Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915479A/2E10EDB2E37911EFB4666B31C4F9AE02/88A1F6DEE37B11EFB4D75458C4F9AE02.roa
File: 88A1F6DEE37B11EFB4D75458C4F9AE02.roa (raw, json)
Hash identifier: cprKT/vfUwI6vjvLZuHXw1YhqI0bQrhQTc7WaG1olUM=
Subject key identifier: AB:98:96:FF:58:F7:D8:83:3B:A0:A7:3C:05:DD:3B:D2:7B:1E:0D:B3
Certificate issuer: /CN=A915479A/serialNumber=758AC2BEDADCBA3AD738169FB389D508B54D74BF
Certificate serial: 02
Authority key identifier: 75:8A:C2:BE:DA:DC:BA:3A:D7:38:16:9F:B3:89:D5:08:B5:4D:74:BF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dYrCvtrcujrXOBafs4nVCLVNdL8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915479A/2E10EDB2E37911EFB4666B31C4F9AE02/88A1F6DEE37B11EFB4D75458C4F9AE02.roa
Signing time: Wed 05 Feb 2025 04:41:59 +0000
ROA not before: Wed 05 Feb 2025 04:41:59 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 153571
IP address blocks: 2001:df4:f8c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915479A
Validity
Not Before: Feb 5 04:41:59 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a2ec16-549a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:9c:82:58:6b:76:39:4b:cf:ce:f1:06:f4:9d:
ea:ae:78:59:b4:ac:ae:87:3b:d6:bd:8f:23:1b:72:
b0:a4:ed:39:26:c5:40:d5:82:35:83:51:48:47:3d:
1a:99:f1:73:b2:7a:94:f2:f3:61:3d:db:0e:ec:10:
53:a0:5c:72:65:41:8a:3e:7c:67:d0:e5:6e:d1:52:
2d:29:9c:37:26:83:1d:ce:f1:62:79:a7:9f:53:21:
eb:4f:1f:30:34:c3:a7:ac:a8:f9:23:86:66:fe:2b:
fa:9c:ee:0d:50:7c:de:13:96:b4:1d:f2:27:c8:79:
b8:36:20:6f:b2:24:bd:4a:7d:00:b9:e4:0c:e1:2b:
34:d2:d5:7f:47:e6:c0:0f:d5:39:bb:25:3a:bf:33:
bc:38:b2:d1:08:66:a2:f4:dc:e5:68:5c:40:e8:7b:
35:67:35:17:dc:d1:be:ee:46:9d:55:5c:bc:0a:e7:
94:e7:55:4d:a9:f4:3b:ea:0b:bc:38:fc:de:55:f1:
74:3b:e1:78:f2:81:cd:47:16:2a:24:71:73:ff:4d:
06:60:60:da:4c:d6:bd:90:30:dc:be:2b:ae:92:b3:
e1:cf:a0:b1:61:96:79:22:3a:f1:a4:b2:14:7a:1a:
40:7d:21:50:2b:66:63:a7:7e:63:0e:33:99:ac:a3:
b4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:98:96:FF:58:F7:D8:83:3B:A0:A7:3C:05:DD:3B:D2:7B:1E:0D:B3
X509v3 Authority Key Identifier:
keyid:75:8A:C2:BE:DA:DC:BA:3A:D7:38:16:9F:B3:89:D5:08:B5:4D:74:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915479A/2E10EDB2E37911EFB4666B31C4F9AE02/dYrCvtrcujrXOBafs4nVCLVNdL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dYrCvtrcujrXOBafs4nVCLVNdL8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915479A/2E10EDB2E37911EFB4666B31C4F9AE02/88A1F6DEE37B11EFB4D75458C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:f8c0::/48
