Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/AD60B660A30511EFA9623C0AC4F9AE02.roa
File: AD60B660A30511EFA9623C0AC4F9AE02.roa (raw, json)
Hash identifier: 3JPDPOLH0AkWpbqWAaINUFKYEC26Uf6AwuWfk14sx74=
Subject key identifier: 8D:8A:30:9E:7D:C6:A2:1D:57:61:82:2A:6D:D8:93:0B:F0:76:2E:DE
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4898
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/AD60B660A30511EFA9623C0AC4F9AE02.roa
Signing time: Wed 04 Dec 2024 10:20:54 +0000
ROA not before: Wed 04 Dec 2024 10:20:54 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 23999
IP address blocks: 202.6.96.0/23 maxlen: 23
2001:df0:e::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18584 (0x4898)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Dec 4 10:20:54 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67502d05-107b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:8c:bf:57:d2:37:2f:da:4d:ae:82:40:fb:72:
20:7e:22:04:0c:48:d1:23:43:5a:cf:28:d6:64:fb:
d8:89:a5:45:49:d7:fa:72:3a:78:06:78:4a:e7:ef:
8b:fc:29:a1:25:0c:5b:58:c5:47:6a:14:49:20:3d:
3f:71:09:c9:58:b7:8f:38:ed:e0:33:22:fd:77:37:
62:ad:8d:0e:db:74:be:f9:68:9c:ef:76:46:72:b6:
85:4a:d4:ab:8c:e9:f5:57:23:24:83:0a:6e:c2:17:
a1:65:5d:33:16:50:0a:23:d0:16:81:b8:29:2f:e9:
3e:c5:08:c8:a6:d5:8a:2a:32:8a:9f:14:8f:92:16:
ad:56:61:00:4c:a1:e3:b7:c0:31:99:c3:22:b9:bd:
00:3c:c2:ee:52:6f:b8:63:56:f8:1f:89:9d:bf:51:
b1:6a:23:d0:ba:67:c4:de:20:22:2a:95:ae:2d:f7:
be:b2:61:ca:63:07:78:dd:1b:09:3c:77:e4:27:01:
bf:17:59:53:da:8c:2f:20:b1:ff:53:0f:1a:e7:9d:
a9:a0:06:6f:e0:21:1a:c6:2c:4c:36:9c:20:b1:96:
35:9d:f1:20:f7:83:26:f7:a8:b3:fc:3c:d4:f9:82:
e6:f7:15:f7:9c:98:20:9a:82:85:c6:8f:5b:74:5e:
79:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:8A:30:9E:7D:C6:A2:1D:57:61:82:2A:6D:D8:93:0B:F0:76:2E:DE
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/AD60B660A30511EFA9623C0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.6.96.0/23
IPv6:
2001:df0:e::/48
Signature Algorithm: sha256WithRSAEncryption
52:36:cd:0b:8f:53:08:4c:eb:9c:19:91:a1:c5:b4:ae:5c:28:
87:43:a8:3f:b9:09:7c:9a:97:39:b7:2a:c0:e4:50:86:31:40:
0f:20:b6:b6:1d:60:ef:8b:6f:89:90:15:c5:49:f0:01:83:18:
fe:44:a3:32:f9:a5:a1:a9:eb:6b:f4:ff:9f:2d:0b:5e:ac:44:
b7:bb:2d:50:fa:0d:96:21:fa:3b:31:00:eb:d1:c8:f3:f3:f2:
6e:73:1e:0f:77:31:eb:5d:6e:e0:35:59:6a:76:ee:53:94:30:
9e:8d:95:cb:77:a3:8f:4b:22:64:98:5e:e1:0e:b7:19:df:31:
44:af:d9:8e:5d:fe:fa:5c:6c:e8:b8:a3:6b:50:2e:f7:96:36:
97:a4:70:14:7e:a8:17:79:b8:e3:4d:03:8b:7a:0f:74:db:fa:
18:4d:0f:bd:4e:ca:14:52:09:3a:67:a3:a2:72:99:59:b7:fe:
30:07:a7:47:b3:4e:9d:24:5e:17:6f:b9:68:f6:9b:20:01:99:
74:a8:5e:c0:98:f7:2e:f7:6f:2c:20:3b:bf:83:0f:61:b3:eb:
64:2e:04:ec:08:36:ef:ad:90:cc:75:8d:88:a7:ce:86:92:e1:
1a:de:cb:ca:ee:9b:cd:12:88:d2:75:44:ba:de:25:b5:23:ce:
bd:cf:70:8e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICSJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQxMjA0MTAyMDU0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwMmQwNS0xMDdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Yy/V9I3L9pNroJA+3IgfiIEDEjRI0NazyjWZPvYiaVFSdf6cjp4BnhK5++L
/CmhJQxbWMVHahRJID0/cQnJWLePOO3gMyL9dzdirY0O23S++Wic73ZGcraFStSr
jOn1VyMkgwpuwhehZV0zFlAKI9AWgbgpL+k+xQjIptWKKjKKnxSPkhatVmEATKHj
t8AxmcMiub0APMLuUm+4Y1b4H4mdv1GxaiPQumfE3iAiKpWuLfe+smHKYwd43RsJ
PHfkJwG/F1lT2owvILH/Uw8a552poAZv4CEaxixMNpwgsZY1nfEg94Mm96iz/DzU
+YLm9xX3nJggmoKFxo9bdF55twIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFI2KMJ59
xqIdV2GCKm3Ykwvwdi7eMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQUQ2MEI2NjBB
MzA1MTFFRkE5NjIzQzBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAHKBmAwDwQCAAIwCQMHACABDfAADjANBgkqhkiG9w0BAQsF
AAOCAQEAUjbNC49TCEzrnBmRocW0rlwoh0OoP7kJfJqXObcqwORQhjFADyC2th1g
74tviZAVxUnwAYMY/kSjMvmloanra/T/ny0LXqxEt7stUPoNliH6OzEA69HI8/Py
bnMeD3cx611u4DVZanbuU5Qwno2Vy3ejj0siZJhe4Q63Gd8xRK/Zjl3++lxs6Lij
a1Au95Y2l6RwFH6oF3m4400Di3oPdNv6GE0PvU7KFFIJOmejonKZWbf+MAenR7NO
nSReF2+5aPabIAGZdKhewJj3LvdvLCA7v4MPYbPrZC4E7Ag2762QzHWNiKfOhpLh
Gt7Lyu6bzRKI0nVEut4ltSPOvc9wjg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:25:07 2025 by rpki-client