Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170982/D8B68696AC1311ECB776B209C4F9AE02/2B2CF35A35A411ED89F95974C4F9AE02.roa
File: 2B2CF35A35A411ED89F95974C4F9AE02.roa (raw, json)
Hash identifier: BfZYjuf+MTJqrBceGA5aBPWPAbWyAIIKEVtel+HzA+s=
Subject key identifier: D8:DB:14:1C:8A:20:CE:59:9B:23:93:2D:BF:E7:87:1B:1E:47:B9:C8
Certificate issuer: /CN=A9170982/serialNumber=E621469CD5A578F947AB47EB0ECE88939B87EBFB
Certificate serial: 034E
Authority key identifier: E6:21:46:9C:D5:A5:78:F9:47:AB:47:EB:0E:CE:88:93:9B:87:EB:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5iFGnNWlePlHq0frDs6Ik5uH6_s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170982/D8B68696AC1311ECB776B209C4F9AE02/2B2CF35A35A411ED89F95974C4F9AE02.roa
Signing time: Thu 05 Dec 2024 00:54:12 +0000
ROA not before: Thu 05 Dec 2024 00:54:12 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 397182
IP address blocks: 2406:9f01::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 846 (0x34e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170982
Validity
Not Before: Dec 5 00:54:12 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6750f9b4-8f58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:08:e9:43:cb:51:90:9f:1d:ad:3c:9c:0f:e8:
28:58:ee:df:0a:36:ed:81:79:60:62:29:36:35:6b:
06:2f:e7:bf:8c:6f:88:b5:a2:67:e2:fc:12:9c:7e:
3c:01:5e:ad:95:0a:50:3a:9a:b0:c1:cd:a5:ba:db:
40:68:93:53:db:b3:1c:84:9c:78:16:c3:8f:67:01:
a9:00:9d:4c:1f:a1:62:e2:d9:4e:e1:f5:cd:2f:9c:
ec:1e:75:d7:8b:f7:30:de:a6:2e:d3:30:3f:56:a7:
05:92:c1:ae:1a:65:86:ae:9c:4e:c9:8d:a6:37:e9:
97:39:35:f9:2a:07:0f:f0:37:7a:c5:43:f5:7a:7d:
f2:42:1f:bf:6e:c9:ed:96:c7:5d:ce:04:fb:85:f2:
2a:cd:ba:f0:da:fc:39:e2:0f:24:50:31:13:59:b9:
96:5d:db:9b:0d:c4:42:01:7c:5f:8a:95:45:60:1d:
61:19:46:fe:b1:d0:6c:47:09:4b:a7:e4:40:34:ac:
8a:7f:ae:dc:a9:4a:a3:b1:07:e9:05:bb:97:be:a0:
61:bb:c4:85:42:c2:a3:3d:d1:04:a5:b1:e6:0b:49:
65:27:03:e3:6d:1e:a1:ab:b6:76:76:ca:96:2c:00:
68:52:7e:2f:5a:15:c0:2a:50:ae:07:5e:37:bc:62:
ee:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DB:14:1C:8A:20:CE:59:9B:23:93:2D:BF:E7:87:1B:1E:47:B9:C8
X509v3 Authority Key Identifier:
keyid:E6:21:46:9C:D5:A5:78:F9:47:AB:47:EB:0E:CE:88:93:9B:87:EB:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170982/D8B68696AC1311ECB776B209C4F9AE02/5iFGnNWlePlHq0frDs6Ik5uH6_s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5iFGnNWlePlHq0frDs6Ik5uH6_s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170982/D8B68696AC1311ECB776B209C4F9AE02/2B2CF35A35A411ED89F95974C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:9f01::/32
