Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6E73/F41D40F2EA0911E8ADA2ED0CC4F9AE02/C37CCA126FE611EA9D9F5E67C4F9AE02.roa
File: C37CCA126FE611EA9D9F5E67C4F9AE02.roa (raw, json)
Hash identifier: L5z6CZuJjQUruU4WBLzzNr0zFcI7mWzwVCjhbt9gItQ=
Subject key identifier: F1:A1:35:F3:0E:09:AB:A6:62:F5:41:F8:42:83:E0:2D:74:2C:C1:2E
Certificate issuer: /CN=A91B6E73/serialNumber=4A17AF66A048FC81DAE8545F7E35D9DAABD40271
Certificate serial: 11CC
Authority key identifier: 4A:17:AF:66:A0:48:FC:81:DA:E8:54:5F:7E:35:D9:DA:AB:D4:02:71
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ShevZqBI_IHa6FRffjXZ2qvUAnE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6E73/F41D40F2EA0911E8ADA2ED0CC4F9AE02/C37CCA126FE611EA9D9F5E67C4F9AE02.roa
Signing time: Tue 24 Dec 2024 17:14:51 +0000
ROA not before: Tue 24 Dec 2024 17:14:51 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 64087
IP address blocks: 2403:a280:1000::/48 maxlen: 48
2403:a280:3000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4556 (0x11cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6E73
Validity
Not Before: Dec 24 17:14:51 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=676aec0b-e95d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c1:bb:9e:3d:2d:59:3f:85:a8:a9:35:22:b6:
d7:24:98:5b:d2:c1:6d:39:66:f9:35:ad:88:f9:c2:
eb:56:45:91:e9:98:c3:81:dc:12:19:4f:f2:1b:e5:
f2:c5:81:34:89:22:a9:3f:c5:42:58:df:b5:20:4e:
bc:0c:f9:8e:d5:82:68:71:ac:21:21:86:05:b9:ca:
b3:59:6d:e0:33:9a:60:47:72:d7:52:3b:af:1e:53:
e6:15:2d:7d:c0:90:e0:32:d6:df:f3:51:d7:77:e9:
4d:e6:4b:d5:e1:09:e2:0f:32:d9:bb:87:d4:7e:74:
8c:f1:e8:88:4a:5c:6f:86:d9:7e:d2:79:7b:83:01:
5d:66:e8:6e:00:35:a8:b8:ed:77:ff:d4:8e:c5:29:
0d:01:f8:27:bc:af:7b:c2:b3:3c:01:9b:8f:ec:14:
0a:f2:82:be:b6:0f:54:65:f4:85:32:8f:fa:58:d6:
15:ef:66:94:50:36:d4:76:eb:d1:39:75:1f:97:da:
54:7b:44:d1:03:a0:4b:ff:94:8c:96:d3:6c:2c:2a:
e2:98:2d:58:f1:f2:f4:5e:09:28:8f:33:a7:d9:5d:
0c:43:74:a9:d5:c5:a4:a5:74:e8:af:e8:4b:85:4d:
9c:67:5c:2c:e8:0c:85:f1:f0:e6:10:a1:cd:70:7e:
53:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A1:35:F3:0E:09:AB:A6:62:F5:41:F8:42:83:E0:2D:74:2C:C1:2E
X509v3 Authority Key Identifier:
keyid:4A:17:AF:66:A0:48:FC:81:DA:E8:54:5F:7E:35:D9:DA:AB:D4:02:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6E73/F41D40F2EA0911E8ADA2ED0CC4F9AE02/ShevZqBI_IHa6FRffjXZ2qvUAnE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ShevZqBI_IHa6FRffjXZ2qvUAnE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6E73/F41D40F2EA0911E8ADA2ED0CC4F9AE02/C37CCA126FE611EA9D9F5E67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:a280:1000::/48
