Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DAE/61666C0ED68911E8B6811433C4F9AE02/C21FA1CE080511EAA9457C67C4F9AE02.roa
File: C21FA1CE080511EAA9457C67C4F9AE02.roa (raw, json)
Hash identifier: PiSgVIn+A3YVcVJ8J1LY1Q9+m55+zt9vsCjTvJtZIKc=
Subject key identifier: B6:18:D2:0F:35:7C:BE:78:56:2A:CA:CA:41:A6:F8:87:8C:A3:29:67
Certificate issuer: /CN=A9157DAE/serialNumber=E1B807AC2B7455FBB1E316068D1D0171260BB1C7
Certificate serial: 12B1
Authority key identifier: E1:B8:07:AC:2B:74:55:FB:B1:E3:16:06:8D:1D:01:71:26:0B:B1:C7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4bgHrCt0Vfux4xYGjR0BcSYLscc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157DAE/61666C0ED68911E8B6811433C4F9AE02/C21FA1CE080511EAA9457C67C4F9AE02.roa
Signing time: Wed 04 Dec 2024 17:25:05 +0000
ROA not before: Wed 04 Dec 2024 17:25:05 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 139263
IP address blocks: 2403:cfc0:1011::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4785 (0x12b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157DAE
Validity
Not Before: Dec 4 17:25:05 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67509071-9403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:10:15:a9:44:5f:76:84:88:a3:f9:46:08:e7:
87:ef:74:ad:3b:62:99:7a:f6:67:eb:38:32:07:62:
d7:cd:f0:cd:e2:52:a7:b5:25:3f:0c:6f:04:ea:3d:
e5:42:49:42:7c:9c:99:82:8c:e2:cc:89:44:ed:fa:
4e:8e:d7:91:d0:dd:62:c0:1f:e3:fa:82:46:00:e6:
4e:2b:b4:4f:49:df:89:3c:56:f4:8d:cd:30:d7:67:
b7:37:9a:cc:6b:fc:7f:f8:d7:d5:f8:57:af:73:35:
4d:0d:d1:f7:51:58:a9:8b:aa:6f:30:8f:b5:4b:45:
20:73:06:79:ed:68:55:32:30:29:78:c1:b2:df:b0:
0d:8a:31:b3:91:ad:1a:a1:0e:71:8b:d8:8d:fc:ed:
b2:1f:d2:2e:84:b6:f1:67:45:cd:31:56:5b:39:19:
01:9a:f7:d1:92:51:d6:b2:fa:5b:0e:69:d3:50:d5:
51:8a:17:a7:6d:81:2f:8c:60:4f:17:3a:e5:3d:7f:
f0:cb:4f:36:3c:a9:86:de:61:f0:81:43:f7:d4:e3:
b7:d0:dc:f7:cd:09:75:83:68:be:93:18:0c:37:b2:
ce:45:93:93:71:a4:67:8d:4e:86:a5:83:35:7a:60:
ac:97:22:57:23:cd:bf:70:17:07:f9:fd:5b:97:d1:
5a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:18:D2:0F:35:7C:BE:78:56:2A:CA:CA:41:A6:F8:87:8C:A3:29:67
X509v3 Authority Key Identifier:
keyid:E1:B8:07:AC:2B:74:55:FB:B1:E3:16:06:8D:1D:01:71:26:0B:B1:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157DAE/61666C0ED68911E8B6811433C4F9AE02/4bgHrCt0Vfux4xYGjR0BcSYLscc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4bgHrCt0Vfux4xYGjR0BcSYLscc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DAE/61666C0ED68911E8B6811433C4F9AE02/C21FA1CE080511EAA9457C67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:cfc0:1011::/48
