Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91524AF/76C7F0F451F611EC9E3C6C3AC4F9AE02/A4EA76FEFA5511EFA9FECF1AC4F9AE02.roa
File: A4EA76FEFA5511EFA9FECF1AC4F9AE02.roa (raw, json)
Hash identifier: PLhgllj+TXNipur0MVlR2hOk3wk6k5mRyqqtPnrrNk8=
Subject key identifier: 06:0C:D3:0D:8C:07:C9:34:DC:76:24:D8:7D:2D:13:2F:21:5B:99:D7
Certificate issuer: /CN=A91524AF/serialNumber=5C315DAFC53A82FDD62C72005C7644333BC0297A
Certificate serial: 0439
Authority key identifier: 5C:31:5D:AF:C5:3A:82:FD:D6:2C:72:00:5C:76:44:33:3B:C0:29:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDFdr8U6gv3WLHIAXHZEMzvAKXo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91524AF/76C7F0F451F611EC9E3C6C3AC4F9AE02/A4EA76FEFA5511EFA9FECF1AC4F9AE02.roa
Signing time: Thu 06 Mar 2025 06:38:42 +0000
ROA not before: Thu 06 Mar 2025 06:38:42 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 149039
IP address blocks: 2001:df0:1ec0::/48 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1081 (0x439)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91524AF
Validity
Not Before: Mar 6 06:38:42 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67c942f2-fb92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ae:fa:cf:8f:1d:68:bf:74:41:a7:cf:c0:fb:
79:16:67:89:51:6f:80:a8:a9:a2:0c:a5:98:cc:f9:
5e:87:1e:41:03:48:b8:72:f0:6d:cd:d2:c2:19:1c:
9d:64:ea:08:8d:c2:50:c6:07:4b:67:50:f1:6d:ea:
d2:49:70:d0:a9:fd:67:66:f1:31:fb:b3:6a:90:a1:
41:90:7d:55:3e:ef:08:b3:80:a9:59:0e:af:ca:a5:
16:55:45:7c:56:66:40:1b:7a:f1:5b:e7:6e:2d:76:
a8:16:53:32:00:2b:0a:5c:10:7b:35:f9:05:fa:5c:
c1:9a:27:87:7e:7c:b7:51:c3:50:2a:4f:80:24:f3:
87:58:f9:43:d2:12:e9:62:33:cb:65:bb:61:95:5c:
b1:53:24:d8:62:df:08:bf:a7:f2:89:6c:59:d3:e0:
79:cb:c8:eb:0c:8d:75:1b:6e:40:36:a3:83:61:35:
a3:6e:bf:af:23:18:49:2d:20:16:01:8b:62:49:d6:
76:33:f5:67:b4:2e:c9:ae:33:13:61:f8:29:72:fb:
d3:bb:a9:8b:49:bb:c5:df:0b:17:4f:ad:fb:06:f9:
ff:ef:6e:3d:36:66:ed:9c:63:a0:cd:b7:3a:7f:97:
0b:9b:e0:50:11:c7:16:3e:13:89:73:51:6d:16:38:
f3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:0C:D3:0D:8C:07:C9:34:DC:76:24:D8:7D:2D:13:2F:21:5B:99:D7
X509v3 Authority Key Identifier:
keyid:5C:31:5D:AF:C5:3A:82:FD:D6:2C:72:00:5C:76:44:33:3B:C0:29:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91524AF/76C7F0F451F611EC9E3C6C3AC4F9AE02/XDFdr8U6gv3WLHIAXHZEMzvAKXo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDFdr8U6gv3WLHIAXHZEMzvAKXo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91524AF/76C7F0F451F611EC9E3C6C3AC4F9AE02/A4EA76FEFA5511EFA9FECF1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df0:1ec0::/48
