Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2CF876F84A5311EF979C0731C4F9AE02.roa
File: 2CF876F84A5311EF979C0731C4F9AE02.roa (raw, json)
Hash identifier: aZ8wCmygs+6ZNVZFNZbGAxE4tc/d0SVTRrqvgzvPcYY=
Subject key identifier: CD:16:F1:CC:77:18:20:EE:5A:7C:D6:18:74:DF:C0:9A:F4:A0:A0:39
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9528
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2CF876F84A5311EF979C0731C4F9AE02.roa
Signing time: Thu 25 Jul 2024 07:01:42 +0000
ROA not before: Thu 25 Jul 2024 07:01:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58758
IP address blocks: 2406:f00:2::/48 maxlen: 48
2406:f00:9::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38184 (0x9528)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jul 25 07:01:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66a1f856-b5b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7b:ff:dd:a2:e2:03:d0:c3:51:4d:e9:16:56:
06:14:b0:8a:61:69:60:78:80:c6:9b:42:c1:5b:d4:
de:1d:3b:0a:cd:51:d8:7d:e6:e6:01:46:be:b6:b7:
d7:1e:e6:95:ce:88:80:bb:2e:6a:69:e4:ea:2e:97:
31:c4:e7:b4:3c:f9:c8:80:d1:c1:25:e5:36:79:e2:
25:85:39:a5:8c:2d:01:f0:99:9c:89:97:1d:e1:90:
ec:77:7a:52:88:ad:bb:24:99:54:f4:18:f8:08:ae:
b8:12:bd:08:fa:91:e1:44:70:35:7f:f5:a6:a1:24:
1d:e2:50:56:1e:cc:18:9b:a2:d2:2d:aa:93:1f:e3:
55:3c:81:04:51:54:52:26:9c:2a:7b:a6:0e:c6:bb:
d7:80:8f:f5:b1:34:c2:b2:40:5b:05:6a:b0:7c:d4:
9d:ff:f5:5f:8d:28:2f:04:b9:1e:b3:49:87:55:f3:
d7:a3:f2:48:2c:4e:d4:d6:05:11:23:e2:0a:7a:cb:
cd:c4:d8:9c:48:cf:61:50:c8:ce:13:88:94:22:eb:
3d:24:8e:3d:4c:89:61:9a:df:25:b4:1e:dc:cb:72:
ec:9c:d0:f7:d2:f6:a1:85:b8:98:18:4d:89:ab:9f:
be:1a:44:e0:9e:2d:00:15:06:42:5a:d6:f5:3e:9d:
8e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:16:F1:CC:77:18:20:EE:5A:7C:D6:18:74:DF:C0:9A:F4:A0:A0:39
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2CF876F84A5311EF979C0731C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:f00:2::/48
2406:f00:9::/48
Signature Algorithm: sha256WithRSAEncryption
a4:03:f5:28:1c:74:45:d1:54:10:ca:b5:81:8d:71:d6:2c:2e:
f1:84:02:c4:de:3c:d7:55:58:62:bd:56:52:4d:1c:9b:1e:c5:
7f:24:ba:9e:9a:62:22:59:1d:ab:1f:b6:96:9c:77:f4:39:33:
12:7e:0d:37:05:28:fd:28:33:fe:73:3a:01:14:80:86:b3:19:
e1:9a:af:06:c4:9e:87:3a:cc:ef:27:c2:4a:dc:12:69:81:82:
f8:4b:ea:37:f7:e6:56:91:ae:8e:0b:f3:de:2a:ea:b5:d9:de:
49:9d:28:38:55:29:b6:54:26:38:74:7f:e9:0a:49:07:c6:75:
d3:a4:9e:03:11:d1:04:04:49:88:d6:54:12:1f:d6:27:c8:fa:
ff:d4:a2:d7:c9:96:dd:cc:f1:27:9c:2a:f9:d4:e7:0c:22:43:
74:d1:6d:82:da:a8:64:60:d0:24:b4:06:07:d7:db:b2:e9:0d:
6a:b8:a5:ca:41:e3:0d:8a:0c:5e:f0:c9:b0:2a:e3:d7:f1:e4:
16:b6:be:78:e5:ab:e1:d8:3b:c7:6b:3f:01:ab:f9:68:e8:fe:
b4:93:0b:da:a5:cf:47:4b:14:b3:41:3b:0c:9c:3e:60:0a:c7:
bb:92:70:36:8d:b3:21:8f:5b:09:7f:f9:ca:00:65:0d:b8:30:
70:8f:e3:69
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIDAJUoMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDcyNTA3MDE0MloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZhMWY4NTYtYjViMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM57/92i4gPQw1FN6RZWBhSwimFpYHiAxptCwVvU3h07Cs1R2H3m5gFGvra3
1x7mlc6IgLsuamnk6i6XMcTntDz5yIDRwSXlNnniJYU5pYwtAfCZnImXHeGQ7Hd6
UoituySZVPQY+AiuuBK9CPqR4URwNX/1pqEkHeJQVh7MGJui0i2qkx/jVTyBBFFU
UiacKnumDsa714CP9bE0wrJAWwVqsHzUnf/1X40oLwS5HrNJh1Xz16PySCxO1NYF
ESPiCnrLzcTYnEjPYVDIzhOIlCLrPSSOPUyJYZrfJbQe3Mty7JzQ99L2oYW4mBhN
iaufvhpE4J4tABUGQlrW9T6djtsCAwEAAaOCAqEwggKdMB0GA1UdDgQWBBTNFvHM
dxgg7lp81hh038Ca9KCgOTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzJDRjg3NkY4
NEE1MzExRUY5NzlDMDczMUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCsGCCsGAQUFBwEHAQH/
BBwwGjAYBAIAAjASAwcAJAYPAAACAwcAJAYPAAAJMA0GCSqGSIb3DQEBCwUAA4IB
AQCkA/UoHHRF0VQQyrWBjXHWLC7xhALE3jzXVVhivVZSTRybHsV/JLqemmIiWR2r
H7aWnHf0OTMSfg03BSj9KDP+czoBFICGsxnhmq8GxJ6HOszvJ8JK3BJpgYL4S+o3
9+ZWka6OC/PeKuq12d5JnSg4VSm2VCY4dH/pCkkHxnXTpJ4DEdEEBEmI1lQSH9Yn
yPr/1KLXyZbdzPEnnCr51OcMIkN00W2C2qhkYNAktAYH19uy6Q1quKXKQeMNigxe
8MmwKuPX8eQWtr545avh2DvHaz8Bq/lo6P60kwvapc9HSxSzQTsMnD5gCse7knA2
jbMhj1sJf/nKAGUNuDBwj+Np
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:40:42 2025 by rpki-client