Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5176D73AB3A411EF8B0CF846C4F9AE02.roa
File: 5176D73AB3A411EF8B0CF846C4F9AE02.roa (raw, json)
Hash identifier: dGoqBPAUtve52U2FQaoWFnFpXh5mbYXtWFHpAkPvErY=
Subject key identifier: AF:60:39:09:C1:0E:5A:AD:91:62:E4:2F:5B:C8:EA:BF:96:75:41:07
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 48B6
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5176D73AB3A411EF8B0CF846C4F9AE02.roa
Signing time: Tue 10 Dec 2024 08:56:36 +0000
ROA not before: Tue 10 Dec 2024 08:56:36 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 153416
IP address blocks: 2001:df4:9bc0::/48 maxlen: 48
2001:df4:9c40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18614 (0x48b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Dec 10 08:56:36 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67580244-e52b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:31:f8:42:97:4a:59:db:37:96:e3:7e:b7:54:
a0:30:e6:d9:4c:98:f9:6d:49:45:d8:1c:fb:07:31:
ca:d4:91:13:86:72:b4:7b:5f:90:64:7b:42:21:ee:
20:cb:28:78:51:e2:45:40:b7:3f:77:5d:e4:0f:54:
9e:21:1b:f8:e4:32:4a:d0:7a:f6:fe:f9:dc:6e:ba:
a6:49:06:b9:5c:f7:60:7e:09:6d:7f:08:e4:03:73:
ba:7a:77:01:13:2d:8e:e0:5c:71:f8:b6:62:01:9b:
41:1d:b0:0f:8d:c0:75:7c:9f:7e:71:a3:dd:65:05:
37:68:52:7a:16:31:9b:4a:5a:58:2c:c5:18:f9:86:
bc:f1:d6:46:4d:eb:8b:df:59:70:2c:9b:85:ad:d3:
fc:e6:2f:b4:5a:8e:e0:10:51:15:3d:a7:8d:b7:46:
5e:c6:fa:86:6c:08:c6:a2:63:da:7d:bb:3e:e9:ec:
76:aa:e4:bf:eb:00:eb:2a:97:26:23:51:aa:ca:5a:
89:d6:93:11:bc:1b:f4:1d:39:8a:e4:e8:0c:f2:24:
29:ba:0c:60:b9:4a:6b:2a:15:36:ad:e8:c6:cc:bd:
2f:8f:84:b3:71:99:d9:3c:92:ca:99:04:9e:49:b3:
82:b9:76:ee:37:6a:7d:f2:dc:55:3d:59:a9:77:89:
f8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:60:39:09:C1:0E:5A:AD:91:62:E4:2F:5B:C8:EA:BF:96:75:41:07
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5176D73AB3A411EF8B0CF846C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:9bc0::/48
2001:df4:9c40::/48
Signature Algorithm: sha256WithRSAEncryption
24:5c:49:35:38:d2:56:b8:25:10:b6:fb:d8:c9:1b:d0:25:42:
3a:1a:4b:6a:e8:33:46:54:20:f2:8e:9a:89:b7:7d:51:df:28:
07:0f:39:7f:7f:2b:29:6a:2d:b0:03:a1:24:78:fa:b8:29:fd:
0e:03:67:46:4d:6c:60:a9:7a:c2:44:0e:2e:5d:5a:ad:35:b7:
1b:4d:d8:57:3d:17:62:d3:f7:6d:8a:56:26:9a:74:1d:e7:3c:
df:39:4e:76:1a:77:3b:ac:3b:f3:de:63:23:c8:bf:91:4a:95:
a4:a3:cf:1a:f4:8c:fd:04:93:d2:d3:2e:22:39:c2:e9:8f:7d:
8f:c2:65:62:61:fb:c7:3c:58:f1:6e:6f:0e:d6:ba:13:9e:a8:
23:8c:eb:30:ed:79:48:51:29:17:1d:3f:9a:0f:f1:fb:e3:0b:
cc:cc:c2:db:33:7e:50:9b:0a:9c:ce:ff:f8:77:19:19:09:80:
70:d7:f1:3a:a0:bf:b3:e1:21:02:e6:9f:cf:51:84:fa:c9:7e:
79:94:af:d6:02:17:d3:d4:78:71:7c:bd:43:92:e0:d4:fa:33:
65:5d:02:9f:b3:5d:40:2a:42:c2:56:8b:66:c7:0f:d1:39:aa:
eb:73:41:22:00:f0:1e:1c:af:87:7b:08:83:ac:5d:45:26:b4:
fe:2d:88:f2
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICSLYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQxMjEwMDg1NjM2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4MDI0NC1lNTJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3jH4QpdKWds3luN+t1SgMObZTJj5bUlF2Bz7BzHK1JEThnK0e1+QZHtCIe4g
yyh4UeJFQLc/d13kD1SeIRv45DJK0Hr2/vncbrqmSQa5XPdgfgltfwjkA3O6encB
Ey2O4Fxx+LZiAZtBHbAPjcB1fJ9+caPdZQU3aFJ6FjGbSlpYLMUY+Ya88dZGTeuL
31lwLJuFrdP85i+0Wo7gEFEVPaeNt0ZexvqGbAjGomPafbs+6ex2quS/6wDrKpcm
I1GqylqJ1pMRvBv0HTmK5OgM8iQpugxguUprKhU2rejGzL0vj4SzcZnZPJLKmQSe
SbOCuXbuN2p98txVPVmpd4n4oQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFK9gOQnB
DlqtkWLkL1vI6r+WdUEHMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNTE3NkQ3M0FC
M0E0MTFFRjhCMENGODQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwAgAQ30m8ADBwAgAQ30nEAwDQYJKoZIhvcNAQELBQADggEB
ACRcSTU40la4JRC2+9jJG9AlQjoaS2roM0ZUIPKOmom3fVHfKAcPOX9/KylqLbAD
oSR4+rgp/Q4DZ0ZNbGCpesJEDi5dWq01txtN2Fc9F2LT922KViaadB3nPN85TnYa
dzusO/PeYyPIv5FKlaSjzxr0jP0Ek9LTLiI5wumPfY/CZWJh+8c8WPFubw7WuhOe
qCOM6zDteUhRKRcdP5oP8fvjC8zMwtszflCbCpzO//h3GRkJgHDX8Tqgv7PhIQLm
n89RhPrJfnmUr9YCF9PUeHF8vUOS4NT6M2VdAp+zXUAqQsJWi2bHD9E5qutzQSIA
8B4cr4d7CIOsXUUmtP4tiPI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:38:15 2025 by rpki-client