Signature Algorithm: sha256WithRSAEncryption
33:8a:51:3e:45:09:88:f6:2c:b0:68:37:d6:d7:82:35:7a:8f:
a3:45:39:24:c8:15:71:a4:5e:7f:b4:e5:6f:da:36:9d:d6:61:
af:cf:29:a6:8f:75:d9:0d:69:26:6a:fb:46:55:b1:a0:ac:79:
4b:01:0e:aa:1a:4e:6a:62:a6:d3:e9:e2:d5:a4:4f:77:3e:7b:
0a:4a:1e:fb:52:73:7e:3a:77:58:b0:6c:c3:e8:d9:06:c6:4a:
40:5e:50:d3:07:68:05:18:e6:55:01:d9:f1:2a:c3:65:f3:5f:
d1:ed:79:82:21:2a:d7:a2:48:75:3b:bf:09:dc:81:1b:5d:ba:
a7:38:3b:27:54:bf:2c:e3:74:df:24:1d:f5:3f:ba:14:30:6c:
36:6a:f8:94:b5:08:ff:dc:6f:04:f0:3d:65:36:01:3e:fe:8b:
f0:44:7a:96:bd:87:c0:74:de:be:bd:1b:9e:5c:a7:e0:88:b3:
43:36:4e:ca:39:33:ba:b2:a4:cd:22:d0:7d:9d:b7:27:e9:a3:
7f:04:69:ae:bb:9b:8b:11:8b:07:bc:0f:aa:bd:d0:8a:e3:44:
d9:8d:ee:68:9d:39:42:f4:bf:48:42:84:c1:a3:a4:2b:47:c5:
d4:29:ba:cd:db:82:b6:46:68:22:50:97:59:69:d6:ee:de:55:
f7:f2:95:0f
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NDc5QTExMC8GA1UEBRMoNzU4QUMyQkVEQURDQkEzQUQ3MzgxNjlGQjM4OUQ1MDhC
NTRENzRCRjAeFw0yNTAyMDUwNDQxNTlaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YTJlYzE2LTU0OWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD7nIJYa3Y5S8/O8Qb0nequeFm0rK6HO9a9jyMbcrCk7TkmxUDVgjWDUUhHPRqZ
8XOyepTy82E92w7sEFOgXHJlQYo+fGfQ5W7RUi0pnDcmgx3O8WJ5p59TIetPHzA0
w6esqPkjhmb+K/qc7g1QfN4TlrQd8ifIebg2IG+yJL1KfQC55AzhKzTS1X9H5sAP
1Tm7JTq/M7w4stEIZqL03OVoXEDoezVnNRfc0b7uRp1VXLwK55TnVU2p9DvqC7w4
/N5V8XQ74Xjygc1HFiokcXP/TQZgYNpM1r2QMNy+K66Ss+HPoLFhlnkiOvGkshR6
GkB9IVArZmOnfmMOM5mso7TBAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUq5iW/1j3
2IM7oKc8Bd070nseDbMwHwYDVR0jBBgwFoAUdYrCvtrcujrXOBafs4nVCLVNdL8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU0NzlBLzJFMTBFREIyRTM3
OTExRUZCNDY2NkIzMUM0RjlBRTAyL2RZckN2dHJjdWpyWE9CYWZzNG5WQ0xWTmRM
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZFlyQ3Z0cmN1anJYT0JhZnM0blZDTFZOZEw4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NDc5QS8yRTEwRURCMkUzNzkxMUVGQjQ2NjZCMzFDNEY5QUUwMi84OEExRjZERUUz
N0IxMUVGQjRENzU0NThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfT4wDANBgkqhkiG9w0BAQsFAAOCAQEAM4pRPkUJiPYs
sGg31teCNXqPo0U5JMgVcaRef7Tlb9o2ndZhr88ppo912Q1pJmr7RlWxoKx5SwEO
qhpOamKm0+ni1aRPdz57Ckoe+1Jzfjp3WLBsw+jZBsZKQF5Q0wdoBRjmVQHZ8SrD
ZfNf0e15giEq16JIdTu/CdyBG126pzg7J1S/LON03yQd9T+6FDBsNmr4lLUI/9xv
BPA9ZTYBPv6L8ER6lr2HwHTevr0bnlyn4IizQzZOyjkzurKkzSLQfZ23J+mjfwRp
rrubixGLB7wPqr3QiuNE2Y3uaJ05QvS/SEKEwaOkK0fF1Cm6zduCtkZoIlCXWWnW
7t5V9/KVDw==
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:00:26 2025 by rpki-client