Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/8D88F6EEDC9011EFA0219858C4F9AE02.roa
File: 8D88F6EEDC9011EFA0219858C4F9AE02.roa (raw, json)
Hash identifier: jLDieWIRNg8FoWvPe6GNayNZYERhEqz23NTu1Iqy4LY=
Subject key identifier: BA:11:59:97:DE:3D:31:3F:D3:51:26:31:6B:5D:40:1F:2B:D6:48:AA
Certificate issuer: /CN=A91685E9/serialNumber=F698B5B47A06D5307DEC608969063074B68FF5CA
Certificate serial: 1A
Authority key identifier: F6:98:B5:B4:7A:06:D5:30:7D:EC:60:89:69:06:30:74:B6:8F:F5:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9pi1tHoG1TB97GCJaQYwdLaP9co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/8D88F6EEDC9011EFA0219858C4F9AE02.roa
Signing time: Mon 27 Jan 2025 10:27:26 +0000
ROA not before: Mon 27 Jan 2025 10:27:26 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 152565
IP address blocks: 2401:e920::/33 maxlen: 33
2401:e920:8000::/33 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26 (0x1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91685E9
Validity
Not Before: Jan 27 10:27:26 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67975f8e-a7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:19:6f:9c:b8:52:36:37:c0:1d:c4:51:37:f8:
a8:0a:7b:3b:07:65:31:68:99:0e:c1:27:df:54:21:
42:51:ae:50:c5:10:4a:01:6e:ce:45:24:0d:f0:bb:
96:6a:a1:34:6f:7d:5e:36:d2:32:8b:eb:9b:0c:c4:
9f:0b:6b:24:09:af:9a:6a:8f:1e:c8:1a:2e:ad:af:
86:fa:33:15:85:ec:31:da:b3:79:3a:82:db:9a:2c:
63:7c:8a:4b:3a:85:66:24:8e:8b:7d:4c:62:2f:7e:
af:c0:61:91:03:d3:00:b1:b7:fb:cc:32:b3:f9:a4:
b4:e2:b9:2f:01:ad:39:de:24:2e:25:23:ba:38:33:
c8:65:da:05:a9:9a:36:58:e3:cb:78:d0:77:1a:46:
c6:1e:5f:6f:dd:d1:d2:5b:6e:84:d0:10:b0:d8:e4:
c2:2d:79:a3:4b:30:82:95:d7:36:7c:79:35:26:ca:
fc:1a:6b:8b:d0:1b:25:4d:30:db:6a:81:95:f2:58:
01:d8:af:1a:e6:25:62:f6:f8:70:d5:8c:59:8f:5d:
be:e9:a3:e0:90:b9:0a:89:00:0c:ec:23:f0:77:a8:
63:1f:1a:a0:60:d5:70:17:30:cc:7f:96:20:11:3e:
ba:b8:ba:9e:72:ac:7c:f4:f2:bf:01:f9:f9:6f:c4:
b9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:11:59:97:DE:3D:31:3F:D3:51:26:31:6B:5D:40:1F:2B:D6:48:AA
X509v3 Authority Key Identifier:
keyid:F6:98:B5:B4:7A:06:D5:30:7D:EC:60:89:69:06:30:74:B6:8F:F5:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/9pi1tHoG1TB97GCJaQYwdLaP9co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9pi1tHoG1TB97GCJaQYwdLaP9co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/8D88F6EEDC9011EFA0219858C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:e920::/32
Signature Algorithm: sha256WithRSAEncryption
