Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3AB3/05ED94CE194C11EDAD38F22BC4F9AE02/F3997FACE21D11EFA5819B7EC4F9AE02.roa
File: F3997FACE21D11EFA5819B7EC4F9AE02.roa (raw, json)
Hash identifier: i36MDRfdl1BfbC03GXG9+ec9wUo58UWBRkWVFnwZOdc=
Subject key identifier: 95:FE:EB:C7:D0:0E:5C:A0:E5:02:80:BE:2C:36:BE:FB:D7:F4:DF:3F
Certificate issuer: /CN=A91A3AB3/serialNumber=E4A94CFA8D2F9F5B39EF46350591CE312E514FB3
Certificate serial: 0249
Authority key identifier: E4:A9:4C:FA:8D:2F:9F:5B:39:EF:46:35:05:91:CE:31:2E:51:4F:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5KlM-o0vn1s570Y1BZHOMS5RT7M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A3AB3/05ED94CE194C11EDAD38F22BC4F9AE02/F3997FACE21D11EFA5819B7EC4F9AE02.roa
Signing time: Mon 03 Feb 2025 10:59:34 +0000
ROA not before: Mon 03 Feb 2025 10:59:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152599
IP address blocks: 2001:df0:9840::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 585 (0x249)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A3AB3
Validity
Not Before: Feb 3 10:59:34 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67a0a196-1df7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5e:03:5d:b0:be:9d:7a:52:40:11:86:9c:61:
17:2f:ba:52:71:56:77:f6:47:08:49:e2:01:e8:68:
38:ec:b0:19:94:b0:49:82:d8:9b:0a:f1:ab:e9:2d:
1e:2b:15:26:ec:5a:7c:9f:df:b8:7b:1e:56:63:b6:
54:34:b5:c0:20:b1:29:38:1d:f5:c0:2c:2b:4e:d2:
3d:03:18:2a:4d:b7:26:ab:00:4b:fd:8d:fe:ac:e3:
4f:d6:c0:04:c4:52:d9:e3:5e:63:4c:6e:87:e7:22:
9b:f9:b6:76:dd:43:87:45:a2:93:64:b0:99:1e:c3:
5a:6f:11:f2:a1:fe:6a:a8:87:9a:1c:9e:54:d6:c3:
53:93:22:20:df:c2:03:e7:b3:7e:1a:7f:94:4a:28:
44:2f:91:e3:44:9e:8f:f1:96:2a:59:d9:67:b3:65:
75:d3:33:18:d5:87:7e:88:c3:80:92:ea:86:5d:63:
43:64:5c:64:8f:a8:32:3c:25:7e:c0:5d:0a:08:93:
8e:8f:20:3d:14:59:12:72:e0:98:7c:0f:9f:07:5c:
08:ce:7e:d4:0d:03:3a:60:c5:d7:d5:69:f7:c1:c4:
51:e2:12:88:41:96:40:43:e3:2d:c0:53:56:67:13:
d7:66:12:98:30:df:db:22:64:d5:9e:98:cd:05:62:
1d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:FE:EB:C7:D0:0E:5C:A0:E5:02:80:BE:2C:36:BE:FB:D7:F4:DF:3F
X509v3 Authority Key Identifier:
keyid:E4:A9:4C:FA:8D:2F:9F:5B:39:EF:46:35:05:91:CE:31:2E:51:4F:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A3AB3/05ED94CE194C11EDAD38F22BC4F9AE02/5KlM-o0vn1s570Y1BZHOMS5RT7M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5KlM-o0vn1s570Y1BZHOMS5RT7M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3AB3/05ED94CE194C11EDAD38F22BC4F9AE02/F3997FACE21D11EFA5819B7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df0:9840::/48
