Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EA40/52923F4480F011EDAAE48F7BC4F9AE02/16C04B8680FB11ED9B35954DC4F9AE02.roa
File: 16C04B8680FB11ED9B35954DC4F9AE02.roa (raw, json)
Hash identifier: mHCGsiMH+RVpi8uw/SNyVdE1yXadTr0gkZyL1YqI7+I=
Subject key identifier: 8B:51:4F:01:3F:3E:57:B3:4C:1E:3F:32:C5:44:18:F5:BB:2D:58:6A
Certificate issuer: /CN=A919EA40/serialNumber=8A297E0356F0F7BF54DEF56B25A1FB1EAF84843D
Certificate serial: 0170
Authority key identifier: 8A:29:7E:03:56:F0:F7:BF:54:DE:F5:6B:25:A1:FB:1E:AF:84:84:3D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iil-A1bw979U3vVrJaH7Hq-EhD0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EA40/52923F4480F011EDAAE48F7BC4F9AE02/16C04B8680FB11ED9B35954DC4F9AE02.roa
Signing time: Fri 29 Nov 2024 02:35:58 +0000
ROA not before: Fri 29 Nov 2024 02:35:58 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 58611
IP address blocks: 2001:df1:6ac0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 368 (0x170)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EA40
Validity
Not Before: Nov 29 02:35:58 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6749288e-dc84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:8b:67:4a:41:5d:25:f7:9d:e2:e5:5a:81:9c:
da:a0:3a:0b:18:fb:0b:8c:79:a8:82:2f:33:76:1b:
aa:50:b5:69:b8:50:be:bf:9d:1b:eb:5e:a9:23:b1:
34:6e:0c:3e:24:f1:dc:66:52:a9:c4:0f:b2:ce:4b:
c4:1c:1b:2c:eb:f0:c5:cd:4f:fe:56:db:7e:f8:7a:
a7:cc:d9:2c:25:c1:7d:4b:52:e4:c4:c4:3f:78:6c:
e5:9f:92:d6:b6:e2:47:cc:f1:5f:d0:60:02:22:3a:
b9:07:0b:c3:bb:2d:c1:d9:d6:21:45:90:75:f9:25:
75:ee:0a:5a:ed:3f:e2:2e:ba:1f:e3:87:ac:81:29:
0c:38:e2:8e:ec:6c:b4:b4:c0:44:08:31:8c:4d:9c:
c0:f0:f2:14:53:8d:b2:5f:55:8b:27:b9:dc:42:59:
62:e3:6a:d6:06:33:e5:d6:a8:5e:e1:31:a7:90:3d:
c8:34:2e:97:24:f1:30:56:6f:aa:96:8a:c2:ad:b5:
3c:46:83:de:dd:07:2e:b4:d6:4a:1b:41:53:6d:a4:
4b:18:0a:24:0e:56:1f:37:d4:24:78:5e:85:b7:1a:
dd:32:f4:cb:12:9b:64:31:3f:0e:87:19:a0:09:37:
91:87:ae:31:99:d2:6c:22:c1:02:a6:45:6e:5b:1f:
5c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:51:4F:01:3F:3E:57:B3:4C:1E:3F:32:C5:44:18:F5:BB:2D:58:6A
X509v3 Authority Key Identifier:
keyid:8A:29:7E:03:56:F0:F7:BF:54:DE:F5:6B:25:A1:FB:1E:AF:84:84:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EA40/52923F4480F011EDAAE48F7BC4F9AE02/iil-A1bw979U3vVrJaH7Hq-EhD0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iil-A1bw979U3vVrJaH7Hq-EhD0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EA40/52923F4480F011EDAAE48F7BC4F9AE02/16C04B8680FB11ED9B35954DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df1:6ac0::/48
