Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/28E35E4898F211ED9FB5D80DC4F9AE02.roa
File: 28E35E4898F211ED9FB5D80DC4F9AE02.roa (raw, json)
Hash identifier: Jc7neVqmiIdnrebi7TQ+tno2juV2xxAmmlOymTBrBWE=
Subject key identifier: D4:D9:A1:41:9A:E8:C5:DB:D1:41:75:1A:80:BA:F6:89:71:9F:5C:A9
Certificate issuer: /CN=A9150F66/serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Certificate serial: 27B6
Authority key identifier: 90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/28E35E4898F211ED9FB5D80DC4F9AE02.roa
Signing time: Thu 30 May 2024 16:38:24 +0000
ROA not before: Thu 30 May 2024 16:38:24 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 17557
IP address blocks: 2001:dec:8000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10166 (0x27b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150F66
Validity
Not Before: May 30 16:38:24 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6658ab7f-6100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:bf:db:2b:f3:1c:7e:ef:8b:8c:84:2c:52:ac:
3c:e7:b5:89:aa:46:5b:db:ad:b3:f2:55:4f:53:3b:
81:91:a0:56:f1:15:74:ba:b2:b2:93:e7:82:9b:b7:
a8:a2:c6:dd:89:5e:a2:fd:d7:3b:8f:d6:da:a2:9c:
57:69:91:7b:8e:c0:3e:6d:4f:8b:2c:53:17:2d:49:
23:e3:f4:60:93:dd:9e:0f:d5:1d:74:bb:a6:c9:18:
c7:fd:3f:9f:7d:4e:3c:b4:74:c6:b8:01:95:7b:9e:
8d:a9:9c:ab:fe:74:6a:33:9c:9a:12:16:ce:30:94:
2c:b9:63:07:10:4e:f9:be:ec:21:62:9d:5d:c0:f4:
a3:e4:a5:fb:0c:37:53:50:f6:c4:0d:3d:d8:c0:8e:
61:91:cc:44:6e:75:f3:eb:a9:49:8c:78:6d:6f:19:
8a:e6:a4:46:c9:a0:6f:58:e1:b5:ed:aa:f3:bb:97:
7b:de:2c:de:71:3f:7c:da:a8:2d:8d:d1:16:f1:28:
d4:65:6e:ac:2b:54:3d:f0:b7:52:b5:7c:a3:ea:74:
b4:28:eb:d1:4c:14:35:31:41:5c:91:89:49:dc:98:
fa:cd:3a:05:e8:f8:74:df:bf:17:b5:3c:60:c6:62:
06:b2:49:2f:3f:40:9b:8c:89:4b:03:0c:96:0a:3d:
2a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D9:A1:41:9A:E8:C5:DB:D1:41:75:1A:80:BA:F6:89:71:9F:5C:A9
X509v3 Authority Key Identifier:
keyid:90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/28E35E4898F211ED9FB5D80DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:dec:8000::/48
Signature Algorithm: sha256WithRSAEncryption
65:98:e5:e6:23:41:51:f1:aa:70:95:3f:05:c9:0e:3d:54:9c:
46:22:ea:72:43:58:10:9f:4e:54:e9:bd:1b:26:14:b1:e6:12:
69:78:0c:3b:a4:52:c2:2f:f4:c8:6b:9f:0f:8b:c6:69:d0:3a:
20:e0:29:1f:29:c7:81:59:36:2d:b3:d6:3b:33:bb:e9:54:ad:
48:97:a5:87:b2:f9:53:0e:f6:33:f0:c8:3e:fd:a4:d7:07:a9:
03:ab:36:85:15:20:b5:ed:27:a8:27:ab:58:e2:5f:a9:e7:7f:
78:94:7b:d0:ed:2f:d0:fb:de:4a:a8:f6:12:c4:44:b7:d4:64:
73:46:a5:75:35:6d:bc:a0:20:d1:ed:87:d1:a6:d6:77:4c:dc:
2b:ef:88:73:e4:5f:6a:02:fa:12:47:9c:e1:52:cb:e7:f2:2b:
53:2b:15:f1:9c:5a:9a:06:ba:67:29:37:25:46:fc:e6:3c:1f:
68:de:a2:e1:dd:91:11:50:46:ff:6a:84:30:4e:97:70:b8:37:
42:f7:11:25:5d:dc:6f:0b:2c:98:96:94:46:53:78:9f:c5:36:
cd:95:9e:17:63:d5:77:06:f2:3d:50:c1:33:e8:6d:0f:81:27:
53:b2:a0:e6:d5:86:6b:5c:9f:0a:14:b9:53:66:30:ee:30:b7:
9d:74:36:00
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICJ7YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBGNjYxMTAvBgNVBAUTKDkwMDlFNzQxOTZENDhCMDM5NjRGMUZDNTZDRkU0NDZF
QzUwNDhDRjcwHhcNMjQwNTMwMTYzODI0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU4YWI3Zi02MTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1L/bK/Mcfu+LjIQsUqw857WJqkZb262z8lVPUzuBkaBW8RV0urKyk+eCm7eo
osbdiV6i/dc7j9baopxXaZF7jsA+bU+LLFMXLUkj4/Rgk92eD9UddLumyRjH/T+f
fU48tHTGuAGVe56NqZyr/nRqM5yaEhbOMJQsuWMHEE75vuwhYp1dwPSj5KX7DDdT
UPbEDT3YwI5hkcxEbnXz66lJjHhtbxmK5qRGyaBvWOG17arzu5d73izecT982qgt
jdEW8SjUZW6sK1Q98LdStXyj6nS0KOvRTBQ1MUFckYlJ3Jj6zToF6Ph0378XtTxg
xmIGskkvP0CbjIlLAwyWCj0qXwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFNTZoUGa
6MXb0UF1GoC69olxn1ypMB8GA1UdIwQYMBaAFJAJ50GW1IsDlk8fxWz+RG7FBIz3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MEY2Ni9CQzFEQzFGNkMx
NzUxMUU0QTJDN0I3NENDNEY5QUUwMi9rQW5uUVpiVWl3T1dUeF9GYlA1RWJzVUVq
UGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBbm5RWmJVaXdPV1R4X0ZiUDVFYnNVRWpQYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBGNjYvQkMxREMxRjZDMTc1MTFFNEEyQzdCNzRDQzRGOUFFMDIvMjhFMzVFNDg5
OEYyMTFFRDlGQjVEODBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3sgAAwDQYJKoZIhvcNAQELBQADggEBAGWY5eYjQVHx
qnCVPwXJDj1UnEYi6nJDWBCfTlTpvRsmFLHmEml4DDukUsIv9Mhrnw+LxmnQOiDg
KR8px4FZNi2z1jszu+lUrUiXpYey+VMO9jPwyD79pNcHqQOrNoUVILXtJ6gnq1ji
X6nnf3iUe9DtL9D73kqo9hLERLfUZHNGpXU1bbygINHth9Gm1ndM3CvviHPkX2oC
+hJHnOFSy+fyK1MrFfGcWpoGumcpNyVG/OY8H2jeouHdkRFQRv9qhDBOl3C4N0L3
ESVd3G8LLJiWlEZTeJ/FNs2Vnhdj1XcG8j1QwTPobQ+BJ1OyoObVhmtcnwoUuVNm
MO4wt510NgA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:38:03 2025 by rpki-client