Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/B9D00D3C195A11EE83248835C4F9AE02.roa
File: B9D00D3C195A11EE83248835C4F9AE02.roa (raw, json)
Hash identifier: wCL8taH4LIUOWXKWcvReDaNZ3+NnYlOsUT+x4rsuWPo=
Subject key identifier: 6B:60:16:B4:FB:4E:04:CF:7E:C0:2B:53:16:3D:50:1E:B4:03:C2:62
Certificate issuer: /CN=A91A0848/serialNumber=024229C81AC3535A21D60E2DC32A9B88BD6AD81F
Certificate serial: 01B3
Authority key identifier: 02:42:29:C8:1A:C3:53:5A:21:D6:0E:2D:C3:2A:9B:88:BD:6A:D8:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AkIpyBrDU1oh1g4twyqbiL1q2B8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/B9D00D3C195A11EE83248835C4F9AE02.roa
Signing time: Wed 05 Feb 2025 02:27:31 +0000
ROA not before: Wed 05 Feb 2025 02:27:31 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 150671
IP address blocks: 2001:df1:ac40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 435 (0x1b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0848
Validity
Not Before: Feb 5 02:27:31 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a2cc92-3059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:73:c0:59:f0:9c:62:9a:53:46:78:00:ff:f6:
02:98:47:40:51:64:0f:a8:01:ec:43:19:06:ae:4c:
0c:5e:e3:87:f4:3b:08:c0:31:ad:29:69:92:f9:90:
f0:4b:42:12:11:91:eb:e0:e6:99:60:55:d6:7c:12:
27:13:d1:a8:03:79:45:15:88:39:2a:a6:52:5d:49:
65:04:bb:b2:84:00:4c:42:2a:66:55:ae:e0:33:57:
e3:e3:02:dd:ba:8c:94:be:fb:ed:1a:01:4b:cc:46:
6d:fd:22:01:b1:08:cd:c1:34:79:42:b1:93:a6:34:
4f:21:28:d2:98:48:2b:2c:42:d3:c8:3c:7a:91:99:
fb:71:86:2e:0d:81:6c:08:51:f5:7d:55:42:a9:e9:
76:9a:5c:82:4f:3e:c0:c2:89:7b:17:0a:59:0d:6e:
93:53:16:bc:ac:58:bc:4a:0e:3a:d5:f0:f7:ff:6d:
d1:f8:83:cd:3d:02:76:7a:c4:48:b9:43:19:1b:d2:
0d:98:03:22:78:50:61:72:b1:00:e3:7f:d5:c3:33:
80:a0:8a:7e:db:a3:b2:10:94:47:b0:e7:b1:58:27:
66:e6:96:69:35:1f:dd:7c:20:37:d3:c2:9f:8b:ae:
4c:ef:da:6e:d4:06:8a:59:bf:99:03:73:e2:5e:c6:
21:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:60:16:B4:FB:4E:04:CF:7E:C0:2B:53:16:3D:50:1E:B4:03:C2:62
X509v3 Authority Key Identifier:
keyid:02:42:29:C8:1A:C3:53:5A:21:D6:0E:2D:C3:2A:9B:88:BD:6A:D8:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/AkIpyBrDU1oh1g4twyqbiL1q2B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AkIpyBrDU1oh1g4twyqbiL1q2B8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/B9D00D3C195A11EE83248835C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df1:ac40::/48