Signature Algorithm: sha256WithRSAEncryption
15:41:61:3f:d6:49:44:09:56:6d:44:e1:4e:46:ea:52:9e:ac:
e9:61:79:29:c4:0f:dd:89:e3:28:f1:c6:89:7b:7e:ef:28:51:
0a:7d:be:59:44:4e:dc:ba:eb:5c:64:99:26:04:59:47:c0:c2:
fd:c3:18:6a:c5:58:83:38:7f:34:ef:93:5c:41:f9:d0:d2:c8:
39:d4:f1:ba:73:0d:0f:0e:78:b6:d5:9f:44:62:52:7b:e7:63:
a7:d7:34:a9:12:ba:c6:60:2a:73:31:d5:d1:6c:d2:c5:ce:6f:
76:c2:ac:7e:85:bd:ab:e8:da:cc:71:af:61:11:57:6c:a8:57:
e3:c3:d5:87:fb:34:86:d7:3d:09:e9:de:c9:ac:ed:7f:65:64:
61:5e:78:83:f3:da:36:bf:e6:83:42:75:0c:6d:cc:bf:b7:2a:
b1:b2:69:b8:c3:e8:92:87:de:c4:97:c4:90:69:40:4c:f6:b1:
99:df:21:be:fc:e0:85:93:0d:18:47:fc:c8:9a:6e:c8:ec:e1:
4f:57:80:b8:d2:78:be:4a:91:e7:7c:f1:2a:97:9d:ee:88:78:
d3:1c:02:1a:a8:5c:82:a5:95:89:bc:45:12:fc:42:33:71:f3:
63:4f:28:5b:1d:53:3c:04:48:b3:6b:8f:79:ab:9a:18:15:cc:
0a:89:4e:1b
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICErEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEQUUxMTAvBgNVBAUTKEUxQjgwN0FDMkI3NDU1RkJCMUUzMTYwNjhEMUQwMTcx
MjYwQkIxQzcwHhcNMjQxMjA0MTcyNTA1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwOTA3MS05NDAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApxAVqURfdoSIo/lGCOeH73StO2KZevZn6zgyB2LXzfDN4lKntSU/DG8E6j3l
QklCfJyZgozizIlE7fpOjteR0N1iwB/j+oJGAOZOK7RPSd+JPFb0jc0w12e3N5rM
a/x/+NfV+FevczVNDdH3UVipi6pvMI+1S0UgcwZ57WhVMjApeMGy37ANijGzka0a
oQ5xi9iN/O2yH9IuhLbxZ0XNMVZbORkBmvfRklHWsvpbDmnTUNVRihenbYEvjGBP
FzrlPX/wy082PKmG3mHwgUP31OO30Nz3zQl1g2i+kxgMN7LORZOTcaRnjU6GpYM1
emCslyJXI82/cBcH+f1bl9FaNQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFLYY0g81
fL54VirKykGm+IeMoylnMB8GA1UdIwQYMBaAFOG4B6wrdFX7seMWBo0dAXEmC7HH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBRS82MTY2NkMwRUQ2
ODkxMUU4QjY4MTE0MzNDNEY5QUUwMi80YmdIckN0MFZmdXg0eFlHalIwQmNTWUxz
Y2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRiZ0hyQ3QwVmZ1eDR4WUdqUjBCY1NZTHNjYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEQUUvNjE2NjZDMEVENjg5MTFFOEI2ODExNDMzQzRGOUFFMDIvQzIxRkExQ0Uw
ODA1MTFFQUE5NDU3QzY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkA8/AEBEwDQYJKoZIhvcNAQELBQADggEBABVBYT/WSUQJ
Vm1E4U5G6lKerOlheSnED92J4yjxxol7fu8oUQp9vllETty661xkmSYEWUfAwv3D
GGrFWIM4fzTvk1xB+dDSyDnU8bpzDQ8OeLbVn0RiUnvnY6fXNKkSusZgKnMx1dFs
0sXOb3bCrH6Fvavo2sxxr2ERV2yoV+PD1Yf7NIbXPQnp3sms7X9lZGFeeIPz2ja/
5oNCdQxtzL+3KrGyabjD6JKH3sSXxJBpQEz2sZnfIb784IWTDRhH/Miabsjs4U9X
gLjSeL5Kked88SqXne6IeNMcAhqoXIKllYm8RRL8QjNx82NPKFsdUzwESLNrj3mr
mhgVzAqJThs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:18:31 2025 by rpki-client