34:ff:20:98:20:72:51:2d:55:ed:36:cb:c2:2c:55:5f:dc:13:
78:e9:a2:0e:c2:f9:33:38:19:43:9a:a3:c4:06:d1:30:20:ba:
55:22:64:37:b2:e5:a5:ed:d0:27:d6:b9:db:9e:2f:d3:47:a9:
a8:fa:d5:6a:92:bb:dd:01:f7:10:fa:82:93:35:06:b9:00:83:
32:2c:53:81:d7:35:cc:af:f1:6c:64:28:bd:44:96:4f:80:a5:
a9:a3:fd:a7:b9:63:00:5c:b9:ca:5c:14:d4:b6:fe:51:1d:83:
3f:64:e2:4e:99:a0:d3:12:b7:33:e6:db:b8:e0:03:ca:8e:a9:
28:3b:9a:e4:f4:4f:a0:ca:6f:4a:ed:60:27:d2:28:1b:21:7b:
fe:4d:35:a8:c9:77:ce:ef:4d:d1:41:13:48:4d:dd:f9:09:6f:
0e:86:f7:54:df:f8:0f:36:5e:89:d9:80:0a:ca:ec:dd:00:ca:
c5:a9:69:c3:70:c5:8d:dd:3d:41:6e:86:0e:fc:05:1e:35:ab:
7f:94:da:51:8a:a9:c9:51:41:bc:1a:ce:52:00:a7:9e:00:ab:
40:d2:ef:ac:ea:20:d3:5f:ef:1f:d9:1c:90:55:dd:2a:a3:5d:
ea:fc:45:59:52:66:66:dd:d7:3b:1a:0b:88:8a:34:93:3e:be:
18:95:2d:7f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBGjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
ODVFOTExMC8GA1UEBRMoRjY5OEI1QjQ3QTA2RDUzMDdERUM2MDg5NjkwNjMwNzRC
NjhGRjVDQTAeFw0yNTAxMjcxMDI3MjZaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OTc1ZjhlLWE3ZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGGW+cuFI2N8AdxFE3+KgKezsHZTFomQ7BJ99UIUJRrlDFEEoBbs5FJA3wu5Zq
oTRvfV420jKL65sMxJ8LayQJr5pqjx7IGi6tr4b6MxWF7DHas3k6gtuaLGN8iks6
hWYkjot9TGIvfq/AYZED0wCxt/vMMrP5pLTiuS8BrTneJC4lI7o4M8hl2gWpmjZY
48t40HcaRsYeX2/d0dJbboTQELDY5MIteaNLMIKV1zZ8eTUmyvwaa4vQGyVNMNtq
gZXyWAHYrxrmJWL2+HDVjFmPXb7po+CQuQqJAAzsI/B3qGMfGqBg1XAXMMx/liAR
Prq4up5yrHz08r8B+flvxLk1AgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUuhFZl949
MT/TUSYxa11AHyvWSKowHwYDVR0jBBgwFoAU9pi1tHoG1TB97GCJaQYwdLaP9cow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY4NUU5L0M5MjgwNDNBRDE3
NjExRUY5NUM1REU1QUM0RjlBRTAyLzlwaTF0SG9HMVRCOTdHQ0phUVl3ZExhUDlj
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOXBpMXRIb0cxVEI5N0dDSmFRWXdkTGFQOWNvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
ODVFOS9DOTI4MDQzQUQxNzYxMUVGOTVDNURFNUFDNEY5QUUwMi84RDg4RjZFRURD
OTAxMUVGQTAyMTk4NThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQB6SAwDQYJKoZIhvcNAQELBQADggEBADT/IJggclEtVe02
y8IsVV/cE3jpog7C+TM4GUOao8QG0TAgulUiZDey5aXt0CfWudueL9NHqaj61WqS
u90B9xD6gpM1BrkAgzIsU4HXNcyv8WxkKL1Elk+Apamj/ae5YwBcucpcFNS2/lEd
gz9k4k6ZoNMStzPm27jgA8qOqSg7muT0T6DKb0rtYCfSKBshe/5NNajJd87vTdFB
E0hN3fkJbw6G91Tf+A82XonZgArK7N0AysWpacNwxY3dPUFuhg78BR41q3+U2lGK
qclRQbwazlIAp54Aq0DS76zqINNf7x/ZHJBV3SqjXer8RVlSZmbd1zsaC4iKNJM+
vhiVLX8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:23:21 2025 by rpki-client