Signature Algorithm: sha256WithRSAEncryption
16:23:db:2e:43:a0:de:2e:95:22:4f:6a:d4:56:9e:51:a9:b0:
df:81:1b:16:95:1f:52:b5:a3:d6:c4:94:34:fa:3c:3f:98:f7:
00:4f:6e:f0:a3:aa:e2:d0:91:22:41:dc:5d:f0:86:09:73:20:
fd:31:61:a4:31:41:39:9d:ed:39:1f:45:83:a4:07:cb:89:80:
50:a3:33:21:d8:a8:26:cb:7b:1d:2d:90:bd:43:28:37:96:1c:
2a:96:b9:40:0e:ac:8b:96:79:1a:76:4d:cc:8b:56:83:d8:d3:
72:c8:13:ad:b4:18:71:00:e1:a3:c2:e1:a9:39:3a:f2:5b:84:
0b:8d:bc:bc:6c:7c:d2:4b:08:7c:0b:bd:e3:85:5a:e1:c3:f0:
9c:d3:62:be:f8:45:40:a1:45:3a:7c:f8:cd:64:7d:cf:12:06:
2b:88:43:49:8b:09:38:24:ca:af:de:26:29:4c:d1:a8:32:07:
19:43:be:e4:0c:88:f4:3c:40:f1:36:bf:1c:46:b7:f7:93:56:
2a:84:77:f7:8f:ad:4b:e7:8f:27:59:af:c2:16:08:b7:31:20:
55:ed:24:eb:1a:41:2b:91:a6:a4:dc:ca:0c:85:f9:6d:34:e4:
fb:2a:84:3c:35:06:c2:f0:10:ff:08:50:20:04:a3:c2:29:a7:
a2:62:f5:e0
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4NDgxMTAvBgNVBAUTKDAyNDIyOUM4MUFDMzUzNUEyMUQ2MEUyREMzMkE5Qjg4
QkQ2QUQ4MUYwHhcNMjUwMjA1MDIyNzMxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyY2M5Mi0zMDU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxnPAWfCcYppTRngA//YCmEdAUWQPqAHsQxkGrkwMXuOH9DsIwDGtKWmS+ZDw
S0ISEZHr4OaZYFXWfBInE9GoA3lFFYg5KqZSXUllBLuyhABMQipmVa7gM1fj4wLd
uoyUvvvtGgFLzEZt/SIBsQjNwTR5QrGTpjRPISjSmEgrLELTyDx6kZn7cYYuDYFs
CFH1fVVCqel2mlyCTz7Awol7FwpZDW6TUxa8rFi8Sg461fD3/23R+IPNPQJ2esRI
uUMZG9INmAMieFBhcrEA43/VwzOAoIp+26OyEJRHsOexWCdm5pZpNR/dfCA308Kf
i65M79pu1AaKWb+ZA3PiXsYh3wIDAQABo4ICmDCCApQwHQYDVR0OBBYEFGtgFrT7
TgTPfsArUxY9UB60A8JiMB8GA1UdIwQYMBaAFAJCKcgaw1NaIdYOLcMqm4i9atgf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDg0OC82NEQ4QjFERTc3
RTQxMUVEOTdGNTkzNERDNEY5QUUwMi9Ba0lweUJyRFUxb2gxZzR0d3lxYmlMMXEy
QjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FrSXB5QnJEVTFvaDFnNHR3eXFiaUwxcTJCOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4NDgvNjREOEIxREU3N0U0MTFFRDk3RjU5MzREQzRGOUFFMDIvQjlEMDBEM0Mx
OTVBMTFFRTgzMjQ4ODM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3xrEAwDQYJKoZIhvcNAQELBQADggEBABYj2y5DoN4u
lSJPatRWnlGpsN+BGxaVH1K1o9bElDT6PD+Y9wBPbvCjquLQkSJB3F3whglzIP0x
YaQxQTmd7TkfRYOkB8uJgFCjMyHYqCbLex0tkL1DKDeWHCqWuUAOrIuWeRp2TcyL
VoPY03LIE620GHEA4aPC4ak5OvJbhAuNvLxsfNJLCHwLveOFWuHD8JzTYr74RUCh
RTp8+M1kfc8SBiuIQ0mLCTgkyq/eJilM0agyBxlDvuQMiPQ8QPE2vxxGt/eTViqE
d/ePrUvnjydZr8IWCLcxIFXtJOsaQSuRpqTcygyF+W005PsqhDw1BsLwEP8IUCAE
o8Ipp6Ji9eA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:14:04 2025 by rpki-client