Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917AC8C/89966DCAEBB911EC99E5610EC4F9AE02/EB756434EBBD11ECB3DAFE39C4F9AE02.roa
File: EB756434EBBD11ECB3DAFE39C4F9AE02.roa (raw, json)
Hash identifier: OqHjS/HS8e7S5i/skx8l2IsJyhS/M18aAyJkpcYv//Y=
Subject key identifier: 3E:DA:75:36:D9:4B:4A:54:9E:BF:D3:52:67:19:BC:1A:03:7F:68:72
Certificate issuer: /CN=A917AC8C/serialNumber=563F32948EBC1B390F32A0AA3F3614785AFCE7C2
Certificate serial: 0241
Authority key identifier: 56:3F:32:94:8E:BC:1B:39:0F:32:A0:AA:3F:36:14:78:5A:FC:E7:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vj8ylI68GzkPMqCqPzYUeFr858I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917AC8C/89966DCAEBB911EC99E5610EC4F9AE02/EB756434EBBD11ECB3DAFE39C4F9AE02.roa
Signing time: Sat 17 Aug 2024 03:05:40 +0000
ROA not before: Sat 17 Aug 2024 03:05:40 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 149867
IP address blocks: 2001:df0:d440::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 577 (0x241)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917AC8C
Validity
Not Before: Aug 17 03:05:40 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66c01384-7fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:75:d3:e7:ea:31:2e:95:1e:4a:cd:4b:ea:ab:
c2:ad:b6:b9:12:9c:f2:f8:6b:0d:e8:13:b7:9d:fe:
a7:09:71:99:fa:09:9d:4a:dd:b6:98:d9:55:6f:fa:
43:dc:44:0c:8b:14:cd:2e:ef:35:df:c1:91:7c:1e:
6b:89:08:d1:cd:11:61:6a:ee:5d:fc:96:aa:b1:6d:
48:f0:3f:fd:c9:2f:86:f1:4d:d0:d7:b5:1b:ef:8d:
39:85:0e:93:ab:61:c3:6c:4b:22:f9:53:61:2b:1f:
bd:96:32:a6:08:23:f2:56:0e:17:5e:7b:5e:e3:cb:
ca:f0:17:c4:71:bb:47:86:47:1e:7f:9c:63:14:c0:
f1:30:46:6d:11:89:5a:24:bf:83:9b:d3:94:7c:9e:
18:5e:2b:ad:ee:90:76:26:3a:eb:05:e3:0a:5e:ba:
d7:30:a6:48:a9:3d:30:a7:dd:f9:eb:d4:2b:95:85:
30:bb:13:bf:6b:77:3c:b9:74:c6:0d:6a:b5:52:ad:
aa:c4:6f:91:c6:2d:5d:38:da:7b:12:9c:c2:8d:d1:
29:6d:ae:23:0a:ae:1d:9a:3d:bc:bf:25:ec:b8:5e:
db:bd:9d:a5:e6:5e:18:43:45:da:af:21:f5:e1:42:
99:75:35:a0:1a:93:47:6f:d9:65:db:dd:d4:a7:4b:
eb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:DA:75:36:D9:4B:4A:54:9E:BF:D3:52:67:19:BC:1A:03:7F:68:72
X509v3 Authority Key Identifier:
keyid:56:3F:32:94:8E:BC:1B:39:0F:32:A0:AA:3F:36:14:78:5A:FC:E7:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917AC8C/89966DCAEBB911EC99E5610EC4F9AE02/Vj8ylI68GzkPMqCqPzYUeFr858I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vj8ylI68GzkPMqCqPzYUeFr858I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AC8C/89966DCAEBB911EC99E5610EC4F9AE02/EB756434EBBD11ECB3DAFE39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df0:d440::/48
