Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/961A19E4BC4411EF95825C2FC4F9AE02.roa
File: 961A19E4BC4411EF95825C2FC4F9AE02.roa (raw, json)
Hash identifier: 6HaeVkiwrevcJ2h0t1kK3T/FFUJllAvKJDzTgA/WsME=
Subject key identifier: 5B:39:9A:77:AF:A0:E0:4E:56:F9:83:CA:6D:1C:78:E3:3A:44:28:B2
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 48C5
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/961A19E4BC4411EF95825C2FC4F9AE02.roa
Signing time: Tue 17 Dec 2024 07:00:23 +0000
ROA not before: Tue 17 Dec 2024 07:00:23 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 153435
IP address blocks: 2001:df4:b1c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18629 (0x48c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Dec 17 07:00:23 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67612187-8fb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2c:68:30:f7:73:b1:b4:1f:0a:3f:65:c0:30:
da:f5:04:1f:1c:f9:59:0c:82:13:00:8d:98:ce:8f:
9e:db:51:e6:d5:0b:4c:84:17:5d:ab:45:73:76:86:
a7:17:54:fa:40:22:5f:a8:4f:0a:7d:db:ee:fc:56:
5d:4c:07:fe:5b:36:72:91:08:00:21:18:18:63:9c:
56:e0:61:f7:53:03:c0:1f:f1:c4:86:5a:16:94:72:
0e:04:d7:f3:83:b4:c4:f5:62:34:49:aa:e2:83:62:
15:17:62:7d:7f:6a:a4:19:96:d4:6b:21:2d:57:44:
89:10:38:36:f1:bb:b4:3c:4d:0c:bb:00:87:ad:d7:
ba:e3:9e:d7:31:ba:2c:a0:44:27:0d:5c:03:3a:50:
87:c8:40:84:6e:7b:f4:76:01:a0:7d:c8:b7:a4:40:
dc:e6:8b:56:7c:46:82:a5:2d:c0:a9:3c:f1:6f:87:
b1:d7:cc:d3:be:8e:6e:4f:80:8c:f6:51:ef:fb:10:
c6:d6:03:00:ef:d5:cb:a1:90:44:e2:8e:b9:37:c3:
41:cd:cd:34:3a:af:fa:e5:38:07:9a:80:b2:2f:56:
0c:13:86:4d:cf:79:c7:01:2d:3f:2d:16:ba:14:32:
5f:b3:66:fb:4f:ea:21:26:e0:dd:e3:dd:1a:59:b3:
8c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:39:9A:77:AF:A0:E0:4E:56:F9:83:CA:6D:1C:78:E3:3A:44:28:B2
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/961A19E4BC4411EF95825C2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:b1c0::/48
Signature Algorithm: sha256WithRSAEncryption
4f:44:a2:cb:5f:57:f7:16:c0:2c:fe:b9:6a:9f:ee:da:03:ca:
de:00:5a:79:32:22:58:7f:bf:1d:26:67:8d:3f:1c:0a:36:4b:
16:9c:1d:1e:91:a0:ed:c4:e4:d0:70:fa:75:0a:74:57:70:e5:
4f:e5:77:5d:04:78:c6:92:50:21:2d:bb:9c:3b:a2:a5:bd:7d:
8f:6f:34:4b:cd:48:6d:74:43:50:86:3a:01:61:b3:42:92:51:
a5:2f:52:b6:04:1d:42:7e:63:91:df:2f:f9:6b:33:e1:b0:62:
b1:aa:0f:bf:5a:5b:9d:e5:6c:0b:a6:1c:7f:ba:33:c4:38:34:
45:a7:e2:cc:17:e5:a4:67:02:06:f9:46:0e:61:b6:f6:54:3f:
be:f2:63:f9:05:79:32:b3:e4:59:61:49:bf:8e:06:b9:35:cb:
41:02:00:cd:7b:7e:bc:7f:c3:2c:f9:aa:10:e6:e0:bd:49:0b:
24:5c:2a:41:28:33:db:07:ac:a2:39:82:b3:05:8a:05:31:14:
94:69:00:87:f9:c9:e6:65:cd:64:a5:b5:be:6f:7c:8d:20:8a:
23:64:38:85:38:22:c1:89:16:84:32:b4:70:1b:17:0e:f5:44:
1b:29:89:2a:e9:48:44:94:4c:8e:a6:2d:9c:11:9c:53:66:c8:
7b:e7:a2:f1
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICSMUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQxMjE3MDcwMDIzWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYxMjE4Ny04ZmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqSxoMPdzsbQfCj9lwDDa9QQfHPlZDIITAI2Yzo+e21Hm1QtMhBddq0Vzdoan
F1T6QCJfqE8Kfdvu/FZdTAf+WzZykQgAIRgYY5xW4GH3UwPAH/HEhloWlHIOBNfz
g7TE9WI0Sarig2IVF2J9f2qkGZbUayEtV0SJEDg28bu0PE0MuwCHrde6457XMbos
oEQnDVwDOlCHyECEbnv0dgGgfci3pEDc5otWfEaCpS3AqTzxb4ex18zTvo5uT4CM
9lHv+xDG1gMA79XLoZBE4o65N8NBzc00Oq/65TgHmoCyL1YME4ZNz3nHAS0/LRa6
FDJfs2b7T+ohJuDd490aWbOMOwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFFs5mnev
oOBOVvmDym0ceOM6RCiyMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvOTYxQTE5RTRC
QzQ0MTFFRjk1ODI1QzJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ30scAwDQYJKoZIhvcNAQELBQADggEBAE9EostfV/cW
wCz+uWqf7toDyt4AWnkyIlh/vx0mZ40/HAo2SxacHR6RoO3E5NBw+nUKdFdw5U/l
d10EeMaSUCEtu5w7oqW9fY9vNEvNSG10Q1CGOgFhs0KSUaUvUrYEHUJ+Y5HfL/lr
M+GwYrGqD79aW53lbAumHH+6M8Q4NEWn4swX5aRnAgb5Rg5htvZUP77yY/kFeTKz
5FlhSb+OBrk1y0ECAM17frx/wyz5qhDm4L1JCyRcKkEoM9sHrKI5grMFigUxFJRp
AIf5yeZlzWSltb5vfI0giiNkOIU4IsGJFoQytHAbFw71RBspiSrpSESUTI6mLZwR
nFNmyHvnovE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:25:03 2025 by rpki-client