Signature Algorithm: sha256WithRSAEncryption
44:80:b8:cb:f7:1f:6c:b3:78:55:e2:88:7c:c5:ef:d4:5b:a2:
26:f4:a6:14:c8:d7:23:36:60:63:8c:b2:2e:5d:52:6d:d4:ce:
d3:d1:04:7f:c9:9c:a7:d1:45:e7:38:ad:c2:e7:62:e2:52:d2:
6d:dd:7f:64:45:48:e0:d9:9d:09:1c:92:be:f3:89:4d:61:09:
fa:5e:cb:89:b6:05:5e:0c:5d:12:f3:d0:d3:df:f2:37:eb:ff:
5e:d6:08:ef:da:6a:b9:22:e1:d6:87:c6:c2:54:39:25:f7:bb:
74:fc:3c:d0:e8:8c:84:a9:66:de:4b:17:92:3f:f6:d0:53:dc:
a9:09:a6:a4:65:7b:ac:90:56:a4:da:4e:10:3d:53:b3:42:3d:
8d:5b:6e:a6:75:33:f3:a2:b2:5f:59:ed:11:54:a9:5c:4d:e3:
ca:c1:89:d0:16:2e:c2:66:9b:56:8a:55:f1:42:eb:4a:62:55:
44:05:f7:e6:05:ec:37:48:aa:ae:4d:fc:cf:6c:36:73:20:e7:
d4:9e:9e:7a:c5:1e:91:a6:16:db:4d:8d:8f:d6:69:37:f7:0e:
c0:2b:cd:42:c4:ee:71:04:3d:51:7a:8f:b1:a3:5e:af:63:ea:
ae:34:b4:d2:9f:fc:a1:07:81:a8:d8:ce:e8:75:ea:f8:73:b8:
f1:b8:50:90
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICA04wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzA5ODIxMTAvBgNVBAUTKEU2MjE0NjlDRDVBNTc4Rjk0N0FCNDdFQjBFQ0U4ODkz
OUI4N0VCRkIwHhcNMjQxMjA1MDA1NDEyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwZjliNC04ZjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5AjpQ8tRkJ8drTycD+goWO7fCjbtgXlgYik2NWsGL+e/jG+ItaJn4vwSnH48
AV6tlQpQOpqwwc2luttAaJNT27MchJx4FsOPZwGpAJ1MH6Fi4tlO4fXNL5zsHnXX
i/cw3qYu0zA/VqcFksGuGmWGrpxOyY2mN+mXOTX5KgcP8Dd6xUP1en3yQh+/bsnt
lsddzgT7hfIqzbrw2vw54g8kUDETWbmWXdubDcRCAXxfipVFYB1hGUb+sdBsRwlL
p+RANKyKf67cqUqjsQfpBbuXvqBhu8SFQsKjPdEEpbHmC0llJwPjbR6hq7Z2dsqW
LABoUn4vWhXAKlCuB143vGLuBQIDAQABo4ICljCCApIwHQYDVR0OBBYEFNjbFByK
IM5ZmyOTLb/nhxseR7nIMB8GA1UdIwQYMBaAFOYhRpzVpXj5R6tH6w7OiJObh+v7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDk4Mi9EOEI2ODY5NkFD
MTMxMUVDQjc3NkIyMDlDNEY5QUUwMi81aUZHbk5XbGVQbEhxMGZyRHM2SWs1dUg2
X3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVpRkduTldsZVBsSHEwZnJEczZJazV1SDZfcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzA5ODIvRDhCNjg2OTZBQzEzMTFFQ0I3NzZCMjA5QzRGOUFFMDIvMkIyQ0YzNUEz
NUE0MTFFRDg5Rjk1OTc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkBp8BMA0GCSqGSIb3DQEBCwUAA4IBAQBEgLjL9x9ss3hV
4oh8xe/UW6Im9KYUyNcjNmBjjLIuXVJt1M7T0QR/yZyn0UXnOK3C52LiUtJt3X9k
RUjg2Z0JHJK+84lNYQn6XsuJtgVeDF0S89DT3/I36/9e1gjv2mq5IuHWh8bCVDkl
97t0/DzQ6IyEqWbeSxeSP/bQU9ypCaakZXuskFak2k4QPVOzQj2NW26mdTPzorJf
We0RVKlcTePKwYnQFi7CZptWilXxQutKYlVEBffmBew3SKquTfzPbDZzIOfUnp56
xR6RphbbTY2P1mk39w7AK81CxO5xBD1Reo+xo16vY+quNLTSn/yhB4Go2M7oder4
c7jxuFCQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:12:20 2025 by rpki-client