Signature Algorithm: sha256WithRSAEncryption
33:ec:b6:05:f6:d0:77:03:36:49:e7:f0:3b:7c:d0:e3:8e:4e:
77:dd:b8:39:9f:c8:8f:5e:61:4d:a0:83:5e:e8:3e:ac:16:43:
9f:24:72:b0:44:5a:8e:10:b7:9c:8e:58:b1:cf:86:a3:00:0a:
ba:b9:0a:66:14:cb:a6:c5:57:e8:fb:fc:de:ff:a3:69:65:1e:
23:e0:95:64:b5:4e:85:a6:41:5b:b2:e8:dc:2a:33:4c:ad:1d:
1f:d3:b6:e9:db:82:9c:65:3d:76:2a:a7:c2:fb:19:e0:0a:20:
48:70:b6:b8:7d:4f:2a:af:95:d5:7a:0a:19:8c:df:16:be:96:
aa:aa:9e:67:e9:83:57:8c:bf:70:5e:db:f3:42:90:09:c1:06:
85:ab:75:48:a5:86:cd:8e:e1:9b:db:d0:b4:1e:e1:8a:de:1e:
9e:bb:9a:23:fa:9c:ec:27:ef:f8:81:39:a0:31:ca:ee:3a:db:
6e:52:b6:8a:6b:15:a7:5e:b3:21:d0:1b:8e:94:16:39:b8:e9:
a5:ca:24:27:de:12:6a:d0:5c:d9:09:47:6f:02:97:41:16:3b:
49:05:9b:c3:70:5a:09:11:60:c0:0f:df:8b:16:1e:36:62:bb:
e4:99:42:fe:e8:00:4f:2a:cf:7b:c7:33:50:dd:0d:f7:30:2e:
c2:b6:5e:79
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAkEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0FDOEMxMTAvBgNVBAUTKDU2M0YzMjk0OEVCQzFCMzkwRjMyQTBBQTNGMzYxNDc4
NUFGQ0U3QzIwHhcNMjQwODE3MDMwNTQwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmMwMTM4NC03ZmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxXXT5+oxLpUeSs1L6qvCrba5Epzy+GsN6BO3nf6nCXGZ+gmdSt22mNlVb/pD
3EQMixTNLu8138GRfB5riQjRzRFhau5d/JaqsW1I8D/9yS+G8U3Q17Ub7405hQ6T
q2HDbEsi+VNhKx+9ljKmCCPyVg4XXnte48vK8BfEcbtHhkcef5xjFMDxMEZtEYla
JL+Dm9OUfJ4YXiut7pB2JjrrBeMKXrrXMKZIqT0wp93569QrlYUwuxO/a3c8uXTG
DWq1Uq2qxG+Rxi1dONp7EpzCjdEpba4jCq4dmj28vyXsuF7bvZ2l5l4YQ0XaryH1
4UKZdTWgGpNHb9ll293Up0vrqwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFD7adTbZ
S0pUnr/TUmcZvBoDf2hyMB8GA1UdIwQYMBaAFFY/MpSOvBs5DzKgqj82FHha/OfC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUM4Qy84OTk2NkRDQUVC
QjkxMUVDOTlFNTYxMEVDNEY5QUUwMi9Wajh5bEk2OEd6a1BNcUNxUHpZVWVGcjg1
OEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZqOHlsSTY4R3prUE1xQ3FQellVZUZyODU4SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0FDOEMvODk5NjZEQ0FFQkI5MTFFQzk5RTU2MTBFQzRGOUFFMDIvRUI3NTY0MzRF
QkJEMTFFQ0IzREFGRTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3w1EAwDQYJKoZIhvcNAQELBQADggEBADPstgX20HcD
Nknn8Dt80OOOTnfduDmfyI9eYU2gg17oPqwWQ58kcrBEWo4Qt5yOWLHPhqMACrq5
CmYUy6bFV+j7/N7/o2llHiPglWS1ToWmQVuy6NwqM0ytHR/TtunbgpxlPXYqp8L7
GeAKIEhwtrh9TyqvldV6ChmM3xa+lqqqnmfpg1eMv3Be2/NCkAnBBoWrdUilhs2O
4Zvb0LQe4YreHp67miP6nOwn7/iBOaAxyu46225StoprFadesyHQG46UFjm46aXK
JCfeEmrQXNkJR28Cl0EWO0kFm8NwWgkRYMAP34sWHjZiu+SZQv7oAE8qz3vHM1Dd
DfcwLsK2Xnk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:22:46 2025 by rpki-client