Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1A23/AC533DEE289611EBBAAD5721C4F9AE02/594EEA2CAEA711EE961B0558C4F9AE02.roa
File: 594EEA2CAEA711EE961B0558C4F9AE02.roa (raw, json)
Hash identifier: USU8pNkMAdz6WSNLBXiulBGQVhWKRWb5vA71xaDbimA=
Subject key identifier: A1:B7:0D:BB:71:50:8A:7C:E5:0F:C0:45:96:22:1F:13:B9:6C:29:BA
Certificate issuer: /CN=A91B1A23/serialNumber=27C3900FBD77EE22CB71E9A90E81574CDE4644AD
Certificate serial: 0710
Authority key identifier: 27:C3:90:0F:BD:77:EE:22:CB:71:E9:A9:0E:81:57:4C:DE:46:44:AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J8OQD7137iLLcempDoFXTN5GRK0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B1A23/AC533DEE289611EBBAAD5721C4F9AE02/594EEA2CAEA711EE961B0558C4F9AE02.roa
Signing time: Fri 24 Jan 2025 21:40:39 +0000
ROA not before: Fri 24 Jan 2025 21:40:39 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 24545
IP address blocks: 2400:7e40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1808 (0x710)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B1A23
Validity
Not Before: Jan 24 21:40:39 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679408d6-3eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:49:09:dd:b8:e9:b9:41:71:0e:d6:a9:20:99:
ad:84:94:c2:b7:f0:3e:52:b6:f5:78:e7:3c:f3:9e:
07:91:7f:d5:ba:b9:5c:44:52:ce:bb:41:41:4c:df:
70:28:af:1f:1b:a5:f3:3c:a4:35:db:46:47:8a:86:
d8:87:6d:e2:b3:b4:47:ba:4a:52:3e:3b:97:6e:9e:
8e:96:87:e6:4b:01:18:38:82:b7:9f:fe:1e:c6:42:
12:83:f0:b3:95:37:61:2f:df:a1:ef:5d:e0:0c:11:
d8:d9:70:3b:00:c0:cd:cf:67:2b:94:1a:f9:0b:11:
98:91:b3:a7:d9:02:1d:76:08:8a:50:3d:2c:8b:1c:
80:ea:7e:3a:16:6b:14:94:78:40:90:0d:a9:1c:29:
75:78:79:df:9f:e2:fe:30:ab:61:a3:f5:6f:46:69:
f3:f3:e3:ed:51:0b:d5:a2:31:0b:2a:f3:07:5d:cf:
77:2c:7f:17:9c:0c:d3:e4:90:de:ff:23:f8:f6:42:
f5:db:b1:5b:9b:87:6d:fe:39:05:90:4f:32:46:49:
ae:2f:80:bb:d5:1b:7a:8f:7c:24:ce:bd:13:db:81:
7f:13:af:9a:dd:f2:41:3b:de:7f:c5:3c:a3:02:b5:
e9:90:84:80:44:22:f9:af:58:62:5c:ad:4b:fe:1b:
8e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B7:0D:BB:71:50:8A:7C:E5:0F:C0:45:96:22:1F:13:B9:6C:29:BA
X509v3 Authority Key Identifier:
keyid:27:C3:90:0F:BD:77:EE:22:CB:71:E9:A9:0E:81:57:4C:DE:46:44:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B1A23/AC533DEE289611EBBAAD5721C4F9AE02/J8OQD7137iLLcempDoFXTN5GRK0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J8OQD7137iLLcempDoFXTN5GRK0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1A23/AC533DEE289611EBBAAD5721C4F9AE02/594EEA2CAEA711EE961B0558C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:7e40::/32