2403:a280:3000::/48
Signature Algorithm: sha256WithRSAEncryption
38:72:bd:16:ac:07:81:42:0b:bf:ca:bc:6d:fd:f1:27:a8:68:
b4:f9:19:d3:30:d9:e5:8b:43:2d:b0:46:d7:18:bd:98:4e:e6:
c3:50:43:ef:53:c0:96:92:02:07:6f:d0:78:5a:db:25:90:56:
e2:2a:0f:b5:9d:35:87:29:0d:ed:bb:ff:ed:96:7a:98:6f:57:
6c:28:7a:12:35:a5:1f:be:a1:c3:94:78:6b:0e:a4:5d:f0:e2:
34:74:7a:1f:b2:48:bf:fe:3f:7c:65:04:3a:54:25:46:42:9b:
ed:f0:f8:5c:dd:22:68:0a:06:9a:dd:7c:3d:e5:5f:15:0a:16:
3e:55:d3:ed:a4:1d:50:00:3f:c9:8e:3c:0b:b0:f3:a0:92:14:
b1:3b:99:b4:ab:0f:09:a7:7f:31:60:27:67:a9:4b:59:6b:eb:
01:17:67:0c:bd:5f:3f:fa:f7:c5:37:27:ff:92:5a:24:e8:26:
16:9d:0e:ef:2b:69:15:64:f7:f2:55:4c:84:45:9f:f1:9d:4f:
a7:34:1a:97:83:46:bb:16:d5:5a:00:51:bc:84:e2:79:8c:2d:
c1:3d:a2:24:66:18:6a:08:8a:c1:9a:36:48:da:25:5b:18:03:
5f:12:4f:3f:81:fe:e7:64:f9:91:ad:df:d8:42:46:45:5c:79:
4b:59:12:23
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICEcwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjZFNzMxMTAvBgNVBAUTKDRBMTdBRjY2QTA0OEZDODFEQUU4NTQ1RjdFMzVEOURB
QUJENDAyNzEwHhcNMjQxMjI0MTcxNDUxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZhZWMwYi1lOTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo8G7nj0tWT+FqKk1IrbXJJhb0sFtOWb5Na2I+cLrVkWR6ZjDgdwSGU/yG+Xy
xYE0iSKpP8VCWN+1IE68DPmO1YJocawhIYYFucqzWW3gM5pgR3LXUjuvHlPmFS19
wJDgMtbf81HXd+lN5kvV4QniDzLZu4fUfnSM8eiISlxvhtl+0nl7gwFdZuhuADWo
uO13/9SOxSkNAfgnvK97wrM8AZuP7BQK8oK+tg9UZfSFMo/6WNYV72aUUDbUduvR
OXUfl9pUe0TRA6BL/5SMltNsLCrimC1Y8fL0XgkojzOn2V0MQ3Sp1cWkpXTor+hL
hU2cZ1ws6AyF8fDmEKHNcH5TdQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPGhNfMO
CaumYvVB+EKD4C10LMEuMB8GA1UdIwQYMBaAFEoXr2agSPyB2uhUX3412dqr1AJx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkU3My9GNDFENDBGMkVB
MDkxMUU4QURBMkVEMENDNEY5QUUwMi9TaGV2WnFCSV9JSGE2RlJmZmpYWjJxdlVB
bkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NoZXZacUJJX0lIYTZGUmZmalhaMnF2VUFuRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjZFNzMvRjQxRDQwRjJFQTA5MTFFOEFEQTJFRDBDQzRGOUFFMDIvQzM3Q0NBMTI2
RkU2MTFFQTlEOUY1RTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwAkA6KAEAADBwAkA6KAMAAwDQYJKoZIhvcNAQELBQADggEB
ADhyvRasB4FCC7/KvG398SeoaLT5GdMw2eWLQy2wRtcYvZhO5sNQQ+9TwJaSAgdv
0Hha2yWQVuIqD7WdNYcpDe27/+2WephvV2woehI1pR++ocOUeGsOpF3w4jR0eh+y
SL/+P3xlBDpUJUZCm+3w+FzdImgKBprdfD3lXxUKFj5V0+2kHVAAP8mOPAuw86CS
FLE7mbSrDwmnfzFgJ2epS1lr6wEXZwy9Xz/698U3J/+SWiToJhadDu8raRVk9/JV
TIRFn/GdT6c0GpeDRrsW1VoAUbyE4nmMLcE9oiRmGGoIisGaNkjaJVsYA18STz+B
/udk+ZGt39hCRkVceUtZEiM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:37 2025 by rpki-client