Signature Algorithm: sha256WithRSAEncryption
5e:c9:0e:f0:10:2e:6a:6e:48:1a:6b:c3:e9:3d:01:c4:8d:1b:
17:a2:31:8b:5f:97:4f:c0:d1:9d:cd:a3:31:6e:f9:05:1c:90:
62:6d:03:0a:a4:f4:31:6b:22:d3:0f:03:21:4f:3c:88:a3:76:
8a:c8:6b:b4:f7:2d:1d:dc:37:30:b1:e3:6a:ab:b8:63:06:25:
57:39:d8:c6:c5:f4:20:98:46:07:65:c0:7b:74:11:8c:8f:d4:
eb:33:3c:b2:50:01:82:fb:27:10:b2:0e:d4:04:1e:a4:01:95:
f3:c2:0c:f6:3c:74:f6:5e:d9:81:81:22:d6:fb:42:67:e6:a4:
c6:a1:cb:48:72:57:d8:bf:45:c3:a0:b9:bd:5a:8f:40:4d:f3:
8f:bd:fa:df:47:5d:1c:05:a2:5d:7c:bd:73:82:e3:ea:5b:aa:
91:d1:db:d3:82:d8:c6:74:1a:95:08:38:d3:1b:72:e7:bc:68:
0f:9b:1b:dd:f0:4e:34:80:e3:79:41:c9:b9:ce:d2:79:b9:12:
fe:34:57:65:6a:b6:c9:85:a3:b1:9f:e5:9d:98:e7:e9:32:33:
ca:3b:55:a8:e7:e4:ab:7b:77:a4:0c:75:91:a8:d2:c1:2d:15:
86:56:77:26:17:0f:d5:e7:e3:cd:4c:92:3a:88:cd:77:ee:27:
5b:88:9a:e9
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAkkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTNBQjMxMTAvBgNVBAUTKEU0QTk0Q0ZBOEQyRjlGNUIzOUVGNDYzNTA1OTFDRTMx
MkU1MTRGQjMwHhcNMjUwMjAzMTA1OTM0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EwYTE5Ni0xZGY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6V4DXbC+nXpSQBGGnGEXL7pScVZ39kcISeIB6Gg47LAZlLBJgtibCvGr6S0e
KxUm7Fp8n9+4ex5WY7ZUNLXAILEpOB31wCwrTtI9AxgqTbcmqwBL/Y3+rONP1sAE
xFLZ415jTG6H5yKb+bZ23UOHRaKTZLCZHsNabxHyof5qqIeaHJ5U1sNTkyIg38ID
57N+Gn+USihEL5HjRJ6P8ZYqWdlns2V10zMY1Yd+iMOAkuqGXWNDZFxkj6gyPCV+
wF0KCJOOjyA9FFkScuCYfA+fB1wIzn7UDQM6YMXX1Wn3wcRR4hKIQZZAQ+MtwFNW
ZxPXZhKYMN/bImTVnpjNBWIdqwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFJX+68fQ
Dlyg5QKAviw2vvvX9N8/MB8GA1UdIwQYMBaAFOSpTPqNL59bOe9GNQWRzjEuUU+z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBM0FCMy8wNUVEOTRDRTE5
NEMxMUVEQUQzOEYyMkJDNEY5QUUwMi81S2xNLW8wdm4xczU3MFkxQlpIT01TNVJU
N00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVLbE0tbzB2bjFzNTcwWTFCWkhPTVM1UlQ3TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTNBQjMvMDVFRDk0Q0UxOTRDMTFFREFEMzhGMjJCQzRGOUFFMDIvRjM5OTdGQUNF
MjFEMTFFRkE1ODE5QjdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3wmEAwDQYJKoZIhvcNAQELBQADggEBAF7JDvAQLmpu
SBprw+k9AcSNGxeiMYtfl0/A0Z3NozFu+QUckGJtAwqk9DFrItMPAyFPPIijdorI
a7T3LR3cNzCx42qruGMGJVc52MbF9CCYRgdlwHt0EYyP1OszPLJQAYL7JxCyDtQE
HqQBlfPCDPY8dPZe2YGBItb7QmfmpMahy0hyV9i/RcOgub1aj0BN84+9+t9HXRwF
ol18vXOC4+pbqpHR29OC2MZ0GpUIONMbcue8aA+bG93wTjSA43lBybnO0nm5Ev40
V2VqtsmFo7Gf5Z2Y5+kyM8o7Vajn5Kt7d6QMdZGo0sEtFYZWdyYXD9Xn481MkjqI
zXfuJ1uImuk=
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:42:56 2025 by rpki-client