Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DAE/61666C0ED68911E8B6811433C4F9AE02/FDB29514452511E98F23AE4FC4F9AE02.roa
File: FDB29514452511E98F23AE4FC4F9AE02.roa (raw, json)
Hash identifier: pyXuQQMaaHpRKrd64JzrpDvcZINK8BGOr87BtX8mKCw=
Subject key identifier: 74:FD:9B:FB:3D:07:90:AB:7A:66:5E:49:3F:D6:79:15:15:EE:33:1A
Certificate issuer: /CN=A9157DAE/serialNumber=E1B807AC2B7455FBB1E316068D1D0171260BB1C7
Certificate serial: 12AF
Authority key identifier: E1:B8:07:AC:2B:74:55:FB:B1:E3:16:06:8D:1D:01:71:26:0B:B1:C7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4bgHrCt0Vfux4xYGjR0BcSYLscc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157DAE/61666C0ED68911E8B6811433C4F9AE02/FDB29514452511E98F23AE4FC4F9AE02.roa
Signing time: Wed 04 Dec 2024 17:25:02 +0000
ROA not before: Wed 04 Dec 2024 17:25:02 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 137937
IP address blocks: 2403:cfc0:1003::/48 maxlen: 48
2403:cfc0:100d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4783 (0x12af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157DAE
Validity
Not Before: Dec 4 17:25:02 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6750906e-9c69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:16:a8:c4:b9:de:28:f0:d5:b6:93:dd:e7:a3:
d9:ab:c4:f3:76:71:b4:60:81:64:4a:b0:92:47:99:
94:07:d7:b8:c7:34:83:4d:d3:5e:e3:bf:91:61:c1:
fd:e7:0c:c4:b6:82:76:7e:24:bb:16:58:32:47:94:
77:3a:9f:b2:29:df:f1:5f:4f:13:68:f2:6b:60:84:
bf:c4:8f:5c:18:f1:34:bb:6b:f7:9c:d2:05:90:d9:
3c:e8:f7:68:6c:92:a7:7f:08:e9:5e:73:51:99:42:
7a:88:fb:a4:2b:01:66:fd:68:cf:be:23:a9:f4:11:
f7:ad:67:7e:d6:0e:e3:22:b8:70:f7:52:5e:1e:d0:
4c:40:fe:3b:41:c6:bd:b8:da:a7:d3:8e:e1:07:67:
90:18:4a:58:17:b8:04:80:e3:b4:30:12:e5:9b:5b:
11:33:8d:b3:af:8e:03:c9:57:44:6c:78:fe:e2:ce:
91:ec:ea:e8:04:7f:45:cf:b9:cf:a1:07:ee:b5:1b:
53:8c:f7:8e:79:93:4b:38:36:c7:bd:74:25:1b:83:
06:8d:4b:a5:d9:04:f2:a1:48:6a:8f:61:65:75:05:
f9:2b:d8:7f:bd:ec:3d:7d:a1:ff:fa:6e:8c:63:7d:
86:ce:6e:d3:3a:e7:c9:af:63:40:40:06:82:27:96:
e9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:FD:9B:FB:3D:07:90:AB:7A:66:5E:49:3F:D6:79:15:15:EE:33:1A
X509v3 Authority Key Identifier:
keyid:E1:B8:07:AC:2B:74:55:FB:B1:E3:16:06:8D:1D:01:71:26:0B:B1:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157DAE/61666C0ED68911E8B6811433C4F9AE02/4bgHrCt0Vfux4xYGjR0BcSYLscc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4bgHrCt0Vfux4xYGjR0BcSYLscc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DAE/61666C0ED68911E8B6811433C4F9AE02/FDB29514452511E98F23AE4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:cfc0:1003::/48