Signature Algorithm: sha256WithRSAEncryption
77:e1:43:be:f5:90:79:b5:29:35:9f:6b:6c:e1:8a:e4:53:0f:
16:90:ff:57:a7:8e:30:b7:95:fe:28:44:e4:a9:67:86:9d:b8:
49:0f:99:6f:b2:20:c4:2f:f6:00:36:3d:8d:62:6c:f7:f9:f1:
95:2a:94:30:75:54:ed:f5:87:8c:c6:b2:c8:c3:60:91:c1:9a:
79:47:51:cb:1f:7f:ea:7d:25:b1:3b:10:cb:72:82:73:75:66:
6a:22:55:84:7c:a5:6b:28:95:c7:4c:64:f6:14:c4:00:58:c5:
02:27:ac:41:9b:3b:00:ce:da:a2:39:8e:e7:a6:b5:6d:3b:6d:
ac:9f:5a:32:40:3b:34:fd:cd:7b:70:e9:94:f6:e3:2a:5a:cf:
5f:8d:02:92:3f:f2:72:1f:46:29:f7:fa:a6:e9:1c:61:8e:82:
41:3e:92:27:31:9a:03:b1:26:4d:68:b7:9c:f2:e1:6a:ec:b3:
b7:c8:13:f1:4f:58:1c:f3:6d:d1:fc:eb:6a:24:76:36:3c:19:
70:6b:e1:6d:3f:30:f2:3d:36:07:23:22:b9:61:23:c1:f7:c7:
84:fe:3c:09:53:12:91:4f:d3:1d:35:78:99:4d:cc:4a:72:2f:
58:82:2e:95:df:0f:1f:b9:66:71:91:6b:33:e2:3f:c4:e8:57:
8f:80:e8:f6
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICBDkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTI0QUYxMTAvBgNVBAUTKDVDMzE1REFGQzUzQTgyRkRENjJDNzIwMDVDNzY0NDMz
M0JDMDI5N0EwHhcNMjUwMzA2MDYzODQyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M5NDJmMi1mYjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwq76z48daL90QafPwPt5FmeJUW+AqKmiDKWYzPlehx5BA0i4cvBtzdLCGRyd
ZOoIjcJQxgdLZ1DxberSSXDQqf1nZvEx+7NqkKFBkH1VPu8Is4CpWQ6vyqUWVUV8
VmZAG3rxW+duLXaoFlMyACsKXBB7NfkF+lzBmieHfny3UcNQKk+AJPOHWPlD0hLp
YjPLZbthlVyxUyTYYt8Iv6fyiWxZ0+B5y8jrDI11G25ANqODYTWjbr+vIxhJLSAW
AYtiSdZ2M/VntC7JrjMTYfgpcvvTu6mLSbvF3wsXT637Bvn/7249NmbtnGOgzbc6
f5cLm+BQEccWPhOJc1FtFjjzCwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFAYM0w2M
B8k03HYk2H0tEy8hW5nXMB8GA1UdIwQYMBaAFFwxXa/FOoL91ixyAFx2RDM7wCl6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjRBRi83NkM3RjBGNDUx
RjYxMUVDOUUzQzZDM0FDNEY5QUUwMi9YREZkcjhVNmd2M1dMSElBWEhaRU16dkFL
WG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hERmRyOFU2Z3YzV0xISUFYSFpFTXp2QUtYby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTI0QUYvNzZDN0YwRjQ1MUY2MTFFQzlFM0M2QzNBQzRGOUFFMDIvQTRFQTc2RkVG
QTU1MTFFRkE5RkVDRjFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3wHsAwDQYJKoZIhvcNAQELBQADggEBAHfhQ771kHm1
KTWfa2zhiuRTDxaQ/1enjjC3lf4oROSpZ4aduEkPmW+yIMQv9gA2PY1ibPf58ZUq
lDB1VO31h4zGssjDYJHBmnlHUcsff+p9JbE7EMtygnN1ZmoiVYR8pWsolcdMZPYU
xABYxQInrEGbOwDO2qI5juemtW07bayfWjJAOzT9zXtw6ZT24ypaz1+NApI/8nIf
Rin3+qbpHGGOgkE+kicxmgOxJk1ot5zy4Wrss7fIE/FPWBzzbdH862okdjY8GXBr
4W0/MPI9NgcjIrlhI8H3x4T+PAlTEpFP0x01eJlNzEpyL1iCLpXfDx+5ZnGRazPi
P8ToV4+A6PY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:41:25 2025 by rpki-client