Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/ABD15FF2D1D611EFB19CC087C4F9AE02.roa
File: ABD15FF2D1D611EFB19CC087C4F9AE02.roa (raw, json)
Hash identifier: ojvNUWyhXCl/X3xjKJPXeufCXxKhGd2/ZoQsUVeqb1E=
Subject key identifier: E7:AF:ED:24:5D:67:AD:8A:4A:EF:69:76:2E:63:BD:6D:29:BE:A4:6E
Certificate issuer: /CN=A91685E9/serialNumber=F698B5B47A06D5307DEC608969063074B68FF5CA
Certificate serial: 03
Authority key identifier: F6:98:B5:B4:7A:06:D5:30:7D:EC:60:89:69:06:30:74:B6:8F:F5:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9pi1tHoG1TB97GCJaQYwdLaP9co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/ABD15FF2D1D611EFB19CC087C4F9AE02.roa
Signing time: Mon 13 Jan 2025 17:49:01 +0000
ROA not before: Mon 13 Jan 2025 17:49:01 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 152565
IP address blocks: 2401:e920::/40 maxlen: 40
2401:e920:100::/40 maxlen: 40
2401:e920:200::/40 maxlen: 40
2401:e920:300::/40 maxlen: 40
2401:e920:400::/40 maxlen: 40
2401:e920:500::/40 maxlen: 40
2401:e920:600::/40 maxlen: 40
2401:e920:700::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91685E9
Validity
Not Before: Jan 13 17:49:01 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=6785520d-febd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:93:ed:16:eb:74:30:61:23:e3:42:9f:1c:33:
9c:32:75:08:33:5d:f5:dd:ed:3c:10:10:c7:0c:cd:
65:ac:13:56:89:71:39:f5:12:03:57:d2:19:cb:e2:
61:bf:2e:46:09:ce:e6:7b:3d:dd:3a:0f:6d:e3:a6:
da:94:cb:0f:f8:fb:b9:13:43:1a:78:5c:35:35:e6:
94:1a:27:93:0b:10:cb:fc:1d:72:2c:39:fa:43:16:
6e:15:02:eb:0b:44:c3:d7:b5:cb:7a:1c:d4:de:4f:
8b:f5:cf:6e:8e:7b:4e:db:b2:c6:26:a9:dd:af:c6:
c4:f2:bc:93:0c:3f:0e:61:7e:20:cc:59:6b:87:16:
1c:db:e3:09:20:3c:fb:07:ac:12:63:98:d9:9b:81:
b4:ec:9f:6e:81:87:3c:4c:c8:93:0c:46:ee:6b:b0:
af:86:99:5a:26:fd:fc:ec:25:48:be:24:c5:80:24:
59:18:a0:91:4b:0a:3b:71:aa:10:cb:6d:54:3b:b5:
b0:f5:51:00:6b:85:62:6e:1f:d5:7b:a8:e0:30:c8:
2b:c4:f5:99:fb:b5:03:bb:7f:86:c9:5b:ec:d0:f1:
63:a7:1d:fb:05:9f:af:c3:59:8a:de:e7:a7:4c:ea:
ca:61:1f:94:3b:46:bb:ac:4b:a4:3d:e5:2e:69:1d:
c4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:AF:ED:24:5D:67:AD:8A:4A:EF:69:76:2E:63:BD:6D:29:BE:A4:6E
X509v3 Authority Key Identifier:
keyid:F6:98:B5:B4:7A:06:D5:30:7D:EC:60:89:69:06:30:74:B6:8F:F5:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/9pi1tHoG1TB97GCJaQYwdLaP9co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9pi1tHoG1TB97GCJaQYwdLaP9co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/ABD15FF2D1D611EFB19CC087C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:e920::/37
