Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/AA398864B96611EF8161BF51C4F9AE02.roa
File: AA398864B96611EF8161BF51C4F9AE02.roa (raw, json)
Hash identifier: yQGHba0iCVzmQ+TLDipv2BWri6rwZPqD4eW8ATIlvo4=
Subject key identifier: 21:22:7B:31:5A:6C:1C:7E:10:38:4E:E0:AD:18:83:2E:4F:51:76:87
Certificate issuer: /CN=A917BEA7/serialNumber=0B8D638FFD38B1F77E48E1BB5DF29929CE7D78B5
Certificate serial: 0149
Authority key identifier: 0B:8D:63:8F:FD:38:B1:F7:7E:48:E1:BB:5D:F2:99:29:CE:7D:78:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C41jj_04sfd-SOG7XfKZKc59eLU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/AA398864B96611EF8161BF51C4F9AE02.roa
Signing time: Wed 25 Dec 2024 05:59:19 +0000
ROA not before: Wed 25 Dec 2024 05:59:19 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 139358
IP address blocks: 2401:e60:20::/44 maxlen: 44
2401:e60:20::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 329 (0x149)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917BEA7
Validity
Not Before: Dec 25 05:59:19 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=676b9f37-165e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:79:77:c0:9b:15:a7:71:56:e6:75:c7:a2:e3:
bb:df:b5:eb:6d:ed:10:1f:e2:99:ec:f2:c2:70:c6:
af:b2:87:32:77:d9:df:25:52:d9:0f:a2:aa:66:5d:
c7:c7:a8:37:24:d2:a6:ca:06:4c:f7:0f:47:df:06:
4d:bb:80:30:82:86:a8:6d:86:bd:fe:97:bf:61:4b:
a0:17:0b:e1:da:4f:e8:88:e1:b7:c0:b2:3d:39:36:
fe:23:cc:d0:76:37:d2:6c:de:ba:b1:dd:aa:9c:ac:
a3:0b:b5:07:ce:ac:96:91:5a:19:ad:a3:2a:80:7e:
3a:ae:0c:75:ec:f0:b3:38:05:c5:2f:7c:77:5a:4e:
41:ce:b5:f8:ce:0e:29:81:82:0d:22:f1:1f:a2:78:
26:85:2e:87:8c:99:43:68:90:1e:5c:a1:6c:d8:2b:
a8:42:16:88:29:51:c9:59:e4:ce:2b:2d:b0:ec:ce:
17:4f:b6:c2:31:be:73:88:f6:05:38:0f:e3:6b:43:
1e:af:1a:08:df:e8:b0:27:cc:dc:af:a1:4b:a6:26:
43:62:91:b1:c7:f6:2c:df:50:2f:c0:56:17:1e:a8:
ef:59:78:7e:15:7b:41:24:53:0d:6c:76:fc:21:a7:
66:8e:cd:56:52:4b:c0:18:9a:e0:f6:19:da:9a:78:
40:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:22:7B:31:5A:6C:1C:7E:10:38:4E:E0:AD:18:83:2E:4F:51:76:87
X509v3 Authority Key Identifier:
keyid:0B:8D:63:8F:FD:38:B1:F7:7E:48:E1:BB:5D:F2:99:29:CE:7D:78:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/C41jj_04sfd-SOG7XfKZKc59eLU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C41jj_04sfd-SOG7XfKZKc59eLU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/AA398864B96611EF8161BF51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:e60:20::/44
