Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/ED91F9DA03DE11F0BF284950C4F9AE02.roa
File: ED91F9DA03DE11F0BF284950C4F9AE02.roa (raw, json)
Hash identifier: +zo8ZSVcYsCAQ+5W2LEItlGPznC1hHuLO6E79sF+q+A=
Subject key identifier: ED:37:0A:BF:75:E0:D9:D3:98:5C:E6:DB:B2:4E:44:AA:0E:3C:CC:5E
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4A22
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/ED91F9DA03DE11F0BF284950C4F9AE02.roa
Signing time: Tue 18 Mar 2025 09:54:05 +0000
ROA not before: Tue 18 Mar 2025 09:54:05 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 153499
IP address blocks: 2001:df4:d5c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18978 (0x4a22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Mar 18 09:54:05 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67d942bd-4f07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c3:08:e0:c9:d7:18:5e:b6:dd:52:5a:d1:46:
79:31:da:37:33:0e:77:c0:3e:e6:02:e4:03:93:ae:
fd:31:72:75:3c:b2:66:9a:9e:40:be:dc:05:ba:00:
5a:a7:d0:f3:bc:87:84:e6:d5:61:b5:53:df:fa:8a:
59:22:05:54:a1:bd:fe:cf:eb:0b:ad:55:1a:ca:ad:
b0:d5:8e:6b:64:ed:19:c5:69:45:e4:ee:98:5b:99:
9d:34:4a:04:a5:d3:3d:81:7d:f0:0d:f1:6e:3f:51:
63:34:59:f9:f1:33:d1:72:49:44:3e:ce:22:9c:d0:
bc:64:04:03:9d:39:23:15:58:89:81:c2:55:2c:0f:
a8:70:a1:21:a0:cd:8d:83:54:4b:34:b5:bf:9f:5d:
aa:6a:14:6f:80:d7:0d:f0:e3:76:9f:d2:a8:c9:f0:
6c:90:ea:a3:f3:62:af:1d:a2:0a:f9:f8:e1:89:ea:
6a:44:bc:fe:af:ad:be:17:4d:09:c0:8f:71:f4:2c:
b7:d3:49:b2:10:ff:ea:d2:30:6e:c8:73:81:99:bd:
67:61:1d:1e:02:37:c0:62:c0:c0:ea:df:27:b7:8b:
08:49:d2:9e:cd:4d:6b:b1:7f:a3:79:8f:0a:42:55:
42:75:21:be:9c:78:b0:a1:8a:56:c7:cc:0c:11:6e:
a7:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:37:0A:BF:75:E0:D9:D3:98:5C:E6:DB:B2:4E:44:AA:0E:3C:CC:5E
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/ED91F9DA03DE11F0BF284950C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:d5c0::/48
Signature Algorithm: sha256WithRSAEncryption
16:c9:c3:45:ef:43:5d:2a:73:67:06:6c:e7:4f:54:0b:45:c0:
6d:42:73:e0:8d:97:01:61:28:5f:ef:51:52:94:6a:55:15:f0:
01:27:ac:d4:8e:cf:e1:7b:53:fc:cd:63:c0:a9:ea:73:4a:1d:
b3:92:e3:52:f9:51:a8:85:62:b0:c2:d5:2e:fe:ef:72:9f:01:
e7:c3:8d:32:4a:88:39:81:2a:a5:3e:ed:ec:43:c4:8d:5f:b3:
64:0c:31:3c:43:bb:8d:58:dc:da:f9:22:91:86:01:1b:bc:9d:
69:d2:fe:6b:45:ef:a4:9d:df:2c:4d:1f:db:52:4f:64:ed:d3:
fb:70:89:3f:8e:ea:35:79:b9:4a:79:ed:90:d0:f6:ff:84:a2:
46:9b:4d:ee:e9:70:7f:b5:2d:35:f3:0b:24:41:40:b6:49:97:
43:bb:af:62:31:d4:14:c0:1b:2a:56:e9:43:b6:14:8b:2a:07:
02:f5:b3:31:ae:61:0e:25:51:44:1d:2b:4c:13:fb:a8:0b:6d:
22:41:91:15:e1:bf:ed:c6:9c:af:af:91:fc:e2:26:0e:36:c0:
31:3f:61:0b:d9:76:15:22:ca:a4:5e:6c:b8:cb:7f:a3:b4:39:
27:a3:4b:5a:bb:29:af:4b:57:53:58:af:83:f0:b8:3e:be:b9:
e1:b0:f7:17
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICSiIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwMzE4MDk1NDA1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q5NDJiZC00ZjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq8MI4MnXGF623VJa0UZ5Mdo3Mw53wD7mAuQDk679MXJ1PLJmmp5AvtwFugBa
p9DzvIeE5tVhtVPf+opZIgVUob3+z+sLrVUayq2w1Y5rZO0ZxWlF5O6YW5mdNEoE
pdM9gX3wDfFuP1FjNFn58TPRcklEPs4inNC8ZAQDnTkjFViJgcJVLA+ocKEhoM2N
g1RLNLW/n12qahRvgNcN8ON2n9KoyfBskOqj82KvHaIK+fjhiepqRLz+r62+F00J
wI9x9Cy300myEP/q0jBuyHOBmb1nYR0eAjfAYsDA6t8nt4sISdKezU1rsX+jeY8K
QlVCdSG+nHiwoYpWx8wMEW6newIDAQABo4ICmDCCApQwHQYDVR0OBBYEFO03Cr91
4NnTmFzm27JORKoOPMxeMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRUQ5MUY5REEw
M0RFMTFGMEJGMjg0OTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ301cAwDQYJKoZIhvcNAQELBQADggEBABbJw0XvQ10q
c2cGbOdPVAtFwG1Cc+CNlwFhKF/vUVKUalUV8AEnrNSOz+F7U/zNY8Cp6nNKHbOS
41L5UaiFYrDC1S7+73KfAefDjTJKiDmBKqU+7exDxI1fs2QMMTxDu41Y3Nr5IpGG
ARu8nWnS/mtF76Sd3yxNH9tST2Tt0/twiT+O6jV5uUp57ZDQ9v+EokabTe7pcH+1
LTXzCyRBQLZJl0O7r2Ix1BTAGypW6UO2FIsqBwL1szGuYQ4lUUQdK0wT+6gLbSJB
kRXhv+3GnK+vkfziJg42wDE/YQvZdhUiyqRebLjLf6O0OSejS1q7Ka9LV1NYr4Pw
uD6+ueGw9xc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:30:35 2025 by rpki-client