Signature Algorithm: sha256WithRSAEncryption
4a:3d:63:89:79:89:5d:1a:34:4e:48:98:8e:0d:2f:4d:54:10:
90:e4:61:aa:ea:be:98:1a:e9:f4:d8:df:f6:c4:d8:2d:aa:3f:
d6:e2:2f:97:f7:fe:df:ed:8e:87:d8:b1:ad:57:c2:bf:18:4b:
2c:43:73:0b:07:46:6e:9c:78:26:29:b9:ad:16:1a:3c:95:31:
c0:78:94:67:69:a4:f6:54:e2:cf:84:75:08:ae:b1:5c:e0:66:
90:1f:95:f1:40:a3:45:74:4e:82:68:ee:67:52:7f:e6:06:f5:
6c:49:d8:6a:90:37:af:ad:35:0f:a0:7f:84:84:a9:bb:9f:d1:
3a:f4:3a:33:36:e0:1a:79:ad:ce:a3:fe:f1:4b:96:a9:8a:8c:
c8:ae:a6:cf:89:be:04:19:ac:8c:42:94:2a:ad:6e:7a:69:f1:
0e:2a:bd:b3:5f:34:a0:60:09:1c:b5:45:73:8f:2f:d2:6e:da:
08:55:c4:82:eb:11:13:37:8b:e9:85:a1:c0:8e:8e:5c:0f:e5:
5c:4b:50:28:7c:f4:39:ce:fa:0d:bc:19:fb:f8:81:14:f2:ce:
b0:7b:5b:84:a2:95:2c:d6:2c:80:bc:38:d2:73:84:2d:ab:d2:
e9:04:fc:ce:1d:e3:eb:58:32:59:dc:6b:fb:dc:28:78:89:e1:
5f:55:d1:11
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
ODVFOTExMC8GA1UEBRMoRjY5OEI1QjQ3QTA2RDUzMDdERUM2MDg5NjkwNjMwNzRC
NjhGRjVDQTAeFw0yNTAxMTMxNzQ5MDFaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODU1MjBkLWZlYmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDgk+0W63QwYSPjQp8cM5wydQgzXfXd7TwQEMcMzWWsE1aJcTn1EgNX0hnL4mG/
LkYJzuZ7Pd06D23jptqUyw/4+7kTQxp4XDU15pQaJ5MLEMv8HXIsOfpDFm4VAusL
RMPXtct6HNTeT4v1z26Oe07bssYmqd2vxsTyvJMMPw5hfiDMWWuHFhzb4wkgPPsH
rBJjmNmbgbTsn26BhzxMyJMMRu5rsK+GmVom/fzsJUi+JMWAJFkYoJFLCjtxqhDL
bVQ7tbD1UQBrhWJuH9V7qOAwyCvE9Zn7tQO7f4bJW+zQ8WOnHfsFn6/DWYre56dM
6sphH5Q7RrusS6Q95S5pHcTPAgMBAAGjggKXMIICkzAdBgNVHQ4EFgQU56/tJF1n
rYpK72l2LmO9bSm+pG4wHwYDVR0jBBgwFoAU9pi1tHoG1TB97GCJaQYwdLaP9cow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY4NUU5L0M5MjgwNDNBRDE3
NjExRUY5NUM1REU1QUM0RjlBRTAyLzlwaTF0SG9HMVRCOTdHQ0phUVl3ZExhUDlj
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOXBpMXRIb0cxVEI5N0dDSmFRWXdkTGFQOWNvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
ODVFOS9DOTI4MDQzQUQxNzYxMUVGOTVDNURFNUFDNEY5QUUwMi9BQkQxNUZGMkQx
RDYxMUVGQjE5Q0MwODdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAhBggrBgEFBQcBBwEB/wQS
MBAwDgQCAAIwCAMGAyQB6SAAMA0GCSqGSIb3DQEBCwUAA4IBAQBKPWOJeYldGjRO
SJiODS9NVBCQ5GGq6r6YGun02N/2xNgtqj/W4i+X9/7f7Y6H2LGtV8K/GEssQ3ML
B0ZunHgmKbmtFho8lTHAeJRnaaT2VOLPhHUIrrFc4GaQH5XxQKNFdE6CaO5nUn/m
BvVsSdhqkDevrTUPoH+EhKm7n9E69DozNuAaea3Oo/7xS5apiozIrqbPib4EGayM
QpQqrW56afEOKr2zXzSgYAkctUVzjy/SbtoIVcSC6xETN4vphaHAjo5cD+VcS1Ao
fPQ5zvoNvBn7+IEU8s6we1uEopUs1iyAvDjSc4Qtq9LpBPzOHePrWDJZ3Gv73Ch4
ieFfVdER
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:59:10 2025 by rpki-client