Signature Algorithm: sha256WithRSAEncryption
84:f5:9d:c5:ac:5f:0c:5c:96:e3:1f:4f:e5:57:dd:aa:bb:60:
41:de:a3:c5:ea:fa:88:56:c7:6a:72:e6:46:cd:42:16:0f:13:
91:f5:54:d5:6b:4c:29:85:88:67:9f:91:00:18:e3:2a:f5:ff:
12:17:9a:c1:7f:0f:49:53:97:30:7f:fd:c2:e8:e6:73:e0:2e:
20:fb:55:bb:58:2b:3e:bf:76:a0:6d:1c:7b:b1:6f:0f:d2:26:
53:f4:d8:4c:6c:20:fb:4c:ed:25:b7:bc:30:01:bd:06:d8:ed:
72:eb:a2:bd:e5:96:84:18:10:cb:d5:ef:ac:9e:aa:24:3f:e5:
8b:a2:bb:7c:41:37:d8:f3:e7:fe:23:44:0c:03:38:45:9e:d6:
e1:79:47:47:bf:85:75:c4:a4:af:f5:70:53:2b:a6:6b:bc:3e:
a6:75:ce:82:35:fd:6a:0a:3d:cc:c1:dd:66:d0:66:fd:cc:96:
2f:f5:0b:76:9c:57:25:cd:3e:b1:57:9c:7a:54:db:cb:4b:39:
5f:08:2e:58:a2:af:46:9f:4e:f0:44:9d:9d:17:c7:34:1c:66:
6f:ac:2b:21:22:85:09:6f:85:75:68:ad:66:a8:b2:52:27:fd:
b8:4a:bc:c9:1d:22:82:57:65:40:24:ba:cf:5e:f4:dc:ab:74:
08:c1:69:35
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0JFQTcxMTAvBgNVBAUTKDBCOEQ2MzhGRkQzOEIxRjc3RTQ4RTFCQjVERjI5OTI5
Q0U3RDc4QjUwHhcNMjQxMjI1MDU1OTE5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZiOWYzNy0xNjVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwHl3wJsVp3FW5nXHouO737Xrbe0QH+KZ7PLCcMavsocyd9nfJVLZD6KqZl3H
x6g3JNKmygZM9w9H3wZNu4AwgoaobYa9/pe/YUugFwvh2k/oiOG3wLI9OTb+I8zQ
djfSbN66sd2qnKyjC7UHzqyWkVoZraMqgH46rgx17PCzOAXFL3x3Wk5BzrX4zg4p
gYINIvEfongmhS6HjJlDaJAeXKFs2CuoQhaIKVHJWeTOKy2w7M4XT7bCMb5ziPYF
OA/ja0MerxoI3+iwJ8zcr6FLpiZDYpGxx/Ys31AvwFYXHqjvWXh+FXtBJFMNbHb8
Iadmjs1WUkvAGJrg9hnamnhAdQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFCEiezFa
bBx+EDhO4K0Ygy5PUXaHMB8GA1UdIwQYMBaAFAuNY4/9OLH3fkjhu13ymSnOfXi1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkVBNy8wNDRGNjQ0ODEx
NjgxMUVFQUM2M0MyMzRDNEY5QUUwMi9DNDFqal8wNHNmZC1TT0c3WGZLWktjNTll
TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0M0MWpqXzA0c2ZkLVNPRzdYZktaS2M1OWVMVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0JFQTcvMDQ0RjY0NDgxMTY4MTFFRUFDNjNDMjM0QzRGOUFFMDIvQUEzOTg4NjRC
OTY2MTFFRjgxNjFCRjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkAQ5gACAwDQYJKoZIhvcNAQELBQADggEBAIT1ncWsXwxc
luMfT+VX3aq7YEHeo8Xq+ohWx2py5kbNQhYPE5H1VNVrTCmFiGefkQAY4yr1/xIX
msF/D0lTlzB//cLo5nPgLiD7VbtYKz6/dqBtHHuxbw/SJlP02ExsIPtM7SW3vDAB
vQbY7XLror3lloQYEMvV76yeqiQ/5Yuiu3xBN9jz5/4jRAwDOEWe1uF5R0e/hXXE
pK/1cFMrpmu8PqZ1zoI1/WoKPczB3WbQZv3Mli/1C3acVyXNPrFXnHpU28tLOV8I
Lliir0afTvBEnZ0XxzQcZm+sKyEihQlvhXVorWaoslIn/bhKvMkdIoJXZUAkus9e
9NyrdAjBaTU=
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:34:46 2025 by rpki-client