Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E23E9FB2D96C11EF99060D74C4F9AE02.roa
File: E23E9FB2D96C11EF99060D74C4F9AE02.roa (raw, json)
Hash identifier: kx8BLs/UUJi4BdthApoSUmnMELmdG9xSF1a4sfDhP3A=
Subject key identifier: C8:32:94:A6:C5:42:C2:12:85:CF:20:09:58:BC:AA:CD:83:CC:13:40
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4965
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E23E9FB2D96C11EF99060D74C4F9AE02.roa
Signing time: Thu 23 Jan 2025 09:31:55 +0000
ROA not before: Thu 23 Jan 2025 09:31:55 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 153502
IP address blocks: 2001:df4:da40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18789 (0x4965)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Jan 23 09:31:55 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67920c8a-4ed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6b:a2:bb:17:05:1a:a9:3d:aa:7b:5f:28:be:
34:87:3d:70:c9:aa:51:c6:86:a1:39:3b:01:01:97:
29:15:27:72:71:2b:64:10:7b:82:51:df:1d:18:55:
ae:73:ce:7b:38:04:53:9e:2b:52:e8:52:f4:39:d8:
3d:c1:af:71:c4:60:3c:26:3a:74:71:29:1f:be:ad:
84:0c:dd:40:a6:8a:7b:a9:33:4b:54:5c:07:8f:e5:
89:88:1b:93:82:9c:50:9a:96:8f:bb:40:23:0b:b4:
f6:56:2a:d6:bd:79:3b:59:05:e5:59:e6:6b:04:25:
c4:fd:8e:b9:77:5c:62:fe:1d:c7:1b:fe:77:81:b7:
bb:6d:ad:51:96:a2:b7:3e:68:20:d3:09:8b:f5:2c:
99:06:ae:07:c5:9e:d9:4d:e8:6e:91:f9:51:9d:d9:
cb:e7:ea:f1:aa:6f:db:b0:8c:66:ac:25:b5:d3:7f:
c1:f6:5e:c8:67:b7:b4:86:1e:e6:70:f9:c8:2b:54:
85:3d:d7:09:b6:d6:d4:9a:20:92:d7:30:df:a6:29:
4a:ca:03:54:82:7f:cd:6e:d6:5f:45:74:76:57:0b:
2f:d1:7c:07:ad:84:ab:ee:f6:1f:c9:2e:f8:65:ce:
31:f5:d5:92:ce:7e:d8:11:4b:be:17:0e:1a:f8:e8:
b1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:32:94:A6:C5:42:C2:12:85:CF:20:09:58:BC:AA:CD:83:CC:13:40
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E23E9FB2D96C11EF99060D74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:da40::/48
Signature Algorithm: sha256WithRSAEncryption
59:72:6f:d8:23:95:31:62:51:f1:81:fc:a8:39:23:d2:e2:60:
46:c0:3b:ee:a4:32:90:c8:65:c3:bb:2a:fe:7d:f2:f7:c7:15:
fc:c0:f7:b6:74:2d:d3:6a:d7:ea:28:73:fe:ce:ae:91:64:4b:
82:24:2e:51:f0:41:ad:ae:cd:d0:f5:7a:5f:9b:10:8d:f9:2d:
65:67:83:d0:25:91:8a:b7:9f:1a:d5:43:3f:be:3e:1a:58:af:
77:ae:1a:c0:9a:4d:53:69:e4:69:1c:c2:47:a4:4c:ed:54:d0:
8e:57:bf:21:4c:11:68:a1:7c:74:3f:f9:07:65:5a:19:a0:e3:
57:4d:06:07:7f:88:4a:6d:c9:4b:77:6e:2b:e5:96:7d:2a:9a:
9f:9a:c8:37:24:69:00:07:04:13:7e:21:25:4e:98:3d:98:67:
e1:8d:d5:af:e6:df:e7:6b:12:bd:8b:7d:e8:a0:84:a3:93:76:
05:8f:2d:a9:85:f8:3b:3f:8f:0e:f1:c8:55:f3:a6:0d:0e:c5:
36:84:d7:da:29:dc:86:71:0e:fe:0d:b4:52:80:9e:dc:99:8f:
f1:a3:5d:6a:72:6b:d8:8e:96:65:0a:63:9d:03:90:0f:d2:b2:
4a:e1:24:57:78:3a:53:d6:51:29:ba:5c:1d:69:94:95:e8:c6:
94:ba:76:bf
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICSWUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwMTIzMDkzMTU1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkyMGM4YS00ZWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzGuiuxcFGqk9qntfKL40hz1wyapRxoahOTsBAZcpFSdycStkEHuCUd8dGFWu
c857OARTnitS6FL0Odg9wa9xxGA8Jjp0cSkfvq2EDN1Apop7qTNLVFwHj+WJiBuT
gpxQmpaPu0AjC7T2VirWvXk7WQXlWeZrBCXE/Y65d1xi/h3HG/53gbe7ba1RlqK3
Pmgg0wmL9SyZBq4HxZ7ZTehukflRndnL5+rxqm/bsIxmrCW103/B9l7IZ7e0hh7m
cPnIK1SFPdcJttbUmiCS1zDfpilKygNUgn/NbtZfRXR2Vwsv0XwHrYSr7vYfyS74
Zc4x9dWSzn7YEUu+Fw4a+OixLQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFMgylKbF
QsIShc8gCVi8qs2DzBNAMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRTIzRTlGQjJE
OTZDMTFFRjk5MDYwRDc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ302kAwDQYJKoZIhvcNAQELBQADggEBAFlyb9gjlTFi
UfGB/Kg5I9LiYEbAO+6kMpDIZcO7Kv598vfHFfzA97Z0LdNq1+ooc/7OrpFkS4Ik
LlHwQa2uzdD1el+bEI35LWVng9AlkYq3nxrVQz++PhpYr3euGsCaTVNp5Gkcwkek
TO1U0I5XvyFMEWihfHQ/+QdlWhmg41dNBgd/iEptyUt3bivlln0qmp+ayDckaQAH
BBN+ISVOmD2YZ+GN1a/m3+drEr2LfeighKOTdgWPLamF+Ds/jw7xyFXzpg0OxTaE
19op3IZxDv4NtFKAntyZj/GjXWpya9iOlmUKY50DkA/SskrhJFd4OlPWUSm6XB1p
lJXoxpS6dr8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:33:25 2025 by rpki-client