2403:cfc0:100d::/48
Signature Algorithm: sha256WithRSAEncryption
50:9e:9d:50:22:13:65:7d:7d:2e:99:0f:1a:e9:05:95:51:cc:
76:a9:b7:17:2b:10:7e:49:cb:64:b9:ec:41:72:e6:05:07:13:
40:06:54:9f:ce:f5:56:67:3d:c5:ec:14:89:27:24:da:e1:9c:
bd:bf:fb:c0:80:16:36:ee:dc:44:6e:85:4d:5a:85:2a:a5:07:
78:80:ef:c4:d0:29:9b:46:0d:f1:33:a7:db:a2:ce:0a:08:72:
af:69:76:c9:00:e1:50:3f:ae:57:4e:9e:51:37:dd:f9:fe:07:
70:f0:88:4d:ce:e4:d9:16:9d:43:fd:77:16:a8:34:43:a1:12:
4f:b4:7e:ca:be:46:dd:77:2d:e5:1c:bf:fc:0b:1c:d7:88:02:
5e:73:be:97:53:f3:3e:bb:64:ca:2b:6c:11:88:94:cf:ee:35:
55:d8:df:a2:70:a4:59:f6:66:07:b5:9a:85:ae:63:26:7e:d7:
79:13:9f:b1:c2:1d:e6:e2:3a:fc:63:22:63:51:13:92:6c:3b:
25:0f:98:e1:4a:a7:a9:57:11:ee:7f:39:57:e5:33:f9:41:c0:
03:13:2a:79:b4:b6:e2:aa:15:aa:4c:60:80:93:cb:79:fe:08:
d5:bc:5c:70:0c:60:b8:bb:80:16:14:d8:7e:8b:6e:1c:3b:12:
ac:56:88:c2
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICEq8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEQUUxMTAvBgNVBAUTKEUxQjgwN0FDMkI3NDU1RkJCMUUzMTYwNjhEMUQwMTcx
MjYwQkIxQzcwHhcNMjQxMjA0MTcyNTAyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwOTA2ZS05YzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1BaoxLneKPDVtpPd56PZq8TzdnG0YIFkSrCSR5mUB9e4xzSDTdNe47+RYcH9
5wzEtoJ2fiS7FlgyR5R3Op+yKd/xX08TaPJrYIS/xI9cGPE0u2v3nNIFkNk86Pdo
bJKnfwjpXnNRmUJ6iPukKwFm/WjPviOp9BH3rWd+1g7jIrhw91JeHtBMQP47Qca9
uNqn047hB2eQGEpYF7gEgOO0MBLlm1sRM42zr44DyVdEbHj+4s6R7OroBH9Fz7nP
oQfutRtTjPeOeZNLODbHvXQlG4MGjUul2QTyoUhqj2FldQX5K9h/vew9faH/+m6M
Y32Gzm7TOufJr2NAQAaCJ5bpbQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFHT9m/s9
B5CremZeST/WeRUV7jMaMB8GA1UdIwQYMBaAFOG4B6wrdFX7seMWBo0dAXEmC7HH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBRS82MTY2NkMwRUQ2
ODkxMUU4QjY4MTE0MzNDNEY5QUUwMi80YmdIckN0MFZmdXg0eFlHalIwQmNTWUxz
Y2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRiZ0hyQ3QwVmZ1eDR4WUdqUjBCY1NZTHNjYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEQUUvNjE2NjZDMEVENjg5MTFFOEI2ODExNDMzQzRGOUFFMDIvRkRCMjk1MTQ0
NTI1MTFFOThGMjNBRTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwAkA8/AEAMDBwAkA8/AEA0wDQYJKoZIhvcNAQELBQADggEB
AFCenVAiE2V9fS6ZDxrpBZVRzHaptxcrEH5Jy2S57EFy5gUHE0AGVJ/O9VZnPcXs
FIknJNrhnL2/+8CAFjbu3ERuhU1ahSqlB3iA78TQKZtGDfEzp9uizgoIcq9pdskA
4VA/rldOnlE33fn+B3DwiE3O5NkWnUP9dxaoNEOhEk+0fsq+Rt13LeUcv/wLHNeI
Al5zvpdT8z67ZMorbBGIlM/uNVXY36JwpFn2Zge1moWuYyZ+13kTn7HCHebiOvxj
ImNRE5JsOyUPmOFKp6lXEe5/OVflM/lBwAMTKnm0tuKqFapMYICTy3n+CNW8XHAM
YLi7gBYU2H6Lbhw7EqxWiMI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:12:38 2025 by rpki-client