Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/854D304E0C9B11EC8433FE7AC4F9AE02.roa
File: 854D304E0C9B11EC8433FE7AC4F9AE02.roa (raw, json)
Hash identifier: pak3Iy8E0gYpnvDkmWBebcI4LeVYUCjbRqic1+nKIXc=
Subject key identifier: 86:77:5A:A8:10:4B:42:D5:C0:15:7E:E6:13:42:4F:8F:46:79:26:C1
Certificate issuer: /CN=A9172D91/serialNumber=E2EDE4A7EA972668A795B27BA9DC87F4B90DA897
Certificate serial: 1599
Authority key identifier: E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/854D304E0C9B11EC8433FE7AC4F9AE02.roa
Signing time: Fri 12 Jul 2024 17:25:17 +0000
ROA not before: Fri 12 Jul 2024 17:25:17 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 394749
IP address blocks: 2404:6900:2012::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5529 (0x1599)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172D91
Validity
Not Before: Jul 12 17:25:17 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=669166fc-5d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e4:f3:be:f6:ed:7c:53:a0:72:f9:15:53:47:
d6:39:34:11:e1:7b:f2:a4:2b:f6:ed:b4:43:f0:0a:
f4:e7:a6:a3:25:71:73:e0:07:a4:50:5a:f1:f3:d6:
82:45:2c:31:8c:fa:f9:d7:6b:cc:a9:aa:c7:83:77:
f2:86:68:c0:1e:d3:b5:82:d8:69:fa:17:79:0d:2a:
e5:62:7d:b1:9e:cb:d9:a9:01:c0:b4:71:8f:2d:d6:
66:f7:b7:c4:25:bf:f7:ea:02:ad:29:c8:3b:fe:ac:
80:97:c5:e0:d5:70:48:3a:e1:16:f5:bc:d9:f4:b8:
cc:64:e0:dd:16:e9:00:71:ef:df:10:75:bc:66:7a:
bd:7b:7e:65:6d:8a:af:5c:7b:6d:c1:e8:be:08:b1:
e9:43:bd:f7:04:16:20:b8:71:ad:43:ca:84:8b:c4:
18:0f:70:91:49:40:a7:5f:0e:4a:46:e9:13:2a:51:
7b:c1:55:59:e6:8f:fb:be:04:f3:7b:e0:a1:2d:bb:
ab:56:43:6d:58:99:bb:b0:a0:35:73:41:68:dc:9f:
10:4b:d2:84:64:26:8e:1b:d5:b0:a1:08:ab:6a:3b:
c8:a5:51:f2:42:47:a2:73:ea:61:7b:19:04:31:bb:
7c:23:18:73:1b:e5:eb:fa:d8:99:75:38:a7:c2:00:
47:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:77:5A:A8:10:4B:42:D5:C0:15:7E:E6:13:42:4F:8F:46:79:26:C1
X509v3 Authority Key Identifier:
keyid:E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/854D304E0C9B11EC8433FE7AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:6900:2012::/48
Signature Algorithm: sha256WithRSAEncryption
09:7a:1f:55:f1:63:bf:a2:31:da:bf:6a:dc:a9:36:0f:bd:2b:
a2:8c:9a:bb:84:5f:bc:ae:36:ac:8e:27:0c:b6:e3:76:69:79:
ba:0f:76:6b:c5:4b:9b:a5:d5:29:8e:71:c8:b9:f2:4d:03:28:
84:0f:c8:da:0f:53:b3:a8:b9:a1:d9:5f:ff:df:80:34:11:50:
b1:80:7a:86:e2:fd:a6:23:02:d6:6f:f2:6f:21:46:e2:dc:65:
52:14:5f:b6:d6:f9:31:53:d2:eb:4d:8d:60:82:5d:1f:ec:c3:
25:3f:d5:14:10:9a:e0:51:89:bf:76:32:ee:35:9c:a4:ff:38:
25:31:1c:dd:a6:00:9d:d4:84:22:da:84:a8:56:78:67:15:5c:
e8:e7:b5:d9:55:aa:58:98:1d:73:70:d7:67:95:62:e6:e9:ee:
61:ea:90:ea:f3:35:a6:d9:33:37:cd:1d:d5:94:8a:99:8a:43:
3c:c5:f8:b6:18:56:a4:01:30:d5:c4:6b:94:00:1d:a4:ba:fa:
b8:94:23:14:95:4b:12:ec:b4:4c:cd:49:e5:be:de:08:4e:68:
f0:86:49:13:68:3d:2d:74:16:36:80:3f:1a:3a:26:07:01:4c:
fa:69:a9:e5:b3:45:8d:93:55:99:50:ad:26:ea:fc:b0:f5:a0:
b1:34:f2:55
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICFZkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzJEOTExMTAvBgNVBAUTKEUyRURFNEE3RUE5NzI2NjhBNzk1QjI3QkE5REM4N0Y0
QjkwREE4OTcwHhcNMjQwNzEyMTcyNTE3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjkxNjZmYy01ZDkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyeTzvvbtfFOgcvkVU0fWOTQR4XvypCv27bRD8Ar056ajJXFz4AekUFrx89aC
RSwxjPr512vMqarHg3fyhmjAHtO1gthp+hd5DSrlYn2xnsvZqQHAtHGPLdZm97fE
Jb/36gKtKcg7/qyAl8Xg1XBIOuEW9bzZ9LjMZODdFukAce/fEHW8Znq9e35lbYqv
XHttwei+CLHpQ733BBYguHGtQ8qEi8QYD3CRSUCnXw5KRukTKlF7wVVZ5o/7vgTz
e+ChLburVkNtWJm7sKA1c0Fo3J8QS9KEZCaOG9WwoQirajvIpVHyQkeic+phexkE
Mbt8IxhzG+Xr+tiZdTinwgBHTQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFIZ3WqgQ
S0LVwBV+5hNCT49GeSbBMB8GA1UdIwQYMBaAFOLt5KfqlyZop5Wye6nch/S5DaiX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkQ5MS9FQTY3MkE1QzE5
RTcxMUU4QjI0M0Q1N0NDNEY5QUUwMi80dTNrcC1xWEptaW5sYko3cWR5SDlMa05x
SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzR1M2twLXFYSm1pbmxiSjdxZHlIOUxrTnFKYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzJEOTEvRUE2NzJBNUMxOUU3MTFFOEIyNDNENTdDQzRGOUFFMDIvODU0RDMwNEUw
QzlCMTFFQzg0MzNGRTdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkBGkAIBIwDQYJKoZIhvcNAQELBQADggEBAAl6H1XxY7+i
Mdq/atypNg+9K6KMmruEX7yuNqyOJwy243ZpeboPdmvFS5ul1SmOcci58k0DKIQP
yNoPU7OouaHZX//fgDQRULGAeobi/aYjAtZv8m8hRuLcZVIUX7bW+TFT0utNjWCC
XR/swyU/1RQQmuBRib92Mu41nKT/OCUxHN2mAJ3UhCLahKhWeGcVXOjntdlVqliY
HXNw12eVYubp7mHqkOrzNabZMzfNHdWUipmKQzzF+LYYVqQBMNXEa5QAHaS6+riU
IxSVSxLstEzNSeW+3ghOaPCGSRNoPS10FjaAPxo6JgcBTPppqeWzRY2TVZlQrSbq
/LD1oLE08lU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:24:13 2025 by rpki-client