Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/03007AB0B23311EFA164C919C4F9AE02.roa
File: 03007AB0B23311EFA164C919C4F9AE02.roa (raw, json)
Hash identifier: 0al37eNTeMN/pQSdeBRLWg8YVJ8ieLAUxY1jJUNN3Gk=
Subject key identifier: C0:F9:EF:D9:BC:43:DD:B3:C1:CD:8B:74:45:2D:D7:3A:7F:21:4A:4C
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 489B
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/03007AB0B23311EFA164C919C4F9AE02.roa
Signing time: Wed 04 Dec 2024 11:29:24 +0000
ROA not before: Wed 04 Dec 2024 11:29:24 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 151872
IP address blocks: 2001:df3:e4c0::/48 maxlen: 48
2001:df3:e8c0::/48 maxlen: 48
2001:df4:19c0::/48 maxlen: 48
2001:df4:1cc0::/48 maxlen: 48
2401:8ce0::/48 maxlen: 48
2401:9760::/48 maxlen: 48
2401:9920::/48 maxlen: 48
2401:9a60::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18587 (0x489b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Dec 4 11:29:24 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67503d13-1024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4d:f9:ab:a7:84:43:8c:a1:0d:7f:b2:42:73:
d1:4b:80:e8:81:66:47:68:8c:1f:2e:6d:c6:45:04:
14:93:09:00:36:24:84:60:23:f8:f6:42:78:43:04:
87:b7:36:d9:2c:8c:d2:06:61:92:97:f8:e4:65:28:
fc:a9:99:d3:51:fb:b2:9a:ab:00:a4:71:e4:31:d6:
ff:29:81:81:0f:a0:6f:2c:51:6f:28:ce:32:c0:33:
9f:0d:c8:35:e2:83:c8:ea:5b:b6:60:cd:82:3b:d6:
b5:b8:f7:3a:bc:42:13:a7:a9:53:5b:36:c4:4a:8c:
81:42:83:52:b3:45:a4:ae:b6:ef:de:03:5a:f3:72:
fc:f8:d8:90:f1:79:c6:62:1b:74:a0:86:b5:1f:f4:
e1:47:cf:c1:c1:25:7f:87:d4:3d:45:fb:e3:a2:f2:
1d:27:a5:d3:c3:0a:81:f8:db:5a:50:83:98:87:0d:
67:14:c1:8c:6a:2e:97:3f:9c:c8:6c:e2:77:b5:74:
fe:8e:a2:1b:ad:18:75:4d:27:7f:f0:19:bd:bf:00:
bf:21:1e:46:d9:1c:fb:29:ad:6c:ea:e5:17:bf:74:
35:22:40:02:34:e4:31:97:4b:a4:9a:44:0c:6e:60:
27:83:98:df:77:48:82:62:e4:c4:a5:b9:28:1b:cd:
4b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F9:EF:D9:BC:43:DD:B3:C1:CD:8B:74:45:2D:D7:3A:7F:21:4A:4C
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/03007AB0B23311EFA164C919C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:e4c0::/48
2001:df3:e8c0::/48
2001:df4:19c0::/48
2001:df4:1cc0::/48
2401:8ce0::/48
2401:9760::/48
2401:9920::/48
2401:9a60::/48
Signature Algorithm: sha256WithRSAEncryption
14:09:9b:6a:41:2c:5b:e4:12:c1:64:d4:48:8d:dd:36:7d:9d:
d2:62:80:7b:8b:8c:01:6a:61:69:16:b6:47:e4:b2:bb:32:8a:
81:2b:b0:53:d5:e9:c7:a7:60:9c:01:16:11:3b:fd:97:11:f8:
4f:11:38:f8:29:c6:f8:21:1e:dc:f4:35:73:9d:9f:6e:d2:b7:
cc:86:f9:10:c5:13:1d:c0:66:bc:32:a4:49:9d:e5:fe:ee:4d:
67:ef:a8:a4:5e:e0:65:69:18:b9:11:f7:d3:de:35:7a:1c:f9:
2c:ae:62:fd:17:49:ae:d8:e8:6c:c7:7f:91:3f:b6:a8:59:4f:
9f:93:d0:c8:86:d8:eb:9d:f8:1b:2b:94:28:3f:ea:2d:99:c6:
d4:98:f0:ac:eb:50:a2:23:ec:17:a0:31:9f:94:ac:de:9e:89:
fb:f6:50:0b:b6:f7:7a:47:1f:47:20:33:a5:0d:d2:12:68:14:
79:4e:f0:ac:f3:03:b9:28:7b:b3:15:ec:79:ca:e7:9b:e3:00:
41:f0:41:1a:1f:22:66:bb:6a:15:21:b4:9c:b1:b9:9f:28:6b:
60:07:35:be:33:1e:13:6a:fc:40:d1:83:ad:5d:73:b1:f4:d8:
7c:61:01:20:6f:9e:ce:30:1d:bf:96:40:96:b1:4e:a1:20:47:
ac:45:4c:cc
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgICSJswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQxMjA0MTEyOTI0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwM2QxMy0xMDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmU35q6eEQ4yhDX+yQnPRS4DogWZHaIwfLm3GRQQUkwkANiSEYCP49kJ4QwSH
tzbZLIzSBmGSl/jkZSj8qZnTUfuymqsApHHkMdb/KYGBD6BvLFFvKM4ywDOfDcg1
4oPI6lu2YM2CO9a1uPc6vEITp6lTWzbESoyBQoNSs0Wkrrbv3gNa83L8+NiQ8XnG
Yht0oIa1H/ThR8/BwSV/h9Q9RfvjovIdJ6XTwwqB+NtaUIOYhw1nFMGMai6XP5zI
bOJ3tXT+jqIbrRh1TSd/8Bm9vwC/IR5G2Rz7Ka1s6uUXv3Q1IkACNOQxl0ukmkQM
bmAng5jfd0iCYuTEpbkoG81LwwIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFMD579m8
Q92zwc2LdEUt1zp/IUpMMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMDMwMDdBQjBC
MjMzMTFFRkExNjRDOTE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E
UjBQME4EAgACMEgDBwAgAQ3z5MADBwAgAQ3z6MADBwAgAQ30GcADBwAgAQ30HMAD
BwAkAYzgAAADBwAkAZdgAAADBwAkAZkgAAADBwAkAZpgAAAwDQYJKoZIhvcNAQEL
BQADggEBABQJm2pBLFvkEsFk1EiN3TZ9ndJigHuLjAFqYWkWtkfksrsyioErsFPV
6cenYJwBFhE7/ZcR+E8ROPgpxvghHtz0NXOdn27St8yG+RDFEx3AZrwypEmd5f7u
TWfvqKRe4GVpGLkR99PeNXoc+SyuYv0XSa7Y6GzHf5E/tqhZT5+T0MiG2Oud+Bsr
lCg/6i2ZxtSY8KzrUKIj7BegMZ+UrN6eifv2UAu293pHH0cgM6UN0hJoFHlO8Kzz
A7koe7MV7HnK55vjAEHwQRofIma7ahUhtJyxuZ8oa2AHNb4zHhNq/EDRg61dc7H0
2HxhASBvns4wHb+WQJaxTqEgR6xFTMw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:43:40 2025 by rpki-client