Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/4AFD4994CDD011EEA5534481C4F9AE02.roa
File: 4AFD4994CDD011EEA5534481C4F9AE02.roa (raw, json)
Hash identifier: 5W+7nQ6sUflibilCBlXCdge8iT2G6A6aLqY201MPVEY=
Subject key identifier: 69:80:E8:1C:C9:C5:08:63:0A:0E:0A:DE:57:A4:61:8E:AA:C5:87:89
Certificate issuer: /CN=A9178C1E/serialNumber=1DF9C0CEF9A77DCD15BB51F93FD342999BE11658
Certificate serial: D0
Authority key identifier: 1D:F9:C0:CE:F9:A7:7D:CD:15:BB:51:F9:3F:D3:42:99:9B:E1:16:58
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/4AFD4994CDD011EEA5534481C4F9AE02.roa
Signing time: Mon 03 Mar 2025 07:29:11 +0000
ROA not before: Mon 03 Mar 2025 07:29:11 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 10104
IP address blocks: 2001:df3:6c40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 208 (0xd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178C1E
Validity
Not Before: Mar 3 07:29:11 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c55a47-74d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:58:5d:db:ef:c1:09:34:83:6a:ad:82:c3:85:
c3:ff:48:6c:43:4c:a1:82:5d:6b:87:f6:77:55:49:
fa:3f:85:60:fe:3c:58:da:b7:72:fa:4d:4c:a2:d1:
31:c3:1c:0a:6f:c6:20:fd:04:10:fb:c1:8e:8b:7f:
b8:16:0d:7a:03:31:7e:b1:a8:6c:b8:47:56:0c:7c:
dc:70:7e:5b:e5:26:b0:ea:0f:6c:4e:46:dd:d7:24:
d1:22:70:16:e4:a9:24:92:ca:81:a7:44:3d:ad:1e:
38:05:8c:7a:3f:80:76:c2:95:62:29:55:47:15:f3:
53:d8:9a:7f:fc:a0:ad:d1:2d:04:27:5f:74:70:92:
7d:ad:d0:36:eb:80:8a:c9:bb:f0:f6:c1:cb:4c:fa:
8f:65:e5:46:b2:b2:aa:e9:25:48:40:d2:cb:68:ef:
c8:e3:89:35:dc:44:71:47:45:77:10:e9:10:05:83:
1f:fc:fc:27:72:b6:bd:6a:40:34:ee:64:e4:8b:ae:
32:3c:dd:30:5a:93:0d:6c:ba:1c:d2:57:4e:18:63:
86:da:2e:82:6e:ea:7e:50:98:9e:f5:f6:53:34:46:
91:b5:84:92:1c:1f:3c:46:52:2d:43:f2:ac:19:0e:
a6:c3:e3:8d:0b:5a:c9:04:c2:11:bf:38:aa:23:e3:
3e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:80:E8:1C:C9:C5:08:63:0A:0E:0A:DE:57:A4:61:8E:AA:C5:87:89
X509v3 Authority Key Identifier:
keyid:1D:F9:C0:CE:F9:A7:7D:CD:15:BB:51:F9:3F:D3:42:99:9B:E1:16:58
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/4AFD4994CDD011EEA5534481C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:6c40::/48
Signature Algorithm: sha256WithRSAEncryption
7b:ef:16:0b:ba:0f:55:77:31:c4:77:cc:cb:f1:fa:05:50:66:
23:fb:88:c5:02:f4:b9:0b:15:d2:eb:38:91:9d:a3:ee:e7:cd:
42:49:02:31:a3:dc:3f:cb:98:5d:5b:b6:d3:0a:25:4c:e0:e8:
8c:bc:d3:32:1a:9a:ef:4f:04:e2:3f:26:06:41:e1:d4:2e:7c:
45:1e:c9:7d:97:1b:61:00:4c:b8:06:82:aa:0b:aa:77:a8:16:
e5:02:e2:97:aa:7b:c4:f8:e4:89:20:c9:b8:f2:79:5f:89:91:
d7:92:32:3f:c6:a9:97:b4:28:05:f0:27:3a:cf:e7:73:bc:03:
62:30:dc:a9:eb:a7:a3:6a:00:ea:42:76:f4:e4:07:45:6e:a5:
af:f5:be:95:2d:89:61:78:e4:1a:9b:e7:cb:26:a9:8e:8a:66:
e7:cf:8a:81:7b:50:9e:b3:34:df:8b:b9:ad:d8:55:74:43:33:
5e:4d:87:35:3f:f1:06:02:27:84:01:8b:ce:9d:f0:66:f5:4c:
1b:59:4f:80:a3:7a:fd:fb:7d:75:59:ea:3b:bf:64:e3:a8:57:
81:00:c4:49:d6:22:c9:24:8a:f4:2c:4e:25:f1:04:31:e4:41:
52:9d:65:d0:db:2b:87:5c:bb:fd:d1:cf:b6:5f:bb:f7:ea:61:
1b:0a:d2:ea
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICANAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhDMUUxMTAvBgNVBAUTKDFERjlDMENFRjlBNzdEQ0QxNUJCNTFGOTNGRDM0Mjk5
OUJFMTE2NTgwHhcNMjUwMzAzMDcyOTExWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M1NWE0Ny03NGQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAslhd2+/BCTSDaq2Cw4XD/0hsQ0yhgl1rh/Z3VUn6P4Vg/jxY2rdy+k1MotEx
wxwKb8Yg/QQQ+8GOi3+4Fg16AzF+sahsuEdWDHzccH5b5Saw6g9sTkbd1yTRInAW
5KkkksqBp0Q9rR44BYx6P4B2wpViKVVHFfNT2Jp//KCt0S0EJ190cJJ9rdA264CK
ybvw9sHLTPqPZeVGsrKq6SVIQNLLaO/I44k13ERxR0V3EOkQBYMf/Pwncra9akA0
7mTki64yPN0wWpMNbLoc0ldOGGOG2i6Cbup+UJie9fZTNEaRtYSSHB88RlItQ/Ks
GQ6mw+ONC1rJBMIRvziqI+M+DwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFGmA6BzJ
xQhjCg4K3lekYY6qxYeJMB8GA1UdIwQYMBaAFB35wM75p33NFbtR+T/TQpmb4RZY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEMxRS9DMjg2MDMyRUM2
NDcxMUVFOUQ2OEVCN0ZDNEY5QUUwMi9IZm5BenZtbmZjMFZ1MUg1UDlOQ21admhG
bGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hmbkF6dm1uZmMwVnUxSDVQOU5DbVp2aEZsZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhDMUUvQzI4NjAzMkVDNjQ3MTFFRTlENjhFQjdGQzRGOUFFMDIvNEFGRDQ5OTRD
REQwMTFFRUE1NTM0NDgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3zbEAwDQYJKoZIhvcNAQELBQADggEBAHvvFgu6D1V3
McR3zMvx+gVQZiP7iMUC9LkLFdLrOJGdo+7nzUJJAjGj3D/LmF1bttMKJUzg6Iy8
0zIamu9PBOI/JgZB4dQufEUeyX2XG2EATLgGgqoLqneoFuUC4peqe8T45Ikgybjy
eV+JkdeSMj/GqZe0KAXwJzrP53O8A2Iw3Knrp6NqAOpCdvTkB0Vupa/1vpUtiWF4
5Bqb58smqY6KZufPioF7UJ6zNN+Lua3YVXRDM15NhzU/8QYCJ4QBi86d8Gb1TBtZ
T4Cjev37fXVZ6ju/ZOOoV4EAxEnWIskkivQsTiXxBDHkQVKdZdDbK4dcu/3Rz7Zf
u/fqYRsK0uo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:35:34 2025 by rpki-client