xEH
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:18:08 2025 by rpki-client