Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/E02718B0FB7E11EFA25DF775C4F9AE02.roa
File: E02718B0FB7E11EFA25DF775C4F9AE02.roa (raw, json)
Hash identifier: Rbebv7a/3bjYuOYYlHIXr662xadEzX5etaY1VAtT19Q=
Subject key identifier: DB:BE:41:07:14:E2:FC:37:34:82:B2:26:A5:D5:61:C1:58:BA:AC:57
Certificate issuer: /CN=A9166C39/serialNumber=07E051B41ED82E3F53BF59AA84DD9ACA20CFB54C
Certificate serial: 0899
Authority key identifier: 07:E0:51:B4:1E:D8:2E:3F:53:BF:59:AA:84:DD:9A:CA:20:CF:B5:4C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/E02718B0FB7E11EFA25DF775C4F9AE02.roa
Signing time: Fri 07 Mar 2025 18:06:22 +0000
ROA not before: Fri 07 Mar 2025 18:06:21 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 993
IP address blocks: 2001:df4:d80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2201 (0x899)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9166C39
Validity
Not Before: Mar 7 18:06:21 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67cb359d-6a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:13:df:8a:60:b1:6b:15:b9:43:04:64:d3:e4:
dd:08:45:9a:9d:0b:b1:6e:14:d4:fb:7c:70:94:32:
24:68:fd:1b:13:11:5f:6d:4f:8f:59:32:e4:c6:53:
20:9e:1a:20:a1:2d:87:f6:bb:28:1c:95:45:f7:f1:
25:71:9c:05:d4:cd:3a:f6:5c:1f:cc:8e:af:4e:97:
76:a7:18:c8:1b:3f:ae:38:8a:55:78:90:cf:69:26:
32:1b:b1:ac:3e:df:ca:c5:51:1a:b7:56:8a:fb:b8:
bb:a6:b9:62:f4:6c:58:fa:67:a1:f3:b3:e8:70:37:
00:24:9e:f9:43:3f:80:da:4c:38:c5:56:d9:b0:9d:
a4:65:87:fa:fc:91:d8:1d:a3:8d:ed:74:29:fe:b8:
0b:87:f6:27:94:30:ec:0a:2a:ba:58:c6:80:68:84:
eb:68:56:f2:af:9a:75:b7:6f:17:38:50:9b:dd:31:
22:46:69:f1:7b:8a:12:15:9c:60:e7:ac:0d:f3:cd:
4f:e1:6a:a2:60:47:0e:ec:b1:51:3b:db:f3:51:79:
ff:42:f7:77:e5:9c:26:09:5d:64:7f:01:b6:b6:9f:
73:6b:19:b8:63:49:18:bf:44:64:60:58:5e:49:52:
4e:09:5a:70:d2:61:95:f9:27:9d:bd:1c:a4:9f:96:
06:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:BE:41:07:14:E2:FC:37:34:82:B2:26:A5:D5:61:C1:58:BA:AC:57
X509v3 Authority Key Identifier:
keyid:07:E0:51:B4:1E:D8:2E:3F:53:BF:59:AA:84:DD:9A:CA:20:CF:B5:4C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/E02718B0FB7E11EFA25DF775C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:d80::/48
Signature Algorithm: sha256WithRSAEncryption
1a:89:ab:34:d1:70:a6:c4:bd:39:8a:0f:7a:02:04:e8:0b:23:
cc:05:81:18:2c:24:64:d4:6f:34:5f:d1:a3:56:c9:7a:58:6d:
a2:e0:9e:e5:04:dc:95:85:ad:f1:10:b9:e7:38:41:71:3f:0c:
b6:27:71:65:a6:76:75:67:fe:69:cc:97:ae:19:f3:a6:6b:fc:
37:ed:eb:b1:cd:3f:7a:97:e5:7a:09:b1:5d:ce:0d:89:33:93:
6f:2e:ae:b9:b6:de:09:51:8e:85:98:89:78:4e:d9:01:ad:84:
dd:e9:5b:48:79:d6:1c:bd:66:cb:10:38:b4:ed:51:92:f2:ad:
64:6f:63:42:7b:10:14:0d:06:95:c0:04:d9:3a:5e:69:ec:61:
2f:8e:e7:f5:90:48:a2:a0:a8:38:a3:43:e0:16:3f:68:de:71:
0d:08:cb:66:18:36:96:d8:b6:3b:c3:66:b4:6e:24:8f:91:43:
22:46:38:1c:cb:77:7c:73:ce:9b:0a:b3:be:45:2f:28:8f:7e:
cd:a4:38:bf:6d:b8:f2:ab:ab:50:f7:a9:96:bb:3d:5d:1b:83:
8c:a9:c3:a1:c9:6e:ed:8f:24:4e:34:f2:37:68:c7:21:4c:ad:
62:19:9b:d7:cf:4c:4a:67:74:c3:ee:1c:17:c5:96:53:d4:c1:
0e:85:2f:71
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICCJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjZDMzkxMTAvBgNVBAUTKDA3RTA1MUI0MUVEODJFM0Y1M0JGNTlBQTg0REQ5QUNB
MjBDRkI1NEMwHhcNMjUwMzA3MTgwNjIxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NiMzU5ZC02YTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxhPfimCxaxW5QwRk0+TdCEWanQuxbhTU+3xwlDIkaP0bExFfbU+PWTLkxlMg
nhogoS2H9rsoHJVF9/ElcZwF1M069lwfzI6vTpd2pxjIGz+uOIpVeJDPaSYyG7Gs
Pt/KxVEat1aK+7i7prli9GxY+meh87PocDcAJJ75Qz+A2kw4xVbZsJ2kZYf6/JHY
HaON7XQp/rgLh/YnlDDsCiq6WMaAaITraFbyr5p1t28XOFCb3TEiRmnxe4oSFZxg
56wN881P4WqiYEcO7LFRO9vzUXn/Qvd35ZwmCV1kfwG2tp9zaxm4Y0kYv0RkYFhe
SVJOCVpw0mGV+SedvRykn5YG6QIDAQABo4ICmDCCApQwHQYDVR0OBBYEFNu+QQcU
4vw3NIKyJqXVYcFYuqxXMB8GA1UdIwQYMBaAFAfgUbQe2C4/U79ZqoTdmsogz7VM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkMzOS8yN0VFQ0ZEMEJC
OTcxMUVBQTFBNjZDNTNDNEY5QUUwMi9CLUJSdEI3WUxqOVR2MW1xaE4yYXlpRFB0
VXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ItQlJ0QjdZTGo5VHYxbXFoTjJheWlEUHRVdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjZDMzkvMjdFRUNGRDBCQjk3MTFFQUExQTY2QzUzQzRGOUFFMDIvRTAyNzE4QjBG
QjdFMTFFRkEyNURGNzc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ30DYAwDQYJKoZIhvcNAQELBQADggEBABqJqzTRcKbE
vTmKD3oCBOgLI8wFgRgsJGTUbzRf0aNWyXpYbaLgnuUE3JWFrfEQuec4QXE/DLYn
cWWmdnVn/mnMl64Z86Zr/Dft67HNP3qX5XoJsV3ODYkzk28urrm23glRjoWYiXhO
2QGthN3pW0h51hy9ZssQOLTtUZLyrWRvY0J7EBQNBpXABNk6XmnsYS+O5/WQSKKg
qDijQ+AWP2jecQ0Iy2YYNpbYtjvDZrRuJI+RQyJGOBzLd3xzzpsKs75FLyiPfs2k
OL9tuPKrq1D3qZa7PV0bg4ypw6HJbu2PJE408jdoxyFMrWIZm9fPTEpndMPuHBfF
llPUwQ6FL3E=
-----END CERTIFICATE-----
Generated at Fri Apr 11 15:59:47 2025 by rpki-client