Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7CCAAFA6F58A11EFA9C8FE1EC4F9AE02.roa
File: 7CCAAFA6F58A11EFA9C8FE1EC4F9AE02.roa (raw, json)
Hash identifier: 0N47eCF3EUHglHs8vevWQTPyPXRVVX8pWhnUH+8Imtg=
Subject key identifier: E2:BD:50:E6:2D:CE:BA:AB:89:B9:45:F2:44:B8:68:9B:ED:97:4E:2F
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4A2F
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7CCAAFA6F58A11EFA9C8FE1EC4F9AE02.roa
Signing time: Fri 21 Mar 2025 07:40:48 +0000
ROA not before: Fri 21 Mar 2025 07:40:48 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 152935
IP address blocks: 2001:df4:b840::/48 maxlen: 48
2001:df4:de40::/48 maxlen: 48
2001:df4:eec0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18991 (0x4a2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Mar 21 07:40:48 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67dd1800-a611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8a:cb:74:c8:d0:9e:55:8c:9a:3e:0c:3e:e8:
aa:04:8c:08:c6:1d:13:7e:05:29:bf:b3:77:7f:13:
77:8f:b0:97:63:dd:3f:29:c2:a4:9a:3e:b6:a7:3e:
76:34:d2:05:53:00:64:4e:00:f1:6d:c7:1b:05:cd:
b7:fb:57:7a:e3:47:ab:4a:fd:b8:09:24:de:fb:fc:
5b:45:64:1c:77:01:6e:b4:fd:39:31:88:63:18:1c:
c6:26:d8:28:73:4d:c7:71:42:7d:97:21:dc:c2:85:
11:54:1b:e0:3d:54:ba:e9:6c:9d:6b:ad:cb:42:22:
2c:7c:14:50:b7:ff:c9:3d:63:fb:c9:23:72:58:ac:
58:01:e1:4a:6e:1f:3b:fd:d2:da:97:6f:2f:f3:d4:
9c:90:b9:40:cd:f4:67:b0:6c:48:82:71:1f:8a:cb:
fb:8e:3b:37:43:e4:d1:da:0e:53:89:8a:1e:7a:85:
aa:04:7f:e0:94:3b:f4:76:d8:d6:39:af:2c:61:02:
a0:23:b0:0d:dd:e9:17:00:b5:1e:58:d7:27:26:24:
f2:a6:43:9b:f7:72:ce:8e:eb:7f:e2:3a:4a:3f:fa:
01:be:ca:d1:bf:4c:23:19:c9:86:b1:3a:b5:f3:9c:
3f:b5:d7:92:c1:af:e0:f7:1f:da:ba:cc:e8:7c:16:
06:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:BD:50:E6:2D:CE:BA:AB:89:B9:45:F2:44:B8:68:9B:ED:97:4E:2F
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7CCAAFA6F58A11EFA9C8FE1EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:b840::/48
2001:df4:de40::/48
2001:df4:eec0::/48
Signature Algorithm: sha256WithRSAEncryption
02:08:6a:5b:fe:12:bb:15:c4:be:ae:b9:78:a6:ca:55:1c:5d:
86:97:22:3e:34:67:05:46:79:3d:f0:e5:07:b8:c6:81:5c:ec:
a3:05:a8:6b:06:fe:0a:31:2a:45:8e:da:b8:07:31:94:9b:a2:
ab:9f:f7:cc:ba:76:d6:a8:08:28:32:3b:f0:06:03:ed:06:83:
fc:cb:0e:b8:83:49:18:a4:7d:93:76:6c:46:39:ab:c2:16:63:
74:f8:cd:63:79:af:92:54:7d:49:7f:c0:1e:4f:3a:d6:cc:a5:
18:f6:a9:28:28:bd:90:fb:2d:c7:27:59:e5:74:0a:12:e6:59:
85:75:38:39:34:76:b0:a2:94:6e:ff:7b:7e:b7:a2:38:54:75:
5d:65:d2:19:f3:e4:99:bb:cd:d6:82:8f:26:21:05:dc:0e:31:
31:45:08:fa:d5:bf:5f:3c:b1:e4:69:5d:b3:63:b8:0e:10:31:
b1:b3:3f:e9:23:56:c3:2e:45:76:55:0a:38:9a:d7:e9:74:ad:
e4:a4:e8:f0:2b:77:35:4a:19:af:40:c6:95:7c:b5:31:33:e6:
0b:98:30:04:b2:d4:07:ca:ec:e9:a9:bf:a4:a7:e6:12:6b:34:
cc:75:cf:5b:5d:7d:fe:32:63:1c:dc:ab:e1:b1:07:8f:34:08:
ec:20:c1:f4
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICSi8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwMzIxMDc0MDQ4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RkMTgwMC1hNjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2orLdMjQnlWMmj4MPuiqBIwIxh0TfgUpv7N3fxN3j7CXY90/KcKkmj62pz52
NNIFUwBkTgDxbccbBc23+1d640erSv24CSTe+/xbRWQcdwFutP05MYhjGBzGJtgo
c03HcUJ9lyHcwoURVBvgPVS66Wyda63LQiIsfBRQt//JPWP7ySNyWKxYAeFKbh87
/dLal28v89SckLlAzfRnsGxIgnEfisv7jjs3Q+TR2g5TiYoeeoWqBH/glDv0dtjW
Oa8sYQKgI7AN3ekXALUeWNcnJiTypkOb93LOjut/4jpKP/oBvsrRv0wjGcmGsTq1
85w/tdeSwa/g9x/auszofBYGcwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFOK9UOYt
zrqriblF8kS4aJvtl04vMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvN0NDQUFGQTZG
NThBMTFFRkE5QzhGRTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMCEEAgACMBsDBwAgAQ30uEADBwAgAQ303kADBwAgAQ307sAwDQYJKoZIhvcN
AQELBQADggEBAAIIalv+ErsVxL6uuXimylUcXYaXIj40ZwVGeT3w5Qe4xoFc7KMF
qGsG/goxKkWO2rgHMZSboquf98y6dtaoCCgyO/AGA+0Gg/zLDriDSRikfZN2bEY5
q8IWY3T4zWN5r5JUfUl/wB5POtbMpRj2qSgovZD7LccnWeV0ChLmWYV1ODk0drCi
lG7/e363ojhUdV1l0hnz5Jm7zdaCjyYhBdwOMTFFCPrVv188seRpXbNjuA4QMbGz
P+kjVsMuRXZVCjia1+l0reSk6PArdzVKGa9AxpV8tTEz5guYMASy1AfK7Ompv6Sn
5hJrNMx1z1tdff4yYxzcq+GxB480COwgwfQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:25:07 2025 by rpki-client