Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/793803867DEA11EC9FC67D66C4F9AE02.roa
File: 793803867DEA11EC9FC67D66C4F9AE02.roa (raw, json)
Hash identifier: vRD5gvetOl4M72g0Ox/17wn2gRRkZ+MKIO7MmLjvLgg=
Subject key identifier: 23:AA:D7:0C:D0:30:38:3F:47:B1:61:55:53:3B:8F:6C:6B:23:F0:52
Certificate issuer: /CN=A9170E11/serialNumber=3D6447D7297483294ECECB853A5E500935D1B8D7
Certificate serial: 0431
Authority key identifier: 3D:64:47:D7:29:74:83:29:4E:CE:CB:85:3A:5E:50:09:35:D1:B8:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/793803867DEA11EC9FC67D66C4F9AE02.roa
Signing time: Wed 15 Jan 2025 00:03:28 +0000
ROA not before: Wed 15 Jan 2025 00:03:28 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 45671
IP address blocks: 2400:3e20:1000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1073 (0x431)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170E11
Validity
Not Before: Jan 15 00:03:28 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6786fb50-58b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fe:88:9e:58:b6:80:cb:29:71:b1:09:a1:46:
b0:77:1d:7a:24:04:74:44:b4:7e:ba:a9:d3:21:1d:
48:3f:bc:ae:cb:6d:eb:ad:3d:af:36:20:02:39:93:
32:31:1c:6e:fa:56:4b:18:df:4a:de:25:b1:e4:73:
af:9a:c8:cc:13:21:b3:d1:22:91:e7:68:37:3c:a4:
9f:77:99:62:50:fc:69:fe:16:93:89:36:de:8d:cc:
da:cf:f9:30:b3:28:f1:c3:f8:ed:21:4b:df:94:b5:
2a:2c:0c:44:0b:a0:80:17:04:7c:6a:33:2e:ea:52:
97:0b:52:18:82:18:8b:8c:c7:f3:16:e5:df:3c:9a:
04:5c:f3:d1:b9:66:6d:aa:c1:8a:96:73:a8:bc:13:
e1:50:c8:5d:3d:cd:c8:8d:0a:70:1e:cb:df:98:57:
e8:45:05:2b:59:b2:5c:e8:44:a6:14:bc:a9:45:18:
59:e7:47:6d:e9:34:eb:b6:af:9f:53:6e:0b:a7:37:
33:72:6a:3a:07:73:a2:69:6d:e3:5d:16:71:ff:45:
41:86:d8:63:3b:9c:a8:b7:bb:ed:cd:26:63:c3:00:
4d:a9:08:8c:ae:27:d5:b1:ff:43:df:d9:0a:ed:0d:
e8:75:dd:bf:ef:ec:0b:d9:5e:d0:55:a7:63:fd:1d:
dc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:AA:D7:0C:D0:30:38:3F:47:B1:61:55:53:3B:8F:6C:6B:23:F0:52
X509v3 Authority Key Identifier:
keyid:3D:64:47:D7:29:74:83:29:4E:CE:CB:85:3A:5E:50:09:35:D1:B8:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/PWRH1yl0gylOzsuFOl5QCTXRuNc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/793803867DEA11EC9FC67D66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:3e20:1000::/36
Signature Algorithm: sha256WithRSAEncryption
ac:0d:5e:f7:04:5b:03:61:d3:85:39:41:1a:ce:16:0e:b9:25:
0f:3c:32:e3:1d:79:84:01:d8:c9:b5:65:e0:25:f2:1f:51:60:
a5:9d:2e:1a:61:e8:63:51:c7:0a:1b:7d:c3:47:cd:e8:8c:02:
57:03:90:44:7a:dd:99:b3:91:78:45:08:91:e6:e3:db:57:ca:
75:0d:6d:0f:7f:bd:29:58:e8:e1:89:cf:9f:58:52:b3:5e:da:
73:aa:73:8a:61:a3:8e:84:68:ff:1b:d2:f6:13:56:88:9b:d1:
12:24:ed:36:b1:a9:54:0d:a4:70:9d:f2:c8:3c:02:48:09:27:
51:4b:7f:97:84:77:96:64:5d:0f:c7:ec:5c:61:a7:c7:d5:ab:
6a:9a:45:bd:75:f6:e6:f1:a0:8b:98:b5:9e:2c:6a:bf:5d:79:
51:bf:0a:f9:ef:f7:4e:85:0e:bb:b6:fd:c3:85:f4:50:84:a8:
cb:87:3e:87:e9:48:e6:fd:ad:e6:c8:da:a6:3c:cc:70:8c:53:
e9:38:2e:01:57:d2:b1:b7:d1:94:85:d9:29:25:7b:81:f2:37:
b7:50:35:57:5a:f2:4b:8d:90:84:51:9d:47:ab:70:db:8a:76:
55:44:3f:9d:33:a3:38:f6:a7:e9:b3:b0:39:5a:34:c5:b5:fb:
a8:f3:02:23
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICBDEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzBFMTExMTAvBgNVBAUTKDNENjQ0N0Q3Mjk3NDgzMjk0RUNFQ0I4NTNBNUU1MDA5
MzVEMUI4RDcwHhcNMjUwMTE1MDAwMzI4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2ZmI1MC01OGI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2v6Inli2gMspcbEJoUawdx16JAR0RLR+uqnTIR1IP7yuy23rrT2vNiACOZMy
MRxu+lZLGN9K3iWx5HOvmsjMEyGz0SKR52g3PKSfd5liUPxp/haTiTbejczaz/kw
syjxw/jtIUvflLUqLAxEC6CAFwR8ajMu6lKXC1IYghiLjMfzFuXfPJoEXPPRuWZt
qsGKlnOovBPhUMhdPc3IjQpwHsvfmFfoRQUrWbJc6ESmFLypRRhZ50dt6TTrtq+f
U24Lpzczcmo6B3OiaW3jXRZx/0VBhthjO5yot7vtzSZjwwBNqQiMrifVsf9D39kK
7Q3odd2/7+wL2V7QVadj/R3cfwIDAQABo4IClzCCApMwHQYDVR0OBBYEFCOq1wzQ
MDg/R7FhVVM7j2xrI/BSMB8GA1UdIwQYMBaAFD1kR9cpdIMpTs7LhTpeUAk10bjX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEUxMS9EMDYwQzlCMjVC
RDYxMUVDQUQ4MzM2NTFDNEY5QUUwMi9QV1JIMXlsMGd5bE96c3VGT2w1UUNUWFJ1
TmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BXUkgxeWwwZ3lsT3pzdUZPbDVRQ1RYUnVOYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzBFMTEvRDA2MEM5QjI1QkQ2MTFFQ0FEODMzNjUxQzRGOUFFMDIvNzkzODAzODY3
REVBMTFFQzlGQzY3RDY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgQkAD4gEDANBgkqhkiG9w0BAQsFAAOCAQEArA1e9wRbA2HT
hTlBGs4WDrklDzwy4x15hAHYybVl4CXyH1FgpZ0uGmHoY1HHCht9w0fN6IwCVwOQ
RHrdmbOReEUIkebj21fKdQ1tD3+9KVjo4YnPn1hSs17ac6pzimGjjoRo/xvS9hNW
iJvREiTtNrGpVA2kcJ3yyDwCSAknUUt/l4R3lmRdD8fsXGGnx9WrappFvXX25vGg
i5i1nixqv115Ub8K+e/3ToUOu7b9w4X0UISoy4c+h+lI5v2t5sjapjzMcIxT6Tgu
AVfSsbfRlIXZKSV7gfI3t1A1V1ryS42QhFGdR6tw24p2VUQ/nTOjOPan6bOwOVo0
xbX7qPMCIw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:19:14 2025 by rpki-client