Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/62A13EA8C2BB11EFB6DDD916C4F9AE02.roa
File: 62A13EA8C2BB11EFB6DDD916C4F9AE02.roa (raw, json)
Hash identifier: GmgmjVYSzIWdcna4RFSc4hnQfKZz36Kw0HL8YxgFwkg=
Subject key identifier: 5A:F4:42:28:A0:94:D6:54:0C:26:89:9F:5C:05:58:0C:F3:41:1A:50
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 49D8
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/62A13EA8C2BB11EFB6DDD916C4F9AE02.roa
Signing time: Tue 25 Feb 2025 08:42:52 +0000
ROA not before: Tue 25 Feb 2025 08:42:52 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 152935
IP address blocks: 2001:df4:b840::/48 maxlen: 48
2001:df4:ee40::/48 maxlen: 48
2001:df4:eec0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18904 (0x49d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Feb 25 08:42:52 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67bd828c-34e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:11:93:6d:4a:7a:98:1d:f8:69:c4:79:0e:3c:
c2:34:ca:1b:6c:12:12:7a:84:6a:73:e3:88:bf:76:
05:00:52:26:cb:c2:7d:3d:7c:f6:f1:37:8e:90:68:
f3:39:88:59:c1:61:42:84:b5:9e:5e:ea:95:9b:8d:
f5:bc:15:76:47:0d:c0:13:60:3b:e8:48:e3:08:1a:
0a:5b:05:ac:49:25:d6:a8:7b:f8:f6:62:9d:27:a2:
7f:d6:00:a1:c1:e7:5c:e5:b0:88:86:bf:e5:d4:be:
e6:cb:d3:46:47:7c:ef:97:6e:90:ce:7a:df:4f:54:
e1:18:ff:66:c2:13:3f:5f:05:f4:6a:d2:ec:7e:be:
69:81:fd:da:21:1b:44:0f:20:23:c1:bc:3f:fa:d3:
f4:dc:2d:56:e2:44:5e:52:6c:7b:94:d6:ad:1b:c7:
8d:b4:24:0b:ca:6d:a0:8b:92:21:bd:6b:e1:7b:4f:
bf:ca:d9:fb:e7:2e:7f:bc:75:d4:10:d7:fb:45:5f:
f0:43:28:14:8a:6c:52:e2:ef:0b:81:a1:81:0a:b4:
2d:f8:7d:e3:6a:b9:19:a6:cb:58:24:d8:b1:fa:6a:
43:38:e1:93:33:17:db:77:03:6d:01:d0:0e:0e:5c:
e0:77:ae:34:31:1d:ae:26:40:1a:a1:eb:c8:ea:c1:
7b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:F4:42:28:A0:94:D6:54:0C:26:89:9F:5C:05:58:0C:F3:41:1A:50
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/62A13EA8C2BB11EFB6DDD916C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:b840::/48
2001:df4:ee40::/48
2001:df4:eec0::/48
Signature Algorithm: sha256WithRSAEncryption
62:17:11:fd:21:51:20:86:7d:55:9e:8c:10:44:44:63:45:21:
03:db:0d:b1:9d:5f:5b:c0:14:19:66:b6:44:6a:90:e2:80:f8:
56:f5:84:af:de:7e:0b:cd:da:74:65:87:64:d5:42:d6:d8:dc:
e7:25:00:df:52:74:2a:27:49:4f:ee:aa:9a:17:54:9c:2d:a6:
fe:0b:82:53:9d:31:83:b5:09:8b:da:d7:c6:dd:43:de:1f:a9:
f2:bb:59:94:d3:8d:ee:15:66:b3:f2:91:d8:a4:a6:6e:61:a8:
17:54:16:ed:d9:9c:8a:dd:93:94:cc:6e:d8:5c:36:e0:1e:b5:
38:ac:29:38:1c:68:02:04:a6:ac:36:dc:ac:e9:3d:09:08:b3:
a3:dc:dd:e4:ff:58:01:ad:8a:eb:ba:82:12:a7:6e:a3:09:9b:
25:42:07:69:a4:c2:38:02:c0:a9:e6:6f:b3:db:a4:07:e7:36:
dc:c6:34:77:30:57:77:a3:6a:fc:b5:ef:09:a1:b8:6c:50:b0:
dd:f5:6f:ef:54:a7:d6:5f:ee:7d:c7:35:29:f6:d8:35:ca:9e:
5e:0f:4a:50:57:5a:19:71:56:1b:c1:db:ac:75:d0:8f:8b:a2:
c8:1d:8d:f6:94:d7:63:59:58:26:a4:93:01:eb:c3:0f:d7:d4:
5b:b9:25:f4
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICSdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwMjI1MDg0MjUyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JkODI4Yy0zNGU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxRGTbUp6mB34acR5DjzCNMobbBISeoRqc+OIv3YFAFImy8J9PXz28TeOkGjz
OYhZwWFChLWeXuqVm431vBV2Rw3AE2A76EjjCBoKWwWsSSXWqHv49mKdJ6J/1gCh
wedc5bCIhr/l1L7my9NGR3zvl26QznrfT1ThGP9mwhM/XwX0atLsfr5pgf3aIRtE
DyAjwbw/+tP03C1W4kReUmx7lNatG8eNtCQLym2gi5IhvWvhe0+/ytn75y5/vHXU
ENf7RV/wQygUimxS4u8LgaGBCrQt+H3jarkZpstYJNix+mpDOOGTMxfbdwNtAdAO
Dlzgd640MR2uJkAaoevI6sF7aQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFr0Qiig
lNZUDCaJn1wFWAzzQRpQMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNjJBMTNFQThD
MkJCMTFFRkI2REREOTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMCEEAgACMBsDBwAgAQ30uEADBwAgAQ307kADBwAgAQ307sAwDQYJKoZIhvcN
AQELBQADggEBAGIXEf0hUSCGfVWejBBERGNFIQPbDbGdX1vAFBlmtkRqkOKA+Fb1
hK/efgvN2nRlh2TVQtbY3OclAN9SdConSU/uqpoXVJwtpv4LglOdMYO1CYva18bd
Q94fqfK7WZTTje4VZrPykdikpm5hqBdUFu3ZnIrdk5TMbthcNuAetTisKTgcaAIE
pqw23KzpPQkIs6Pc3eT/WAGtiuu6ghKnbqMJmyVCB2mkwjgCwKnmb7PbpAfnNtzG
NHcwV3ejavy17wmhuGxQsN31b+9Up9Zf7n3HNSn22DXKnl4PSlBXWhlxVhvB26x1
0I+LosgdjfaU12NZWCakkwHrww/X1Fu5JfQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:43:41 2025 by rpki-client