Signature Algorithm: sha256WithRSAEncryption
91:b7:b5:96:8d:19:a2:94:10:40:a9:66:ea:b6:04:5d:b1:0d:
7a:49:a0:fe:b3:7d:90:c1:a5:b8:c3:23:d7:c4:81:ce:32:2a:
44:94:c0:0f:02:0b:e7:9e:7b:30:d0:3d:c6:d6:db:00:60:59:
b3:30:1d:69:67:fe:e4:cb:a8:54:b5:8f:05:e7:30:c3:de:02:
71:13:de:b4:9c:9e:98:24:4b:c3:77:0a:3d:c3:1f:c9:a0:84:
51:39:9e:39:b7:be:de:bd:02:e9:0a:55:98:e8:88:78:dd:a9:
4f:d8:12:cb:8c:82:1a:84:94:1c:4c:cb:50:c6:10:1c:43:93:
c7:85:3a:75:d8:5c:da:86:fe:72:67:e8:3d:7f:c1:73:ce:86:
78:f0:71:07:19:31:9b:df:99:39:c3:b9:0d:72:38:6f:c7:5c:
b5:37:95:1a:95:da:5a:88:66:d2:7e:32:6c:b1:d7:91:44:f1:
df:49:33:ed:b4:5f:a0:2c:92:6e:6a:22:b0:d0:ed:90:58:29:
03:59:47:a1:54:65:b5:2e:08:4d:a9:aa:d1:39:28:29:d3:4f:
2c:ad:f0:3c:51:04:ad:b8:6c:d0:00:78:eb:ca:59:21:ab:3c:
2f:fb:b3:54:08:c4:2a:e4:27:3f:66:24:fc:65:e5:0e:de:48:
0d:16:06:a0
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAXAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVBNDAxMTAvBgNVBAUTKDhBMjk3RTAzNTZGMEY3QkY1NERFRjU2QjI1QTFGQjFF
QUY4NDg0M0QwHhcNMjQxMTI5MDIzNTU4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ5Mjg4ZS1kYzg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA54tnSkFdJfed4uVagZzaoDoLGPsLjHmogi8zdhuqULVpuFC+v50b616pI7E0
bgw+JPHcZlKpxA+yzkvEHBss6/DFzU/+Vtt++HqnzNksJcF9S1LkxMQ/eGzln5LW
tuJHzPFf0GACIjq5BwvDuy3B2dYhRZB1+SV17gpa7T/iLrof44esgSkMOOKO7Gy0
tMBECDGMTZzA8PIUU42yX1WLJ7ncQlli42rWBjPl1qhe4TGnkD3INC6XJPEwVm+q
lorCrbU8RoPe3QcutNZKG0FTbaRLGAokDlYfN9QkeF6FtxrdMvTLEptkMT8Ohxmg
CTeRh64xmdJsIsECpkVuWx9cTQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFItRTwE/
PlezTB4/MsVEGPW7LVhqMB8GA1UdIwQYMBaAFIopfgNW8Pe/VN71ayWh+x6vhIQ9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUE0MC81MjkyM0Y0NDgw
RjAxMUVEQUFFNDhGN0JDNEY5QUUwMi9paWwtQTFidzk3OVUzdlZySmFIN0hxLUVo
RDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lpbC1BMWJ3OTc5VTN2VnJKYUg3SHEtRWhEMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBNDAvNTI5MjNGNDQ4MEYwMTFFREFBRTQ4RjdCQzRGOUFFMDIvMTZDMDRCODY4
MEZCMTFFRDlCMzU5NTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3xasAwDQYJKoZIhvcNAQELBQADggEBAJG3tZaNGaKU
EECpZuq2BF2xDXpJoP6zfZDBpbjDI9fEgc4yKkSUwA8CC+eeezDQPcbW2wBgWbMw
HWln/uTLqFS1jwXnMMPeAnET3rScnpgkS8N3Cj3DH8mghFE5njm3vt69AukKVZjo
iHjdqU/YEsuMghqElBxMy1DGEBxDk8eFOnXYXNqG/nJn6D1/wXPOhnjwcQcZMZvf
mTnDuQ1yOG/HXLU3lRqV2lqIZtJ+Mmyx15FE8d9JM+20X6Askm5qIrDQ7ZBYKQNZ
R6FUZbUuCE2pqtE5KCnTTyyt8DxRBK24bNAAeOvKWSGrPC/7s1QIxCrkJz9mJPxl
5Q7eSA0WBqA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:00:08 2025 by rpki-client