Signature Algorithm: sha256WithRSAEncryption
86:d0:66:4c:0f:3e:22:6b:fb:49:91:05:d8:1a:1a:69:1b:3e:
62:7e:b4:5b:5e:a3:51:c3:27:b1:2e:46:ce:79:aa:aa:49:b5:
04:c3:e1:c2:bd:f1:56:9b:46:d2:c6:ce:e5:27:a6:93:c8:6c:
fc:9d:47:92:a8:76:25:37:34:d3:95:3e:a1:60:44:bf:d0:07:
db:75:07:ad:19:94:41:67:8d:cb:5a:f4:80:0c:f9:52:03:fb:
fe:63:84:33:ca:70:79:ae:04:65:00:7f:1c:c7:48:04:de:9e:
6b:4c:49:1b:69:89:d4:33:8b:3e:c9:b6:97:bd:bc:43:8b:c0:
d1:87:3d:48:e9:d7:f8:ed:4d:16:9a:4c:60:c8:30:5f:c8:7e:
25:0c:31:45:22:9f:25:dd:d8:72:9f:e2:ab:be:10:c6:ac:e8:
26:e4:1c:46:e5:68:9b:dd:65:1c:b4:28:8d:5c:8f:1c:c5:b4:
eb:0b:89:f1:96:9c:46:69:3e:33:bf:f2:b6:95:1a:e0:d4:cf:
38:0b:d1:bc:54:69:89:01:6d:8a:c6:2d:ae:86:1a:3e:9e:65:
46:de:b8:79:19:b8:34:43:50:36:d5:a8:fb:88:2a:c9:4e:34:
89:47:78:e3:e5:77:53:cb:a7:ab:93:44:a0:4e:cf:49:97:30:
33:7e:b5:c1
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICBxAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjFBMjMxMTAvBgNVBAUTKDI3QzM5MDBGQkQ3N0VFMjJDQjcxRTlBOTBFODE1NzRD
REU0NjQ0QUQwHhcNMjUwMTI0MjE0MDM5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk0MDhkNi0zZWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzUkJ3bjpuUFxDtapIJmthJTCt/A+Urb1eOc8854HkX/VurlcRFLOu0FBTN9w
KK8fG6XzPKQ120ZHiobYh23is7RHukpSPjuXbp6OlofmSwEYOIK3n/4exkISg/Cz
lTdhL9+h713gDBHY2XA7AMDNz2crlBr5CxGYkbOn2QIddgiKUD0sixyA6n46FmsU
lHhAkA2pHCl1eHnfn+L+MKtho/VvRmnz8+PtUQvVojELKvMHXc93LH8XnAzT5JDe
/yP49kL127Fbm4dt/jkFkE8yRkmuL4C71Rt6j3wkzr0T24F/E6+a3fJBO95/xTyj
ArXpkISARCL5r1hiXK1L/huOywIDAQABo4ICljCCApIwHQYDVR0OBBYEFKG3Dbtx
UIp85Q/ARZYiHxO5bCm6MB8GA1UdIwQYMBaAFCfDkA+9d+4iy3HpqQ6BV0zeRkSt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUEyMy9BQzUzM0RFRTI4
OTYxMUVCQkFBRDU3MjFDNEY5QUUwMi9KOE9RRDcxMzdpTExjZW1wRG9GWFRONUdS
SzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0o4T1FENzEzN2lMTGNlbXBEb0ZYVE41R1JLMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjFBMjMvQUM1MzNERUUyODk2MTFFQkJBQUQ1NzIxQzRGOUFFMDIvNTk0RUVBMkNB
RUE3MTFFRTk2MUIwNTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAH5AMA0GCSqGSIb3DQEBCwUAA4IBAQCG0GZMDz4ia/tJ
kQXYGhppGz5ifrRbXqNRwyexLkbOeaqqSbUEw+HCvfFWm0bSxs7lJ6aTyGz8nUeS
qHYlNzTTlT6hYES/0AfbdQetGZRBZ43LWvSADPlSA/v+Y4QzynB5rgRlAH8cx0gE
3p5rTEkbaYnUM4s+ybaXvbxDi8DRhz1I6df47U0WmkxgyDBfyH4lDDFFIp8l3dhy
n+KrvhDGrOgm5BxG5Wib3WUctCiNXI8cxbTrC4nxlpxGaT4zv/K2lRrg1M84C9G8
VGmJAW2Kxi2uhho+nmVG3rh5Gbg0Q1A21aj7iCrJTjSJR3jj5XdTy6erk0SgTs9J
lzAzfrXB
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:33:49 2025 by rpki-client